WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Trovi search bar, causing failed internet! Logs are ready. [Solved

Started by jeff matthews , Jan 07 2015 04:54 PM

Viruses Maleware Infection CCcleaner Internet connection issue Rootkits trovi search bar

This topic is locked

100 replies to this topic

#1 jeff matthews

Advanced Member

Authentic Member
781 posts

Posted 07 January 2015 - 04:54 PM

Hey, i am quite in the dilemma here. I wanted to clear my browser's cache and history and all that, so i downloaded CC cleaner. I have used it before and i know that it is safe but unfortunately i made a fatal error or mistake and accidentally downloaded a zipped file apparently they had just hundreds of spyware, viruses and everything in between attached in this one file. Though it was strange, that the file i downloaded did have the software i was looking for, but so much other junk as well. Now i have a computer that is virtually rendered useless at this time. The internet is dead, system restore is corrupt, it gets routed to a page that says "no server response" My applications that i am using are having all kinds of weird affects and not working correctly. Missing icons, files being deleted, certain system applications not even loading, or stopped or disabled permanently for example i can't even open up my "power options" in the control panel. There is a constant installer in the back ground installing application after application and it won't stop. I have tried to remove the apps from the add and remove program features, but certain applications are having a reverse affect, instead of uninstalling, its installing more.

So yes this machine is in a critical state right now and i was almost thinking bout just doing a clean system re-install, but i have lots of data on here. It would take me quite a while to back up everything. My family uses this machine and I monitor it by cleaning it and doing all the tech work on it that they can't do. I think some sort of application that kills files or processes is in order for this one, like Killbox or combofix. Though Safe mode does provide some relief and is devoid of some symptoms, because all proses stop running in the background. But either way even in safe mode, i am unable to execute certain regular commands. My last resort would be to try executing a recovery disk like Linux or something like that to be able to clean it outside the windows OS. But i'll see what methods you guys want to use on this particular deeply infected machine.

Thanks alot and i hope you can get to me as soon as you can! :

EDIT: The machine just turned off by it self.

I am going to provide some logs, first here is the MalewareBytes log that i scanned. It found around 550+ infections.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 1/7/2015
Scan Time: 4:41:08 PM
Logfile: Malewarebytes log.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.07.07
Rootkit Database: v2015.01.06.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Ashley

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 366456
Time Elapsed: 6 min, 52 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 82
PUP.Optional.SearchProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CltMngSvc, , [a4ef25cff8912e0852499f0e2dd43fc1],
PUP.Optional.StormWatch.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SWUpdater, , [10838f65365348eec4ebfef8fe0317e9],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110611901161}, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{11111111-1111-1111-1111-110611901161}, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440644904461}, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655905561}, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660666906661}, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655905561}, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660666906661}, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440644904461}, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\CLASSES\4ce52bb2ec374d3c8814e9633e4ff8bc0069061.BHO.1, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110611901161}, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110611901161}, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\CLASSES\4ce52bb2ec374d3c8814e9633e4ff8bc0069061.BHO, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\4ce52bb2ec374d3c8814e9633e4ff8bc0069061.BHO, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\4ce52bb2ec374d3c8814e9633e4ff8bc0069061.BHO.1, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{22222222-2222-2222-2222-220622902261}, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\CLASSES\4ce52bb2ec374d3c8814e9633e4ff8bc0069061.Sandbox.1, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\CLASSES\4ce52bb2ec374d3c8814e9633e4ff8bc0069061.Sandbox, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\4ce52bb2ec374d3c8814e9633e4ff8bc0069061.Sandbox, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\4ce52bb2ec374d3c8814e9633e4ff8bc0069061.Sandbox.1, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\CLASSES\CLSID\{22222222-2222-2222-2222-220622902261}, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110611901161}\INPROCSERVER32, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-2650459626-1003566679-2177798267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, , [415253a103868bab1e9ce4fee22024dc],
PUP.Optional.StormWatch.A, HKU\S-1-5-21-2650459626-1003566679-2177798267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\StormWatch, , [c8cb27cd10798da9cdea8ec72bd55ca4],
PUP.Optional.SmartWeb.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SmartWeb, , [9102658f16732d0949c5a74b14ed8f71],
PUP.Optional.VPNPrivat.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{42F42C22-D4DD-463C-9E07-62E45BD3E360}_is1, , [cac9bd3794f5fd39d4bdbcafba49f20e],
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SearchProtect, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, , [dab9ab493f4a4cea6019f0aeea1934cc],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, , [fe95db194049ac8af9cb2abae222ce32],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, , [a6ed54a07712a690b70c90549c68b749],
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\GAMESDESKTOP, , [11828272a3e6b581f8e7373224dfb050],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\HQ-Video-Pro-2.1cV07.01, , [8c07bf356d1c78be8ba8e9fd45bf936d],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\HQ-Video-Pro-2.1cV07.01-nv, , [1380c034187167cfcb681dc928dcc937],
PUP.Optional.OneSoftPerDay.A, HKLM\SOFTWARE\WOW6432NODE\ONESOFTPERDAY, , [6c2791632d5ca096d7a2bbbc51b2d62a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, , [ddb615dfbccda096e2d0fe8560a312ee],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\30935, , [7a1925cf7b0ecb6bc2b79e006f94639d],
PUP.Optional.OneSoftPerDay.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ospd_us_611_is1, , [732006eeb0d9c76fdd9bef88ac5726da],
PUP.Optional.VOPackage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPACKAGE, , [227191638aff62d49c79aed5f211827e],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, , [6a29856faedb979f861314cf778d9967],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, , [f49f01f399f0e4527f1be4ff956ff50b],
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT, , [652ede16eb9eae888e2cb7d0020121df],
PUP.Optional.VOPackage.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SERVERVO, , [6132c62e6623bc7a8655aebcfe054fb1],
PUP.Optional.SearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPD, , [b6dddb19acdd3105d34896eb16edfd03],
PUP.Optional.HQVideo.A, HKU\S-1-5-21-2650459626-1003566679-2177798267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\HQ-Video-Pro-2.1cV07.01-nv, , [3b58975dfe8b9a9c66cec3236b999769],
PUP.Optional.StormWatchApp.A, HKU\S-1-5-21-2650459626-1003566679-2177798267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\StormWatchApp, , [a0f3ed07b6d341f59f448ee35aa9c53b],
PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-2650459626-1003566679-2177798267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\TutoTag, , [eda66a8a80094bebe2eac3206b99bc44],
PUP.Optional.BlockAndSurf.A, HKU\S-1-5-21-2650459626-1003566679-2177798267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\BlockAndSurf, , [c4cfc331fb8e9d99f5a71868d23133cd],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2650459626-1003566679-2177798267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [5b3847ad2f5a6acc74715480f60e768a],
PUP.Optional.HQVideo.A, HKU\S-1-5-21-2650459626-1003566679-2177798267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HQ-Video-Pro-2.1cV07.01, , [9cf7ad47d8b1d066de57fcea689c45bb],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2650459626-1003566679-2177798267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, , [0192a0549eebbc7a8706babdef14f40c],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2650459626-1003566679-2177798267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\HQ-VideoV07.01, , [aee56d8714755adcd337452725deed13],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdate, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdatem, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.Update3WebControl.4, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{088CF7BF-784A-0416-165B-5AC1F66FDEA4}, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{1537394B-EE0B-1D31-CAAB-4A5E724A585F}, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{53FF32DC-ED80-1840-FD9B-07D352F1707F}, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{53FF32DC-ED80-1840-FD9B-07D352F1707F}, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{1537394B-EE0B-1D31-CAAB-4A5E724A585F}, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{088CF7BF-784A-0416-165B-5AC1F66FDEA4}, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{088CF7BF-784A-0416-165B-5AC1F66FDEA4}, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\CLASSES\CLSID\{088CF7BF-784A-0416-165B-5AC1F66FDEA4}, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\CLASSES\CLSID\{088CF7BF-784A-0416-165B-5AC1F66FDEA4}\INPROCSERVER32, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\B7AA4B99-4F6E-B7C1-3EC9-E87D5AE94532, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\HQ-Video-Pro-2.1cV07.01, , [a8eb30c42c5d1125717a9cbcae5504fc],
PUP.Optional.ConvertAd.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\serverca, , [712203f10782290d04821248c73c867a],
PUP.Optional.ConvertAd.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ConvertAd, , [712203f10782290d04821248c73c867a],
PUP.Optional.VooUpdate.A, HKU\S-1-5-21-2650459626-1003566679-2177798267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Voo Update, , [d2c1e1136e1b152132f4b4b1b05301ff],

Registry Values: 9
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, , [ddb615dfbccda096e2d0fe8560a312ee]
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_us_68, , [7c1704f01c6d6ec885d371f9f70ce818],
PUP.Optional.VOPackage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPACKAGE|UninstallString, "C:\Users\Ashley\AppData\Roaming\VOPackage\uninstall.exe", , [227191638aff62d49c79aed5f211827e]
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT|InstallDir, C:\PROGRA~2\SearchProtect, , [652ede16eb9eae888e2cb7d0020121df]
PUP.Optional.VOPackage.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SERVERVO|ImagePath, C:\Users\Ashley\AppData\Roaming\VOPackage\VOsrv.exe, , [6132c62e6623bc7a8655aebcfe054fb1]
PUP.Optional.SearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPD|ImagePath, \??\C:\Windows\system32\drivers\SPPD.sys, , [b6dddb19acdd3105d34896eb16edfd03]
PUP.Optional.StormWatch.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SWUPDATER|ImagePath, C:\Program Files (x86)\StormWatch\SWUpdaterSvc.exe, , [7b18c72d77126dc99d9e0b5f8f741de3]
PUP.Optional.OneSoftPerDay.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|upospd_us_611.exe, C:\Users\Ashley\AppData\Local\ospd_us_611\upospd_us_611.exe -runonce, , [ff948173474256e09bf797bfd3304db3]
PUP.Optional.VooUpdate.A, HKU\S-1-5-21-2650459626-1003566679-2177798267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|VooUpdate, wscript /E:vbscript /B "C:\Users\Ashley\AppData\Roaming\VooUpdate\UpdateProc\bkup.dat", , [d2c1e1136e1b152132f4b4b1b05301ff]

Registry Data: 3
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL , Good: (), Bad: (C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL),,[cbc85e96a3e6b581acef8d203fc222de]
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll, Good: (), Bad: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll),,[f69de113f89181b53a61119ce21f31cf]
PUP.Optional.Trovi.A, HKU\S-1-5-21-2650459626-1003566679-2177798267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.trovi.com...E872A5629&SSPV=, Good: (www.google.com), Bad: (http://www.trovi.com/?gd=&ctid=CT3332128&octid=EB_ORIGINAL_CTID&ISID=I63E6038F-1CE3-493F-959E-FB6BE7E3EB4F&SearchSource=55&CUI=&UM=8&UP=SP169215C0-C634-4015-B514-907E872A5629&SSPV=),,[bcd715df3a4f37ff947086fb26df7e82]

Folders: 66
PUP.Optional.StormWatch.A, C:\Users\Ashley\AppData\Local\StormWatch, , [444fbf35ddac92a405be1059c83b53ad],
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch, , [0a89d71d92f757dfa9936505d72c946c],
PUP.Optional.VPNPrivat.A, C:\Program Files (x86)\VPN_Privat, , [cac9bd3794f5fd39d4bdbcafba49f20e],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Resources, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Resources\cache, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\x64, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\x86, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Config, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Database, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\log, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\rep, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\rep, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.StormWatch.A, C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormWatch, , [97fc18dc6c1df73fedc32eb7f80cee12],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{8930D57B-19F9-40A5-94F0-DB81325B2EAC}, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashley\AppData\Local\Temp\comh.289797, , [c7cc06ee0e7be452712aeb5ecf3435cb],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\x64, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.OneSoftPerDay.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ONESOFTPERDAY, , [73206094d9b052e49bf65ef86a995ba5],
PUP.Optional.OneSoftPerDay.A, C:\Users\Ashley\AppData\Local\ospd_us_611, , [ff948173474256e09bf797bfd3304db3],
PUP.Optional.OneSoftPerDay.A, C:\Users\Ashley\AppData\Local\ospd_us_611\ospd_us_611, , [ff948173474256e09bf797bfd3304db3],
PUP.Optional.OneSoftPerDay.A, C:\Users\Ashley\AppData\Local\ospd_us_611\ospd_us_611\1.20, , [ff948173474256e09bf797bfd3304db3],
PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_611, , [f99a2bc997f23006751ebd995ea5a15f],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01, , [a8eb30c42c5d1125717a9cbcae5504fc],
PUP.Optional.StormWatch.A, C:\Users\Ashley\AppData\Local\Weather_Protector_LLC, , [781b6b89a8e190a60e2f6af0ca39ec14],
PUP.Optional.StormWatch.A, C:\Users\Ashley\AppData\Local\Weather_Protector_LLC\StormWatch.exe_Url_usbt2h442ct3xjfow5su3qyydefw1pax, , [781b6b89a8e190a60e2f6af0ca39ec14],
PUP.Optional.StormWatch.A, C:\Users\Ashley\AppData\Local\Weather_Protector_LLC\StormWatch.exe_Url_usbt2h442ct3xjfow5su3qyydefw1pax\2.0.0.0, , [781b6b89a8e190a60e2f6af0ca39ec14],
PUP.Optional.ConvertAd.A, C:\Users\Ashley\AppData\Local\ConvertAd, , [712203f10782290d04821248c73c867a],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\defaults, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\defaults\preferences, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\userCode, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\locale, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\locale\en-US, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.VOPackage.A, C:\Users\Ashley\AppData\Roaming\VOPackage, , [23703cb82366c472a748b3b1a26158a8],
PUP.Optional.VOPackage.A, C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage, , [910242b203864de9fcf4acb80ef57d83],
PUP.Optional.VooUpdate.A, C:\Users\Ashley\AppData\Roaming\VooUpdate, , [d2c1e1136e1b152132f4b4b1b05301ff],
PUP.Optional.VooUpdate.A, C:\Users\Ashley\AppData\Roaming\VooUpdate\UpdateProc, , [d2c1e1136e1b152132f4b4b1b05301ff],

