Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92789 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Trovi search bar, causing failed internet! Logs are ready. [Solved

Viruses Maleware Infection CCcleaner Internet connection issue Rootkits trovi search bar

  • This topic is locked This topic is locked
100 replies to this topic

#1 jeff matthews

jeff matthews

    Advanced Member

  • Authentic Member
  • PipPipPipPip
  • 759 posts

Posted 07 January 2015 - 04:54 PM

Hey, i am quite in the dilemma here. I wanted to clear my browser's cache and history and all that, so i downloaded CC cleaner. I have used it before and i know that it is safe but unfortunately i made a fatal error or mistake and accidentally downloaded a zipped file apparently they had just hundreds of spyware, viruses and everything in between attached in this one file. Though it was strange, that the file i downloaded did have the software i was looking for, but so much other junk as well. Now i have a computer that is virtually rendered useless at this time. The internet is dead, system restore is corrupt, it gets routed to a page that says "no server response" My applications that i am using are having all kinds of weird affects and not working correctly.  Missing icons, files being deleted, certain system applications not even loading, or stopped or disabled permanently for example i can't even open up my "power options" in the control panel. There is a constant installer in the back ground installing application after application and it won't stop. I have tried to remove the apps from the add and remove program features, but certain applications are having a reverse affect, instead of uninstalling, its installing more.

 

So yes this machine is in a critical state right now and i was almost thinking bout just doing a clean system re-install, but i have lots of data on here. It would take me quite a while to back up everything. My family uses this machine and I monitor it by cleaning it and doing all the tech work on it that they can't do. I think some sort of application that kills files or processes is in order for this one, like Killbox or combofix.  Though Safe mode does provide some relief and is devoid of some symptoms, because all proses stop running in the background. But either way even in safe mode, i am unable to execute certain regular commands. My last resort would be to try executing a recovery disk like Linux or something like that to be able to clean it outside the windows OS. But i'll see what methods you guys want to use on this particular deeply infected machine.

 

Thanks alot and i hope you can get to me as soon as you can! :

 

EDIT: The machine just turned off by it self.

 

I am going to provide some logs, first here is the MalewareBytes log that i scanned. It found around 550+ infections.

 

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 1/7/2015
Scan Time: 4:41:08 PM
Logfile: Malewarebytes log.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.07.07
Rootkit Database: v2015.01.06.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Ashley