Files: 409
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll, , [cbc85e96a3e6b581acef8d203fc222de],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll, , [f69de113f89181b53a61119ce21f31cf],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe, , [a4ef25cff8912e0852499f0e2dd43fc1],
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch\SWUpdaterSvc.exe, , [10838f65365348eec4ebfef8fe0317e9],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\HQ-Video-Pro-2.1cV07.01-bho64.dll, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\HQ-Video-Pro-2.1cV07.01-bho.dll, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, C:\Users\Ashley\AppData\Roaming\BLPMKG.exe, , [eba8a252a3e64de99b0bf0cdf114ff01],
PUP.Optional.HQVideo.A, C:\Users\Ashley\AppData\Roaming\XSNOUNY.exe, , [8b082cc8414854e28a1c734a01048779],
PUP.Optional.Nova.A, C:\Program Files (x86)\28aeea84-e5dd-4769-9212-7eacddbe42a4\422da83c-3657-4aa6-9575-d9d229570ca6.dll, , [01924aaa5435c86ec7774eb32fd304fc],
PUP.Optional.Nova.A, C:\Program Files (x86)\ASM104xUSB3\66232185-9bc0-4462-a565-e1cc6b56dc81.dll, , [8f04be36b0d9191d0e30b051748e8779],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\62bca8b3-b73a-4a9f-873b-1cc2b0947374-10.exe, , [d5be10e4a0e97fb72f77912c45c02ed2],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\62bca8b3-b73a-4a9f-873b-1cc2b0947374-2.exe, , [bfd402f2dcada591099df0cd57aec43c],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\62bca8b3-b73a-4a9f-873b-1cc2b0947374-3.exe, , [5c37559fe6a39b9b4f57f3cad431ef11],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\62bca8b3-b73a-4a9f-873b-1cc2b0947374-4.exe, , [672ccd27d4b5f73ffbabcfee867fe917],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\62bca8b3-b73a-4a9f-873b-1cc2b0947374-5.exe, , [246f47ad8306999d7d298835966f4bb5],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\62bca8b3-b73a-4a9f-873b-1cc2b0947374-6.exe, , [bbd86c88e4a55dd972346d50f60f48b8],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\62bca8b3-b73a-4a9f-873b-1cc2b0947374-64.exe, , [8b08955f662343f3a600c2fb9e6751af],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\62bca8b3-b73a-4a9f-873b-1cc2b0947374-7.exe, , [514229cbe9a060d6f2b498251aeb8e72],
PUP.Optional.Nova.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\e35b4bb6-93b3-4dc1-8ec5-3a17064813b4.dll, , [fb98a74d93f6c96d7bc3b54c46bcb749],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\HQ-Video-Pro-2.1cV07.01-bg.exe, , [d2c18a6a622715218a1cc1fcab5aba46],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\HQ-Video-Pro-2.1cV07.01-codedownloader.exe, , [4b48eb09e3a63402dbcbb20b1ee729d7],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\utils.exe, , [682b31c349400432db880f3d649c15eb],
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch\StormWatch.exe, , [6c271ed62069ea4c15a269ec6a967b85],
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch\StormWatchApp.exe, , [3c577c78761353e3ab0caea78e72c23e],
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch\StormWatchappuninstall.exe, , [c8cb27cd10798da9cdea8ec72bd55ca4],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Service Start.exe, , [10833eb67811fd39b853ad39eb16c937],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe, , [b7dce70d2a5f6ec865a602e49e63bb45],
PUP.Optional.OutBrowse, C:\$Recycle.Bin\S-1-5-21-2650459626-1003566679-2177798267-1000\$RU80J3T.exe, , [2a699c5803861620ae5bbc22e02226da],
PUP.Optional.Tuto4PC.A, C:\Users\Ashley\AppData\Local\Temp\is-RQUFC.tmp\package_onesoftperday_installer_multilang.exe, , [f1a271835c2d4ee8e24137bad0318080],
PUP.Optional.Tuto4PC.A, C:\Users\Ashley\AppData\Local\Temp\is-47INQ.tmp\package_hyperbrows_installer_multilang.exe, , [d8bbb63e1574ca6c5fc41bd69b669769],
PUP.Optional.Tuto4PC.A, C:\Users\Ashley\AppData\Local\Temp\is-47INQ.tmp\package_Nuvision_installer_multilang.exe, , [cfc421d31970f2446fb41ed37c8544bc],
PUP.Optional.Tuto4PC.A, C:\Users\Ashley\AppData\Local\Temp\is-47INQ.tmp\package_superpc_installer_multilang.exe, , [70237282eb9e9e9870b3945d61a05aa6],
PUP.Optional.Tuto4PC.A, C:\Users\Ashley\AppData\Local\Temp\is-47INQ.tmp\package_tl_idlecrawler_installer_multilang.exe, , [97fc8c689beed75f60c3876ad928fb05],
PUP.Optional.Tuto4PC.A, C:\Users\Ashley\AppData\Local\Temp\is-47INQ.tmp\package_vpnprivat_installer_multilang.exe, , [9af9e60e8207b5817da67081956c6e92],
PUP.Optional.OutBrowse, C:\Users\Ashley\Downloads\CCleaner.exe, , [425182720a7fa195a564a33b0af88878],
PUP.Optional.SmartWeb.A, C:\Users\Ashley\AppData\Local\SmartWeb\SmartWebApp.exe, , [5b380be9820744f20e0001f12ed3ca36],
PUP.Optional.SmartWeb.A, C:\Users\Ashley\AppData\Local\SmartWeb\SmartWebHelper.exe, , [e4af44b01079c3733ad48969e51c0ff1],
PUP.Optional.SmartWeb.A, C:\Users\Ashley\AppData\Local\SmartWeb\swhk.dll, , [a9ea965e98f14bebde30896944bd7789],
PUP.Optional.SmartWeb.A, C:\Users\Ashley\AppData\Local\SmartWeb\uninst.exe, , [9102658f16732d0949c5a74b14ed8f71],
PUP.Optional.SearchProtect.A, C:\Windows\AppPatch\AppPatch64\VCLdr64.dll, , [d1c2787c79102f07a6f509a416eb1fe1],
PUP.Optional.SearchProtect.A, C:\Windows\AppPatch\nbin\VC32Loader.dll, , [6c2703f12564c76faceffcb155ace51b],
PUP.Optional.VooUpdate.A, C:\Windows\Tasks\Voo Update.job, , [d7bc4da73257dd5975353f26e32006fa],
PUP.Optional.VooUpdate.A, C:\Windows\System32\Tasks\Voo Update, , [53406c88612865d1c7e4372e23e09967],
PUP.Optional.StormWatch.A, C:\Users\Ashley\AppData\Local\StormWatch\StormWatchApp.dat, , [444fbf35ddac92a405be1059c83b53ad],
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch\SWUpdaterSvc.exe.config, , [0a89d71d92f757dfa9936505d72c946c],
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch\ICSharpCode.SharpZipLib.dll, , [0a89d71d92f757dfa9936505d72c946c],
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch\StormWatch.exe.config, , [0a89d71d92f757dfa9936505d72c946c],
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch\uninstall.exe, , [0a89d71d92f757dfa9936505d72c946c],
PUP.Optional.VPNPrivat.A, C:\Program Files (x86)\VPN_Privat\unins000.dat, , [cac9bd3794f5fd39d4bdbcafba49f20e],
PUP.Optional.VPNPrivat.A, C:\Program Files (x86)\VPN_Privat\unins000.exe, , [cac9bd3794f5fd39d4bdbcafba49f20e],
PUP.Optional.SmartWeb.A, C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task, , [eca7ad4737525cda858449238c77b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\pt_PT.mo, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\BplusDotNet.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\aff.conf, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\AlphaFS.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\AlphaVSS.51.x86.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\AlphaVSS.52.x64.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\AlphaVSS.52.x86.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\AlphaVSS.60.x64.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\AlphaVSS.60.x86.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\AlphaVSS.Common.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\BackupStack.exe, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\BackupStackUI.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet20_x64.exe, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet20_x86.exe, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet40_x64.exe, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet40_x86.exe, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Shared Stack.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\SignupWizard.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\syncicon.ico, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\System.Data.SQLite.DLL, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\uninst.exe, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\UnRegisterExtensions.exe, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Updater.exe, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Updater_.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\websocket-sharp.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Configuration Updater.exe, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\de_DE.mo, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\es_ES.mo, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\fr_FR.mo, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\GetText.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\InstMgr.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Ionic.Zip.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\it_IT.mo, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\LogicNP.EZShellExtensions.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Microsoft.Win32.TaskScheduler.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\MPCBClient.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\MPCBContextMenu.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\mypcbackup.ico, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\NativeHashWrapper.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Newtonsoft.Json.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\ObjectListView.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\PipeDiff.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\x64\SQLite.Interop.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\x86\SQLite.Interop.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Config\api.ts2, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Database\mpcb_file_cache.db, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Database\mpcb_settings.db, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Database\mpcb_version_queue.db, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\log\APP_CRASH.log, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\log\AUTH.log, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\log\GRID_RECOVERY_INIT.log, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\log\NETWORK_SHARES.log, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\log\REMOTING.log, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\log\REQUEST.log, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\log\SCHEDULE.log, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\log\SERVICE.log, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\log\TASKS.log, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\log\UPDATER.log, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\log\UTC_MIGRATION.log, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\log\WAIT_HANDLES.log, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.BlockAndSurf.A, C:\Windows\System32\Tasks\BlockAndSurf Update, , [d5bec3313c4d4fe73196c5c342c1ad53],
PUP.Optional.Trovi.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\searchplugins\trovi-search.xml, , [e8ab10e4cbbeb77f53a5375b82818977],
PUP.Optional.BlockAndSurf.A, C:\Windows\Tasks\BlockAndSurf Update.job, , [e5aece265b2ebd799e56cad20cf7e020],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\EULA.txt, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\sptool.dll_1420650232632, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\cfi.bin, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\edk.bin, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\pni.bin, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\trn.bin, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\RN32.dll, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPtool64.exe, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32.dll, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64.dll, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.css, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.html, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\defaults.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def-grey.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-dia.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-uninstall.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettingsDS.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\button-bg.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Icon.ico, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\SP_DialogBG.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\DialogAPI.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\62bca8b3-b73a-4a9f-873b-1cc2b0947374-1.job, , [e3b041b3bacf54e29a9b944d6f9514ec],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\62bca8b3-b73a-4a9f-873b-1cc2b0947374-10_user.job, , [187b767e0a7f62d43ff6d8097f85f50b],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\62bca8b3-b73a-4a9f-873b-1cc2b0947374-2.job, , [058ecc28444539fd72c30bd656ae52ae],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\62bca8b3-b73a-4a9f-873b-1cc2b0947374-3.job, , [e9aa25cf12779c9a86af41a017ed946c],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\62bca8b3-b73a-4a9f-873b-1cc2b0947374-4.job, , [1e750de70584979f64d1766b679dd12f],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\62bca8b3-b73a-4a9f-873b-1cc2b0947374-5.job, , [147f886c0a7fa096270e4b96897b38c8],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\62bca8b3-b73a-4a9f-873b-1cc2b0947374-5_user.job, , [dab99a5a00891e184fe6d70aba4a6799],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\62bca8b3-b73a-4a9f-873b-1cc2b0947374-6.job, , [860ddc18f099d561c5703fa25fa5c13f],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\62bca8b3-b73a-4a9f-873b-1cc2b0947374-7.job, , [abe881736920b482201528b9986cea16],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, , [1a79d91b5633be7865e619c846bed030],
PUP.Optional.SearchProtect, C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb, , [dab9bd37e2a7e74f527592522adae51b],
PUP.Optional.StormWatch.A, C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormWatch\Uninstall StormWatch.lnk, , [97fc18dc6c1df73fedc32eb7f80cee12],
PUP.Optional.StormWatch.A, C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormWatch\StormWatch.lnk, , [97fc18dc6c1df73fedc32eb7f80cee12],
PUP.Optional.VOPackage.A, C:\Users\Ashley\AppData\Roaming\VOPackage\VOsrv.exe, , [6132c62e6623bc7a8655aebcfe054fb1],
PUP.Optional.SearchProtect, C:\Windows\System32\drivers\SPPD.sys, , [b6dddb19acdd3105d34896eb16edfd03],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashley\AppData\Local\Temp\comh.289797\GoogleCrashHandler.exe, , [c7cc06ee0e7be452712aeb5ecf3435cb],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashley\AppData\Local\Temp\comh.289797\GoogleUpdate.exe, , [c7cc06ee0e7be452712aeb5ecf3435cb],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashley\AppData\Local\Temp\comh.289797\GoogleUpdateBroker.exe, , [c7cc06ee0e7be452712aeb5ecf3435cb],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashley\AppData\Local\Temp\comh.289797\GoogleUpdateHelper.msi, , [c7cc06ee0e7be452712aeb5ecf3435cb],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashley\AppData\Local\Temp\comh.289797\GoogleUpdateOnDemand.exe, , [c7cc06ee0e7be452712aeb5ecf3435cb],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashley\AppData\Local\Temp\comh.289797\goopdate.dll, , [c7cc06ee0e7be452712aeb5ecf3435cb],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashley\AppData\Local\Temp\comh.289797\goopdateres_en.dll, , [c7cc06ee0e7be452712aeb5ecf3435cb],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashley\AppData\Local\Temp\comh.289797\npGoogleUpdate4.dll, , [c7cc06ee0e7be452712aeb5ecf3435cb],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashley\AppData\Local\Temp\comh.289797\psmachine.dll, , [c7cc06ee0e7be452712aeb5ecf3435cb],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashley\AppData\Local\Temp\comh.289797\psuser.dll, , [c7cc06ee0e7be452712aeb5ecf3435cb],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\185.crx, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\185.dat, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\185.dll, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\185_x64.dll, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\185.xpi, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\BlockAndSurf.exe, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\J6BlockAndSurfR79.dll, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\J6BlockAndSurfR79.exe, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\sqlite3.dll, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\Uninstall.exe, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\x64\TandemRunner.exe, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\x64\WdfCoInstaller01009.dll, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\x64\webinstr.inf, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\x64\webinstrNHK.sys, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.OneSoftPerDay.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ONESOFTPERDAY\Onesoftperday.lnk, , [73206094d9b052e49bf65ef86a995ba5],
PUP.Optional.OneSoftPerDay.A, C:\Users\Ashley\AppData\Local\ospd_us_611\upospd_us_611.cyl, , [ff948173474256e09bf797bfd3304db3],
PUP.Optional.OneSoftPerDay.A, C:\Users\Ashley\AppData\Local\ospd_us_611\upospd_us_611.exe, , [ff948173474256e09bf797bfd3304db3],
PUP.Optional.OneSoftPerDay.A, C:\Users\Ashley\AppData\Local\ospd_us_611\user_profil.cyp, , [ff948173474256e09bf797bfd3304db3],
PUP.Optional.OneSoftPerDay.A, C:\Users\Ashley\AppData\Local\ospd_us_611\ospd_us_611\1.20\cnf.cyl, , [ff948173474256e09bf797bfd3304db3],
PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_611\onesoftperday_widget.exe, , [f99a2bc997f23006751ebd995ea5a15f],
PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_611\ospd_us_611.exe, , [f99a2bc997f23006751ebd995ea5a15f],
PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_611\predm.exe, , [f99a2bc997f23006751ebd995ea5a15f],
PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_611\qwert.txt, , [f99a2bc997f23006751ebd995ea5a15f],
PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_611\qwert10.txt, , [f99a2bc997f23006751ebd995ea5a15f],
PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_611\qwert4.txt, , [f99a2bc997f23006751ebd995ea5a15f],
PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_611\qwert5.txt, , [f99a2bc997f23006751ebd995ea5a15f],
PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_611\qwert6.txt, , [f99a2bc997f23006751ebd995ea5a15f],
PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_611\qwert9.txt, , [f99a2bc997f23006751ebd995ea5a15f],
PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_611\unins000.dat, , [f99a2bc997f23006751ebd995ea5a15f],
PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_611\unins000.exe, , [f99a2bc997f23006751ebd995ea5a15f],
PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_611\unins000.msg, , [f99a2bc997f23006751ebd995ea5a15f],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\bgNova.html, , [a8eb30c42c5d1125717a9cbcae5504fc],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\62bca8b3-b73a-4a9f-873b-1cc2b0947374.xpi, , [a8eb30c42c5d1125717a9cbcae5504fc],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\background.html, , [a8eb30c42c5d1125717a9cbcae5504fc],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\c2bf5342-57d1-40cb-aaed-8a127238288b.dll, , [a8eb30c42c5d1125717a9cbcae5504fc],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\e35b4bb6-93b3-4dc1-8ec5-3a17064813b4.crx, , [a8eb30c42c5d1125717a9cbcae5504fc],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\HQ-Video-Pro-2.1cV07.01.ico, , [a8eb30c42c5d1125717a9cbcae5504fc],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\Uninstall.exe, , [a8eb30c42c5d1125717a9cbcae5504fc],
PUP.Optional.StormWatch.A, C:\Users\Ashley\AppData\Local\Weather_Protector_LLC\StormWatch.exe_Url_usbt2h442ct3xjfow5su3qyydefw1pax\2.0.0.0\user.config, , [781b6b89a8e190a60e2f6af0ca39ec14],
PUP.Optional.ConvertAd.A, C:\Users\Ashley\AppData\Local\ConvertAd\carunasu.exe, , [712203f10782290d04821248c73c867a],
PUP.Optional.ConvertAd.A, C:\Users\Ashley\AppData\Local\ConvertAd\CASrv.exe, , [712203f10782290d04821248c73c867a],
PUP.Optional.ConvertAd.A, C:\Users\Ashley\AppData\Local\ConvertAd\ConvertAd.exe, , [712203f10782290d04821248c73c867a],
PUP.Optional.ConvertAd.A, C:\Users\Ashley\AppData\Local\ConvertAd\Uninstall.exe, , [712203f10782290d04821248c73c867a],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome.manifest, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\install.rdf, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\0b161b602d4604541698ce31adfdb46b.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\6cfa8b69e16039d83c6d05d0b4e706a2.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\7a37e847fd7244b1d0a4aa2eebd26e3b.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\96d71b829e2f50a5c9a89acf84d408ae.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\background.html, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\browser.xul, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\cd55814171faff3b5b135c3cd71644df.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\dialog.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\fb72fd5e895dd32cfb7edac2b221fc00.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\ffCoreFilesIndex.txt, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\options.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\options.xul, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\search_dialog.xul, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\6ef2158977a15b41d93dd60f784986e4.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\0062eb33b9f65dd87e8831643f64dcd9.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\040462703891535ab654fd1c8de5e0ac.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\0e3f8d0dd10f5a6e5c02d505a88f57f9.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\4470a771ed6b3870bbbda1fe20beb13b.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\464c5133c8901f2c7c6290b6dfa2c181.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\4a11e8148e646be81d3b923a26c1b588.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\5571f45cc66c393b6c4cbdc30ca63be0.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\6115e0328793568243dcabdc7507b147.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\731308448bc3595cd7d453c5e5c63446.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\7f3cf7e16a3463cad65cba05759a48d2.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\8f87dcc21151b46cd3971050b7f7f97a.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\ab3cde93fac1334630ac6eea9ac681a4.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\b0789fe40047992ab2273a444ddfa47a.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\c3ded6a9706ec31dcbad5f24e0e819f0.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\ddb2ef42c10828635a4b6cd33f67d437.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\62a4404d11aab0adb4ecfac8de33394f.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\0658d1f5a5b28b979fcc904c360b4bf2.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\09d0384a83e84036f08c04b17d7951d4.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\0b74a72909c458be9a06f131e17927ce.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\137d6935a1543812f59d2feaf9955edc.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\1ed015a3c9de473d362aff2aba1de2da.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\271c5608ccb5ad5249128e6a444e81ca.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\302a5eb173c5477239e037cc1c88b1ca.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\44cbe1295b9bac431995b94204b76ea6.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\5c8a22c1c0a8e9ea153b941afffe6e71.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\5e8f52777255cde91cd68c9d6ce3a84c.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\69e4a4e16ab63744ab42c2dc74483341.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\6b9ec89b0def5b192e48c975649cfd35.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\c4916fbd19d69ed5a19fd2740f755120.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\c709336d4ef667f1bfec53879b9bdabe.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\d703f237c73b20714864d99d1a457527.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\dec6b861b184c1f2ff782e35ff5fbc43.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\ecf50a034baca99a60cc1f0e72dddcb4.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\f552f828df20391162a7f770eb1e3fd9.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\f8857562e5ddb1d252db8dc7613e9e83.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\installer.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\defaults\preferences\prefs.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\manifest.xml, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins.json, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\253.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\102.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\104.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\119.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\123.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\13.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\14.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\16.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\17.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\178.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\179.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\180.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\184.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\195.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\200.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\217.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\220.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\221.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\223.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\231.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\232.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\234.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\242.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\244.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\246.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\260.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\262.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\263.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\273.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\281.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\286.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\289.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\300.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\301.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\335.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\342.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\344.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\345.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\354.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\356.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\4.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\47.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\64.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\7.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\78.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\9.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\91.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\93.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\userCode\background.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\userCode\extension.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\locale\en-US\translations.dtd, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\button1.png, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\button2.png, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\button3.png, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\button4.png, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\button5.png, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\crossrider_statusbar.png, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\icon128.png, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\icon16.png, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\icon24.png, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\icon48.png, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\panelarrow-up.png, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\popup.html, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\skin.css, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\update.css, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.VOPackage.A, C:\Users\Ashley\AppData\Roaming\VOPackage\runasu.exe, , [23703cb82366c472a748b3b1a26158a8],
PUP.Optional.VOPackage.A, C:\Users\Ashley\AppData\Roaming\VOPackage\Uninstall.exe, , [23703cb82366c472a748b3b1a26158a8],
PUP.Optional.VOPackage.A, C:\Users\Ashley\AppData\Roaming\VOPackage\VOPackage.exe, , [23703cb82366c472a748b3b1a26158a8],
PUP.Optional.VOPackage.A, C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage\Configure.lnk, , [910242b203864de9fcf4acb80ef57d83],
PUP.Optional.VooUpdate.A, C:\Users\Ashley\AppData\Roaming\VooUpdate\UpdateProc\bkup.dat, , [d2c1e1136e1b152132f4b4b1b05301ff],
PUP.Optional.VooUpdate.A, C:\Users\Ashley\AppData\Roaming\VooUpdate\UpdateProc\config.dat, , [d2c1e1136e1b152132f4b4b1b05301ff],
PUP.Optional.VooUpdate.A, C:\Users\Ashley\AppData\Roaming\VooUpdate\UpdateProc\info.dat, , [d2c1e1136e1b152132f4b4b1b05301ff],
PUP.Optional.VooUpdate.A, C:\Users\Ashley\AppData\Roaming\VooUpdate\UpdateProc\UpdateTask.exe, , [d2c1e1136e1b152132f4b4b1b05301ff],
PUP.Optional.Trovi, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\prefs.js, Good: (), Bad: (user_pref("browser.search.defaultenginename", "Trovi search") , ,[1d766d874148cb6b1cb4c9fbef1623dd]
PUP.Optional.Trovi, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\prefs.js, Good: (), Bad: (user_pref("browser.search.selectedEngine", "Trovi search") , ,[a2f13eb6ff8a4aece1f0fec62dd8b749]
PUP.Optional.Trovi.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://www.trovi.com...E872A5629&SSPV=") , ,[266d5f957b0e2a0c7be364616e97e51b]
PUP.Optional.Trovi.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\prefs.js, Good: (), Bad: (user_pref("browser.newtab.url", "http://www.trovi.com...14-907E872A5629") , ,[543f649035547eb81e41c6ff9f66d828]
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\prefs.js, Good: (), Bad: (user_pref("extensions.crossrider.bic", "14ac54e8dd6395292bd6315905c61044") , ,[722145af0f7aba7cf5b65c6925e0b050]

Physical Sectors: 0
(No malicious items detected)

(end)

Next here is the DDS log with attachment attached to this post.

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 11.0.9600.17496
Run by Ashley at 19:41:39 on 2015-01-07
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
mStart Page = www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\CoIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\CoIEPlg.dll
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.0.1 205.171.2.65
TCP: Interfaces\{7D96FBD0-0833-4217-8B3A-B0673E8F6CD4} : DHCPNameServer = 192.168.0.1 205.171.2.65
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.8.23\CoIEPlg.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.8.23\CoIEPlg.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [CCE] "C:\Users\Ashley\Documents\Virus Utilities\cce_2.5.242177.201_x64\CCE\CCE.exe" -showlog
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\
FF - prefs.js: browser.search.defaulturl - hxxp://websearch.searchoholic.info/?pid=21073&r=2014/12/29&hid=10223791501083041900&lg=EN&cc=US&unqvl=72&l=1&q=
FF - prefs.js: browser.search.selectedEngine - Trovi search
FF - prefs.js: browser.startup.homepage - hxxp://www.trovi.com/?gd=&ctid=CT3332128&octid=EB_ORIGINAL_CTID&ISID=I63E6038F-1CE3-493F-959E-FB6BE7E3EB4F&SearchSource=55&CUI=&UM=8&UP=SP169215C0-C634-4015-B514-907E872A5629&SSPV=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll
.
---- FIREFOX POLICIES ----
.
.
.
.
.
.
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2015-01-07 17:15:10   --------   d-sh--w-   C:\Users\Ashley\AppData\Local\EmieBrowserModeList
2015-01-07 17:10:06   --------   d-----w-   C:\Users\Ashley\AppData\Roaming\Super Optimizer
2015-01-07 17:09:22   --------   d-----w-   C:\SUPERDelete
2015-01-07 17:06:23   --------   d-----w-   C:\Windows\SysWow64\Flash
2015-01-07 17:05:44   613057   ----a-w-   C:\Users\Ashley\AppData\Local\nsy3251.tmp
2015-01-07 17:05:43   --------   d-sh--w-   C:\Users\Ashley\AppData\Roaming\AnyProtectEx
2015-01-07 17:05:43   --------   d-----w-   C:\Program Files (x86)\AnyProtectEx
2015-01-07 17:05:10   56432   ----a-w-   C:\Windows\System32\drivers\webinstrNHK.sys
2015-01-07 17:05:10   2019   ----a-w-   C:\Windows\patsearch.bin
2015-01-07 17:04:57   --------   d-----w-   C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30
2015-01-07 17:04:48   --------   d-----w-   C:\Program Files (x86)\Super Optimizer
2015-01-07 17:04:44   --------   d-----w-   C:\Program Files (x86)\predm
2015-01-07 17:00:28   --------   d-----w-   C:\Users\Ashley\AppData\Local\SmartWeb
2015-01-07 16:51:52   --------   d-----w-   C:\Program Files\CCleaner
2015-01-07 16:51:50   --------   d-----w-   C:\Users\Ashley\AppData\Local\wincheck
2015-01-07 16:50:40   --------   d-----w-   C:\Users\Ashley\AppData\Local\GeniusBox
2015-01-07 16:50:09   --------   d-----w-   C:\Program Files (x86)\28aeea84-e5dd-4769-9212-7eacddbe42a4
2015-01-07 16:50:07   --------   d-----w-   C:\Users\Ashley\AppData\Local\globalUpdate
2015-01-07 16:50:07   --------   d-----w-   C:\Program Files (x86)\globalUpdate
2015-01-07 16:35:02   --------   d-----w-   C:\ProgramData\makulitsidwe
2015-01-07 15:41:50   --------   d-----w-   C:\EEK
2015-01-07 15:39:22   43664   ----a-w-   C:\Windows\System32\drivers\hitmanpro37.sys
2015-01-07 12:43:03   --------   d-----w-   C:\ProgramData\HitmanPro
2015-01-07 08:27:07   --------   d-----w-   C:\Users\Ashley\AppData\Local\ElevatedDiagnostics
2015-01-07 08:21:14   11870360   ----a-w-   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{925454B9-2117-4BF9-96DC-F17F0D218F03}\mpengine.dll
2015-01-07 08:19:17   --------   d-----w-   C:\Windows\pss
2014-12-30 06:43:39   --------   d-----w-   C:\Program Files\Microsoft Mouse and Keyboard Center
2014-12-29 09:31:07   --------   d-----w-   C:\Windows\SysWow64\X86
2014-12-29 09:31:07   --------   d-----w-   C:\Windows\SysWow64\AMD64
2014-12-29 09:30:17   --------   d-----w-   C:\Program Files (x86)\Ghostery
2014-12-29 09:30:06   --------   d-----w-   C:\Program Files (x86)\YoautubEAdBlloCCke
2014-12-29 09:29:54   --------   d-----w-   C:\Program Files (x86)\unisailees
2014-12-29 09:29:46   --------   d-----w-   C:\ProgramData\14357881760666442250
2014-12-29 09:29:46   --------   d-----w-   C:\Program Files (x86)\uuniSaalEs
2014-12-17 21:47:44   144384   ----a-w-   C:\Windows\System32\ieUnatt.exe
2014-12-17 21:47:44   115712   ----a-w-   C:\Windows\SysWow64\ieUnatt.exe
2014-12-10 11:20:58   --------   d-----w-   C:\Windows\System32\appraiser
2014-12-10 11:01:13   3209728   ----a-w-   C:\Windows\SysWow64\mf.dll
2014-12-10 11:01:12   4121600   ----a-w-   C:\Windows\System32\mf.dll
2014-12-10 09:50:00   830976   ----a-w-   C:\Windows\System32\appraiser.dll
2014-12-10 09:50:00   741376   ----a-w-   C:\Windows\System32\invagent.dll
2014-12-10 09:50:00   413184   ----a-w-   C:\Windows\System32\generaltel.dll
2014-12-10 09:50:00   396800   ----a-w-   C:\Windows\System32\devinv.dll
2014-12-10 09:50:00   192000   ----a-w-   C:\Windows\System32\aepic.dll
2014-12-10 09:50:00   1232040   ----a-w-   C:\Windows\System32\aitstatic.exe
2014-12-10 09:50:00   1083392   ----a-w-   C:\Windows\System32\aeinv.dll
2014-12-10 09:46:50   346624   ----a-w-   C:\Windows\System32\WSManMigrationPlugin.dll
2014-12-09 03:58:45   94320   ----a-w-   C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
.
==================== Find3M ====================
.
2015-01-08 00:41:04   129752   ----a-w-   C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-12-10 12:15:10   71344   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-10 12:15:10   701104   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2014-12-04 02:50:37   227328   ----a-w-   C:\Windows\System32\aepdu.dll
2014-11-24 22:04:56   275080   ------w-   C:\Windows\System32\MpSigStub.exe
2014-11-22 03:06:23   2724864   ----a-w-   C:\Windows\System32\mshtml.tlb
2014-11-22 03:06:11   4096   ----a-w-   C:\Windows\System32\ieetwcollectorres.dll
2014-11-22 02:50:39   66560   ----a-w-   C:\Windows\System32\iesetup.dll
2014-11-22 02:50:10   580096   ----a-w-   C:\Windows\System32\vbscript.dll
2014-11-22 02:49:54   48640   ----a-w-   C:\Windows\System32\ieetwproxystub.dll
2014-11-22 02:48:20   88064   ----a-w-   C:\Windows\System32\MshtmlDac.dll
2014-11-22 02:35:29   114688   ----a-w-   C:\Windows\System32\ieetwcollector.exe
2014-11-22 02:34:51   814080   ----a-w-   C:\Windows\System32\jscript9diag.dll
2014-11-22 02:34:07   6039552   ----a-w-   C:\Windows\System32\jscript9.dll
2014-11-22 02:26:31   968704   ----a-w-   C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-22 02:20:44   2724864   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2014-11-22 02:14:16   77824   ----a-w-   C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-22 02:07:43   501248   ----a-w-   C:\Windows\SysWow64\vbscript.dll
2014-11-22 02:07:17   62464   ----a-w-   C:\Windows\SysWow64\iesetup.dll
2014-11-22 02:06:32   47616   ----a-w-   C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05:02   64000   ----a-w-   C:\Windows\SysWow64\MshtmlDac.dll
2014-11-22 01:54:30   620032   ----a-w-   C:\Windows\SysWow64\jscript9diag.dll
2014-11-22 01:47:10   1359360   ----a-w-   C:\Windows\System32\mshtmlmedia.dll
2014-11-22 01:46:58   2125312   ----a-w-   C:\Windows\System32\inetcpl.cpl
2014-11-22 01:40:04   60416   ----a-w-   C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29:26   4299264   ----a-w-   C:\Windows\SysWow64\jscript9.dll
2014-11-22 01:28:21   2358272   ----a-w-   C:\Windows\System32\wininet.dll
2014-11-22 01:22:49   2052096   ----a-w-   C:\Windows\SysWow64\inetcpl.cpl
2014-11-22 01:21:57   1155072   ----a-w-   C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:00:20   1888256   ----a-w-   C:\Windows\SysWow64\wininet.dll
2014-11-21 14:14:22   63704   ----a-w-   C:\Windows\System32\drivers\mwac.sys
2014-11-21 14:14:12   93400   ----a-w-   C:\Windows\System32\drivers\mbamchameleon.sys
2014-11-21 14:14:08   25816   ----a-w-   C:\Windows\System32\drivers\mbam.sys
2014-11-19 12:31:16   1217192   ----a-w-   C:\Windows\SysWow64\FM20.DLL
2014-11-11 03:09:06   1424384   ----a-w-   C:\Windows\System32\WindowsCodecs.dll
2014-11-11 03:08:52   241152   ----a-w-   C:\Windows\System32\pku2u.dll
2014-11-11 03:08:48   728064   ----a-w-   C:\Windows\System32\kerberos.dll
2014-11-11 02:44:45   1230336   ----a-w-   C:\Windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44:32   186880   ----a-w-   C:\Windows\SysWow64\pku2u.dll
2014-11-11 02:44:25   550912   ----a-w-   C:\Windows\SysWow64\kerberos.dll
2014-11-11 01:46:26   119296   ----a-w-   C:\Windows\System32\drivers\tdx.sys
2014-11-08 03:16:08   2048   ----a-w-   C:\Windows\System32\tzres.dll
2014-11-08 02:45:09   2048   ----a-w-   C:\Windows\SysWow64\tzres.dll
2014-10-30 02:03:43   165888   ----a-w-   C:\Windows\System32\charmap.exe
2014-10-30 01:45:43   155136   ----a-w-   C:\Windows\SysWow64\charmap.exe
2014-10-25 01:57:59   77824   ----a-w-   C:\Windows\System32\packager.dll
2014-10-25 01:32:37   67584   ----a-w-   C:\Windows\SysWow64\packager.dll
2014-10-18 02:05:23   861696   ----a-w-   C:\Windows\System32\oleaut32.dll
2014-10-18 01:33:18   571904   ----a-w-   C:\Windows\SysWow64\oleaut32.dll
2014-10-14 02:16:37   155064   ----a-w-   C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06   683520   ----a-w-   C:\Windows\System32\termsrv.dll
2014-10-14 02:13:00   3241984   ----a-w-   C:\Windows\System32\msi.dll
2014-10-14 02:12:57   1460736   ----a-w-   C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31   146432   ----a-w-   C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31   681984   ----a-w-   C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47   22016   ----a-w-   C:\Windows\SysWow64\secur32.dll
2014-10-14 01:50:41   2363904   ----a-w-   C:\Windows\SysWow64\msi.dll
2014-10-14 01:49:38   96768   ----a-w-   C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30   146432   ----a-w-   C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02   681984   ----a-w-   C:\Windows\SysWow64\adtschema.dll
.
============= FINISH: 19:42:27.46 ===============

Attached Files

attach.txt 6.95KB 268 downloads

Edited by jeff matthews, 07 January 2015 - 09:53 PM.

Advertisements

Register to Remove

#2 LiquidTension

SuperMember

Retired Classroom Teacher
2,566 posts

Posted 08 January 2015 - 12:16 AM

Hello jeff matthews, welcome to WhatTheTech's Malware Removal forum!

My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that.

======================================================

Please read through the points below to ensure this process moves as quickly and efficiently as possible.

Please ensure you read through my instructions thoroughly, and carry out each step in the order specified.
Please do not post logs using the CODE, QUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.
Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation and providing the best set of instructions for you.
Please backup important files before proceeding with my instructions. Malware removal can be unpredictable.
If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before proceeding.
Topics are locked if no response is made after 4 days. Please inform me if you require additional time to complete my instructions.
Ensure you are following this topic. Click at the top of the page.

======================================================

Thank you for your description of the issues you're experiencing.

I am going to provide some logs, first here is the MalewareBytes log that i scanned. It found around 550+ infections.