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 366456
Time Elapsed: 6 min, 52 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 82
PUP.Optional.SearchProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CltMngSvc, , [a4ef25cff8912e0852499f0e2dd43fc1],
PUP.Optional.StormWatch.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SWUpdater, , [10838f65365348eec4ebfef8fe0317e9],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110611901161}, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{11111111-1111-1111-1111-110611901161}, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440644904461}, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655905561}, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660666906661}, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655905561}, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660666906661}, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440644904461}, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\CLASSES\4ce52bb2ec374d3c8814e9633e4ff8bc0069061.BHO.1, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110611901161}, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110611901161}, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\CLASSES\4ce52bb2ec374d3c8814e9633e4ff8bc0069061.BHO, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\4ce52bb2ec374d3c8814e9633e4ff8bc0069061.BHO, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\4ce52bb2ec374d3c8814e9633e4ff8bc0069061.BHO.1, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{22222222-2222-2222-2222-220622902261}, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\CLASSES\4ce52bb2ec374d3c8814e9633e4ff8bc0069061.Sandbox.1, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\CLASSES\4ce52bb2ec374d3c8814e9633e4ff8bc0069061.Sandbox, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\4ce52bb2ec374d3c8814e9633e4ff8bc0069061.Sandbox, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\4ce52bb2ec374d3c8814e9633e4ff8bc0069061.Sandbox.1, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\CLASSES\CLSID\{22222222-2222-2222-2222-220622902261}, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110611901161}\INPROCSERVER32, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-2650459626-1003566679-2177798267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, , [415253a103868bab1e9ce4fee22024dc],
PUP.Optional.StormWatch.A, HKU\S-1-5-21-2650459626-1003566679-2177798267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\StormWatch, , [c8cb27cd10798da9cdea8ec72bd55ca4],
PUP.Optional.SmartWeb.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SmartWeb, , [9102658f16732d0949c5a74b14ed8f71],
PUP.Optional.VPNPrivat.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{42F42C22-D4DD-463C-9E07-62E45BD3E360}_is1, , [cac9bd3794f5fd39d4bdbcafba49f20e],
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SearchProtect, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, , [dab9ab493f4a4cea6019f0aeea1934cc],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, , [fe95db194049ac8af9cb2abae222ce32],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, , [a6ed54a07712a690b70c90549c68b749],
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\GAMESDESKTOP, , [11828272a3e6b581f8e7373224dfb050],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\HQ-Video-Pro-2.1cV07.01, , [8c07bf356d1c78be8ba8e9fd45bf936d],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\HQ-Video-Pro-2.1cV07.01-nv, , [1380c034187167cfcb681dc928dcc937],
PUP.Optional.OneSoftPerDay.A, HKLM\SOFTWARE\WOW6432NODE\ONESOFTPERDAY, , [6c2791632d5ca096d7a2bbbc51b2d62a],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, , [ddb615dfbccda096e2d0fe8560a312ee],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\30935, , [7a1925cf7b0ecb6bc2b79e006f94639d],
PUP.Optional.OneSoftPerDay.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ospd_us_611_is1, , [732006eeb0d9c76fdd9bef88ac5726da],
PUP.Optional.VOPackage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPACKAGE, , [227191638aff62d49c79aed5f211827e],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, , [6a29856faedb979f861314cf778d9967],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, , [f49f01f399f0e4527f1be4ff956ff50b],
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT, , [652ede16eb9eae888e2cb7d0020121df],
PUP.Optional.VOPackage.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SERVERVO, , [6132c62e6623bc7a8655aebcfe054fb1],
PUP.Optional.SearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPD, , [b6dddb19acdd3105d34896eb16edfd03],
PUP.Optional.HQVideo.A, HKU\S-1-5-21-2650459626-1003566679-2177798267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\HQ-Video-Pro-2.1cV07.01-nv, , [3b58975dfe8b9a9c66cec3236b999769],
PUP.Optional.StormWatchApp.A, HKU\S-1-5-21-2650459626-1003566679-2177798267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\StormWatchApp, , [a0f3ed07b6d341f59f448ee35aa9c53b],
PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-2650459626-1003566679-2177798267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\TutoTag, , [eda66a8a80094bebe2eac3206b99bc44],
PUP.Optional.BlockAndSurf.A, HKU\S-1-5-21-2650459626-1003566679-2177798267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\BlockAndSurf, , [c4cfc331fb8e9d99f5a71868d23133cd],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2650459626-1003566679-2177798267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [5b3847ad2f5a6acc74715480f60e768a],
PUP.Optional.HQVideo.A, HKU\S-1-5-21-2650459626-1003566679-2177798267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HQ-Video-Pro-2.1cV07.01, , [9cf7ad47d8b1d066de57fcea689c45bb],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2650459626-1003566679-2177798267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, , [0192a0549eebbc7a8706babdef14f40c],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2650459626-1003566679-2177798267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\HQ-VideoV07.01, , [aee56d8714755adcd337452725deed13],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdate, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdatem, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.Update3WebControl.4, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{088CF7BF-784A-0416-165B-5AC1F66FDEA4}, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{1537394B-EE0B-1D31-CAAB-4A5E724A585F}, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{53FF32DC-ED80-1840-FD9B-07D352F1707F}, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{53FF32DC-ED80-1840-FD9B-07D352F1707F}, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{1537394B-EE0B-1D31-CAAB-4A5E724A585F}, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{088CF7BF-784A-0416-165B-5AC1F66FDEA4}, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{088CF7BF-784A-0416-165B-5AC1F66FDEA4}, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\CLASSES\CLSID\{088CF7BF-784A-0416-165B-5AC1F66FDEA4}, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\CLASSES\CLSID\{088CF7BF-784A-0416-165B-5AC1F66FDEA4}\INPROCSERVER32, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\B7AA4B99-4F6E-B7C1-3EC9-E87D5AE94532, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.HQVideo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\HQ-Video-Pro-2.1cV07.01, , [a8eb30c42c5d1125717a9cbcae5504fc],
PUP.Optional.ConvertAd.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\serverca, , [712203f10782290d04821248c73c867a],
PUP.Optional.ConvertAd.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ConvertAd, , [712203f10782290d04821248c73c867a],
PUP.Optional.VooUpdate.A, HKU\S-1-5-21-2650459626-1003566679-2177798267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Voo Update, , [d2c1e1136e1b152132f4b4b1b05301ff],

Registry Values: 9
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, , [ddb615dfbccda096e2d0fe8560a312ee]
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_us_68, , [7c1704f01c6d6ec885d371f9f70ce818],
PUP.Optional.VOPackage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPACKAGE|UninstallString, "C:\Users\Ashley\AppData\Roaming\VOPackage\uninstall.exe", , [227191638aff62d49c79aed5f211827e]
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT|InstallDir, C:\PROGRA~2\SearchProtect, , [652ede16eb9eae888e2cb7d0020121df]
PUP.Optional.VOPackage.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SERVERVO|ImagePath, C:\Users\Ashley\AppData\Roaming\VOPackage\VOsrv.exe, , [6132c62e6623bc7a8655aebcfe054fb1]
PUP.Optional.SearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPD|ImagePath, \??\C:\Windows\system32\drivers\SPPD.sys, , [b6dddb19acdd3105d34896eb16edfd03]
PUP.Optional.StormWatch.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SWUPDATER|ImagePath, C:\Program Files (x86)\StormWatch\SWUpdaterSvc.exe, , [7b18c72d77126dc99d9e0b5f8f741de3]
PUP.Optional.OneSoftPerDay.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|upospd_us_611.exe, C:\Users\Ashley\AppData\Local\ospd_us_611\upospd_us_611.exe -runonce, , [ff948173474256e09bf797bfd3304db3]
PUP.Optional.VooUpdate.A, HKU\S-1-5-21-2650459626-1003566679-2177798267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|VooUpdate, wscript /E:vbscript /B "C:\Users\Ashley\AppData\Roaming\VooUpdate\UpdateProc\bkup.dat", , [d2c1e1136e1b152132f4b4b1b05301ff]