Only Potentially Unwanted Programmes (PUPs) were found, and are not of particularly great concern.

Please run the following diagnostic scans so I can ascertain the state of your computer.

STEP 1
Farbar Recovery Scan Tool (FRST) Scan

Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run.
Right-Click FRST.exe / FRST64.exe and select Run as administrator to run the programme.
Click Yes to the disclaimer.
Ensure the Addition.txt box is checked.
Click the Scan button and let the programme run.
Upon completion, click OK, then OK on the Addition.txt pop up screen.
Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.

STEP 2
YARWD1t.png.pagespeed.ce.nvhmVeYDe3.png TDSSKiller Scan

Please download TDSSKiller and save the file to your Desktop.
Right-Click TDSSKiller.exe and select Run as administrator to run the programme.
Click Change parameters. Place a checkmark next to Detect TDLFS file system and Verify file digital signatures.
Click Start Scan. Do not use the computer during the scan.
If objects are found, change the action to skip.
Click Continue and close the window.
A log will be created and saved to the root directory (usually C:\). Attach the file in your next reply.

======================================================

STEP 3
Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

FRST.txt
Addition.txt
TDSSKiller log (attached)

Would you like to help others with malware removal? Join our Classroom and learn how!

#3 jeff matthews

Advanced Member

Authentic Member
781 posts

Posted 08 January 2015 - 01:33 AM

Ok thank you, i will have to provide one extra step unfortunately and that is i will need to download these applications from another pc using a thumb drive and copy them onto the infected machine. Updates may be an issue until the internet is resolved. Will this be ok? Also alot of these applications i do already have, would it be ok to use the ones i have on the machine, or should i download completely new versions

#4 LiquidTension

SuperMember

Retired Classroom Teacher
2,566 posts

Posted 08 January 2015 - 01:43 AM

Hello,

Both FRST and TDSSKiller can be saved to a thumb drive using a different machine, and transferred across to the infected machine. Ensure you move the files from your thumb drive to your Desktop.

Also alot of these applications i do already have, would it be ok to use the ones i have on the machine, or should i download completely new versions

Tools such as FRST are updated on a daily basis. It's important we use the most recent version. If, due to the issues you're experiencing with the Internet, you cannot update to the latest (by opening FRST and allowing the progamme to update), please do as mentioned above and transfer an updated version from a clean PC.

Would you like to help others with malware removal? Join our Classroom and learn how!

#5 jeff matthews

Advanced Member

Authentic Member
781 posts

Posted 08 January 2015 - 02:35 AM

Ok here are the logs.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by Ashley (administrator) on ASHLEY-PC on 08-01-2015 00:29:37
Running from C:\Users\Ashley\Desktop
Loaded Profile: Ashley (Available profiles: Ashley & Chuck)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CCE] => C:\Users\Ashley\Documents\Virus Utilities\cce_2.5.242177.201_x64\CCE\CCE.exe [7002032 2012-07-09] (COMODO)
HKLM-x32\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4297136 2012-10-30] (AVAST Software)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-11-21] (Malwarebytes Corporation)
HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5622512 2013-05-14] (SUPERAntiSpyware.com)
HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\...\MountPoints2: {c5429e11-26f2-11e4-8f1f-806e6f6e6963} - D:\Bin\ASSETUP.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-2650459626-1003566679-2177798267-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
BHO: avast! WebRep -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.8.23\coIEPlg.dll (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! WebRep -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\coIEPlg.dll (Symantec Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.8.23\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\coIEPlg.dll (Symantec Corporation)
Toolbar: HKU\S-1-5-21-2650459626-1003566679-2177798267-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.65

FireFox:
========
FF ProfilePath: C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3332128&octid=EB_ORIGINAL_CTID&ISID=I63E6038F-1CE3-493F-959E-FB6BE7E3EB4F&SearchSource=69&CUI=&SSPV=&Lay=1&UM=8&UP=SP169215C0-C634-4015-B514-907E872A5629
FF DefaultSearchEngine,S: WebSearch
FF DefaultSearchUrl: hxxp://websearch.searchoholic.info/?pid=21073&r=2014/12/29&hid=10223791501083041900&lg=EN&cc=US&unqvl=72&l=1&q=
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF SelectedSearchEngine: Trovi search
FF SelectedSearchEngine,S: WebSearch
FF Homepage: hxxp://www.trovi.com/?gd=&ctid=CT3332128&octid=EB_ORIGINAL_CTID&ISID=I63E6038F-1CE3-493F-959E-FB6BE7E3EB4F&SearchSource=55&CUI=&UM=8&UP=SP169215C0-C634-4015-B514-907E872A5629&SSPV=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\user.js
FF Extension: YoautubEAdBlloCCke - C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\Extensions\MXhp@Zr.edu [2014-12-29]
FF Extension: uuniSaalEs - C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\Extensions\piBes4Vs@M.org [2014-12-29]
FF Extension: WOT - C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-08-19]
FF Extension: Adblock Plus - C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-17]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.8.23\coFFPlgn
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.8.23\coFFPlgn [2015-01-07]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-20]
FF HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\...\Firefox\Extensions: [{DEB3EF69-9903-4024-9D7D-EBB2D0AA4C96}] - C:\Program Files (x86)\ver3BlockAndSurf\185.xpi

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\Exts\Chrome.crx [2014-10-20]
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-20]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\Exts\Chrome.crx [2014-10-20]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

ATTENTION: => Could not perform signature verification. Cryptographic Service is not running.

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808 2012-10-30] (AVAST Software)
S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [133912 2012-10-30] (AVAST Software)
S4 cae99edb; c:\Program Files (x86)\Super Optimizer\SupOptStats.dll [2801768 2015-01-07] ()
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2011-09-06] ()
S4 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\NST.exe [130104 2014-09-20] (Symantec Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S1 A2DDA; C:\EEK\BIN\a2ddax64.sys [26176 2015-01-07] (Emsisoft GmbH)
S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [25232 2012-10-30] (AVAST Software)
R1 aswFW; C:\Windows\System32\Drivers\aswFW.sys [132864 2012-10-30] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-30] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [71600 2012-10-30] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12368 2012-09-21] (ALWIL Software)
R0 aswNdis2; C:\Windows\System32\Drivers\aswNdis2.sys [262656 2012-10-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [54072 2012-10-15] (AVAST Software)
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [984144 2012-10-30] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [370288 2012-10-30] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59728 2012-10-30] (AVAST Software)
S1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07080.017\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2015-01-07] (Emsisoft GmbH)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-01-07] ()
S0 lqffzi; No ImagePath
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-07] (Malwarebytes Corporation)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S2 webinstrNHK; C:\Windows\system32\Drivers\webinstrNHK.sys [56432 2015-01-07] (Corsica)
S0 wjtvys; No ImagePath
S3 ALSysIO; \??\C:\Users\Ashley\AppData\Local\Temp\ALSysIO64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 00:29 - 2015-01-08 00:30 - 00012556 _____ () C:\Users\Ashley\Desktop\FRST.txt
2015-01-08 00:29 - 2015-01-08 00:29 - 00000000 ____D () C:\FRST
2015-01-08 00:29 - 2015-01-08 00:25 - 04187592 _____ (Kaspersky Lab ZAO) C:\Users\Ashley\Desktop\tdsskiller.exe
2015-01-08 00:29 - 2015-01-08 00:23 - 02124288 _____ (Farbar) C:\Users\Ashley\Desktop\FRST64.exe
2015-01-07 19:42 - 2015-01-07 19:42 - 00014009 _____ () C:\Users\Ashley\Desktop\dds.txt
2015-01-07 19:42 - 2015-01-07 19:42 - 00007121 _____ () C:\Users\Ashley\Desktop\attach.txt
2015-01-07 19:41 - 2015-01-07 19:38 - 00688992 ____R (Swearware) C:\Users\Ashley\Desktop\dds.com
2015-01-07 09:17 - 2015-01-07 09:17 - 00000512 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 405fe981-ffa0-480d-8fba-2444e54b8324.job
2015-01-07 09:17 - 2015-01-07 09:17 - 00000512 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 0508beb0-306f-4a8a-8ee8-3eeefbc167d1.job
2015-01-07 09:17 - 2015-01-07 09:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-01-07 09:15 - 2015-01-07 09:15 - 00000000 __SHD () C:\Users\Ashley\AppData\Local\EmieBrowserModeList
2015-01-07 09:10 - 2015-01-07 09:10 - 00003254 _____ () C:\Windows\System32\Tasks\Super Optimizer Schedule
2015-01-07 09:10 - 2015-01-07 09:10 - 00000000 ____D () C:\Users\Ashley\Documents\Super Optimizer
2015-01-07 09:10 - 2015-01-07 09:10 - 00000000 ____D () C:\Users\Ashley\AppData\Roaming\Super Optimizer
2015-01-07 09:09 - 2015-01-07 09:09 - 00000000 ____D () C:\SUPERDelete
2015-01-07 09:06 - 2015-01-07 09:06 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2015-01-07 09:06 - 2015-01-07 09:06 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2015-01-07 09:06 - 2015-01-07 09:06 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2015-01-07 09:06 - 2015-01-07 09:06 - 00001049 _____ () C:\Users\Ashley\Desktop\AnyProtect.lnk
2015-01-07 09:06 - 2015-01-07 09:06 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2015-01-07 09:06 - 2015-01-07 09:06 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2015-01-07 09:06 - 2015-01-07 09:06 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2015-01-07 09:06 - 2015-01-07 09:06 - 00000000 ____D () C:\Windows\SysWOW64\Flash
2015-01-07 09:06 - 2015-01-07 09:06 - 00000000 ____D () C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2015-01-07 09:05 - 2015-01-07 09:06 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2015-01-07 09:05 - 2015-01-07 09:05 - 00613057 _____ (CMI Limited) C:\Users\Ashley\AppData\Local\nsy3251.tmp
2015-01-07 09:05 - 2015-01-07 09:05 - 00002019 _____ () C:\Windows\patsearch.bin
2015-01-07 09:05 - 2015-01-07 09:05 - 00000000 __SHD () C:\Users\Ashley\AppData\Roaming\AnyProtectEx
2015-01-07 09:05 - 2015-01-07 09:05 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstrNHK_01009.Wdf
2015-01-07 09:05 - 2015-01-07 09:04 - 00056432 _____ (Corsica) C:\Windows\system32\Drivers\webinstrNHK.sys
2015-01-07 09:04 - 2015-01-07 09:06 - 00000000 ____D () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30
2015-01-07 09:04 - 2015-01-07 09:04 - 00004626 _____ () C:\Windows\System32\Tasks\Runner IC
2015-01-07 09:04 - 2015-01-07 09:04 - 00001090 _____ () C:\Users\Ashley\Desktop\Super Optimizer.lnk
2015-01-07 09:04 - 2015-01-07 09:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
2015-01-07 09:04 - 2015-01-07 09:04 - 00000000 ____D () C:\Program Files (x86)\Super Optimizer
2015-01-07 09:04 - 2015-01-07 09:04 - 00000000 ____D () C:\Program Files (x86)\predm
2015-01-07 09:00 - 2015-01-07 17:04 - 00000000 ____D () C:\Users\Ashley\AppData\Local\SmartWeb
2015-01-07 09:00 - 2015-01-07 09:40 - 00008917 _____ () C:\Windows\WindowsUpdate.log
2015-01-07 08:59 - 2015-01-07 08:59 - 00001056 _____ () C:\Users\Ashley\Desktop\Continue Live Installation.lnk
2015-01-07 08:58 - 2015-01-07 08:58 - 00001973 _____ () C:\Users\Ashley\Desktop\Sync Folder.lnk
2015-01-07 08:56 - 2015-01-07 16:31 - 00001053 _____ () C:\Windows\setupact.log
2015-01-07 08:56 - 2015-01-07 08:56 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-07 08:55 - 2015-01-07 17:05 - 00140632 _____ () C:\Windows\PFRO.log
2015-01-07 08:51 - 2015-01-07 09:05 - 00000000 ____D () C:\Users\Ashley\AppData\Local\wincheck
2015-01-07 08:51 - 2015-01-07 08:51 - 04645232 _____ (Piriform Ltd) C:\Users\Ashley\Desktop\ccsetup409.exe
2015-01-07 08:51 - 2015-01-07 08:51 - 00000782 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-07 08:51 - 2015-01-07 08:51 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-07 08:50 - 2015-01-07 17:04 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-01-07 08:50 - 2015-01-07 08:50 - 00001344 _____ () C:\Windows\Tasks\XSNOUNY.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00001342 _____ () C:\Windows\Tasks\BLPMKG.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000470 _____ () C:\Windows\Tasks\Client.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000454 _____ () C:\Windows\Tasks\Validate Uninstaller.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000450 _____ () C:\Windows\Tasks\Validate Updater.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000414 _____ () C:\Windows\Tasks\Check Updates.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000410 _____ () C:\Windows\Tasks\Run Tasks.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000064 _____ () C:\Users\Ashley\AppData\Local\55e2ee417d89b23c44dd0dae815edf92
2015-01-07 08:50 - 2015-01-07 08:50 - 00000000 ____D () C:\Users\Ashley\AppData\Local\globalUpdate
2015-01-07 08:50 - 2015-01-07 08:50 - 00000000 ____D () C:\Users\Ashley\AppData\Local\GeniusBox
2015-01-07 08:50 - 2015-01-07 08:50 - 00000000 ____D () C:\Program Files (x86)\28aeea84-e5dd-4769-9212-7eacddbe42a4
2015-01-07 08:49 - 2015-01-07 08:49 - 00000282 _____ () C:\Windows\Tasks\LaunchSignup.job
2015-01-07 08:45 - 2015-01-07 08:45 - 00001332 _____ () C:\Users\Ashley\Desktop\SUPERAntiSpyware Scan Log - 01-07-2015 - 08-44-22.log
2015-01-07 08:35 - 2015-01-07 08:46 - 00000000 ____D () C:\ProgramData\makulitsidwe
2015-01-07 08:14 - 2015-01-07 08:14 - 00000176 _____ () C:\Users\Ashley\Desktop\Scan_150107-081418.txt
2015-01-07 07:46 - 2015-01-07 07:46 - 00380416 _____ () C:\Users\Ashley\Downloads\gscxyzlt.exe
2015-01-07 07:41 - 2015-01-07 07:42 - 00000000 ____D () C:\EEK
2015-01-07 07:41 - 2015-01-07 07:41 - 00000743 _____ () C:\Users\Ashley\Desktop\Start Emsisoft Emergency Kit.lnk
2015-01-07 07:39 - 2015-01-07 07:39 - 00043664 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2015-01-07 07:38 - 2015-01-07 07:38 - 00004722 _____ () C:\Users\Ashley\Desktop\HitmanPro_20150107_0738.log
2015-01-07 07:37 - 2015-01-07 07:37 - 00001714 _____ () C:\Windows\system32\.crusader
2015-01-07 04:43 - 2015-01-07 07:38 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-01-07 04:38 - 2015-01-07 04:42 - 165090088 _____ () C:\Users\Ashley\Downloads\EmsisoftEmergencyKit.exe
2015-01-07 04:16 - 2015-01-07 04:16 - 04166770 _____ () C:\Users\Ashley\Downloads\tdsskiller.zip
2015-01-07 03:27 - 2015-01-07 09:03 - 00000000 ____D () C:\Users\Ashley\Documents\Virus Utilities
2015-01-07 03:20 - 2015-01-07 03:24 - 25543261 _____ () C:\Users\Ashley\Downloads\cce_2.5.242177.201_x64.zip
2015-01-07 00:26 - 2013-06-18 17:12 - 26190240 _____ (SUPERAntiSpyware.com) C:\Users\Ashley\Desktop\SUPERAntiSpyware.exe
2015-01-07 00:19 - 2015-01-07 09:11 - 00000000 ____D () C:\Windows\pss
2014-12-29 22:43 - 2014-12-29 22:43 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-12-29 22:43 - 2014-12-29 22:43 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-12-29 22:43 - 2014-12-29 22:43 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-12-29 22:43 - 2014-12-29 22:43 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-12-29 22:43 - 2014-12-29 22:43 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-12-29 22:43 - 2014-12-29 22:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-12-29 22:43 - 2014-12-29 22:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-12-29 22:43 - 2014-12-29 22:43 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-12-29 01:31 - 2014-12-29 01:31 - 00000000 ____D () C:\Windows\SysWOW64\X86
2014-12-29 01:31 - 2014-12-29 01:31 - 00000000 ____D () C:\Windows\SysWOW64\AMD64
2014-12-29 01:30 - 2015-01-07 03:22 - 00000000 ____D () C:\Program Files (x86)\YoautubEAdBlloCCke
2014-12-29 01:30 - 2014-12-29 01:30 - 00000000 ____D () C:\Program Files (x86)\Ghostery
2014-12-29 01:29 - 2015-01-07 03:22 - 00000000 ____D () C:\Program Files (x86)\unisailees
2014-12-29 01:29 - 2014-12-29 01:29 - 00000000 ____D () C:\ProgramData\14357881760666442250
2014-12-29 01:29 - 2014-12-29 01:29 - 00000000 ____D () C:\Program Files (x86)\uuniSaalEs
2014-12-29 01:00 - 2014-12-29 00:52 - 504015269 _____ () C:\Users\Ashley\Desktop\wolfblood.s03e08.720p.webrip.x264-failed.mkv
2014-12-29 01:00 - 2014-12-29 00:51 - 498921497 _____ () C:\Users\Ashley\Desktop\wolfblood.s03e07.720p.webrip.x264-failed.mkv
2014-12-28 23:56 - 2014-12-31 17:34 - 00000000 ____D () C:\Users\Ashley\Downloads\Wolfblood S3
2014-12-17 13:47 - 2014-12-12 21:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-17 13:47 - 2014-12-12 19:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-11 02:33 - 2014-12-11 05:54 - 00000000 ____D () C:\Users\Ashley\Downloads\Heroes
2014-12-10 03:20 - 2014-12-10 03:20 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 03:01 - 2014-10-17 18:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 03:01 - 2014-10-17 17:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 01:50 - 2014-12-03 18:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 01:50 - 2014-12-03 18:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 01:50 - 2014-12-03 18:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 01:50 - 2014-12-03 18:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 01:50 - 2014-12-03 18:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 01:50 - 2014-12-03 18:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 01:50 - 2014-12-01 15:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 01:49 - 2014-12-03 18:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 01:49 - 2014-11-26 17:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 01:49 - 2014-11-26 17:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 01:49 - 2014-11-21 19:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 01:49 - 2014-11-21 19:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 01:49 - 2014-11-21 19:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 01:49 - 2014-11-21 18:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 01:49 - 2014-11-21 18:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 01:49 - 2014-11-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 01:49 - 2014-11-21 18:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 01:49 - 2014-11-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 01:49 - 2014-11-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 01:49 - 2014-11-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 01:49 - 2014-11-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 01:49 - 2014-11-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 01:49 - 2014-11-21 18:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 01:49 - 2014-11-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 01:49 - 2014-11-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 01:49 - 2014-11-21 18:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 01:49 - 2014-11-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 01:49 - 2014-11-21 18:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 01:49 - 2014-11-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 01:49 - 2014-11-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 01:49 - 2014-11-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 01:49 - 2014-11-21 18:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 01:49 - 2014-11-21 18:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 01:49 - 2014-11-21 18:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 01:49 - 2014-11-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 01:49 - 2014-11-21 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 01:49 - 2014-11-21 18:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 01:49 - 2014-11-21 17:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 01:49 - 2014-11-21 17:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 01:49 - 2014-11-21 17:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 01:49 - 2014-11-21 17:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 01:49 - 2014-11-21 17:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 01:49 - 2014-11-21 17:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 01:49 - 2014-11-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 01:49 - 2014-11-21 17:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 01:49 - 2014-11-21 17:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 01:49 - 2014-11-21 17:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 01:49 - 2014-11-21 17:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 01:49 - 2014-11-21 17:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 01:49 - 2014-11-21 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 01:49 - 2014-11-21 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 01:49 - 2014-11-21 17:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 01:49 - 2014-11-21 17:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 01:49 - 2014-11-21 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 01:49 - 2014-11-21 17:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 01:49 - 2014-11-21 17:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 01:49 - 2014-11-21 17:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 01:49 - 2014-11-21 17:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 01:49 - 2014-11-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 01:49 - 2014-11-21 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 01:49 - 2014-11-21 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 01:49 - 2014-11-21 16:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 01:49 - 2014-11-10 19:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 01:49 - 2014-11-10 18:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 01:49 - 2014-11-10 17:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 01:46 - 2014-11-07 19:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 01:46 - 2014-11-07 18:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 01:46 - 2014-10-29 18:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 01:46 - 2014-10-29 17:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 01:46 - 2014-10-02 18:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 01:46 - 2014-10-02 18:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 01:46 - 2014-10-02 18:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 01:46 - 2014-10-02 18:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 01:46 - 2014-10-02 18:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 01:46 - 2014-10-02 17:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 01:46 - 2014-10-02 17:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 01:46 - 2014-10-02 17:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 01:46 - 2014-10-02 17:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 01:46 - 2014-10-02 17:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-07 16:41 - 2014-08-23 22:32 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-07 09:17 - 2014-08-23 22:37 - 00001768 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-01-07 09:17 - 2014-08-23 22:37 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-07 09:06 - 2014-08-20 15:01 - 00000000 ____D () C:\Users\Ashley\AppData\Roaming\uTorrent
2015-01-07 09:05 - 2009-07-13 20:45 - 00028928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-07 09:05 - 2009-07-13 20:45 - 00028928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-07 09:03 - 2009-07-13 21:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-07 08:56 - 2014-08-17 17:33 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-07 08:56 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-07 08:54 - 2014-11-13 12:33 - 00000000 ____D () C:\Users\Ashley\AppData\Local\CrashDumps
2015-01-07 08:54 - 2014-10-22 01:16 - 00000000 ____D () C:\Windows\Minidump
2015-01-07 08:54 - 2014-08-18 09:14 - 00000000 ____D () C:\Windows\Panther
2015-01-07 08:50 - 2014-08-17 17:40 - 00000000 ____D () C:\Program Files (x86)\ASM104xUSB3
2015-01-07 04:06 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\Web
2015-01-07 03:15 - 2014-08-23 22:31 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-07 03:15 - 2014-08-23 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-07 03:15 - 2014-08-23 22:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-07 00:21 - 2014-08-26 17:38 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-01-07 00:15 - 2014-08-17 18:03 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-07 00:10 - 2014-08-17 17:33 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-01 21:21 - 2014-08-17 17:29 - 00000000 ____D () C:\ProgramData\Norton
2014-12-31 05:14 - 2009-07-13 20:45 - 00409568 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-30 00:49 - 2014-08-23 12:12 - 00109688 _____ () C:\Users\Chuck\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-30 00:49 - 2014-08-17 17:52 - 00109688 _____ () C:\Users\Ashley\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-29 21:54 - 2014-11-07 16:36 - 00000000 ____D () C:\Users\Chuck\AppData\Local\CrashDumps
2014-12-11 16:48 - 2014-08-17 17:33 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-11 02:33 - 2014-12-05 03:32 - 00000000 ____D () C:\Users\Ashley\Downloads\Buffy the Vampire Slayer Classics (Dark Horse, 2011-...) (01-...)
2014-12-11 02:21 - 2014-08-17 18:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-10 05:24 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-12-10 04:15 - 2014-08-17 18:03 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 04:15 - 2014-08-17 18:03 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 04:15 - 2014-08-17 18:03 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-10 03:20 - 2014-08-19 02:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 03:20 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 03:20 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 03:05 - 2014-11-28 16:05 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 03:04 - 2014-08-21 01:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 03:02 - 2014-08-21 01:39 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Ashley\AppData\Local\Temp\99648137-C26F-E6FB-3819-EB158432D633.dll
C:\Users\Ashley\AppData\Local\Temp\99648137-C26F-E6FB-3819-EB158432D633.exe
C:\Users\Ashley\AppData\Local\Temp\A8B293B6-0520-1E1E-C444-05C89AD3F685.exe
C:\Users\Ashley\AppData\Local\Temp\amisetup8163__11003.exe
C:\Users\Ashley\AppData\Local\Temp\amisetup8199__11005.exe
C:\Users\Ashley\AppData\Local\Temp\CloudBackup4064.exe
C:\Users\Ashley\AppData\Local\Temp\supoptsetup.exe
C:\Users\Ashley\AppData\Local\Temp\vcredist_x64.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-12-25 00:58

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015
Ran by Ashley at 2015-01-08 00:30:11
Running from C:\Users\Ashley\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\...\uTorrent) (Version: 3.4.2.36802 - BitTorrent Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.4 - CMI Limited) <==== ATTENTION
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
ASUS Product Register Program (HKLM-x32\...\{49BE9B8A-E858-4533-A74A-64306C13DB59}) (Version: 1.0.014 - ASUS)
avast! Internet Security (HKLM-x32\...\avast) (Version: 7.0.1474.0 - AVAST Software)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MP Navigator EX 5.1 (HKLM-x32\...\MP Navigator EX 5.1) (Version: - )
Canon MX510 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX510_series) (Version: - )
Canon MX510 series On-screen Manual (HKLM-x32\...\Canon MX510 series On-screen Manual) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: - )
CBR Reader (HKLM-x32\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version: - cbrreader.com)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
DVDFab 9.0.4.2 (27/05/2013) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
GeniusBox 2.0 (HKLM-x32\...\GeniusBox) (Version: 2.0 - GeniusBox 2.0)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Idle Crawler (HKLM-x32\...\F12554C8-33A4-1849-80EB-56C2622F6A30) (Version: 125.0.0.472 - EUROHAUTE LTD) <==== ATTENTION
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
KCP-0.5.4.0 (HKLM-x32\...\Kawaii Codec Pack_is1) (Version: 0.5.4.0 - Haruhichan.com)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.8.23 - Symantec Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Super Optimizer v3.2 (HKLM-x32\...\Super Optimizer_is1) (Version: 3.2.0.1 - Super PC Tools ltd)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.74 - VSO Software)
WinCheck (HKLM-x32\...\wincheck) (Version: 1.0.0.0 - WinCheck) <==== ATTENTION!
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
Zoompic (HKLM-x32\...\zoompic) (Version: 1.1.0.29 - Zoompic) <==== ATTENTION!

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

Could not list restore points.
Check "winmgmt" service or repair WMI.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2009-06-10 13:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0A34076C-7C19-4B57-99E0-1511B5A565E3} - System32\Tasks\Super Optimizer Schedule => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe [2014-12-26] (SUPER PC TOOLS LIMITED)
Task: {1D4568D6-E7ED-4FD4-81D4-9E06C08D619A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2012-10-30] (AVAST Software)
Task: {2383CADB-BC8D-4B03-B1A7-15B2FB86CBC7} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {286B1FB2-E492-499A-A07C-2D391D99C79A} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-01-07] (AnyProtect.com) <==== ATTENTION
Task: {39F5A2DE-68ED-4E42-B65F-09BCF4BF3DA3} - \BlockAndSurf Update No Task File <==== ATTENTION
Task: {3E12A637-10FC-47A1-9B4A-3F2CF0945231} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {56F93B1D-8557-4713-9DC9-9C4AF49842B8} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {664DDD14-3249-429B-A4C1-40969E91B163} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {676D9544-1738-4D8A-8A0C-D6E5686DD943} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-01-07] (AnyProtect.com) <==== ATTENTION
Task: {6B801873-B3A2-4C74-9CED-08B4638255B5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {6D58477C-6572-4645-86EA-089A577D9752} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {733874A1-2C90-47B6-8205-029879364D7D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {7A7FAE54-D8BC-4C3E-8447-0D6C8F1A4071} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-01-07] (AnyProtect.com) <==== ATTENTION
Task: {7BD730F5-2D2C-414D-A96B-028036691365} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {7DE2E9BE-06FC-4B78-AE19-C87EBB01D6BB} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {8D2A1FB9-D9D6-4FCC-93A6-B4440188F340} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {99F973DB-AE0B-4CC3-B8A6-9B202955A605} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {9FC2D183-6C20-46F5-8FA2-73385FAFC75C} - \Voo Update No Task File <==== ATTENTION
Task: {A83040FC-1ADB-48FF-B060-2A22374D7315} - \SmartWeb Upgrade Trigger Task No Task File <==== ATTENTION
Task: {A8F8A9B7-F3F5-4B87-A456-E62516B926AF} - System32\Tasks\Runner IC => %LOCALAPPDATA%\F12554C8-33A4-1849-80EB-56C2622F6A30\Runner.exe
Task: {D1B6C965-176F-4907-8FB2-CC155BB3EEA1} - System32\Tasks\{BA9F18D4-E395-4EAF-AA1F-E68AC28632A5} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {D54B1E34-5209-4F5C-86C0-D3D1814714A2} - System32\Tasks\Microsoft\Windows\Maintenance\Update IC => %LOCALAPPDATA%\F12554C8-33A4-1849-80EB-56C2622F6A30\Runner.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\BLPMKG.job => C:\Users\Ashley\AppData\Roaming\BLPMKG.exe <==== ATTENTION
Task: C:\Windows\Tasks\Check Updates.job => C:\Users\Ashley\AppData\Local\GeniusBox\Updater.exe
Task: C:\Windows\Tasks\Client.job => C:\Users\Ashley\AppData\Local\GeniusBox\client.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\LaunchSignup.job => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: C:\Windows\Tasks\Run Tasks.job => C:\Users\Ashley\AppData\Local\GeniusBox\Tasks.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 0508beb0-306f-4a8a-8ee8-3eeefbc167d1.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 405fe981-ffa0-480d-8fba-2444e54b8324.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\Validate Uninstaller.job => C:\Users\Ashley\AppData\Local\GeniusBox\Uninstall.exe
Task: C:\Windows\Tasks\Validate Updater.job => C:\Users\Ashley\AppData\Local\GeniusBox\Updater.exe
Task: C:\Windows\Tasks\XSNOUNY.job => C:\Users\Ashley\AppData\Roaming\XSNOUNY.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: ALG => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AppIDSvc => 3
MSCONFIG\Services: AudioEndpointBuilder => 2
MSCONFIG\Services: AudioSrv => 2
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: BFE => 2
MSCONFIG\Services: BITS => 2
MSCONFIG\Services: Browser => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: cae99edb => 2
MSCONFIG\Services: CertPropSvc => 3
MSCONFIG\Services: clr_optimization_v4.0.30319_32 => 2
MSCONFIG\Services: clr_optimization_v4.0.30319_64 => 2
MSCONFIG\Services: CltMngSvc => 2
MSCONFIG\Services: COMSysApp => 3
MSCONFIG\Services: CryptSvc => 2
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: Dhcp => 2
MSCONFIG\Services: Dnscache => 2
MSCONFIG\Services: dot3svc => 3
MSCONFIG\Services: DPS => 2
MSCONFIG\Services: EapHost => 3
MSCONFIG\Services: EFS => 3
MSCONFIG\Services: ehRecvr => 3
MSCONFIG\Services: ehSched => 3
MSCONFIG\Services: eventlog => 2
MSCONFIG\Services: EventSystem => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: fdPHost => 3
MSCONFIG\Services: FDResPub => 3
MSCONFIG\Services: FontCache => 2
MSCONFIG\Services: FontCache3.0.0.0 => 3
MSCONFIG\Services: globalUpdate => 2
MSCONFIG\Services: globalUpdatem => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: hidserv => 3
MSCONFIG\Services: hkmsvc => 3
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: IEEtwCollectorService => 3
MSCONFIG\Services: IJPLMSVC => 2
MSCONFIG\Services: IKEEXT => 2
MSCONFIG\Services: Intel® Capability Licensing Service Interface => 2
MSCONFIG\Services: IPBusEnum => 3
MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: KeyIso => 3
MSCONFIG\Services: KtmRm => 3
MSCONFIG\Services: LanmanServer => 2
MSCONFIG\Services: LanmanWorkstation => 2
MSCONFIG\Services: lltdsvc => 3
MSCONFIG\Services: lmhosts => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: Microsoft SharePoint Workspace Audit Service => 3
MSCONFIG\Services: MMCSS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: MSDTC => 3
MSCONFIG\Services: MSiSCSI => 3
MSCONFIG\Services: msiserver => 3
MSCONFIG\Services: napagent => 3
MSCONFIG\Services: Netlogon => 3
MSCONFIG\Services: Netman => 3
MSCONFIG\Services: netprofm => 3
MSCONFIG\Services: NlaSvc => 2
MSCONFIG\Services: nsi => 2
MSCONFIG\Services: ose => 3
MSCONFIG\Services: osppsvc => 3
MSCONFIG\Services: p2pimsvc => 3
MSCONFIG\Services: p2psvc => 3
MSCONFIG\Services: PcaSvc => 2
MSCONFIG\Services: PerfHost => 3
MSCONFIG\Services: pla => 3
MSCONFIG\Services: PNRPAutoReg => 3
MSCONFIG\Services: PNRPsvc => 3
MSCONFIG\Services: PolicyAgent => 3
MSCONFIG\Services: Power => 2
MSCONFIG\Services: ProtectedStorage => 3
MSCONFIG\Services: QWAVE => 3
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 3
MSCONFIG\Services: RemoteRegistry => 3
MSCONFIG\Services: RpcLocator => 3
MSCONFIG\Services: SamSs => 2
MSCONFIG\Services: SCardSvr => 3
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: SDRSVC => 3
MSCONFIG\Services: seclogon => 3
MSCONFIG\Services: SENS => 2
MSCONFIG\Services: SensrSvc => 3
MSCONFIG\Services: serverca => 2
MSCONFIG\Services: servervo => 2
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: ShellHWDetection => 2
MSCONFIG\Services: SNMPTRAP => 3
MSCONFIG\Services: Spooler => 2
MSCONFIG\Services: sppuinotify => 3
MSCONFIG\Services: SSDPSRV => 3
MSCONFIG\Services: SstpSvc => 3
MSCONFIG\Services: stisvc => 3
MSCONFIG\Services: swprv => 3
MSCONFIG\Services: SWUpdater => 2
MSCONFIG\Services: SysMain => 2
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TBS => 3
MSCONFIG\Services: TermService => 3
MSCONFIG\Services: Themes => 2
MSCONFIG\Services: THREADORDER => 3
MSCONFIG\Services: TrkWks => 2
MSCONFIG\Services: TrustedInstaller => 3
MSCONFIG\Services: UI0Detect => 3
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: upnphost => 3
MSCONFIG\Services: UxSms => 2
MSCONFIG\Services: VaultSvc => 3
MSCONFIG\Services: vds => 3
MSCONFIG\Services: VSS => 3
MSCONFIG\Services: W32Time => 3
MSCONFIG\Services: WatAdminSvc => 3
MSCONFIG\Services: wbengine => 3
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: wcncsvc => 3
MSCONFIG\Services: WcsPlugInService => 3
MSCONFIG\Services: WdiServiceHost => 3
MSCONFIG\Services: WdiSystemHost => 3
MSCONFIG\Services: WebClient => 3
MSCONFIG\Services: Wecsvc => 3
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WinDefend => 2
MSCONFIG\Services: WinHttpAutoProxySvc => 3
MSCONFIG\Services: Winmgmt => 2
MSCONFIG\Services: WinRM => 3
MSCONFIG\Services: Wlansvc => 3
MSCONFIG\Services: wmiApSrv => 3
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\Services: wudfsvc => 3
MSCONFIG\Services: WwanSvc => 3
MSCONFIG\startupfolder: C:^Users^Ashley^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^SmartWeb.lnk => C:\Windows\pss\SmartWeb.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Ashley^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^StormWatch.lnk => C:\Windows\pss\StormWatch.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Ashley^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^StormWatchApp.lnk => C:\Windows\pss\StormWatchApp.lnk.Startup
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: ospd_us_611 => "C:\Program Files (x86)\ospd_us_611\ospd_us_611.exe"
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
MSCONFIG\startupreg: SmartWeb => C:\Users\Ashley\AppData\Local\SmartWeb\SmartWebHelper.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: Super Optimizer => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\Ashley\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: WinCheck => C:\Users\Ashley\AppData\Local\wincheck\wincheck.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-2650459626-1003566679-2177798267-500 - Administrator - Disabled)
Ashley (S-1-5-21-2650459626-1003566679-2177798267-1000 - Administrator - Enabled) => C:\Users\Ashley
Chuck (S-1-5-21-2650459626-1003566679-2177798267-1001 - Administrator - Enabled) => C:\Users\Chuck
Guest (S-1-5-21-2650459626-1003566679-2177798267-501 - Limited - Enabled)
Kristi (S-1-5-21-2650459626-1003566679-2177798267-1002 - Limited - Enabled)
Teri (S-1-5-21-2650459626-1003566679-2177798267-1003 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/07/2015 09:33:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://ctldl.windows...F5B856976AD.crt> with error: 12007 (0x2ee7).

Error: (01/07/2015 09:28:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://ctldl.windows...F5B856976AD.crt> with error: 12007 (0x2ee7).

Error: (01/07/2015 09:01:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program nsb2C67.tmp version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 158c

Start Time: 01d02a9b3da0ab52

Termination Time: 14

Application Path: C:\Users\Ashley\AppData\Local\Temp\nsb2C67.tmp

Report Id:

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
   The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.

Details:
   The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
   The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
   The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
   Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (01/07/2015 08:57:54 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
   The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:54 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:
   The content index server cannot update or access information because of a database error. Stop and restart the search service. If the problem persists, reset and recrawl the content index. In some cases it may be necessary to delete and recreate the content index. (HRESULT : 0x8004117f) (0x8004117f)

System errors:
=============
Error: (01/07/2015 05:07:50 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Security Center service depends on the Windows Management Instrumentation service which failed to start because of the following error:
%%1058

Error: (01/07/2015 05:05:50 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswSnx
aswSP
aswTdi
ccSet_NST
discache
lqffzi
SASDIFSV
SASKUTIL
spldr
Wanarpv6
wjtvys

Error: (01/07/2015 05:05:50 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error:
%%1058

Error: (01/07/2015 04:35:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Security Center service depends on the Windows Management Instrumentation service which failed to start because of the following error:
%%1058

Error: (01/07/2015 04:33:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswSnx
aswSP
aswTdi
ccSet_NST
discache
lqffzi
SASDIFSV
SASKUTIL
spldr
Wanarpv6
wjtvys

Error: (01/07/2015 04:33:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error:
%%1058

Error: (01/07/2015 04:31:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswKbd
aswSnx
aswSP
aswTdi
ccSet_NST
discache
SASDIFSV
SASKUTIL
spldr
Wanarpv6
wjtvys

Error: (01/07/2015 04:31:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error:
%%1058

Error: (01/07/2015 09:32:25 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Security Center service depends on the Windows Management Instrumentation service which failed to start because of the following error:
%%1058

Error: (01/07/2015 09:30:25 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswSnx
aswSP
aswTdi
ccSet_NST
discache
SASDIFSV
SASKUTIL
spldr
Wanarpv6
wjtvys

Microsoft Office Sessions:
=========================
Error: (01/07/2015 09:33:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windows...6976AD.crt12007 (0x2ee7)

Error: (01/07/2015 09:28:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windows...6976AD.crt12007 (0x2ee7)

Error: (01/07/2015 09:01:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: nsb2C67.tmp0.0.0.0158c01d02a9b3da0ab5214C:\Users\Ashley\AppData\Local\Temp\nsb2C67.tmp

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description:
Details:
   The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
   The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application

Details:
   The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
   The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
   Element not found. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (01/07/2015 08:57:54 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
   The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (01/07/2015 08:57:54 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
   The content index server cannot update or access information because of a database error. Stop and restart the search service. If the problem persists, reset and recrawl the content index. In some cases it may be necessary to delete and recreate the content index. (HRESULT : 0x8004117f) (0x8004117f)

==================== Memory info ===========================

Processor: Intel® Core™ i3-3220 CPU @ 3.30GHz
Percentage of memory in use: 9%
Total physical RAM: 8134.5 MB
Available physical RAM: 7402.3 MB
Total Pagefile: 16267.17 MB
Available Pagefile: 15577.78 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.66 GB) (Free:116.5 GB) NTFS
Drive e: () (Removable) (Total:14.9 GB) (Free:12.5 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 7C7BECB8)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 14.9 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

Attached Files

attach.txt 6.95KB 306 downloads

Edited by jeff matthews, 08 January 2015 - 02:38 AM.

#6 jeff matthews

Advanced Member

Authentic Member
781 posts

Posted 08 January 2015 - 08:41 PM

So what em i looking at here? I see though the logs, there is alot corruption. Does that mean the machine is heavily infected?

#7 LiquidTension

SuperMember

Retired Classroom Teacher
2,566 posts

Posted 08 January 2015 - 08:59 PM

Hello,

Were you unable to run FRST in Normal Mode? If you can, please do so.

Please attach the TDSSKiller log in your next reply. I will provide the next set of instructions afterwards.

Would you like to help others with malware removal? Join our Classroom and learn how!

#8 jeff matthews

Advanced Member

Authentic Member
781 posts

Posted 08 January 2015 - 11:13 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by Ashley (administrator) on ASHLEY-PC on 08-01-2015 20:58:05
Running from C:\Users\Ashley\Desktop
Loaded Profile: Ashley (Available profiles: Ashley & Chuck)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\NST.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\NST.exe
(SUPER PC TOOLS LIMITED) C:\Program Files (x86)\Super Optimizer\SupOptSmartScan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
() C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Runner.exe
(The Chromium Authors) C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Users\Ashley\AppData\Local\wincheck\wincheck.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CCE] => C:\Users\Ashley\Documents\Virus Utilities\cce_2.5.242177.201_x64\CCE\CCE.exe [7002032 2012-07-09] (COMODO)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2780776 2011-07-19] (CANON INC.)
HKLM-x32\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4297136 2012-10-30] (AVAST Software)
HKLM-x32\...\Run: [WinCheck] => C:\Users\Ashley\AppData\Local\wincheck\wincheck.exe [529920 2015-01-07] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SmartWeb] => C:\Users\Ashley\AppData\Local\SmartWeb\SmartWebHelper.exe
HKLM-x32\...\Run: [ospd_us_611] => "C:\Program Files (x86)\ospd_us_611\ospd_us_611.exe"
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [439440 2011-09-27] (CANON INC.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1637496 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5622512 2013-05-14] (SUPERAntiSpyware.com)
HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\...\Run: [uTorrent] => C:\Users\Ashley\AppData\Roaming\uTorrent\uTorrent.exe [1378640 2014-12-16] (BitTorrent Inc.)
HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\...\Run: [Super Optimizer] => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe [676968 2014-12-26] (SUPER PC TOOLS LIMITED)
HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\...\MountPoints2: {c5429e11-26f2-11e4-8f1f-806e6f6e6963} - D:\Bin\ASSETUP.exe
Startup: C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk
ShortcutTarget: SmartWeb.lnk -> C:\Users\Ashley\AppData\Local\SmartWeb\SmartWebHelper.exe (No File)
Startup: C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk
ShortcutTarget: StormWatch.lnk -> C:\Program Files (x86)\StormWatch\StormWatch.exe (No File)
Startup: C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatchApp.lnk
ShortcutTarget: StormWatchApp.lnk -> C:\Program Files (x86)\StormWatch\StormWatchApp.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-2650459626-1003566679-2177798267-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
BHO: avast! WebRep -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.8.23\coIEPlg.dll (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! WebRep -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\coIEPlg.dll (Symantec Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.8.23\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\coIEPlg.dll (Symantec Corporation)
Toolbar: HKU\S-1-5-21-2650459626-1003566679-2177798267-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.65

FireFox:
========
FF ProfilePath: C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3332128&octid=EB_ORIGINAL_CTID&ISID=I63E6038F-1CE3-493F-959E-FB6BE7E3EB4F&SearchSource=69&CUI=&SSPV=&Lay=1&UM=8&UP=SP169215C0-C634-4015-B514-907E872A5629
FF DefaultSearchEngine,S: WebSearch
FF DefaultSearchUrl: hxxp://websearch.searchoholic.info/?pid=21073&r=2014/12/29&hid=10223791501083041900&lg=EN&cc=US&unqvl=72&l=1&q=
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF SelectedSearchEngine: Trovi search
FF SelectedSearchEngine,S: WebSearch
FF Homepage: hxxp://www.trovi.com/?gd=&ctid=CT3332128&octid=EB_ORIGINAL_CTID&ISID=I63E6038F-1CE3-493F-959E-FB6BE7E3EB4F&SearchSource=55&CUI=&UM=8&UP=SP169215C0-C634-4015-B514-907E872A5629&SSPV=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\user.js
FF Extension: YoautubEAdBlloCCke - C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\Extensions\MXhp@Zr.edu [2014-12-29]
FF Extension: uuniSaalEs - C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\Extensions\piBes4Vs@M.org [2014-12-29]
FF Extension: WOT - C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-08-19]
FF Extension: Adblock Plus - C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-17]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.8.23\coFFPlgn
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.8.23\coFFPlgn [2015-01-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-20]
FF HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\...\Firefox\Extensions: [{DEB3EF69-9903-4024-9D7D-EBB2D0AA4C96}] - C:\Program Files (x86)\ver3BlockAndSurf\185.xpi