Registry Data: 3
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL  , Good: (), Bad: (C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL),,[cbc85e96a3e6b581acef8d203fc222de]
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll, Good: (), Bad: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll),,[f69de113f89181b53a61119ce21f31cf]
PUP.Optional.Trovi.A, HKU\S-1-5-21-2650459626-1003566679-2177798267-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.trovi.com...E872A5629&SSPV=, Good: (www.google.com), Bad: (http://www.trovi.com/?gd=&ctid=CT3332128&octid=EB_ORIGINAL_CTID&ISID=I63E6038F-1CE3-493F-959E-FB6BE7E3EB4F&SearchSource=55&CUI=&UM=8&UP=SP169215C0-C634-4015-B514-907E872A5629&SSPV=),,[bcd715df3a4f37ff947086fb26df7e82]

Folders: 66
PUP.Optional.StormWatch.A, C:\Users\Ashley\AppData\Local\StormWatch, , [444fbf35ddac92a405be1059c83b53ad],
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch, , [0a89d71d92f757dfa9936505d72c946c],
PUP.Optional.VPNPrivat.A, C:\Program Files (x86)\VPN_Privat, , [cac9bd3794f5fd39d4bdbcafba49f20e],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Resources, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Resources\cache, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\x64, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\x86, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Config, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Database, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\log, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\rep, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\rep, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.StormWatch.A, C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormWatch, , [97fc18dc6c1df73fedc32eb7f80cee12],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{8930D57B-19F9-40A5-94F0-DB81325B2EAC}, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashley\AppData\Local\Temp\comh.289797, , [c7cc06ee0e7be452712aeb5ecf3435cb],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\x64, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.OneSoftPerDay.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ONESOFTPERDAY, , [73206094d9b052e49bf65ef86a995ba5],
PUP.Optional.OneSoftPerDay.A, C:\Users\Ashley\AppData\Local\ospd_us_611, , [ff948173474256e09bf797bfd3304db3],
PUP.Optional.OneSoftPerDay.A, C:\Users\Ashley\AppData\Local\ospd_us_611\ospd_us_611, , [ff948173474256e09bf797bfd3304db3],
PUP.Optional.OneSoftPerDay.A, C:\Users\Ashley\AppData\Local\ospd_us_611\ospd_us_611\1.20, , [ff948173474256e09bf797bfd3304db3],
PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_611, , [f99a2bc997f23006751ebd995ea5a15f],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01, , [a8eb30c42c5d1125717a9cbcae5504fc],
PUP.Optional.StormWatch.A, C:\Users\Ashley\AppData\Local\Weather_Protector_LLC, , [781b6b89a8e190a60e2f6af0ca39ec14],
PUP.Optional.StormWatch.A, C:\Users\Ashley\AppData\Local\Weather_Protector_LLC\StormWatch.exe_Url_usbt2h442ct3xjfow5su3qyydefw1pax, , [781b6b89a8e190a60e2f6af0ca39ec14],
PUP.Optional.StormWatch.A, C:\Users\Ashley\AppData\Local\Weather_Protector_LLC\StormWatch.exe_Url_usbt2h442ct3xjfow5su3qyydefw1pax\2.0.0.0, , [781b6b89a8e190a60e2f6af0ca39ec14],
PUP.Optional.ConvertAd.A, C:\Users\Ashley\AppData\Local\ConvertAd, , [712203f10782290d04821248c73c867a],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\defaults, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\defaults\preferences, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\userCode, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\locale, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\locale\en-US, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.VOPackage.A, C:\Users\Ashley\AppData\Roaming\VOPackage, , [23703cb82366c472a748b3b1a26158a8],
PUP.Optional.VOPackage.A, C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage, , [910242b203864de9fcf4acb80ef57d83],
PUP.Optional.VooUpdate.A, C:\Users\Ashley\AppData\Roaming\VooUpdate, , [d2c1e1136e1b152132f4b4b1b05301ff],
PUP.Optional.VooUpdate.A, C:\Users\Ashley\AppData\Roaming\VooUpdate\UpdateProc, , [d2c1e1136e1b152132f4b4b1b05301ff],