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\Exts\Chrome.crx [2014-10-20]
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-20]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\Exts\Chrome.crx [2014-10-20]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808 2012-10-30] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [133912 2012-10-30] (AVAST Software)
R2 cae99edb; c:\Program Files (x86)\Super Optimizer\SupOptStats.dll [2801768 2015-01-07] ()
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2011-09-06] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\NST.exe [130104 2014-09-20] (Symantec Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 A2DDA; C:\EEK\BIN\a2ddax64.sys [26176 2015-01-07] (Emsisoft GmbH)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [25232 2012-10-30] (AVAST Software)
R1 aswFW; C:\Windows\System32\Drivers\aswFW.sys [132864 2012-10-30] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [71600 2012-10-30] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12368 2012-09-21] (ALWIL Software)
R0 aswNdis2; C:\Windows\System32\Drivers\aswNdis2.sys [262656 2012-10-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [54072 2012-10-15] (AVAST Software)
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [984144 2012-10-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [370288 2012-10-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59728 2012-10-30] (AVAST Software)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07080.017\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2015-01-07] (Emsisoft GmbH)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-01-07] ()
S0 lqffzi; No ImagePath
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 webinstrNHK; C:\Windows\system32\Drivers\webinstrNHK.sys [56432 2015-01-07] (Corsica)
S0 wjtvys; No ImagePath
S3 ALSysIO; \??\C:\Users\Ashley\AppData\Local\Temp\ALSysIO64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 00:30 - 2015-01-08 00:30 - 00032873 _____ () C:\Users\Ashley\Desktop\Addition.txt
2015-01-08 00:29 - 2015-01-08 20:58 - 00017758 _____ () C:\Users\Ashley\Desktop\FRST.txt
2015-01-08 00:29 - 2015-01-08 20:58 - 00000000 ____D () C:\FRST
2015-01-08 00:29 - 2015-01-08 00:25 - 04187592 _____ (Kaspersky Lab ZAO) C:\Users\Ashley\Desktop\tdsskiller.exe
2015-01-08 00:29 - 2015-01-08 00:23 - 02124288 _____ (Farbar) C:\Users\Ashley\Desktop\FRST64.exe
2015-01-07 19:42 - 2015-01-07 19:42 - 00014009 _____ () C:\Users\Ashley\Desktop\dds.txt
2015-01-07 19:42 - 2015-01-07 19:42 - 00007121 _____ () C:\Users\Ashley\Desktop\attach.txt
2015-01-07 19:41 - 2015-01-07 19:38 - 00688992 ____R (Swearware) C:\Users\Ashley\Desktop\dds.com
2015-01-07 09:17 - 2015-01-07 09:17 - 00000512 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 405fe981-ffa0-480d-8fba-2444e54b8324.job
2015-01-07 09:17 - 2015-01-07 09:17 - 00000512 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 0508beb0-306f-4a8a-8ee8-3eeefbc167d1.job
2015-01-07 09:17 - 2015-01-07 09:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-01-07 09:15 - 2015-01-07 09:15 - 00000000 __SHD () C:\Users\Ashley\AppData\Local\EmieBrowserModeList
2015-01-07 09:10 - 2015-01-08 20:52 - 00003254 _____ () C:\Windows\System32\Tasks\Super Optimizer Schedule
2015-01-07 09:10 - 2015-01-07 09:10 - 00000000 ____D () C:\Users\Ashley\Documents\Super Optimizer
2015-01-07 09:10 - 2015-01-07 09:10 - 00000000 ____D () C:\Users\Ashley\AppData\Roaming\Super Optimizer
2015-01-07 09:09 - 2015-01-07 09:09 - 00000000 ____D () C:\SUPERDelete
2015-01-07 09:06 - 2015-01-08 20:51 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2015-01-07 09:06 - 2015-01-08 20:51 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2015-01-07 09:06 - 2015-01-08 20:51 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2015-01-07 09:06 - 2015-01-07 09:06 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2015-01-07 09:06 - 2015-01-07 09:06 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2015-01-07 09:06 - 2015-01-07 09:06 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2015-01-07 09:06 - 2015-01-07 09:06 - 00001049 _____ () C:\Users\Ashley\Desktop\AnyProtect.lnk
2015-01-07 09:06 - 2015-01-07 09:06 - 00000000 ____D () C:\Windows\SysWOW64\Flash
2015-01-07 09:06 - 2015-01-07 09:06 - 00000000 ____D () C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2015-01-07 09:05 - 2015-01-07 09:06 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2015-01-07 09:05 - 2015-01-07 09:05 - 00613057 _____ (CMI Limited) C:\Users\Ashley\AppData\Local\nsy3251.tmp
2015-01-07 09:05 - 2015-01-07 09:05 - 00002019 _____ () C:\Windows\patsearch.bin
2015-01-07 09:05 - 2015-01-07 09:05 - 00000000 __SHD () C:\Users\Ashley\AppData\Roaming\AnyProtectEx
2015-01-07 09:05 - 2015-01-07 09:05 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstrNHK_01009.Wdf
2015-01-07 09:05 - 2015-01-07 09:04 - 00056432 _____ (Corsica) C:\Windows\system32\Drivers\webinstrNHK.sys
2015-01-07 09:04 - 2015-01-07 09:06 - 00000000 ____D () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30
2015-01-07 09:04 - 2015-01-07 09:04 - 00004626 _____ () C:\Windows\System32\Tasks\Runner IC
2015-01-07 09:04 - 2015-01-07 09:04 - 00001090 _____ () C:\Users\Ashley\Desktop\Super Optimizer.lnk
2015-01-07 09:04 - 2015-01-07 09:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
2015-01-07 09:04 - 2015-01-07 09:04 - 00000000 ____D () C:\Program Files (x86)\Super Optimizer
2015-01-07 09:04 - 2015-01-07 09:04 - 00000000 ____D () C:\Program Files (x86)\predm
2015-01-07 09:00 - 2015-01-08 20:56 - 00032200 _____ () C:\Windows\WindowsUpdate.log
2015-01-07 09:00 - 2015-01-07 17:04 - 00000000 ____D () C:\Users\Ashley\AppData\Local\SmartWeb
2015-01-07 08:59 - 2015-01-07 08:59 - 00001056 _____ () C:\Users\Ashley\Desktop\Continue Live Installation.lnk
2015-01-07 08:58 - 2015-01-07 08:58 - 00001973 _____ () C:\Users\Ashley\Desktop\Sync Folder.lnk
2015-01-07 08:56 - 2015-01-08 20:51 - 00001109 _____ () C:\Windows\setupact.log
2015-01-07 08:56 - 2015-01-07 08:56 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-07 08:55 - 2015-01-07 17:05 - 00140632 _____ () C:\Windows\PFRO.log
2015-01-07 08:51 - 2015-01-07 09:05 - 00000000 ____D () C:\Users\Ashley\AppData\Local\wincheck
2015-01-07 08:51 - 2015-01-07 08:51 - 04645232 _____ (Piriform Ltd) C:\Users\Ashley\Desktop\ccsetup409.exe
2015-01-07 08:51 - 2015-01-07 08:51 - 00000782 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-07 08:51 - 2015-01-07 08:51 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-07 08:50 - 2015-01-07 17:04 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-01-07 08:50 - 2015-01-07 08:50 - 00001344 _____ () C:\Windows\Tasks\XSNOUNY.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00001342 _____ () C:\Windows\Tasks\BLPMKG.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000470 _____ () C:\Windows\Tasks\Client.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000454 _____ () C:\Windows\Tasks\Validate Uninstaller.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000450 _____ () C:\Windows\Tasks\Validate Updater.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000414 _____ () C:\Windows\Tasks\Check Updates.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000410 _____ () C:\Windows\Tasks\Run Tasks.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000064 _____ () C:\Users\Ashley\AppData\Local\55e2ee417d89b23c44dd0dae815edf92
2015-01-07 08:50 - 2015-01-07 08:50 - 00000000 ____D () C:\Users\Ashley\AppData\Local\globalUpdate
2015-01-07 08:50 - 2015-01-07 08:50 - 00000000 ____D () C:\Users\Ashley\AppData\Local\GeniusBox
2015-01-07 08:50 - 2015-01-07 08:50 - 00000000 ____D () C:\Program Files (x86)\28aeea84-e5dd-4769-9212-7eacddbe42a4
2015-01-07 08:49 - 2015-01-07 08:49 - 00000282 _____ () C:\Windows\Tasks\LaunchSignup.job
2015-01-07 08:45 - 2015-01-07 08:45 - 00001332 _____ () C:\Users\Ashley\Desktop\SUPERAntiSpyware Scan Log - 01-07-2015 - 08-44-22.log
2015-01-07 08:35 - 2015-01-07 08:46 - 00000000 ____D () C:\ProgramData\makulitsidwe
2015-01-07 08:14 - 2015-01-07 08:14 - 00000176 _____ () C:\Users\Ashley\Desktop\Scan_150107-081418.txt
2015-01-07 07:46 - 2015-01-07 07:46 - 00380416 _____ () C:\Users\Ashley\Downloads\gscxyzlt.exe
2015-01-07 07:41 - 2015-01-07 07:42 - 00000000 ____D () C:\EEK
2015-01-07 07:41 - 2015-01-07 07:41 - 00000743 _____ () C:\Users\Ashley\Desktop\Start Emsisoft Emergency Kit.lnk
2015-01-07 07:39 - 2015-01-07 07:39 - 00043664 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2015-01-07 07:38 - 2015-01-07 07:38 - 00004722 _____ () C:\Users\Ashley\Desktop\HitmanPro_20150107_0738.log
2015-01-07 07:37 - 2015-01-07 07:37 - 00001714 _____ () C:\Windows\system32\.crusader
2015-01-07 04:43 - 2015-01-07 07:38 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-01-07 04:38 - 2015-01-07 04:42 - 165090088 _____ () C:\Users\Ashley\Downloads\EmsisoftEmergencyKit.exe
2015-01-07 04:16 - 2015-01-07 04:16 - 04166770 _____ () C:\Users\Ashley\Downloads\tdsskiller.zip
2015-01-07 03:27 - 2015-01-07 09:03 - 00000000 ____D () C:\Users\Ashley\Documents\Virus Utilities
2015-01-07 03:20 - 2015-01-07 03:24 - 25543261 _____ () C:\Users\Ashley\Downloads\cce_2.5.242177.201_x64.zip
2015-01-07 00:26 - 2013-06-18 17:12 - 26190240 _____ (SUPERAntiSpyware.com) C:\Users\Ashley\Desktop\SUPERAntiSpyware.exe
2015-01-07 00:19 - 2015-01-08 20:50 - 00000000 ____D () C:\Windows\pss
2014-12-29 22:43 - 2014-12-29 22:43 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-12-29 22:43 - 2014-12-29 22:43 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-12-29 22:43 - 2014-12-29 22:43 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-12-29 22:43 - 2014-12-29 22:43 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-12-29 22:43 - 2014-12-29 22:43 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-12-29 22:43 - 2014-12-29 22:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-12-29 22:43 - 2014-12-29 22:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-12-29 22:43 - 2014-12-29 22:43 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-12-29 01:31 - 2014-12-29 01:31 - 00000000 ____D () C:\Windows\SysWOW64\X86
2014-12-29 01:31 - 2014-12-29 01:31 - 00000000 ____D () C:\Windows\SysWOW64\AMD64
2014-12-29 01:30 - 2015-01-07 03:22 - 00000000 ____D () C:\Program Files (x86)\YoautubEAdBlloCCke
2014-12-29 01:30 - 2014-12-29 01:30 - 00000000 ____D () C:\Program Files (x86)\Ghostery
2014-12-29 01:29 - 2015-01-07 03:22 - 00000000 ____D () C:\Program Files (x86)\unisailees
2014-12-29 01:29 - 2014-12-29 01:29 - 00000000 ____D () C:\ProgramData\14357881760666442250
2014-12-29 01:29 - 2014-12-29 01:29 - 00000000 ____D () C:\Program Files (x86)\uuniSaalEs
2014-12-29 01:00 - 2014-12-29 00:52 - 504015269 _____ () C:\Users\Ashley\Desktop\wolfblood.s03e08.720p.webrip.x264-failed.mkv
2014-12-29 01:00 - 2014-12-29 00:51 - 498921497 _____ () C:\Users\Ashley\Desktop\wolfblood.s03e07.720p.webrip.x264-failed.mkv
2014-12-28 23:56 - 2014-12-31 17:34 - 00000000 ____D () C:\Users\Ashley\Downloads\Wolfblood S3
2014-12-17 13:47 - 2014-12-12 21:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-17 13:47 - 2014-12-12 19:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-11 02:33 - 2014-12-11 05:54 - 00000000 ____D () C:\Users\Ashley\Downloads\Heroes
2014-12-10 03:20 - 2014-12-10 03:20 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 03:01 - 2014-10-17 18:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 03:01 - 2014-10-17 17:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 01:50 - 2014-12-03 18:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 01:50 - 2014-12-03 18:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 01:50 - 2014-12-03 18:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 01:50 - 2014-12-03 18:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 01:50 - 2014-12-03 18:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 01:50 - 2014-12-03 18:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 01:50 - 2014-12-01 15:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 01:49 - 2014-12-03 18:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 01:49 - 2014-11-26 17:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 01:49 - 2014-11-26 17:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 01:49 - 2014-11-21 19:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 01:49 - 2014-11-21 19:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 01:49 - 2014-11-21 19:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 01:49 - 2014-11-21 18:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 01:49 - 2014-11-21 18:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 01:49 - 2014-11-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 01:49 - 2014-11-21 18:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 01:49 - 2014-11-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 01:49 - 2014-11-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 01:49 - 2014-11-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 01:49 - 2014-11-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 01:49 - 2014-11-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 01:49 - 2014-11-21 18:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 01:49 - 2014-11-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 01:49 - 2014-11-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 01:49 - 2014-11-21 18:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 01:49 - 2014-11-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 01:49 - 2014-11-21 18:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 01:49 - 2014-11-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 01:49 - 2014-11-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 01:49 - 2014-11-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 01:49 - 2014-11-21 18:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 01:49 - 2014-11-21 18:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 01:49 - 2014-11-21 18:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 01:49 - 2014-11-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 01:49 - 2014-11-21 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 01:49 - 2014-11-21 18:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 01:49 - 2014-11-21 17:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 01:49 - 2014-11-21 17:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 01:49 - 2014-11-21 17:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 01:49 - 2014-11-21 17:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 01:49 - 2014-11-21 17:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 01:49 - 2014-11-21 17:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 01:49 - 2014-11-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 01:49 - 2014-11-21 17:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 01:49 - 2014-11-21 17:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 01:49 - 2014-11-21 17:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 01:49 - 2014-11-21 17:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 01:49 - 2014-11-21 17:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 01:49 - 2014-11-21 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 01:49 - 2014-11-21 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 01:49 - 2014-11-21 17:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 01:49 - 2014-11-21 17:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 01:49 - 2014-11-21 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 01:49 - 2014-11-21 17:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 01:49 - 2014-11-21 17:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 01:49 - 2014-11-21 17:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 01:49 - 2014-11-21 17:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 01:49 - 2014-11-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 01:49 - 2014-11-21 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 01:49 - 2014-11-21 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 01:49 - 2014-11-21 16:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 01:49 - 2014-11-10 19:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 01:49 - 2014-11-10 18:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 01:49 - 2014-11-10 17:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 01:46 - 2014-11-07 19:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 01:46 - 2014-11-07 18:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 01:46 - 2014-10-29 18:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 01:46 - 2014-10-29 17:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 01:46 - 2014-10-02 18:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 01:46 - 2014-10-02 18:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 01:46 - 2014-10-02 18:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 01:46 - 2014-10-02 18:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 01:46 - 2014-10-02 18:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 01:46 - 2014-10-02 17:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 01:46 - 2014-10-02 17:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 01:46 - 2014-10-02 17:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 01:46 - 2014-10-02 17:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 01:46 - 2014-10-02 17:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 20:57 - 2014-08-20 15:01 - 00000000 ____D () C:\Users\Ashley\AppData\Roaming\uTorrent
2015-01-08 20:57 - 2009-07-13 21:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-08 20:52 - 2014-08-17 17:33 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-08 20:51 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-07 16:41 - 2014-08-23 22:32 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-07 09:17 - 2014-08-23 22:37 - 00001768 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-01-07 09:17 - 2014-08-23 22:37 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-07 09:05 - 2009-07-13 20:45 - 00028928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-07 09:05 - 2009-07-13 20:45 - 00028928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-07 08:54 - 2014-11-13 12:33 - 00000000 ____D () C:\Users\Ashley\AppData\Local\CrashDumps
2015-01-07 08:54 - 2014-10-22 01:16 - 00000000 ____D () C:\Windows\Minidump
2015-01-07 08:54 - 2014-08-18 09:14 - 00000000 ____D () C:\Windows\Panther
2015-01-07 08:50 - 2014-08-17 17:40 - 00000000 ____D () C:\Program Files (x86)\ASM104xUSB3
2015-01-07 04:06 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\Web
2015-01-07 03:15 - 2014-08-23 22:31 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-07 03:15 - 2014-08-23 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-07 03:15 - 2014-08-23 22:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-07 00:21 - 2014-08-26 17:38 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-01-07 00:15 - 2014-08-17 18:03 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-07 00:10 - 2014-08-17 17:33 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-01 21:21 - 2014-08-17 17:29 - 00000000 ____D () C:\ProgramData\Norton
2014-12-31 05:14 - 2009-07-13 20:45 - 00409568 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-30 00:49 - 2014-08-23 12:12 - 00109688 _____ () C:\Users\Chuck\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-30 00:49 - 2014-08-17 17:52 - 00109688 _____ () C:\Users\Ashley\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-29 21:54 - 2014-11-07 16:36 - 00000000 ____D () C:\Users\Chuck\AppData\Local\CrashDumps
2014-12-11 16:48 - 2014-08-17 17:33 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-11 02:33 - 2014-12-05 03:32 - 00000000 ____D () C:\Users\Ashley\Downloads\Buffy the Vampire Slayer Classics (Dark Horse, 2011-...) (01-...)
2014-12-11 02:21 - 2014-08-17 18:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-10 05:24 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-12-10 04:15 - 2014-08-17 18:03 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 04:15 - 2014-08-17 18:03 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 04:15 - 2014-08-17 18:03 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-10 03:20 - 2014-08-19 02:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 03:20 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 03:20 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 03:05 - 2014-11-28 16:05 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 03:04 - 2014-08-21 01:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 03:02 - 2014-08-21 01:39 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Ashley\AppData\Local\Temp\99648137-C26F-E6FB-3819-EB158432D633.dll
C:\Users\Ashley\AppData\Local\Temp\99648137-C26F-E6FB-3819-EB158432D633.exe
C:\Users\Ashley\AppData\Local\Temp\A8B293B6-0520-1E1E-C444-05C89AD3F685.exe
C:\Users\Ashley\AppData\Local\Temp\amisetup8163__11003.exe
C:\Users\Ashley\AppData\Local\Temp\amisetup8199__11005.exe
C:\Users\Ashley\AppData\Local\Temp\CloudBackup4064.exe
C:\Users\Ashley\AppData\Local\Temp\supoptsetup.exe
C:\Users\Ashley\AppData\Local\Temp\vcredist_x64.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-25 00:58

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015
Ran by Ashley at 2015-01-08 20:59:13
Running from C:\Users\Ashley\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Internet Security (Disabled - Out of date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Internet Security (Disabled - Out of date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: avast! Internet Security (Disabled) {131692B0-0864-D491-4E21-3A3A1D8BBB47}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\...\uTorrent) (Version: 3.4.2.36802 - BitTorrent Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.4 - CMI Limited) <==== ATTENTION
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
ASUS Product Register Program (HKLM-x32\...\{49BE9B8A-E858-4533-A74A-64306C13DB59}) (Version: 1.0.014 - ASUS)
avast! Internet Security (HKLM-x32\...\avast) (Version: 7.0.1474.0 - AVAST Software)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MP Navigator EX 5.1 (HKLM-x32\...\MP Navigator EX 5.1) (Version: - )
Canon MX510 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX510_series) (Version: - )
Canon MX510 series On-screen Manual (HKLM-x32\...\Canon MX510 series On-screen Manual) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: - )
CBR Reader (HKLM-x32\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version: - cbrreader.com)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
DVDFab 9.0.4.2 (27/05/2013) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
GeniusBox 2.0 (HKLM-x32\...\GeniusBox) (Version: 2.0 - GeniusBox 2.0)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Idle Crawler (HKLM-x32\...\F12554C8-33A4-1849-80EB-56C2622F6A30) (Version: 125.0.0.472 - EUROHAUTE LTD) <==== ATTENTION
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
KCP-0.5.4.0 (HKLM-x32\...\Kawaii Codec Pack_is1) (Version: 0.5.4.0 - Haruhichan.com)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.8.23 - Symantec Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Super Optimizer v3.2 (HKLM-x32\...\Super Optimizer_is1) (Version: 3.2.0.1 - Super PC Tools ltd)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.74 - VSO Software)
WinCheck (HKLM-x32\...\wincheck) (Version: 1.0.0.0 - WinCheck) <==== ATTENTION!
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
Zoompic (HKLM-x32\...\zoompic) (Version: 1.1.0.29 - Zoompic) <==== ATTENTION!

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

23-12-2014 03:37:16 Windows Update
29-12-2014 22:43:06 DCInstallRestorePoint
29-12-2014 23:11:09 Windows Update
02-01-2015 18:21:56 Windows Update
07-01-2015 00:20:10 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2009-06-10 13:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0A34076C-7C19-4B57-99E0-1511B5A565E3} - System32\Tasks\Super Optimizer Schedule => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe [2014-12-26] (SUPER PC TOOLS LIMITED)
Task: {1D4568D6-E7ED-4FD4-81D4-9E06C08D619A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2012-10-30] (AVAST Software)
Task: {2383CADB-BC8D-4B03-B1A7-15B2FB86CBC7} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {286B1FB2-E492-499A-A07C-2D391D99C79A} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-01-07] (AnyProtect.com) <==== ATTENTION
Task: {39F5A2DE-68ED-4E42-B65F-09BCF4BF3DA3} - \BlockAndSurf Update No Task File <==== ATTENTION
Task: {3E12A637-10FC-47A1-9B4A-3F2CF0945231} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {56F93B1D-8557-4713-9DC9-9C4AF49842B8} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {664DDD14-3249-429B-A4C1-40969E91B163} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {676D9544-1738-4D8A-8A0C-D6E5686DD943} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-01-07] (AnyProtect.com) <==== ATTENTION
Task: {6B801873-B3A2-4C74-9CED-08B4638255B5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {6D58477C-6572-4645-86EA-089A577D9752} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {733874A1-2C90-47B6-8205-029879364D7D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {7A7FAE54-D8BC-4C3E-8447-0D6C8F1A4071} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-01-07] (AnyProtect.com) <==== ATTENTION
Task: {7BD730F5-2D2C-414D-A96B-028036691365} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {7DE2E9BE-06FC-4B78-AE19-C87EBB01D6BB} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {8D2A1FB9-D9D6-4FCC-93A6-B4440188F340} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {99F973DB-AE0B-4CC3-B8A6-9B202955A605} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {9FC2D183-6C20-46F5-8FA2-73385FAFC75C} - \Voo Update No Task File <==== ATTENTION
Task: {A83040FC-1ADB-48FF-B060-2A22374D7315} - \SmartWeb Upgrade Trigger Task No Task File <==== ATTENTION
Task: {A8F8A9B7-F3F5-4B87-A456-E62516B926AF} - System32\Tasks\Runner IC => %LOCALAPPDATA%\F12554C8-33A4-1849-80EB-56C2622F6A30\Runner.exe
Task: {D1B6C965-176F-4907-8FB2-CC155BB3EEA1} - System32\Tasks\{BA9F18D4-E395-4EAF-AA1F-E68AC28632A5} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {D54B1E34-5209-4F5C-86C0-D3D1814714A2} - System32\Tasks\Microsoft\Windows\Maintenance\Update IC => %LOCALAPPDATA%\F12554C8-33A4-1849-80EB-56C2622F6A30\Runner.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\BLPMKG.job => C:\Users\Ashley\AppData\Roaming\BLPMKG.exe <==== ATTENTION
Task: C:\Windows\Tasks\Check Updates.job => C:\Users\Ashley\AppData\Local\GeniusBox\Updater.exe
Task: C:\Windows\Tasks\Client.job => C:\Users\Ashley\AppData\Local\GeniusBox\client.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\LaunchSignup.job => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: C:\Windows\Tasks\Run Tasks.job => C:\Users\Ashley\AppData\Local\GeniusBox\Tasks.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 0508beb0-306f-4a8a-8ee8-3eeefbc167d1.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 405fe981-ffa0-480d-8fba-2444e54b8324.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\Validate Uninstaller.job => C:\Users\Ashley\AppData\Local\GeniusBox\Uninstall.exe
Task: C:\Windows\Tasks\Validate Updater.job => C:\Users\Ashley\AppData\Local\GeniusBox\Updater.exe
Task: C:\Windows\Tasks\XSNOUNY.job => C:\Users\Ashley\AppData\Roaming\XSNOUNY.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-08-26 17:38 - 2011-09-06 03:32 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-12-30 00:46 - 2014-12-30 00:46 - 00392768 _____ () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Runner.exe
2015-01-07 07:45 - 2015-01-07 07:45 - 00529920 _____ () C:\Users\Ashley\AppData\Local\wincheck\wincheck.exe
2014-10-20 01:54 - 2012-10-30 23:35 - 01825280 _____ () C:\Program Files\AVAST Software\Avast\defs\12103100\algo.dll
2015-01-07 09:04 - 2015-01-07 09:04 - 02801768 _____ () c:\Program Files (x86)\Super Optimizer\SupOptStats.dll
2014-10-15 03:34 - 2014-10-15 03:34 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll
2014-08-17 17:41 - 2012-02-01 15:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-08-17 17:39 - 2012-06-25 09:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-12-30 00:47 - 2014-12-30 00:47 - 00098368 _____ () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Modules\ManXec.dll
2014-12-30 00:47 - 2014-12-30 00:47 - 00078400 _____ () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Modules\CmdProc.dll
2014-12-30 00:48 - 2014-12-30 00:48 - 00122432 _____ () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Modules\WblSupp.dll
2014-12-30 00:48 - 2014-12-30 00:48 - 00044608 _____ () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Modules\PrfIns.dll
2014-12-30 00:48 - 2014-12-30 00:48 - 00054336 _____ () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Modules\WbSes.dll
2014-12-30 00:48 - 2014-12-30 00:48 - 00116800 _____ () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Modules\WdcMan.dll
2015-01-07 09:06 - 2014-10-23 00:14 - 01091584 _____ () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\libglesv2.dll
2015-01-07 09:06 - 2014-10-23 00:19 - 00167936 _____ () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\libEGL.dll
2015-01-07 09:06 - 2014-10-23 00:26 - 08569856 _____ () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\pdf.dll
2015-01-07 09:06 - 2014-10-23 00:20 - 00324608 _____ () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\ppGoogleNaClPluginChrome.dll
2015-01-07 09:06 - 2014-10-23 00:23 - 00880128 _____ () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\ffmpegsumo.dll
2015-01-07 09:06 - 2014-09-22 20:07 - 14891848 _____ () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: CltMngSvc => 2
MSCONFIG\Services: globalUpdate => 2
MSCONFIG\Services: globalUpdatem => 3
MSCONFIG\Services: serverca => 2
MSCONFIG\Services: servervo => 2
MSCONFIG\Services: SWUpdater => 2

========================= Accounts: ==========================

Administrator (S-1-5-21-2650459626-1003566679-2177798267-500 - Administrator - Disabled)
Ashley (S-1-5-21-2650459626-1003566679-2177798267-1000 - Administrator - Enabled) => C:\Users\Ashley
Chuck (S-1-5-21-2650459626-1003566679-2177798267-1001 - Administrator - Enabled) => C:\Users\Chuck
Guest (S-1-5-21-2650459626-1003566679-2177798267-501 - Limited - Enabled)
Kristi (S-1-5-21-2650459626-1003566679-2177798267-1002 - Limited - Enabled)
Teri (S-1-5-21-2650459626-1003566679-2177798267-1003 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (01/08/2015 08:52:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/07/2015 09:33:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://ctldl.windows...F5B856976AD.crt> with error: 12007 (0x2ee7).

Error: (01/07/2015 09:28:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://ctldl.windows...F5B856976AD.crt> with error: 12007 (0x2ee7).

Error: (01/07/2015 09:01:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program nsb2C67.tmp version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 158c

Start Time: 01d02a9b3da0ab52

Termination Time: 14

Application Path: C:\Users\Ashley\AppData\Local\Temp\nsb2C67.tmp

Report Id:

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
   The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.

Details:
   The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
   The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
   The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
   Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (01/07/2015 08:57:54 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
   The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

System errors:
=============
Error: (01/08/2015 08:52:01 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
lqffzi
wjtvys

Error: (01/08/2015 08:50:33 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (01/07/2015 05:07:50 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Security Center service depends on the Windows Management Instrumentation service which failed to start because of the following error:
%%1058

Error: (01/07/2015 05:05:50 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswSnx
aswSP
aswTdi
ccSet_NST
discache
lqffzi
SASDIFSV
SASKUTIL
spldr
Wanarpv6
wjtvys

Error: (01/07/2015 05:05:50 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error:
%%1058

Error: (01/07/2015 04:35:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Security Center service depends on the Windows Management Instrumentation service which failed to start because of the following error:
%%1058

Error: (01/07/2015 04:33:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswSnx
aswSP
aswTdi
ccSet_NST
discache
lqffzi
SASDIFSV
SASKUTIL
spldr
Wanarpv6
wjtvys

Error: (01/07/2015 04:33:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error:
%%1058

Error: (01/07/2015 04:31:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswKbd
aswSnx
aswSP
aswTdi
ccSet_NST
discache
SASDIFSV
SASKUTIL
spldr
Wanarpv6
wjtvys

Error: (01/07/2015 04:31:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error:
%%1058

Microsoft Office Sessions:
=========================
Error: (01/08/2015 08:52:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/07/2015 09:33:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windows...6976AD.crt12007 (0x2ee7)

Error: (01/07/2015 09:28:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windows...6976AD.crt12007 (0x2ee7)

Error: (01/07/2015 09:01:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: nsb2C67.tmp0.0.0.0158c01d02a9b3da0ab5214C:\Users\Ashley\AppData\Local\Temp\nsb2C67.tmp

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description:
Details:
   The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
   The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application

Details:
   The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
   The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
   Element not found. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (01/07/2015 08:57:54 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
   The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

==================== Memory info ===========================

Processor: Intel® Core™ i3-3220 CPU @ 3.30GHz
Percentage of memory in use: 28%
Total physical RAM: 8134.5 MB
Available physical RAM: 5844.31 MB
Total Pagefile: 16267.17 MB
Available Pagefile: 13426.48 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.66 GB) (Free:116.52 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 7C7BECB8)

Partition: GPT Partition Type.