Files: 409
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll, , [cbc85e96a3e6b581acef8d203fc222de],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll, , [f69de113f89181b53a61119ce21f31cf],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe, , [a4ef25cff8912e0852499f0e2dd43fc1],
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch\SWUpdaterSvc.exe, , [10838f65365348eec4ebfef8fe0317e9],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\HQ-Video-Pro-2.1cV07.01-bho64.dll, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\HQ-Video-Pro-2.1cV07.01-bho.dll, , [048f0ee6246568cefbabc6f7d13410f0],
PUP.Optional.HQVideo.A, C:\Users\Ashley\AppData\Roaming\BLPMKG.exe, , [eba8a252a3e64de99b0bf0cdf114ff01],
PUP.Optional.HQVideo.A, C:\Users\Ashley\AppData\Roaming\XSNOUNY.exe, , [8b082cc8414854e28a1c734a01048779],
PUP.Optional.Nova.A, C:\Program Files (x86)\28aeea84-e5dd-4769-9212-7eacddbe42a4\422da83c-3657-4aa6-9575-d9d229570ca6.dll, , [01924aaa5435c86ec7774eb32fd304fc],
PUP.Optional.Nova.A, C:\Program Files (x86)\ASM104xUSB3\66232185-9bc0-4462-a565-e1cc6b56dc81.dll, , [8f04be36b0d9191d0e30b051748e8779],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\62bca8b3-b73a-4a9f-873b-1cc2b0947374-10.exe, , [d5be10e4a0e97fb72f77912c45c02ed2],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\62bca8b3-b73a-4a9f-873b-1cc2b0947374-2.exe, , [bfd402f2dcada591099df0cd57aec43c],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\62bca8b3-b73a-4a9f-873b-1cc2b0947374-3.exe, , [5c37559fe6a39b9b4f57f3cad431ef11],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\62bca8b3-b73a-4a9f-873b-1cc2b0947374-4.exe, , [672ccd27d4b5f73ffbabcfee867fe917],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\62bca8b3-b73a-4a9f-873b-1cc2b0947374-5.exe, , [246f47ad8306999d7d298835966f4bb5],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\62bca8b3-b73a-4a9f-873b-1cc2b0947374-6.exe, , [bbd86c88e4a55dd972346d50f60f48b8],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\62bca8b3-b73a-4a9f-873b-1cc2b0947374-64.exe, , [8b08955f662343f3a600c2fb9e6751af],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\62bca8b3-b73a-4a9f-873b-1cc2b0947374-7.exe, , [514229cbe9a060d6f2b498251aeb8e72],
PUP.Optional.Nova.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\e35b4bb6-93b3-4dc1-8ec5-3a17064813b4.dll, , [fb98a74d93f6c96d7bc3b54c46bcb749],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\HQ-Video-Pro-2.1cV07.01-bg.exe, , [d2c18a6a622715218a1cc1fcab5aba46],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\HQ-Video-Pro-2.1cV07.01-codedownloader.exe, , [4b48eb09e3a63402dbcbb20b1ee729d7],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\utils.exe, , [682b31c349400432db880f3d649c15eb],
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch\StormWatch.exe, , [6c271ed62069ea4c15a269ec6a967b85],
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch\StormWatchApp.exe, , [3c577c78761353e3ab0caea78e72c23e],
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch\StormWatchappuninstall.exe, , [c8cb27cd10798da9cdea8ec72bd55ca4],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Service Start.exe, , [10833eb67811fd39b853ad39eb16c937],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe, , [b7dce70d2a5f6ec865a602e49e63bb45],
PUP.Optional.OutBrowse, C:\$Recycle.Bin\S-1-5-21-2650459626-1003566679-2177798267-1000\$RU80J3T.exe, , [2a699c5803861620ae5bbc22e02226da],
PUP.Optional.Tuto4PC.A, C:\Users\Ashley\AppData\Local\Temp\is-RQUFC.tmp\package_onesoftperday_installer_multilang.exe, , [f1a271835c2d4ee8e24137bad0318080],
PUP.Optional.Tuto4PC.A, C:\Users\Ashley\AppData\Local\Temp\is-47INQ.tmp\package_hyperbrows_installer_multilang.exe, , [d8bbb63e1574ca6c5fc41bd69b669769],
PUP.Optional.Tuto4PC.A, C:\Users\Ashley\AppData\Local\Temp\is-47INQ.tmp\package_Nuvision_installer_multilang.exe, , [cfc421d31970f2446fb41ed37c8544bc],
PUP.Optional.Tuto4PC.A, C:\Users\Ashley\AppData\Local\Temp\is-47INQ.tmp\package_superpc_installer_multilang.exe, , [70237282eb9e9e9870b3945d61a05aa6],
PUP.Optional.Tuto4PC.A, C:\Users\Ashley\AppData\Local\Temp\is-47INQ.tmp\package_tl_idlecrawler_installer_multilang.exe, , [97fc8c689beed75f60c3876ad928fb05],
PUP.Optional.Tuto4PC.A, C:\Users\Ashley\AppData\Local\Temp\is-47INQ.tmp\package_vpnprivat_installer_multilang.exe, , [9af9e60e8207b5817da67081956c6e92],
PUP.Optional.OutBrowse, C:\Users\Ashley\Downloads\CCleaner.exe, , [425182720a7fa195a564a33b0af88878],
PUP.Optional.SmartWeb.A, C:\Users\Ashley\AppData\Local\SmartWeb\SmartWebApp.exe, , [5b380be9820744f20e0001f12ed3ca36],
PUP.Optional.SmartWeb.A, C:\Users\Ashley\AppData\Local\SmartWeb\SmartWebHelper.exe, , [e4af44b01079c3733ad48969e51c0ff1],
PUP.Optional.SmartWeb.A, C:\Users\Ashley\AppData\Local\SmartWeb\swhk.dll, , [a9ea965e98f14bebde30896944bd7789],
PUP.Optional.SmartWeb.A, C:\Users\Ashley\AppData\Local\SmartWeb\uninst.exe, , [9102658f16732d0949c5a74b14ed8f71],
PUP.Optional.SearchProtect.A, C:\Windows\AppPatch\AppPatch64\VCLdr64.dll, , [d1c2787c79102f07a6f509a416eb1fe1],
PUP.Optional.SearchProtect.A, C:\Windows\AppPatch\nbin\VC32Loader.dll, , [6c2703f12564c76faceffcb155ace51b],
PUP.Optional.VooUpdate.A, C:\Windows\Tasks\Voo Update.job, , [d7bc4da73257dd5975353f26e32006fa],
PUP.Optional.VooUpdate.A, C:\Windows\System32\Tasks\Voo Update, , [53406c88612865d1c7e4372e23e09967],
PUP.Optional.StormWatch.A, C:\Users\Ashley\AppData\Local\StormWatch\StormWatchApp.dat, , [444fbf35ddac92a405be1059c83b53ad],
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch\SWUpdaterSvc.exe.config, , [0a89d71d92f757dfa9936505d72c946c],
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch\ICSharpCode.SharpZipLib.dll, , [0a89d71d92f757dfa9936505d72c946c],
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch\StormWatch.exe.config, , [0a89d71d92f757dfa9936505d72c946c],
PUP.Optional.StormWatch.A, C:\Program Files (x86)\StormWatch\uninstall.exe, , [0a89d71d92f757dfa9936505d72c946c],
PUP.Optional.VPNPrivat.A, C:\Program Files (x86)\VPN_Privat\unins000.dat, , [cac9bd3794f5fd39d4bdbcafba49f20e],
PUP.Optional.VPNPrivat.A, C:\Program Files (x86)\VPN_Privat\unins000.exe, , [cac9bd3794f5fd39d4bdbcafba49f20e],
PUP.Optional.SmartWeb.A, C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task, , [eca7ad4737525cda858449238c77b54b],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\pt_PT.mo, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\BplusDotNet.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\aff.conf, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\AlphaFS.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\AlphaVSS.51.x86.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\AlphaVSS.52.x64.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\AlphaVSS.52.x86.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\AlphaVSS.60.x64.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\AlphaVSS.60.x86.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\AlphaVSS.Common.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\BackupStack.exe, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\BackupStackUI.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet20_x64.exe, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet20_x86.exe, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet40_x64.exe, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet40_x86.exe, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Shared Stack.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\SignupWizard.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\syncicon.ico, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\System.Data.SQLite.DLL, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\uninst.exe, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\UnRegisterExtensions.exe, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Updater.exe, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Updater_.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\websocket-sharp.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Configuration Updater.exe, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\de_DE.mo, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\es_ES.mo, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\fr_FR.mo, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\GetText.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\InstMgr.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Ionic.Zip.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\it_IT.mo, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\LogicNP.EZShellExtensions.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Microsoft.Win32.TaskScheduler.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\MPCBClient.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\MPCBContextMenu.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\mypcbackup.ico, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\NativeHashWrapper.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Newtonsoft.Json.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\ObjectListView.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\PipeDiff.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\x64\SQLite.Interop.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\x86\SQLite.Interop.dll, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Config\api.ts2, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Database\mpcb_file_cache.db, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Database\mpcb_settings.db, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Database\mpcb_version_queue.db, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\log\APP_CRASH.log, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\log\AUTH.log, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\log\GRID_RECOVERY_INIT.log, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\log\NETWORK_SHARES.log, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\log\REMOTING.log, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\log\REQUEST.log, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\log\SCHEDULE.log, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\log\SERVICE.log, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\log\TASKS.log, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\log\UPDATER.log, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\log\UTC_MIGRATION.log, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\log\WAIT_HANDLES.log, , [7d165f9548414ceacfb27ff0bf448d73],
PUP.Optional.BlockAndSurf.A, C:\Windows\System32\Tasks\BlockAndSurf Update, , [d5bec3313c4d4fe73196c5c342c1ad53],
PUP.Optional.Trovi.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\searchplugins\trovi-search.xml, , [e8ab10e4cbbeb77f53a5375b82818977],
PUP.Optional.BlockAndSurf.A, C:\Windows\Tasks\BlockAndSurf Update.job, , [e5aece265b2ebd799e56cad20cf7e020],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\EULA.txt, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\sptool.dll_1420650232632, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\cfi.bin, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\edk.bin, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\pni.bin, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\trn.bin, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\RN32.dll, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPtool64.exe, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32.dll, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64.dll, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.css, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.html, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\defaults.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def-grey.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-dia.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-uninstall.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettingsDS.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\button-bg.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Icon.ico, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\SP_DialogBG.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\DialogAPI.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js, , [f89b16de8900072f5b59c307679dde22],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\62bca8b3-b73a-4a9f-873b-1cc2b0947374-1.job, , [e3b041b3bacf54e29a9b944d6f9514ec],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\62bca8b3-b73a-4a9f-873b-1cc2b0947374-10_user.job, , [187b767e0a7f62d43ff6d8097f85f50b],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\62bca8b3-b73a-4a9f-873b-1cc2b0947374-2.job, , [058ecc28444539fd72c30bd656ae52ae],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\62bca8b3-b73a-4a9f-873b-1cc2b0947374-3.job, , [e9aa25cf12779c9a86af41a017ed946c],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\62bca8b3-b73a-4a9f-873b-1cc2b0947374-4.job, , [1e750de70584979f64d1766b679dd12f],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\62bca8b3-b73a-4a9f-873b-1cc2b0947374-5.job, , [147f886c0a7fa096270e4b96897b38c8],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\62bca8b3-b73a-4a9f-873b-1cc2b0947374-5_user.job, , [dab99a5a00891e184fe6d70aba4a6799],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\62bca8b3-b73a-4a9f-873b-1cc2b0947374-6.job, , [860ddc18f099d561c5703fa25fa5c13f],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\62bca8b3-b73a-4a9f-873b-1cc2b0947374-7.job, , [abe881736920b482201528b9986cea16],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, , [1a79d91b5633be7865e619c846bed030],
PUP.Optional.SearchProtect, C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb, , [dab9bd37e2a7e74f527592522adae51b],
PUP.Optional.StormWatch.A, C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormWatch\Uninstall StormWatch.lnk, , [97fc18dc6c1df73fedc32eb7f80cee12],
PUP.Optional.StormWatch.A, C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormWatch\StormWatch.lnk, , [97fc18dc6c1df73fedc32eb7f80cee12],
PUP.Optional.VOPackage.A, C:\Users\Ashley\AppData\Roaming\VOPackage\VOsrv.exe, , [6132c62e6623bc7a8655aebcfe054fb1],
PUP.Optional.SearchProtect, C:\Windows\System32\drivers\SPPD.sys, , [b6dddb19acdd3105d34896eb16edfd03],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, , [33605b99e8a1f046344ba4a524df2dd3],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashley\AppData\Local\Temp\comh.289797\GoogleCrashHandler.exe, , [c7cc06ee0e7be452712aeb5ecf3435cb],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashley\AppData\Local\Temp\comh.289797\GoogleUpdate.exe, , [c7cc06ee0e7be452712aeb5ecf3435cb],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashley\AppData\Local\Temp\comh.289797\GoogleUpdateBroker.exe, , [c7cc06ee0e7be452712aeb5ecf3435cb],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashley\AppData\Local\Temp\comh.289797\GoogleUpdateHelper.msi, , [c7cc06ee0e7be452712aeb5ecf3435cb],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashley\AppData\Local\Temp\comh.289797\GoogleUpdateOnDemand.exe, , [c7cc06ee0e7be452712aeb5ecf3435cb],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashley\AppData\Local\Temp\comh.289797\goopdate.dll, , [c7cc06ee0e7be452712aeb5ecf3435cb],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashley\AppData\Local\Temp\comh.289797\goopdateres_en.dll, , [c7cc06ee0e7be452712aeb5ecf3435cb],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashley\AppData\Local\Temp\comh.289797\npGoogleUpdate4.dll, , [c7cc06ee0e7be452712aeb5ecf3435cb],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashley\AppData\Local\Temp\comh.289797\psmachine.dll, , [c7cc06ee0e7be452712aeb5ecf3435cb],