==================== End Of Log ============================

Edited by jeff matthews, 08 January 2015 - 11:24 PM.

#9 jeff matthews

Advanced Member

Authentic Member
781 posts

Posted 08 January 2015 - 11:25 PM

21:22:33.0475 0x0774 TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
21:22:33.0475 0x0774 UEFI system
21:22:36.0486 0x0774 ============================================================
21:22:36.0486 0x0774 Current date / time: 2015/01/08 21:22:36.0486
21:22:36.0486 0x0774 SystemInfo:
21:22:36.0486 0x0774
21:22:36.0486 0x0774 OS Version: 6.1.7601 ServicePack: 1.0
21:22:36.0486 0x0774 Product type: Workstation
21:22:36.0486 0x0774 ComputerName: ASHLEY-PC
21:22:36.0486 0x0774 UserName: Ashley
21:22:36.0486 0x0774 Windows directory: C:\Windows
21:22:36.0486 0x0774 System windows directory: C:\Windows
21:22:36.0486 0x0774 Running under WOW64
21:22:36.0486 0x0774 Processor architecture: Intel x64
21:22:36.0486 0x0774 Number of processors: 4
21:22:36.0486 0x0774 Page size: 0x1000
21:22:36.0486 0x0774 Boot type: Safe boot with network
21:22:36.0486 0x0774 ============================================================
21:22:36.0798 0x0774 KLMD registered as C:\Windows\system32\drivers\67031402.sys
21:22:37.0266 0x0774 System UUID: {E4CF1D53-82AD-1ED0-07FE-A2D9830807F5}
21:22:37.0624 0x0774 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:22:37.0624 0x0774 ============================================================
21:22:37.0624 0x0774 \Device\Harddisk0\DR0:
21:22:37.0624 0x0774 GPT partitions:
21:22:37.0624 0x0774 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {C53F8A91-DED2-475F-A1A1-869DE6BBB531}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
21:22:37.0624 0x0774 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {00CDC040-518D-4BF4-8A4F-CC03FD47DB8C}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
21:22:37.0624 0x0774 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6707D8AF-5FD2-4B4E-AC57-5ACB55DE6FAF}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x1D153000
21:22:37.0624 0x0774 MBR partitions:
21:22:37.0624 0x0774 ============================================================
21:22:37.0640 0x0774 C: <-> \Device\Harddisk0\DR0\Partition3
21:22:37.0640 0x0774 ============================================================
21:22:37.0640 0x0774 Initialize success
21:22:37.0640 0x0774 ============================================================
21:22:43.0677 0x03c4 ============================================================
21:22:43.0677 0x03c4 Scan started
21:22:43.0677 0x03c4 Mode: Manual; SigCheck; TDLFS;
21:22:43.0677 0x03c4 ============================================================
21:22:43.0677 0x03c4 KSN ping started
21:22:46.0548 0x03c4 KSN ping finished: true
21:22:46.0860 0x03c4 ================ Scan system memory ========================
21:22:46.0860 0x03c4 System memory - ok
21:22:46.0860 0x03c4 ================ Scan services =============================
21:22:46.0953 0x03c4 [ ABDCD326E1DD1C62509ED94C278A7453, 51E2722C7D2588BE1C29A1680C988B9BE45433E147CCE285C3A918216418E44B ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
21:22:47.0078 0x03c4 !SASCORE - ok
21:22:47.0218 0x03c4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:22:47.0250 0x03c4 1394ohci - ok
21:22:47.0328 0x03c4 [ D27A8B7BB0E15DFBFC6B4E774EE17AD9, CBAD45B3FFFD30C34AF918009F699B65F89043D0799FC25D2472381912F86F93 ] A2DDA           C:\EEK\BIN\a2ddax64.sys
21:22:47.0343 0x03c4 A2DDA - ok
21:22:47.0374 0x03c4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:22:47.0374 0x03c4 ACPI - ok
21:22:47.0421 0x03c4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:22:47.0468 0x03c4 AcpiPmi - ok
21:22:47.0530 0x03c4 [ 749F94C424524285DCDA84D695ABC12F, E5AD194AF5B8B4FDB3976D3E3F9EF942DECFEC4EBAA9881A8EF7707BB781E4AD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:22:47.0546 0x03c4 AdobeFlashPlayerUpdateSvc - ok
21:22:47.0577 0x03c4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:22:47.0593 0x03c4 adp94xx - ok
21:22:47.0624 0x03c4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:22:47.0640 0x03c4 adpahci - ok
21:22:47.0671 0x03c4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:22:47.0671 0x03c4 adpu320 - ok
21:22:47.0702 0x03c4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:22:47.0827 0x03c4 AeLookupSvc - ok
21:22:47.0874 0x03c4 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
21:22:47.0936 0x03c4 AFD - ok
21:22:47.0967 0x03c4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
21:22:47.0967 0x03c4 agp440 - ok
21:22:47.0998 0x03c4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
21:22:48.0045 0x03c4 ALG - ok
21:22:48.0092 0x03c4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:22:48.0092 0x03c4 aliide - ok
21:22:48.0201 0x03c4 ALSysIO - ok
21:22:48.0264 0x03c4 [ F17B1902DFCED1C24DB57492A7896FF8, 966AB1A072A8AF98D7EDD2A388D919B50FC41A06E1C51B04B2C2F54F1BA7F0D5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:22:48.0310 0x03c4 AMD External Events Utility - ok
21:22:48.0342 0x03c4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:22:48.0357 0x03c4 amdide - ok
21:22:48.0373 0x03c4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:22:48.0404 0x03c4 AmdK8 - ok
21:22:48.0763 0x03c4 [ 81FCDBBA547919D59DC134ED717658B4, 9A95C4400CAE00F25EE10BAE8949CF7317954742EB6F0831AAAEA4A2C220E56B ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
21:22:49.0215 0x03c4 amdkmdag - ok
21:22:49.0278 0x03c4 [ AF6B384E03D15471EDCEDDDEBAA363B2, 2D8CFA26D69A8FF0FAC6EBA2E5A62977B21ECBA0C65458072FEC4A886B3EDD73 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
21:22:49.0309 0x03c4 amdkmdap - ok
21:22:49.0324 0x03c4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
21:22:49.0340 0x03c4 AmdPPM - ok
21:22:49.0387 0x03c4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:22:49.0387 0x03c4 amdsata - ok
21:22:49.0418 0x03c4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:22:49.0418 0x03c4 amdsbs - ok
21:22:49.0434 0x03c4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:22:49.0434 0x03c4 amdxata - ok
21:22:49.0480 0x03c4 [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID           C:\Windows\system32\drivers\appid.sys
21:22:49.0496 0x03c4 AppID - ok
21:22:49.0512 0x03c4 [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:22:49.0512 0x03c4 AppIDSvc - ok
21:22:49.0543 0x03c4 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
21:22:49.0574 0x03c4 Appinfo - ok
21:22:49.0590 0x03c4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
21:22:49.0605 0x03c4 arc - ok
21:22:49.0605 0x03c4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:22:49.0621 0x03c4 arcsas - ok
21:22:49.0668 0x03c4 [ 425A881DFFB426660A6861DC44927DD3, 575878CD7B7E2E6DD9D7051D0637C72D5795F863D32EA47B6A0B8A336D520D47 ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
21:22:49.0683 0x03c4 asmthub3 - ok
21:22:49.0714 0x03c4 [ 0B19AE36FAAE5294B19B0AD4E5F2F37E, 654627BCE074752A06CAE501778AE044589E20E9568367F00A66C45E2A00B143 ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
21:22:49.0714 0x03c4 asmtxhci - ok
21:22:49.0824 0x03c4 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:22:49.0855 0x03c4 aspnet_state - ok
21:22:49.0902 0x03c4 [ 4FCAEF0C5BE7629AEB878998E0FE959B, B792796DEC82CB81CC834DCD4109908C0294556B7FAC9DD6EE329F6508DFA63C ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
21:22:49.0902 0x03c4 aswFsBlk - ok
21:22:49.0933 0x03c4 [ 9FFC732E12FF53E05FE9E02C8C00CE87, ED2A8F20C40F531D27AF878A252DDB4F9355E6EFE77406CF7C99A15CD4A87208 ] aswFW           C:\Windows\system32\drivers\aswFW.sys
21:22:49.0933 0x03c4 aswFW - ok
21:22:49.0948 0x03c4 [ 6B91E6D483AADB3FC4E13E2355200611, 246423703AEA346B99B5F81F1846F0C34DF1178859DD59BCA6393A7CDD8D48AC ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
21:22:49.0964 0x03c4 aswKbd - ok
21:22:49.0964 0x03c4 [ B50CDD87772D6A11CB90924AAD399DF8, 0B42764FD632DB9D5A276904B3D55BC36610BB461591BC730AAE4DC25EBE354A ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
21:22:49.0964 0x03c4 aswMonFlt - ok
21:22:49.0995 0x03c4 [ 518B8D447A1975AB46DA093A2E743256, 7AAA2CAA96AEBFD371C740ACBFB74F30ED92EE8444E30FABF0DCE0123DB0AEE9 ] aswNdis         C:\Windows\system32\DRIVERS\aswNdis.sys
21:22:49.0995 0x03c4 aswNdis - ok
21:22:50.0011 0x03c4 [ 5A832BBB1B563B6B3FDA46239B630037, FD12DCFDFDFC272D2C39D77CD6400D52D8D9FF6FAAFED232B7E542EFEB3DD877 ] aswNdis2        C:\Windows\system32\drivers\aswNdis2.sys
21:22:50.0026 0x03c4 aswNdis2 - ok
21:22:50.0042 0x03c4 [ 57768C7DB4681F2510F247F82EF31D4F, AFD99BEBCE4BD7BFDF65DDC1D69EBE46613B4FF49CC4E4397FFCA7EAF80AAF12 ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
21:22:50.0042 0x03c4 aswRdr - ok
21:22:50.0073 0x03c4 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF, 0BC40A3A3AE43B8A20D8C81EFDF716628500295D8C79CD6CD4458900D31CF41E ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
21:22:50.0089 0x03c4 aswSnx - ok
21:22:50.0120 0x03c4 [ 538A32E2C99BF073D4CA76C30BEDAA60, 89D1C35AB914923AB9B19A4E6DB968AC08303522AFAF55A907146182E7E8DAA5 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
21:22:50.0120 0x03c4 aswSP - ok
21:22:50.0136 0x03c4 [ 6EDC79D73745FD44C41B55B2D13D0B70, CDC35864852D1576B1A4372B55F945628092AECCFC9A01693753100225AF5DD1 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
21:22:50.0136 0x03c4 aswTdi - ok
21:22:50.0167 0x03c4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:22:50.0198 0x03c4 AsyncMac - ok
21:22:50.0229 0x03c4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:22:50.0245 0x03c4 atapi - ok
21:22:50.0276 0x03c4 [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:22:50.0307 0x03c4 AtiHDAudioService - ok
21:22:50.0354 0x03c4 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:22:50.0416 0x03c4 AudioEndpointBuilder - ok
21:22:50.0432 0x03c4 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:22:50.0448 0x03c4 AudioSrv - ok
21:22:50.0494 0x03c4 [ 8FA553E9AE69808D99C164733A0F9590, D3F5BA7000EF311A0E4772B5BF9B0BFFCA721FA971D87DD76B7E8B9B06E9BBC3 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:22:50.0510 0x03c4 avast! Antivirus - ok
21:22:50.0526 0x03c4 [ BC0E07A768A0A14C48E3CE1875F2C377, 38E551AD9897B8BFC190BC5F3414FFAE0E762E8D52F33CCB1173B678269505D4 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
21:22:50.0526 0x03c4 avast! Firewall - ok
21:22:50.0557 0x03c4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:22:50.0619 0x03c4 AxInstSV - ok
21:22:50.0666 0x03c4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
21:22:50.0697 0x03c4 b06bdrv - ok
21:22:50.0744 0x03c4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:22:50.0760 0x03c4 b57nd60a - ok
21:22:50.0791 0x03c4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:22:50.0806 0x03c4 BDESVC - ok
21:22:50.0838 0x03c4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:22:50.0869 0x03c4 Beep - ok
21:22:50.0916 0x03c4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
21:22:50.0947 0x03c4 BFE - ok
21:22:50.0978 0x03c4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
21:22:51.0103 0x03c4 BITS - ok
21:22:51.0150 0x03c4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:22:51.0165 0x03c4 blbdrive - ok
21:22:51.0212 0x03c4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:22:51.0228 0x03c4 bowser - ok
21:22:51.0259 0x03c4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:22:51.0274 0x03c4 BrFiltLo - ok
21:22:51.0290 0x03c4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:22:51.0306 0x03c4 BrFiltUp - ok
21:22:51.0352 0x03c4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
21:22:51.0368 0x03c4 Browser - ok
21:22:51.0384 0x03c4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:22:51.0399 0x03c4 Brserid - ok
21:22:51.0415 0x03c4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:22:51.0430 0x03c4 BrSerWdm - ok
21:22:51.0446 0x03c4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:22:51.0446 0x03c4 BrUsbMdm - ok
21:22:51.0462 0x03c4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:22:51.0477 0x03c4 BrUsbSer - ok
21:22:51.0508 0x03c4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:22:51.0524 0x03c4 BTHMODEM - ok
21:22:51.0555 0x03c4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
21:22:51.0571 0x03c4 bthserv - ok
21:22:51.0602 0x03c4 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] cae99edb        C:\Windows\system32\rundll32.exe
21:22:51.0618 0x03c4 cae99edb - ok
21:22:51.0680 0x03c4 [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_NST       C:\Windows\system32\drivers\NSTx64\7DE07080.017\ccSetx64.sys
21:22:51.0680 0x03c4 ccSet_NST - ok
21:22:51.0711 0x03c4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:22:51.0742 0x03c4 cdfs - ok
21:22:51.0774 0x03c4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:22:51.0789 0x03c4 cdrom - ok
21:22:51.0789 0x03c4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:22:51.0820 0x03c4 CertPropSvc - ok
21:22:51.0836 0x03c4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
21:22:51.0852 0x03c4 circlass - ok
21:22:51.0945 0x03c4 [ B794DCF38C965FA2F93C45A7C3D582C5, 0E483EAF835B85AA4B6F449F9BB68AF0A3EE4192D29CD72F4B812F1E4D9E9A7C ] cleanhlp        C:\EEK\bin\cleanhlp64.sys
21:22:51.0945 0x03c4 cleanhlp - ok
21:22:51.0961 0x03c4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
21:22:51.0976 0x03c4 CLFS - ok
21:22:52.0039 0x03c4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:22:52.0039 0x03c4 clr_optimization_v2.0.50727_32 - ok
21:22:52.0086 0x03c4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:22:52.0086 0x03c4 clr_optimization_v2.0.50727_64 - ok
21:22:52.0164 0x03c4 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:22:52.0226 0x03c4 clr_optimization_v4.0.30319_32 - ok
21:22:52.0242 0x03c4 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:22:52.0273 0x03c4 clr_optimization_v4.0.30319_64 - ok
21:22:52.0304 0x03c4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
21:22:52.0320 0x03c4 CmBatt - ok
21:22:52.0320 0x03c4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:22:52.0335 0x03c4 cmdide - ok
21:22:52.0366 0x03c4 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
21:22:52.0398 0x03c4 CNG - ok
21:22:52.0413 0x03c4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
21:22:52.0413 0x03c4 Compbatt - ok
21:22:52.0444 0x03c4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
21:22:52.0460 0x03c4 CompositeBus - ok
21:22:52.0476 0x03c4 COMSysApp - ok
21:22:52.0491 0x03c4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:22:52.0491 0x03c4 crcdisk - ok
21:22:52.0538 0x03c4 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:22:52.0569 0x03c4 CryptSvc - ok
21:22:52.0600 0x03c4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:22:52.0647 0x03c4 DcomLaunch - ok
21:22:52.0678 0x03c4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:22:52.0710 0x03c4 defragsvc - ok
21:22:52.0741 0x03c4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:22:52.0756 0x03c4 DfsC - ok
21:22:52.0788 0x03c4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:22:52.0819 0x03c4 Dhcp - ok
21:22:52.0819 0x03c4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
21:22:52.0850 0x03c4 discache - ok
21:22:52.0866 0x03c4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
21:22:52.0881 0x03c4 Disk - ok
21:22:52.0928 0x03c4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:22:52.0944 0x03c4 Dnscache - ok
21:22:52.0959 0x03c4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:22:52.0990 0x03c4 dot3svc - ok
21:22:53.0006 0x03c4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
21:22:53.0022 0x03c4 DPS - ok
21:22:53.0068 0x03c4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:22:53.0084 0x03c4 drmkaud - ok
21:22:53.0146 0x03c4 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:22:53.0162 0x03c4 DXGKrnl - ok
21:22:53.0178 0x03c4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
21:22:53.0209 0x03c4 EapHost - ok
21:22:53.0302 0x03c4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
21:22:53.0380 0x03c4 ebdrv - ok
21:22:53.0427 0x03c4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
21:22:53.0458 0x03c4 EFS - ok
21:22:53.0505 0x03c4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:22:53.0568 0x03c4 ehRecvr - ok
21:22:53.0583 0x03c4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
21:22:53.0599 0x03c4 ehSched - ok
21:22:53.0646 0x03c4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:22:53.0661 0x03c4 elxstor - ok
21:22:53.0661 0x03c4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:22:53.0677 0x03c4 ErrDev - ok
21:22:53.0724 0x03c4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
21:22:53.0770 0x03c4 EventSystem - ok
21:22:53.0786 0x03c4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:22:53.0817 0x03c4 exfat - ok
21:22:53.0817 0x03c4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:22:53.0848 0x03c4 fastfat - ok
21:22:53.0895 0x03c4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
21:22:53.0926 0x03c4 Fax - ok
21:22:53.0942 0x03c4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
21:22:53.0958 0x03c4 fdc - ok
21:22:53.0973 0x03c4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
21:22:53.0989 0x03c4 fdPHost - ok
21:22:54.0004 0x03c4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:22:54.0020 0x03c4 FDResPub - ok
21:22:54.0036 0x03c4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:22:54.0036 0x03c4 FileInfo - ok
21:22:54.0051 0x03c4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:22:54.0067 0x03c4 Filetrace - ok
21:22:54.0067 0x03c4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:22:54.0082 0x03c4 flpydisk - ok
21:22:54.0114 0x03c4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:22:54.0129 0x03c4 FltMgr - ok
21:22:54.0192 0x03c4 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
21:22:54.0223 0x03c4 FontCache - ok
21:22:54.0270 0x03c4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:22:54.0270 0x03c4 FontCache3.0.0.0 - ok
21:22:54.0301 0x03c4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:22:54.0301 0x03c4 FsDepends - ok
21:22:54.0332 0x03c4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:22:54.0348 0x03c4 Fs_Rec - ok
21:22:54.0394 0x03c4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:22:54.0394 0x03c4 fvevol - ok
21:22:54.0426 0x03c4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:22:54.0426 0x03c4 gagp30kx - ok
21:22:54.0457 0x03c4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:22:54.0504 0x03c4 gpsvc - ok
21:22:54.0582 0x03c4 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:22:54.0597 0x03c4 gupdate - ok
21:22:54.0597 0x03c4 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:22:54.0597 0x03c4 gupdatem - ok
21:22:54.0613 0x03c4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:22:54.0628 0x03c4 hcw85cir - ok
21:22:54.0675 0x03c4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:22:54.0738 0x03c4 HdAudAddService - ok
21:22:54.0769 0x03c4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:22:54.0769 0x03c4 HDAudBus - ok
21:22:54.0769 0x03c4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
21:22:54.0784 0x03c4 HidBatt - ok
21:22:54.0800 0x03c4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:22:54.0816 0x03c4 HidBth - ok
21:22:54.0831 0x03c4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:22:54.0847 0x03c4 HidIr - ok
21:22:54.0862 0x03c4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
21:22:54.0894 0x03c4 hidserv - ok
21:22:54.0925 0x03c4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:22:54.0940 0x03c4 HidUsb - ok
21:22:54.0972 0x03c4 [ 545EE654B04D52AF2E7F5F393D1F7D75, 3035171E5E54F6E6FB8BFCA237FCE5564BE3F58EEDA54441334FF3B71EEE1D24 ] hitmanpro37     C:\Windows\system32\drivers\hitmanpro37.sys
21:22:54.0972 0x03c4 hitmanpro37 - ok
21:22:55.0003 0x03c4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:22:55.0018 0x03c4 hkmsvc - ok
21:22:55.0034 0x03c4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:22:55.0065 0x03c4 HomeGroupListener - ok
21:22:55.0081 0x03c4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:22:55.0096 0x03c4 HomeGroupProvider - ok
21:22:55.0128 0x03c4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:22:55.0128 0x03c4 HpSAMD - ok
21:22:55.0159 0x03c4 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:22:55.0206 0x03c4 HTTP - ok
21:22:55.0221 0x03c4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:22:55.0221 0x03c4 hwpolicy - ok
21:22:55.0237 0x03c4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:22:55.0252 0x03c4 i8042prt - ok
21:22:55.0284 0x03c4 [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
21:22:55.0284 0x03c4 iaStor - ok
21:22:55.0346 0x03c4 [ 545462D0DBE24AF379BA869B7C185CCD, 056F9D0D5FD4FEF37665A35A4029722FF60D02A69854E952DC361CC0E5CD26F9 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
21:22:55.0346 0x03c4 IAStorDataMgrSvc - ok
21:22:55.0408 0x03c4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:22:55.0408 0x03c4 iaStorV - ok
21:22:55.0471 0x03c4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:22:55.0502 0x03c4 idsvc - ok
21:22:55.0502 0x03c4 IEEtwCollectorService - ok
21:22:55.0533 0x03c4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:22:55.0533 0x03c4 iirsp - ok
21:22:55.0611 0x03c4 [ 54E0F4CCD6CE99A807459AF928DD64AC, 65EBD9757B811E8F1060F23C4936DBED5FBBEDA290CC4CD7F7781CC3D189BE8B ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
21:22:55.0627 0x03c4 IJPLMSVC - ok
21:22:55.0674 0x03c4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
21:22:55.0705 0x03c4 IKEEXT - ok
21:22:55.0814 0x03c4 [ 9CC645EB9697AA4F2D5A39835C80A0A2, 39861B19E9BF17F5250D571996167A178606150B62C876529D3699817FDDC42A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:22:55.0923 0x03c4 IntcAzAudAddService - ok
21:22:55.0970 0x03c4 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:22:55.0986 0x03c4 Intel® Capability Licensing Service Interface - ok
21:22:56.0017 0x03c4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:22:56.0017 0x03c4 intelide - ok
21:22:56.0032 0x03c4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:22:56.0048 0x03c4 intelppm - ok
21:22:56.0079 0x03c4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:22:56.0110 0x03c4 IPBusEnum - ok
21:22:56.0126 0x03c4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:22:56.0142 0x03c4 IpFilterDriver - ok
21:22:56.0188 0x03c4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:22:56.0220 0x03c4 iphlpsvc - ok
21:22:56.0235 0x03c4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:22:56.0235 0x03c4 IPMIDRV - ok
21:22:56.0235 0x03c4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:22:56.0282 0x03c4 IPNAT - ok
21:22:56.0282 0x03c4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:22:56.0298 0x03c4 IRENUM - ok
21:22:56.0313 0x03c4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:22:56.0313 0x03c4 isapnp - ok
21:22:56.0360 0x03c4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:22:56.0360 0x03c4 iScsiPrt - ok
21:22:56.0376 0x03c4 [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:22:56.0391 0x03c4 iusb3hcs - ok
21:22:56.0407 0x03c4 [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
21:22:56.0422 0x03c4 iusb3hub - ok
21:22:56.0454 0x03c4 [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:22:56.0469 0x03c4 iusb3xhc - ok
21:22:56.0516 0x03c4 [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
21:22:56.0532 0x03c4 jhi_service - ok
21:22:56.0547 0x03c4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:22:56.0563 0x03c4 kbdclass - ok
21:22:56.0578 0x03c4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:22:56.0594 0x03c4 kbdhid - ok
21:22:56.0610 0x03c4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
21:22:56.0610 0x03c4 KeyIso - ok
21:22:56.0656 0x03c4 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:22:56.0656 0x03c4 KSecDD - ok
21:22:56.0688 0x03c4 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:22:56.0703 0x03c4 KSecPkg - ok
21:22:56.0719 0x03c4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:22:56.0734 0x03c4 ksthunk - ok
21:22:56.0766 0x03c4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:22:56.0797 0x03c4 KtmRm - ok
21:22:56.0828 0x03c4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:22:56.0859 0x03c4 LanmanServer - ok
21:22:56.0875 0x03c4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:22:56.0890 0x03c4 LanmanWorkstation - ok
21:22:56.0922 0x03c4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:22:56.0953 0x03c4 lltdio - ok
21:22:56.0984 0x03c4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:22:57.0015 0x03c4 lltdsvc - ok
21:22:57.0031 0x03c4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:22:57.0046 0x03c4 lmhosts - ok
21:22:57.0093 0x03c4 [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:22:57.0109 0x03c4 LMS - ok
21:22:57.0109 0x03c4 lqffzi - ok
21:22:57.0140 0x03c4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:22:57.0156 0x03c4 LSI_FC - ok
21:22:57.0156 0x03c4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:22:57.0171 0x03c4 LSI_SAS - ok
21:22:57.0171 0x03c4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:22:57.0187 0x03c4 LSI_SAS2 - ok
21:22:57.0202 0x03c4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:22:57.0202 0x03c4 LSI_SCSI - ok
21:22:57.0218 0x03c4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:22:57.0249 0x03c4 luafv - ok
21:22:57.0280 0x03c4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:22:57.0280 0x03c4 Mcx2Svc - ok
21:22:57.0296 0x03c4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:22:57.0312 0x03c4 megasas - ok
21:22:57.0327 0x03c4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:22:57.0327 0x03c4 MegaSR - ok
21:22:57.0358 0x03c4 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
21:22:57.0358 0x03c4 MEIx64 - ok
21:22:57.0421 0x03c4 Microsoft SharePoint Workspace Audit Service - ok
21:22:57.0468 0x03c4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
21:22:57.0499 0x03c4 MMCSS - ok
21:22:57.0514 0x03c4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
21:22:57.0530 0x03c4 Modem - ok
21:22:57.0546 0x03c4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:22:57.0561 0x03c4 monitor - ok
21:22:57.0577 0x03c4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:22:57.0592 0x03c4 mouclass - ok
21:22:57.0608 0x03c4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:22:57.0624 0x03c4 mouhid - ok
21:22:57.0639 0x03c4 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:22:57.0639 0x03c4 mountmgr - ok
21:22:57.0686 0x03c4 [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:22:57.0702 0x03c4 MozillaMaintenance - ok
21:22:57.0717 0x03c4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:22:57.0717 0x03c4 mpio - ok
21:22:57.0748 0x03c4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:22:57.0780 0x03c4 mpsdrv - ok
21:22:57.0826 0x03c4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:22:57.0873 0x03c4 MpsSvc - ok
21:22:57.0904 0x03c4 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:22:57.0936 0x03c4 MRxDAV - ok
21:22:57.0967 0x03c4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:22:57.0982 0x03c4 mrxsmb - ok
21:22:57.0998 0x03c4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:22:58.0014 0x03c4 mrxsmb10 - ok
21:22:58.0045 0x03c4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:22:58.0060 0x03c4 mrxsmb20 - ok
21:22:58.0092 0x03c4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:22:58.0092 0x03c4 msahci - ok
21:22:58.0123 0x03c4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:22:58.0123 0x03c4 msdsm - ok
21:22:58.0138 0x03c4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
21:22:58.0154 0x03c4 MSDTC - ok
21:22:58.0170 0x03c4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:22:58.0201 0x03c4 Msfs - ok
21:22:58.0216 0x03c4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:22:58.0232 0x03c4 mshidkmdf - ok
21:22:58.0248 0x03c4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:22:58.0263 0x03c4 msisadrv - ok
21:22:58.0279 0x03c4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:22:58.0326 0x03c4 MSiSCSI - ok
21:22:58.0326 0x03c4 msiserver - ok
21:22:58.0341 0x03c4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:22:58.0372 0x03c4 MSKSSRV - ok
21:22:58.0388 0x03c4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:22:58.0419 0x03c4 MSPCLOCK - ok
21:22:58.0450 0x03c4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:22:58.0482 0x03c4 MSPQM - ok
21:22:58.0513 0x03c4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:22:58.0513 0x03c4 MsRPC - ok
21:22:58.0528 0x03c4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:22:58.0544 0x03c4 mssmbios - ok
21:22:58.0544 0x03c4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:22:58.0575 0x03c4 MSTEE - ok
21:22:58.0591 0x03c4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:22:58.0606 0x03c4 MTConfig - ok