PUP.Optional.GlobalUpdate.A, C:\Users\Ashley\AppData\Local\Temp\comh.289797\psuser.dll, , [c7cc06ee0e7be452712aeb5ecf3435cb],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\185.crx, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\185.dat, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\185.dll, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\185_x64.dll, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\185.xpi, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\BlockAndSurf.exe, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\J6BlockAndSurfR79.dll, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\J6BlockAndSurfR79.exe, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\sqlite3.dll, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\Uninstall.exe, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\x64\TandemRunner.exe, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\x64\WdfCoInstaller01009.dll, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\x64\webinstr.inf, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\ver3BlockAndSurf\x64\webinstrNHK.sys, , [f2a1797bbccd102631a3f05f29dabc44],
PUP.Optional.OneSoftPerDay.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ONESOFTPERDAY\Onesoftperday.lnk, , [73206094d9b052e49bf65ef86a995ba5],
PUP.Optional.OneSoftPerDay.A, C:\Users\Ashley\AppData\Local\ospd_us_611\upospd_us_611.cyl, , [ff948173474256e09bf797bfd3304db3],
PUP.Optional.OneSoftPerDay.A, C:\Users\Ashley\AppData\Local\ospd_us_611\upospd_us_611.exe, , [ff948173474256e09bf797bfd3304db3],
PUP.Optional.OneSoftPerDay.A, C:\Users\Ashley\AppData\Local\ospd_us_611\user_profil.cyp, , [ff948173474256e09bf797bfd3304db3],
PUP.Optional.OneSoftPerDay.A, C:\Users\Ashley\AppData\Local\ospd_us_611\ospd_us_611\1.20\cnf.cyl, , [ff948173474256e09bf797bfd3304db3],
PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_611\onesoftperday_widget.exe, , [f99a2bc997f23006751ebd995ea5a15f],
PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_611\ospd_us_611.exe, , [f99a2bc997f23006751ebd995ea5a15f],
PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_611\predm.exe, , [f99a2bc997f23006751ebd995ea5a15f],
PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_611\qwert.txt, , [f99a2bc997f23006751ebd995ea5a15f],
PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_611\qwert10.txt, , [f99a2bc997f23006751ebd995ea5a15f],
PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_611\qwert4.txt, , [f99a2bc997f23006751ebd995ea5a15f],
PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_611\qwert5.txt, , [f99a2bc997f23006751ebd995ea5a15f],
PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_611\qwert6.txt, , [f99a2bc997f23006751ebd995ea5a15f],
PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_611\qwert9.txt, , [f99a2bc997f23006751ebd995ea5a15f],
PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_611\unins000.dat, , [f99a2bc997f23006751ebd995ea5a15f],
PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_611\unins000.exe, , [f99a2bc997f23006751ebd995ea5a15f],
PUP.Optional.OneSoftPerDay.A, C:\Program Files (x86)\ospd_us_611\unins000.msg, , [f99a2bc997f23006751ebd995ea5a15f],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\bgNova.html, , [a8eb30c42c5d1125717a9cbcae5504fc],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\62bca8b3-b73a-4a9f-873b-1cc2b0947374.xpi, , [a8eb30c42c5d1125717a9cbcae5504fc],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\background.html, , [a8eb30c42c5d1125717a9cbcae5504fc],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\c2bf5342-57d1-40cb-aaed-8a127238288b.dll, , [a8eb30c42c5d1125717a9cbcae5504fc],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\e35b4bb6-93b3-4dc1-8ec5-3a17064813b4.crx, , [a8eb30c42c5d1125717a9cbcae5504fc],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\HQ-Video-Pro-2.1cV07.01.ico, , [a8eb30c42c5d1125717a9cbcae5504fc],
PUP.Optional.HQVideo.A, C:\Program Files (x86)\HQ-Video-Pro-2.1cV07.01\Uninstall.exe, , [a8eb30c42c5d1125717a9cbcae5504fc],
PUP.Optional.StormWatch.A, C:\Users\Ashley\AppData\Local\Weather_Protector_LLC\StormWatch.exe_Url_usbt2h442ct3xjfow5su3qyydefw1pax\2.0.0.0\user.config, , [781b6b89a8e190a60e2f6af0ca39ec14],
PUP.Optional.ConvertAd.A, C:\Users\Ashley\AppData\Local\ConvertAd\carunasu.exe, , [712203f10782290d04821248c73c867a],
PUP.Optional.ConvertAd.A, C:\Users\Ashley\AppData\Local\ConvertAd\CASrv.exe, , [712203f10782290d04821248c73c867a],
PUP.Optional.ConvertAd.A, C:\Users\Ashley\AppData\Local\ConvertAd\ConvertAd.exe, , [712203f10782290d04821248c73c867a],
PUP.Optional.ConvertAd.A, C:\Users\Ashley\AppData\Local\ConvertAd\Uninstall.exe, , [712203f10782290d04821248c73c867a],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome.manifest, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\install.rdf, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\0b161b602d4604541698ce31adfdb46b.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\6cfa8b69e16039d83c6d05d0b4e706a2.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\7a37e847fd7244b1d0a4aa2eebd26e3b.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\96d71b829e2f50a5c9a89acf84d408ae.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\background.html, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\browser.xul, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\cd55814171faff3b5b135c3cd71644df.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\dialog.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\fb72fd5e895dd32cfb7edac2b221fc00.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\ffCoreFilesIndex.txt, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\options.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\options.xul, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\search_dialog.xul, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\6ef2158977a15b41d93dd60f784986e4.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\0062eb33b9f65dd87e8831643f64dcd9.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\040462703891535ab654fd1c8de5e0ac.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\0e3f8d0dd10f5a6e5c02d505a88f57f9.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\4470a771ed6b3870bbbda1fe20beb13b.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\464c5133c8901f2c7c6290b6dfa2c181.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\4a11e8148e646be81d3b923a26c1b588.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\5571f45cc66c393b6c4cbdc30ca63be0.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\6115e0328793568243dcabdc7507b147.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\731308448bc3595cd7d453c5e5c63446.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\7f3cf7e16a3463cad65cba05759a48d2.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\8f87dcc21151b46cd3971050b7f7f97a.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\ab3cde93fac1334630ac6eea9ac681a4.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\b0789fe40047992ab2273a444ddfa47a.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\c3ded6a9706ec31dcbad5f24e0e819f0.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\api\ddb2ef42c10828635a4b6cd33f67d437.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\62a4404d11aab0adb4ecfac8de33394f.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\0658d1f5a5b28b979fcc904c360b4bf2.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\09d0384a83e84036f08c04b17d7951d4.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\0b74a72909c458be9a06f131e17927ce.