21:22:58.0622 0x03c4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
21:22:58.0622 0x03c4 Mup - ok
21:22:58.0653 0x03c4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
21:22:58.0684 0x03c4 napagent - ok
21:22:58.0700 0x03c4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:22:58.0731 0x03c4 NativeWifiP - ok
21:22:58.0794 0x03c4 [ D5C65661C49139648F1D124D9A8A90DE, 3F5066DBA1337D42E6D3CA01B0F970E93659F0F706B60CA39169FFA61E432598 ] NCO             C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\NST.exe
21:22:58.0809 0x03c4 NCO - ok
21:22:58.0872 0x03c4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:22:58.0903 0x03c4 NDIS - ok
21:22:58.0918 0x03c4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:22:58.0934 0x03c4 NdisCap - ok
21:22:58.0950 0x03c4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:22:58.0965 0x03c4 NdisTapi - ok
21:22:58.0981 0x03c4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:22:59.0012 0x03c4 Ndisuio - ok
21:22:59.0028 0x03c4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:22:59.0059 0x03c4 NdisWan - ok
21:22:59.0059 0x03c4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:22:59.0090 0x03c4 NDProxy - ok
21:22:59.0106 0x03c4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:22:59.0121 0x03c4 NetBIOS - ok
21:22:59.0137 0x03c4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:22:59.0168 0x03c4 NetBT - ok
21:22:59.0184 0x03c4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
21:22:59.0184 0x03c4 Netlogon - ok
21:22:59.0215 0x03c4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
21:22:59.0246 0x03c4 Netman - ok
21:22:59.0293 0x03c4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:22:59.0324 0x03c4 NetMsmqActivator - ok
21:22:59.0324 0x03c4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:22:59.0340 0x03c4 NetPipeActivator - ok
21:22:59.0371 0x03c4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
21:22:59.0386 0x03c4 netprofm - ok
21:22:59.0402 0x03c4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:22:59.0402 0x03c4 NetTcpActivator - ok
21:22:59.0418 0x03c4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:22:59.0418 0x03c4 NetTcpPortSharing - ok
21:22:59.0449 0x03c4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:22:59.0449 0x03c4 nfrd960 - ok
21:22:59.0480 0x03c4 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:22:59.0496 0x03c4 NlaSvc - ok
21:22:59.0511 0x03c4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:22:59.0527 0x03c4 Npfs - ok
21:22:59.0542 0x03c4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
21:22:59.0574 0x03c4 nsi - ok
21:22:59.0574 0x03c4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:22:59.0620 0x03c4 nsiproxy - ok
21:22:59.0683 0x03c4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:22:59.0730 0x03c4 Ntfs - ok
21:22:59.0745 0x03c4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
21:22:59.0761 0x03c4 Null - ok
21:22:59.0808 0x03c4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:22:59.0808 0x03c4 nvraid - ok
21:22:59.0854 0x03c4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:22:59.0870 0x03c4 nvstor - ok
21:22:59.0886 0x03c4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:22:59.0886 0x03c4 nv_agp - ok
21:22:59.0901 0x03c4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:22:59.0917 0x03c4 ohci1394 - ok
21:22:59.0979 0x03c4 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:22:59.0995 0x03c4 ose - ok
21:23:00.0135 0x03c4 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:23:00.0260 0x03c4 osppsvc - ok
21:23:00.0291 0x03c4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:23:00.0322 0x03c4 p2pimsvc - ok
21:23:00.0338 0x03c4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
21:23:00.0354 0x03c4 p2psvc - ok
21:23:00.0385 0x03c4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
21:23:00.0400 0x03c4 Parport - ok
21:23:00.0432 0x03c4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:23:00.0432 0x03c4 partmgr - ok
21:23:00.0478 0x03c4 [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:23:00.0478 0x03c4 PcaSvc - ok
21:23:00.0510 0x03c4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
21:23:00.0510 0x03c4 pci - ok
21:23:00.0556 0x03c4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:23:00.0556 0x03c4 pciide - ok
21:23:00.0572 0x03c4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:23:00.0572 0x03c4 pcmcia - ok
21:23:00.0588 0x03c4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:23:00.0588 0x03c4 pcw - ok
21:23:00.0634 0x03c4 [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:23:00.0666 0x03c4 PEAUTH - ok
21:23:00.0712 0x03c4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:23:00.0728 0x03c4 PerfHost - ok
21:23:00.0790 0x03c4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
21:23:00.0837 0x03c4 pla - ok
21:23:00.0884 0x03c4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:23:00.0900 0x03c4 PlugPlay - ok
21:23:00.0915 0x03c4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:23:00.0931 0x03c4 PNRPAutoReg - ok
21:23:00.0931 0x03c4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:23:00.0946 0x03c4 PNRPsvc - ok
21:23:00.0993 0x03c4 [ E4799B87675C59AA1F620DE5C6F113BB, 094EE16D4CEC68DB316002994482344A6BFCFDE399131F7FA11BB46C2DCBF218 ] Point64         C:\Windows\system32\DRIVERS\point64.sys
21:23:01.0009 0x03c4 Point64 - ok
21:23:01.0024 0x03c4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:23:01.0071 0x03c4 PolicyAgent - ok
21:23:01.0087 0x03c4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
21:23:01.0118 0x03c4 Power - ok
21:23:01.0149 0x03c4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:23:01.0180 0x03c4 PptpMiniport - ok
21:23:01.0196 0x03c4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
21:23:01.0212 0x03c4 Processor - ok
21:23:01.0258 0x03c4 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:23:01.0290 0x03c4 ProfSvc - ok
21:23:01.0290 0x03c4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:23:01.0305 0x03c4 ProtectedStorage - ok
21:23:01.0321 0x03c4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:23:01.0336 0x03c4 Psched - ok
21:23:01.0383 0x03c4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:23:01.0414 0x03c4 ql2300 - ok
21:23:01.0430 0x03c4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:23:01.0446 0x03c4 ql40xx - ok
21:23:01.0477 0x03c4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
21:23:01.0492 0x03c4 QWAVE - ok
21:23:01.0508 0x03c4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:23:01.0524 0x03c4 QWAVEdrv - ok
21:23:01.0539 0x03c4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:23:01.0555 0x03c4 RasAcd - ok
21:23:01.0586 0x03c4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:23:01.0617 0x03c4 RasAgileVpn - ok
21:23:01.0617 0x03c4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
21:23:01.0648 0x03c4 RasAuto - ok
21:23:01.0648 0x03c4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:23:01.0680 0x03c4 Rasl2tp - ok
21:23:01.0680 0x03c4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
21:23:01.0711 0x03c4 RasMan - ok
21:23:01.0726 0x03c4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:23:01.0742 0x03c4 RasPppoe - ok
21:23:01.0758 0x03c4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:23:01.0789 0x03c4 RasSstp - ok
21:23:01.0804 0x03c4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:23:01.0836 0x03c4 rdbss - ok
21:23:01.0851 0x03c4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
21:23:01.0867 0x03c4 rdpbus - ok
21:23:01.0867 0x03c4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:23:01.0898 0x03c4 RDPCDD - ok
21:23:01.0898 0x03c4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:23:01.0929 0x03c4 RDPENCDD - ok
21:23:01.0945 0x03c4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:23:01.0976 0x03c4 RDPREFMP - ok
21:23:02.0007 0x03c4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:23:02.0038 0x03c4 RDPWD - ok
21:23:02.0070 0x03c4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:23:02.0070 0x03c4 rdyboost - ok
21:23:02.0101 0x03c4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:23:02.0132 0x03c4 RemoteAccess - ok
21:23:02.0163 0x03c4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:23:02.0194 0x03c4 RemoteRegistry - ok
21:23:02.0210 0x03c4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:23:02.0241 0x03c4 RpcEptMapper - ok
21:23:02.0257 0x03c4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
21:23:02.0272 0x03c4 RpcLocator - ok
21:23:02.0288 0x03c4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
21:23:02.0319 0x03c4 RpcSs - ok
21:23:02.0319 0x03c4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:23:02.0350 0x03c4 rspndr - ok
21:23:02.0397 0x03c4 [ 3713DACCA1025B05A6343104112708D9, 77830F361775166ED2408CFF9F0DBEDFF225895DD0FAC93F3DC5FFD8DBE0ED2B ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
21:23:02.0413 0x03c4 RTL8167 - ok
21:23:02.0428 0x03c4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
21:23:02.0428 0x03c4 SamSs - ok
21:23:02.0506 0x03c4 [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
21:23:02.0506 0x03c4 SASDIFSV - ok
21:23:02.0522 0x03c4 [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
21:23:02.0522 0x03c4 SASKUTIL - ok
21:23:02.0538 0x03c4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:23:02.0538 0x03c4 sbp2port - ok
21:23:02.0569 0x03c4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:23:02.0600 0x03c4 SCardSvr - ok
21:23:02.0616 0x03c4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:23:02.0631 0x03c4 scfilter - ok
21:23:02.0662 0x03c4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
21:23:02.0725 0x03c4 Schedule - ok
21:23:02.0756 0x03c4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:23:02.0772 0x03c4 SCPolicySvc - ok
21:23:02.0787 0x03c4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:23:02.0803 0x03c4 SDRSVC - ok
21:23:02.0818 0x03c4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:23:02.0834 0x03c4 secdrv - ok
21:23:02.0850 0x03c4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
21:23:02.0881 0x03c4 seclogon - ok
21:23:02.0881 0x03c4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
21:23:02.0912 0x03c4 SENS - ok
21:23:02.0943 0x03c4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:23:02.0943 0x03c4 SensrSvc - ok
21:23:02.0974 0x03c4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:23:02.0990 0x03c4 Serenum - ok
21:23:03.0021 0x03c4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:23:03.0037 0x03c4 Serial - ok
21:23:03.0052 0x03c4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:23:03.0068 0x03c4 sermouse - ok
21:23:03.0084 0x03c4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
21:23:03.0115 0x03c4 SessionEnv - ok
21:23:03.0115 0x03c4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:23:03.0115 0x03c4 sffdisk - ok
21:23:03.0130 0x03c4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:23:03.0130 0x03c4 sffp_mmc - ok
21:23:03.0130 0x03c4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:23:03.0146 0x03c4 sffp_sd - ok
21:23:03.0146 0x03c4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:23:03.0162 0x03c4 sfloppy - ok
21:23:03.0193 0x03c4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:23:03.0224 0x03c4 SharedAccess - ok
21:23:03.0240 0x03c4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:23:03.0255 0x03c4 ShellHWDetection - ok
21:23:03.0286 0x03c4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:23:03.0286 0x03c4 SiSRaid2 - ok
21:23:03.0302 0x03c4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:23:03.0302 0x03c4 SiSRaid4 - ok
21:23:03.0318 0x03c4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:23:03.0333 0x03c4 Smb - ok
21:23:03.0364 0x03c4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:23:03.0380 0x03c4 SNMPTRAP - ok
21:23:03.0396 0x03c4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:23:03.0411 0x03c4 spldr - ok
21:23:03.0442 0x03c4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
21:23:03.0474 0x03c4 Spooler - ok
21:23:03.0567 0x03c4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
21:23:03.0676 0x03c4 sppsvc - ok
21:23:03.0692 0x03c4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:23:03.0723 0x03c4 sppuinotify - ok
21:23:03.0770 0x03c4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:23:03.0801 0x03c4 srv - ok
21:23:03.0817 0x03c4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:23:03.0832 0x03c4 srv2 - ok
21:23:03.0864 0x03c4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:23:03.0879 0x03c4 srvnet - ok
21:23:03.0895 0x03c4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:23:03.0926 0x03c4 SSDPSRV - ok
21:23:03.0942 0x03c4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:23:03.0957 0x03c4 SstpSvc - ok
21:23:03.0973 0x03c4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:23:03.0988 0x03c4 stexstor - ok
21:23:04.0004 0x03c4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
21:23:04.0035 0x03c4 stisvc - ok
21:23:04.0051 0x03c4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:23:04.0051 0x03c4 swenum - ok
21:23:04.0066 0x03c4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
21:23:04.0098 0x03c4 swprv - ok
21:23:04.0144 0x03c4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
21:23:04.0207 0x03c4 SysMain - ok
21:23:04.0207 0x03c4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:23:04.0222 0x03c4 TabletInputService - ok
21:23:04.0254 0x03c4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:23:04.0285 0x03c4 TapiSrv - ok
21:23:04.0285 0x03c4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
21:23:04.0300 0x03c4 TBS - ok
21:23:04.0394 0x03c4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:23:04.0441 0x03c4 Tcpip - ok
21:23:04.0488 0x03c4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:23:04.0519 0x03c4 TCPIP6 - ok
21:23:04.0566 0x03c4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:23:04.0566 0x03c4 tcpipreg - ok
21:23:04.0597 0x03c4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:23:04.0612 0x03c4 TDPIPE - ok
21:23:04.0628 0x03c4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:23:04.0628 0x03c4 TDTCP - ok
21:23:04.0690 0x03c4 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:23:04.0706 0x03c4 tdx - ok
21:23:04.0706 0x03c4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:23:04.0722 0x03c4 TermDD - ok
21:23:04.0768 0x03c4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
21:23:04.0800 0x03c4 TermService - ok
21:23:04.0831 0x03c4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
21:23:04.0862 0x03c4 Themes - ok
21:23:04.0862 0x03c4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
21:23:04.0893 0x03c4 THREADORDER - ok
21:23:04.0909 0x03c4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
21:23:04.0940 0x03c4 TrkWks - ok
21:23:04.0987 0x03c4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:23:05.0002 0x03c4 TrustedInstaller - ok
21:23:05.0049 0x03c4 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:23:05.0049 0x03c4 tssecsrv - ok
21:23:05.0080 0x03c4 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:23:05.0096 0x03c4 TsUsbFlt - ok
21:23:05.0112 0x03c4 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
21:23:05.0127 0x03c4 TsUsbGD - ok
21:23:05.0158 0x03c4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:23:05.0174 0x03c4 tunnel - ok
21:23:05.0174 0x03c4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:23:05.0190 0x03c4 uagp35 - ok
21:23:05.0190 0x03c4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:23:05.0221 0x03c4 udfs - ok
21:23:05.0252 0x03c4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:23:05.0252 0x03c4 UI0Detect - ok
21:23:05.0268 0x03c4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:23:05.0268 0x03c4 uliagpkx - ok
21:23:05.0299 0x03c4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:23:05.0299 0x03c4 umbus - ok
21:23:05.0314 0x03c4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
21:23:05.0330 0x03c4 UmPass - ok
21:23:05.0408 0x03c4 [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:23:05.0424 0x03c4 UNS - ok
21:23:05.0439 0x03c4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
21:23:05.0470 0x03c4 upnphost - ok
21:23:05.0517 0x03c4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:23:05.0548 0x03c4 usbccgp - ok
21:23:05.0580 0x03c4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:23:05.0595 0x03c4 usbcir - ok
21:23:05.0626 0x03c4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:23:05.0642 0x03c4 usbehci - ok
21:23:05.0673 0x03c4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:23:05.0673 0x03c4 usbhub - ok
21:23:05.0689 0x03c4 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:23:05.0704 0x03c4 usbohci - ok
21:23:05.0704 0x03c4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
21:23:05.0720 0x03c4 usbprint - ok
21:23:05.0720 0x03c4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:23:05.0751 0x03c4 USBSTOR - ok
21:23:05.0751 0x03c4 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:23:05.0767 0x03c4 usbuhci - ok
21:23:05.0782 0x03c4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
21:23:05.0814 0x03c4 UxSms - ok
21:23:05.0829 0x03c4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
21:23:05.0829 0x03c4 VaultSvc - ok
21:23:05.0860 0x03c4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:23:05.0860 0x03c4 vdrvroot - ok
21:23:05.0892 0x03c4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
21:23:05.0938 0x03c4 vds - ok
21:23:05.0954 0x03c4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:23:05.0954 0x03c4 vga - ok
21:23:05.0970 0x03c4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:23:06.0001 0x03c4 VgaSave - ok
21:23:06.0032 0x03c4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:23:06.0032 0x03c4 vhdmp - ok
21:23:06.0063 0x03c4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:23:06.0079 0x03c4 viaide - ok
21:23:06.0094 0x03c4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:23:06.0094 0x03c4 volmgr - ok
21:23:06.0110 0x03c4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:23:06.0126 0x03c4 volmgrx - ok
21:23:06.0157 0x03c4 [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:23:06.0157 0x03c4 volsnap - ok
21:23:06.0188 0x03c4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:23:06.0188 0x03c4 vsmraid - ok
21:23:06.0235 0x03c4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
21:23:06.0297 0x03c4 VSS - ok
21:23:06.0313 0x03c4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:23:06.0328 0x03c4 vwifibus - ok
21:23:06.0344 0x03c4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
21:23:06.0375 0x03c4 W32Time - ok
21:23:06.0375 0x03c4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:23:06.0391 0x03c4 WacomPen - ok
21:23:06.0422 0x03c4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:23:06.0453 0x03c4 WANARP - ok
21:23:06.0453 0x03c4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:23:06.0484 0x03c4 Wanarpv6 - ok
21:23:06.0547 0x03c4 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:23:06.0578 0x03c4 WatAdminSvc - ok
21:23:06.0640 0x03c4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
21:23:06.0687 0x03c4 wbengine - ok
21:23:06.0703 0x03c4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:23:06.0734 0x03c4 WbioSrvc - ok
21:23:06.0750 0x03c4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:23:06.0765 0x03c4 wcncsvc - ok
21:23:06.0781 0x03c4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:23:06.0796 0x03c4 WcsPlugInService - ok
21:23:06.0812 0x03c4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
21:23:06.0828 0x03c4 Wd - ok
21:23:06.0843 0x03c4 [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
21:23:06.0874 0x03c4 WDC_SAM - ok
21:23:06.0921 0x03c4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:23:06.0952 0x03c4 Wdf01000 - ok
21:23:06.0968 0x03c4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:23:07.0015 0x03c4 WdiServiceHost - ok
21:23:07.0015 0x03c4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:23:07.0030 0x03c4 WdiSystemHost - ok
21:23:07.0062 0x03c4 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
21:23:07.0077 0x03c4 WebClient - ok
21:23:07.0124 0x03c4 [ 3B130F4FB69CB7312D03332D4DC42C6E, 1CDCF05749DDCD65854CE61083CDD06997936F58817F244840B69B174C39001D ] webinstrNHK     C:\Windows\system32\Drivers\webinstrNHK.sys
21:23:07.0124 0x03c4 webinstrNHK - ok
21:23:07.0155 0x03c4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:23:07.0186 0x03c4 Wecsvc - ok
21:23:07.0186 0x03c4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:23:07.0218 0x03c4 wercplsupport - ok
21:23:07.0233 0x03c4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:23:07.0264 0x03c4 WerSvc - ok
21:23:07.0296 0x03c4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:23:07.0311 0x03c4 WfpLwf - ok
21:23:07.0311 0x03c4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:23:07.0327 0x03c4 WIMMount - ok
21:23:07.0342 0x03c4 WinDefend - ok
21:23:07.0358 0x03c4 WinHttpAutoProxySvc - ok
21:23:07.0389 0x03c4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:23:07.0436 0x03c4 Winmgmt - ok
21:23:07.0514 0x03c4 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
21:23:07.0576 0x03c4 WinRM - ok
21:23:07.0592 0x03c4 wjtvys - ok
21:23:07.0639 0x03c4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:23:07.0717 0x03c4 Wlansvc - ok
21:23:07.0748 0x03c4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
21:23:07.0764 0x03c4 WmiAcpi - ok
21:23:07.0779 0x03c4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:23:07.0779 0x03c4 wmiApSrv - ok
21:23:07.0810 0x03c4 WMPNetworkSvc - ok
21:23:07.0810 0x03c4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:23:07.0826 0x03c4 WPCSvc - ok
21:23:07.0842 0x03c4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:23:07.0857 0x03c4 WPDBusEnum - ok
21:23:07.0873 0x03c4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:23:07.0904 0x03c4 ws2ifsl - ok
21:23:07.0920 0x03c4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
21:23:07.0935 0x03c4 wscsvc - ok
21:23:07.0935 0x03c4 WSearch - ok
21:23:08.0013 0x03c4 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:23:08.0076 0x03c4 wuauserv - ok
21:23:08.0138 0x03c4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:23:08.0138 0x03c4 WudfPf - ok
21:23:08.0169 0x03c4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:23:08.0185 0x03c4 WUDFRd - ok
21:23:08.0216 0x03c4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:23:08.0232 0x03c4 wudfsvc - ok
21:23:08.0278 0x03c4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:23:08.0294 0x03c4 WwanSvc - ok
21:23:08.0294 0x03c4 ================ Scan global ===============================
21:23:08.0325 0x03c4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
21:23:08.0356 0x03c4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:23:08.0372 0x03c4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:23:08.0388 0x03c4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:23:08.0419 0x03c4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
21:23:08.0419 0x03c4 [ Global ] - ok
21:23:08.0419 0x03c4 ================ Scan MBR ==================================
21:23:08.0434 0x03c4 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:23:08.0497 0x03c4 \Device\Harddisk0\DR0 - ok
21:23:08.0497 0x03c4 ================ Scan VBR ==================================
21:23:08.0528 0x03c4 [ C31D97D327887B954A9153BE05ECE27D ] \Device\Harddisk0\DR0\Partition1
21:23:08.0544 0x03c4 \Device\Harddisk0\DR0\Partition1 - ok
21:23:08.0559 0x03c4 [ F3A064945B5CD6ED0D5353F7FA7491C8 ] \Device\Harddisk0\DR0\Partition2
21:23:08.0559 0x03c4 \Device\Harddisk0\DR0\Partition2 - ok
21:23:08.0575 0x03c4 [ E84FF6B66BEA374C78448E8CA84C7095 ] \Device\Harddisk0\DR0\Partition3
21:23:08.0575 0x03c4 \Device\Harddisk0\DR0\Partition3 - ok
21:23:08.0575 0x03c4 ================ Scan generic autorun ======================
21:23:08.0856 0x03c4 [ 967A6ECF81F7637F84669A0F01A6C422, 487A9AD9D35B1D1B568629D3373E8C68DCF3CCA55C61002B6F16E363B7ACE7BE ] C:\Users\Ashley\Documents\Virus Utilities\cce_2.5.242177.201_x64\CCE\CCE.exe
21:23:09.0043 0x03c4 CCE - ok
21:23:09.0199 0x03c4 [ AF04B6DDF123991C625472494BC1221C, D02BEC96FF466187130B5868DCB70E56CEE25101A8889A1AEF3CFE60ECBE6DC6 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
21:23:09.0355 0x03c4 RTHDVCPL - ok
21:23:09.0448 0x03c4 [ 912993864DE980DE79E2317B109298AE, CD01E488E6331D0F00092A6F5B4B62F3404C9C5F0736887849AD215730C072D2 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
21:23:09.0526 0x03c4 CanonMyPrinter - ok
21:23:09.0667 0x03c4 [ 083649EF692A066880C9326020915AFE, 570DBF28F6D77890476F7B6A9C57F77DCC3C51038A1780540032B5FD9CF72190 ] C:\Program Files\AVAST Software\Avast\avastUI.exe
21:23:09.0776 0x03c4 avast - ok
21:23:09.0870 0x03c4 [ 35F9FC8D4B2FAB4ED396C7002A7E1990, 7BAD15FF11D097427337D03CF871481054CC01E49E536EBE744A80DE46AD0BA5 ] C:\Users\Ashley\AppData\Local\wincheck\wincheck.exe
21:23:09.0885 0x03c4 WinCheck - detected UnsignedFile.Multi.Generic ( 1 )
21:23:12.0990 0x03c4 WinCheck ( UnsignedFile.Multi.Generic ) - warning
21:23:16.0063 0x03c4 [ A005676B30AEB3C7703C317D992B193A, 446155F3AB94BF33DB91E7C2C1EED57ED449D82710BFC96DFA07DBA1D346399E ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
21:23:16.0063 0x03c4 USB3MON - ok
21:23:16.0172 0x03c4 [ 3CD5FD3FED5388DC01A072DB5D06C9CD, BED3D0CE4EF7A8D0FAB8B1E2E519D2B7F9BB81E62F5CBC6C968179FC20956165 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
21:23:16.0203 0x03c4 StartCCC - ok
21:23:16.0203 0x03c4 SmartWeb - ok
21:23:16.0203 0x03c4 ospd_us_611 - ok
21:23:16.0297 0x03c4 [ FB2693E1B53BCEDA1F054FF2C54881E6, 41E25F1EDE25F722F9B73527B2F8B05F38EC87964DBBDEA4F1306E207A78E894 ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
21:23:16.0312 0x03c4 IJNetworkScannerSelectorEX - ok
21:23:16.0328 0x03c4 [ 5514B64F7F2D25E09E2FDAF5D62B688C, 43263715ADC49250762A01E41DB2832C6A8B63CE4F66CDD8FC0B51DCA031DF27 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
21:23:16.0328 0x03c4 IAStorIcon - ok
21:23:16.0422 0x03c4 [ 7B59D1D1F458B322A722E95554BB591E, F184E22D37E013580AB7FD07172C1F662275D39E036CE22DFA62B2A43823E719 ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
21:23:16.0468 0x03c4 CanonSolutionMenuEx - ok
21:23:16.0531 0x03c4 [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
21:23:16.0546 0x03c4 BCSSync - ok
21:23:16.0609 0x03c4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:23:16.0656 0x03c4 Sidebar - ok
21:23:16.0671 0x03c4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:23:16.0687 0x03c4 mctadmin - ok
21:23:16.0702 0x03c4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:23:16.0734 0x03c4 Sidebar - ok
21:23:16.0734 0x03c4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:23:16.0749 0x03c4 mctadmin - ok
21:23:16.0874 0x03c4 [ 320889E9BD1F1A041CB69E6A81E484EC, CE47C3BA44E0D5741C8BD41EAFD06BA68E5F1DB4B2EE31EAFD5BDD91C524CFA8 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
21:23:17.0014 0x03c4 SUPERAntiSpyware - ok
21:23:17.0139 0x03c4 [ 8E0EB63933A827D786DE027E42487E44, 387B1803C6F20DD525AE8C367F3997D2875102AE528CA1203D75399B74E41EFD ] C:\Users\Ashley\AppData\Roaming\uTorrent\uTorrent.exe
21:23:17.0186 0x03c4 uTorrent - ok
21:23:17.0248 0x03c4 [ 1DC98EB30899421BF7E4F8C0E9D6B1E7, AC7405DC42673CFF9718D14EB309393F51E95CBA9B2571A8A3D87489911B68FC ] C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe
21:23:17.0264 0x03c4 Super Optimizer - ok
21:23:17.0373 0x03c4 [ 7999235AE6A9F0FE1C007203F03A4618, D552A169E7E5EC43B675120F11E6A1790902C4068FAAFC2DE81DDB5FA50F18E8 ] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_246_Plugin.exe
21:23:17.0404 0x03c4 FlashPlayerUpdate - ok
21:23:17.0404 0x03c4 Waiting for KSN requests completion. In queue: 14
21:23:18.0418 0x03c4 Waiting for KSN requests completion. In queue: 14
21:23:19.0432 0x03c4 Waiting for KSN requests completion. In queue: 14
21:23:20.0446 0x03c4 Waiting for KSN requests completion. In queue: 14
21:23:21.0476 0x03c4 AV detected via SS2: avast! Internet Security, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 7.0.1474.765 ), 0x42010 ( disabled : outofdate )
21:23:21.0476 0x03c4 FW detected via SS2: avast! Internet Security, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 7.0.1474.765 ), 0x40010 ( disabled )
21:23:21.0476 0x03c4 Win FW state via NFP2: enabled
21:23:24.0440 0x03c4 ============================================================
21:23:24.0440 0x03c4 Scan finished
21:23:24.0440 0x03c4 ============================================================
21:23:24.0440 0x0378 Detected object count: 1
21:23:24.0440 0x0378 Actual detected object count: 1
21:23:31.0569 0x0378 WinCheck ( UnsignedFile.Multi.Generic ) - skipped by user
21:23:31.0569 0x0378 WinCheck ( UnsignedFile.Multi.Generic ) - User select action: Skip

#10 jeff matthews

Advanced Member

Authentic Member
781 posts

Posted 08 January 2015 - 11:29 PM

Well evidently after i ran malewarebytes it did help out some. There is no longer a downloader in the background constantly installing programs. How ever its still impossible to use the internet efficiently, it redirects the link to different sites and loads of pop-ups appear and just clicking on anything, loads a potential unsafe site. Just being on this website alone, trying to click into the typing box will load different websites that say website forgery. I got one link that stated that my passwords and user ID's were stolen. Anyways it is a huge mess. Ontop of that the computer just unbearably slow and staggers quite alot.

That is just what i see upon first glance, other symptoms include missing icons, start menu missing. Audio is scrambled, certain applications load just a black CMD prompt and that is it. Certain menu buttons in the windows interface like network settings and power options, don't have a clickable link. You just can't open them. I try to use the run feature and it says its not a windows command.

Edited by jeff matthews, 08 January 2015 - 11:39 PM.

Advertisements

Register to Remove

#11 jeff matthews

Advanced Member

Authentic Member
781 posts

Posted 09 January 2015 - 07:05 AM

Let me know if there is anything else required. I posted all the logs.

#12 LiquidTension

SuperMember

Retired Classroom Teacher
2,566 posts

Posted 09 January 2015 - 01:24 PM

Hello,

other symptoms include [...]

Once your machine has been cleaned of malware, we can address any additional issues.

Please consider the following warning and proceed with the instructions below.

P2P Warning

------------------------------

I see you have peer-to-peer (P2P) file sharing software installed on your computer (uTorrent & KCP-0.5.4.0). I advise you avoid P2P file sharing programmes; they are a security risk which can make your computer susceptible to malware. File sharing networks are thoroughly infected and infested with malware - worms, backdoor Trojans, IRCBots, and rootkits propagate via P2P file sharing networks, gaming, and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans, and spyware. The best way to reduce the risk of infection is to avoid these types of web sites and not use P2P applications. Please read the following articles for more information.

Risks of File-Sharing Technology

P2P Software User Advisories

More malware is traveling on P2P networks these days

Your P2P software can be removed by following the instructions below.
Press the Windows Key + r on your keyboard at the same time. Type appwiz.cpl and click OK.

Search for the aforementioned programme(s), right-click and click Uninstall.

If you choose not to, please refrain from using the programme(s) during this process.

STEP 1
Uninstall Software

Press the Windows Key + r on your keyboard at the same time. Type appwiz.cpl and click OK.
Search for the following programmes, right-click and click Uninstall.
Note: Ensure you decline offers of additional software if applicable.
- AnyProtect
- GeniusBox 2.0
- Idle Crawler
- Super Optimizer v3.2
- WinCheck
- Zoompic
Follow the prompts.
Reboot if necessary.

STEP 2
Farbar Recovery Scan Tool (FRST) Script

Press the Windows Key + r on your keyboard at the same time. Type Notepad and click OK.

Copy the entire contents of the codebox below and paste into the Notepad document.

start
CreateRestorePoint: 
CloseProcesses:
(SUPER PC TOOLS LIMITED) C:\Program Files (x86)\Super Optimizer\SupOptSmartScan.exe
C:\Program Files (x86)\Super Optimizer
() C:\Users\Ashley\AppData\Local\wincheck\wincheck.exe
C:\Users\Ashley\AppData\Local\wincheck
HKLM-x32\...\Run: [WinCheck] => C:\Users\Ashley\AppData\Local\wincheck\wincheck.exe [529920 2015-01-07] ()
HKLM-x32\...\Run: [SmartWeb] => C:\Users\Ashley\AppData\Local\SmartWeb\SmartWebHelper.exe
C:\Users\Ashley\AppData\Local\SmartWeb
HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\...\Run: [Super Optimizer] => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe [676968 2014-12-26] (SUPER PC TOOLS LIMITED)
HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\...\MountPoints2: {c5429e11-26f2-11e4-8f1f-806e6f6e6963} - D:\Bin\ASSETUP.exe
Startup: C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk
ShortcutTarget: SmartWeb.lnk -> C:\Users\Ashley\AppData\Local\SmartWeb\SmartWebHelper.exe (No File)
Startup: C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk
ShortcutTarget: StormWatch.lnk -> C:\Program Files (x86)\StormWatch\StormWatch.exe (No File)
Startup: C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatchApp.lnk
ShortcutTarget: StormWatchApp.lnk -> C:\Program Files (x86)\StormWatch\StormWatchApp.exe (No File)
C:\Program Files (x86)\StormWatch
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-2650459626-1003566679-2177798267-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
Toolbar: HKU\S-1-5-21-2650459626-1003566679-2177798267-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3332128&octid=EB_ORIGINAL_CTID&ISID=I63E6038F-1CE3-493F-959E-FB6BE7E3EB4F&SearchSource=69&CUI=&SSPV=&Lay=1&UM=8&UP=SP169215C0-C634-4015-B514-907E872A5629
FF DefaultSearchEngine,S: WebSearch
FF DefaultSearchUrl: hxxp://websearch.searchoholic.info/?pid=21073&r=2014/12/29&hid=10223791501083041900&lg=EN&cc=US&unqvl=72&l=1&q=
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF SelectedSearchEngine: Trovi search
FF SelectedSearchEngine,S: WebSearch
FF Homepage: hxxp://www.trovi.com/?gd=&ctid=CT3332128&octid=EB_ORIGINAL_CTID&ISID=I63E6038F-1CE3-493F-959E-FB6BE7E3EB4F&SearchSource=55&CUI=&UM=8&UP=SP169215C0-C634-4015-B514-907E872A5629&SSPV=
FF Extension: YoautubEAdBlloCCke - C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\Extensions\MXhp@Zr.edu [2014-12-29]
C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\Extensions\MXhp@Zr.edu
FF Extension: uuniSaalEs - C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\Extensions\piBes4Vs@M.org [2014-12-29]
C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\Extensions\piBes4Vs@M.org
FF HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\...\Firefox\Extensions: [{DEB3EF69-9903-4024-9D7D-EBB2D0AA4C96}] - C:\Program Files (x86)\ver3BlockAndSurf\185.xpi
C:\Program Files (x86)\ver3BlockAndSurf
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
R2 cae99edb; c:\Program Files (x86)\Super Optimizer\SupOptStats.dll [2801768 2015-01-07] ()
S0 lqffzi; No ImagePath
R2 webinstrNHK; C:\Windows\system32\Drivers\webinstrNHK.sys [56432 2015-01-07] (Corsica)
C:\Windows\system32\Drivers\webinstrNHK.sys
S0 wjtvys; No ImagePath
S3 ALSysIO; \??\C:\Users\Ashley\AppData\Local\Temp\ALSysIO64.sys [X]
2015-01-07 09:10 - 2015-01-08 20:52 - 00003254 _____ () C:\Windows\System32\Tasks\Super Optimizer Schedule
2015-01-07 09:10 - 2015-01-07 09:10 - 00000000 ____D () C:\Users\Ashley\Documents\Super Optimizer
2015-01-07 09:10 - 2015-01-07 09:10 - 00000000 ____D () C:\Users\Ashley\AppData\Roaming\Super Optimizer
2015-01-07 09:06 - 2015-01-08 20:51 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2015-01-07 09:06 - 2015-01-08 20:51 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2015-01-07 09:06 - 2015-01-08 20:51 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2015-01-07 09:06 - 2015-01-07 09:06 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2015-01-07 09:06 - 2015-01-07 09:06 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2015-01-07 09:06 - 2015-01-07 09:06 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2015-01-07 09:06 - 2015-01-07 09:06 - 00001049 _____ () C:\Users\Ashley\Desktop\AnyProtect.lnk
2015-01-07 09:06 - 2015-01-07 09:06 - 00000000 ____D () C:\Windows\SysWOW64\Flash
2015-01-07 09:06 - 2015-01-07 09:06 - 00000000 ____D () C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2015-01-07 09:05 - 2015-01-07 09:06 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2015-01-07 09:05 - 2015-01-07 09:05 - 00613057 _____ (CMI Limited) C:\Users\Ashley\AppData\Local\nsy3251.tmp
2015-01-07 09:05 - 2015-01-07 09:05 - 00002019 _____ () C:\Windows\patsearch.bin
2015-01-07 09:05 - 2015-01-07 09:05 - 00000000 __SHD () C:\Users\Ashley\AppData\Roaming\AnyProtectEx
2015-01-07 09:05 - 2015-01-07 09:05 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstrNHK_01009.Wdf
2015-01-07 09:04 - 2015-01-07 09:06 - 00000000 ____D () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30
2015-01-07 09:04 - 2015-01-07 09:04 - 00004626 _____ () C:\Windows\System32\Tasks\Runner IC
2015-01-07 09:04 - 2015-01-07 09:04 - 00001090 _____ () C:\Users\Ashley\Desktop\Super Optimizer.lnk
2015-01-07 09:04 - 2015-01-07 09:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
2015-01-07 09:04 - 2015-01-07 09:04 - 00000000 ____D () C:\Program Files (x86)\Super Optimizer
2015-01-07 09:04 - 2015-01-07 09:04 - 00000000 ____D () C:\Program Files (x86)\predm
2015-01-07 09:00 - 2015-01-07 17:04 - 00000000 ____D () C:\Users\Ashley\AppData\Local\SmartWeb
2015-01-07 08:51 - 2015-01-07 08:51 - 04645232 _____ (Piriform Ltd) C:\Users\Ashley\Desktop\ccsetup409.exe
2015-01-07 08:50 - 2015-01-07 17:04 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-01-07 08:50 - 2015-01-07 08:50 - 00001344 _____ () C:\Windows\Tasks\XSNOUNY.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00001342 _____ () C:\Windows\Tasks\BLPMKG.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000470 _____ () C:\Windows\Tasks\Client.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000454 _____ () C:\Windows\Tasks\Validate Uninstaller.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000450 _____ () C:\Windows\Tasks\Validate Updater.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000414 _____ () C:\Windows\Tasks\Check Updates.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000410 _____ () C:\Windows\Tasks\Run Tasks.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000064 _____ () C:\Users\Ashley\AppData\Local\55e2ee417d89b23c44dd0dae815edf92
2015-01-07 08:50 - 2015-01-07 08:50 - 00000000 ____D () C:\Users\Ashley\AppData\Local\globalUpdate
2015-01-07 08:50 - 2015-01-07 08:50 - 00000000 ____D () C:\Users\Ashley\AppData\Local\GeniusBox
2015-01-07 08:50 - 2015-01-07 08:50 - 00000000 ____D () C:\Program Files (x86)\28aeea84-e5dd-4769-9212-7eacddbe42a4
2015-01-07 08:49 - 2015-01-07 08:49 - 00000282 _____ () C:\Windows\Tasks\LaunchSignup.job
2015-01-07 08:35 - 2015-01-07 08:46 - 00000000 ____D () C:\ProgramData\makulitsidwe
2015-01-07 07:46 - 2015-01-07 07:46 - 00380416 _____ () C:\Users\Ashley\Downloads\gscxyzlt.exe
2014-12-29 01:30 - 2015-01-07 03:22 - 00000000 ____D () C:\Program Files (x86)\YoautubEAdBlloCCke
2014-12-29 01:29 - 2015-01-07 03:22 - 00000000 ____D () C:\Program Files (x86)\unisailees
2014-12-29 01:29 - 2014-12-29 01:29 - 00000000 ____D () C:\ProgramData\14357881760666442250
2014-12-29 01:29 - 2014-12-29 01:29 - 00000000 ____D () C:\Program Files (x86)\uuniSaalEs
C:\Users\Ashley\AppData\Local\Temp\99648137-C26F-E6FB-3819-EB158432D633.dll
C:\Users\Ashley\AppData\Local\Temp\99648137-C26F-E6FB-3819-EB158432D633.exe
C:\Users\Ashley\AppData\Local\Temp\A8B293B6-0520-1E1E-C444-05C89AD3F685.exe
C:\Users\Ashley\AppData\Local\Temp\amisetup8163__11003.exe
C:\Users\Ashley\AppData\Local\Temp\amisetup8199__11005.exe
C:\Users\Ashley\AppData\Local\Temp\CloudBackup4064.exe
C:\Users\Ashley\AppData\Local\Temp\supoptsetup.exe
C:\Users\Ashley\AppData\Local\Temp\vcredist_x64.exe
Task: {0A34076C-7C19-4B57-99E0-1511B5A565E3} - System32\Tasks\Super Optimizer Schedule => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe [2014-12-26] (SUPER PC TOOLS LIMITED)
Task: {286B1FB2-E492-499A-A07C-2D391D99C79A} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-01-07] (AnyProtect.com) <==== ATTENTION
Task: {39F5A2DE-68ED-4E42-B65F-09BCF4BF3DA3} - \BlockAndSurf Update No Task File <==== ATTENTION
Task: {676D9544-1738-4D8A-8A0C-D6E5686DD943} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-01-07] (AnyProtect.com) <==== ATTENTION
Task: {7A7FAE54-D8BC-4C3E-8447-0D6C8F1A4071} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-01-07] (AnyProtect.com) <==== ATTENTION
Task: {9FC2D183-6C20-46F5-8FA2-73385FAFC75C} - \Voo Update No Task File <==== ATTENTION
Task: {A83040FC-1ADB-48FF-B060-2A22374D7315} - \SmartWeb Upgrade Trigger Task No Task File <==== ATTENTION
Task: {A8F8A9B7-F3F5-4B87-A456-E62516B926AF} - System32\Tasks\Runner IC => %LOCALAPPDATA%\F12554C8-33A4-1849-80EB-56C2622F6A30\Runner.exe
Task: {D54B1E34-5209-4F5C-86C0-D3D1814714A2} - System32\Tasks\Microsoft\Windows\Maintenance\Update IC => %LOCALAPPDATA%\F12554C8-33A4-1849-80EB-56C2622F6A30\Runner.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\BLPMKG.job => C:\Users\Ashley\AppData\Roaming\BLPMKG.exe <==== ATTENTION
C:\Users\Ashley\AppData\Roaming\BLPMKG.exe
Task: C:\Windows\Tasks\Check Updates.job => C:\Users\Ashley\AppData\Local\GeniusBox\Updater.exe
Task: C:\Windows\Tasks\Client.job => C:\Users\Ashley\AppData\Local\GeniusBox\client.exe
Task: C:\Windows\Tasks\LaunchSignup.job => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
C:\Program Files (x86)\MyPC Backup
Task: C:\Windows\Tasks\Run Tasks.job => C:\Users\Ashley\AppData\Local\GeniusBox\Tasks.exe
Task: C:\Windows\Tasks\Validate Uninstaller.job => C:\Users\Ashley\AppData\Local\GeniusBox\Uninstall.exe
Task: C:\Windows\Tasks\Validate Updater.job => C:\Users\Ashley\AppData\Local\GeniusBox\Updater.exe
Task: C:\Windows\Tasks\XSNOUNY.job => C:\Users\Ashley\AppData\Roaming\XSNOUNY.exe <==== ATTENTION
C:\Users\Ashley\AppData\Roaming\XSNOUNY.exe
reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\CltMngSvc" /f
reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\globalUpdate" /f
reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\globalUpdatem" /f
CMD: ipconfig /flushdns
CMD: netsh winsock reset all
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
end

Click File, Save As and type fixlist.txt as the File Name.
Important: The file must be saved in the same location as FRST64.exe.

NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System.

Right-Click FRST64.exe and select Run as administrator to run the programme.
Click Fix.
A log (Fixlog.txt) will open on your desktop. Copy the contents of the log and paste in your next reply.

STEP 3
Farbar Recovery Scan Tool (FRST) Scan

Right-Click FRST64.exe and select Run as administrator to run the programme.
Click Yes to the disclaimer.
Ensure the Addition.txt box is checked.
Click the Scan button and let the programme run.
Upon completion, click OK, then OK on the Addition.txt pop up screen.
Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.

======================================================

STEP 4
Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

Did the programmes uninstall OK?
Fixlog.txt
FRST.txt
Addition.txt

Would you like to help others with malware removal? Join our Classroom and learn how!

#13 jeff matthews

Advanced Member

Authentic Member
781 posts

Posted 09 January 2015 - 05:50 PM

Can i run these scans in safe mode, or do i have to be in normal mode? Arn't you supposed to like Drag the script into the program? I am scanning it in safe mode right now, but its taking a while. How long is this fix supposed to take. It just says "searching" and nothing else.

Edited by jeff matthews, 09 January 2015 - 06:14 PM.

#14 LiquidTension

SuperMember

Retired Classroom Teacher
2,566 posts

Posted 09 January 2015 - 06:10 PM

Normal Mode if you can.

If you can't, use Safe Mode for Step 1 and 2.
Step 3 should be performed in Normal Mode.

Would you like to help others with malware removal? Join our Classroom and learn how!

#15 jeff matthews

Advanced Member

Authentic Member
781 posts

Posted 09 January 2015 - 06:36 PM

Ok, i am sorry i will have to redo it. I don't think it is supposed to be taking this long. Its just supposed to fix the registry errors right? That usually takes a few min for scripts. Hopefully restarting my machine won't cause any problems.

Also tagged with one or more of these keywords: Viruses, Maleware, Infection, CCcleaner, Internet connection issue, Rootkits, trovi search bar

Spyware / Malware / Virus Removal → Virus, Spyware & Malware Removal → My PC won't open Malware Bytes (QQPCTray) [Solved] Started by victor_lf , 12 May 2016 infection 1 2 3	Hot 33 replies 8,959 views	ken545 16 May 2016
Spyware / Malware / Virus Removal → Virus, Spyware & Malware Removal → Default browser keeps opening by itself Started by mugger , 26 Sep 2015 maleware, virus, spyware, browser and 1 more...	3 replies 14,174 views	Cypher 01 Oct 2015
Spyware / Malware / Virus Removal → Virus, Spyware & Malware Removal → Trojan Horse Collected_c.BEIS (Have logs) [Solved] Started by jeff matthews , 21 Jun 2015 Maleware, Trojan, Infection and 4 more... 1 2	Hot 15 replies 13,043 views	ken545 26 Jun 2015
Spyware / Malware / Virus Removal → Virus, Spyware & Malware Removal → Windows 7 runs hot then signs of infection wont connect to Internet [C Started by jocase , 18 Apr 2015 Infection	3 replies 3,246 views	ken545 27 Apr 2015
Spyware / Malware / Virus Removal → Virus, Spyware & Malware Removal → Keylogger, KernelMode Rootkit SSDT hooks have plagued my PC since June Started by BrotherPorter , 26 Nov 2014 Windows redirect, SSDT, keylogger and 6 more... 1 2 3	Hot 35 replies 18,008 views	OCD 11 Jan 2015

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Body Background

skin color theme