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\137d6935a1543812f59d2feaf9955edc.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\1ed015a3c9de473d362aff2aba1de2da.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\271c5608ccb5ad5249128e6a444e81ca.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\302a5eb173c5477239e037cc1c88b1ca.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\44cbe1295b9bac431995b94204b76ea6.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\5c8a22c1c0a8e9ea153b941afffe6e71.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\5e8f52777255cde91cd68c9d6ce3a84c.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\69e4a4e16ab63744ab42c2dc74483341.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\6b9ec89b0def5b192e48c975649cfd35.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\c4916fbd19d69ed5a19fd2740f755120.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\c709336d4ef667f1bfec53879b9bdabe.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\d703f237c73b20714864d99d1a457527.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\dec6b861b184c1f2ff782e35ff5fbc43.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\ecf50a034baca99a60cc1f0e72dddcb4.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\f552f828df20391162a7f770eb1e3fd9.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\f8857562e5ddb1d252db8dc7613e9e83.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\chrome\content\core\installer.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\defaults\preferences\prefs.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\manifest.xml, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins.json, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\253.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\102.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\104.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\119.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\123.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\13.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\14.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\16.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\17.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\178.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\179.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\180.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\184.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\195.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\200.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\217.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\220.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\221.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\223.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\231.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\232.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\234.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\242.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\244.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\246.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\260.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\262.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\263.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\273.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\281.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\286.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\289.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\300.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\301.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\335.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\342.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\344.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\345.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\354.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\356.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\4.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\47.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\64.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\7.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\78.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\9.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\91.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\plugins\93.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\userCode\background.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\extensionData\userCode\extension.js, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\locale\en-US\translations.dtd, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\button1.png, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\button2.png, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\button3.png, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\button4.png, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\button5.png, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\crossrider_statusbar.png, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\icon128.png, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\icon16.png, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\icon24.png, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\icon48.png, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\panelarrow-up.png, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\popup.html, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\skin.css, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\extensions\c6d10446ffd84587ac59c8230189@815dffea895e418f9d9fd8cf.com\skin\update.css, , [e2b1bc384940fb3b94599fc420e39c64],
PUP.Optional.VOPackage.A, C:\Users\Ashley\AppData\Roaming\VOPackage\runasu.exe, , [23703cb82366c472a748b3b1a26158a8],
PUP.Optional.VOPackage.A, C:\Users\Ashley\AppData\Roaming\VOPackage\Uninstall.exe, , [23703cb82366c472a748b3b1a26158a8],
PUP.Optional.VOPackage.A, C:\Users\Ashley\AppData\Roaming\VOPackage\VOPackage.exe, , [23703cb82366c472a748b3b1a26158a8],
PUP.Optional.VOPackage.A, C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage\Configure.lnk, , [910242b203864de9fcf4acb80ef57d83],
PUP.Optional.VooUpdate.A, C:\Users\Ashley\AppData\Roaming\VooUpdate\UpdateProc\bkup.dat, , [d2c1e1136e1b152132f4b4b1b05301ff],
PUP.Optional.VooUpdate.A, C:\Users\Ashley\AppData\Roaming\VooUpdate\UpdateProc\config.dat, , [d2c1e1136e1b152132f4b4b1b05301ff],
PUP.Optional.VooUpdate.A, C:\Users\Ashley\AppData\Roaming\VooUpdate\UpdateProc\info.dat, , [d2c1e1136e1b152132f4b4b1b05301ff],
PUP.Optional.VooUpdate.A, C:\Users\Ashley\AppData\Roaming\VooUpdate\UpdateProc\UpdateTask.exe, , [d2c1e1136e1b152132f4b4b1b05301ff],
PUP.Optional.Trovi, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\prefs.js, Good: (), Bad: (user_pref("browser.search.defaultenginename", "Trovi search") ;), ,[1d766d874148cb6b1cb4c9fbef1623dd]
PUP.Optional.Trovi, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\prefs.js, Good: (), Bad: (user_pref("browser.search.selectedEngine", "Trovi search") ;), ,[a2f13eb6ff8a4aece1f0fec62dd8b749]
PUP.Optional.Trovi.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://www.trovi.com...E872A5629&SSPV=") ;), ,[266d5f957b0e2a0c7be364616e97e51b]
PUP.Optional.Trovi.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\prefs.js, Good: (), Bad: (user_pref("browser.newtab.url", "http://www.trovi.com...14-907E872A5629") ;), ,[543f649035547eb81e41c6ff9f66d828]
PUP.Optional.CrossRider.A, C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\prefs.js, Good: (), Bad: (user_pref("extensions.crossrider.bic", "14ac54e8dd6395292bd6315905c61044") ;), ,[722145af0f7aba7cf5b65c6925e0b050]

Physical Sectors: 0
(No malicious items detected)


(end)

 

 

 

Next here is the DDS log with attachment attached to this post.

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 11.0.9600.17496
Run by Ashley at 19:41:39 on 2015-01-07
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
mStart Page = www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\CoIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\CoIEPlg.dll
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.0.1 205.171.2.65
TCP: Interfaces\{7D96FBD0-0833-4217-8B3A-B0673E8F6CD4} : DHCPNameServer = 192.168.0.1 205.171.2.65
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.8.23\CoIEPlg.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.8.23\CoIEPlg.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [CCE] "C:\Users\Ashley\Documents\Virus Utilities\cce_2.5.242177.201_x64\CCE\CCE.exe" -showlog
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\
FF - prefs.js: browser.search.defaulturl - hxxp://websearch.searchoholic.info/?pid=21073&r=2014/12/29&hid=10223791501083041900&lg=EN&cc=US&unqvl=72&l=1&q=
FF - prefs.js: browser.search.selectedEngine - Trovi search
FF - prefs.js: browser.startup.homepage - hxxp://www.trovi.com/?gd=&ctid=CT3332128&octid=EB_ORIGINAL_CTID&ISID=I63E6038F-1CE3-493F-959E-FB6BE7E3EB4F&SearchSource=55&CUI=&UM=8&UP=SP169215C0-C634-4015-B514-907E872A5629&SSPV=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll
.
---- FIREFOX POLICIES ----
.
.
.
.
.
.
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2015-01-07 17:15:10    --------    d-sh--w-    C:\Users\Ashley\AppData\Local\EmieBrowserModeList
2015-01-07 17:10:06    --------    d-----w-    C:\Users\Ashley\AppData\Roaming\Super Optimizer
2015-01-07 17:09:22    --------    d-----w-    C:\SUPERDelete
2015-01-07 17:06:23    --------    d-----w-    C:\Windows\SysWow64\Flash
2015-01-07 17:05:44    613057    ----a-w-    C:\Users\Ashley\AppData\Local\nsy3251.tmp
2015-01-07 17:05:43    --------    d-sh--w-    C:\Users\Ashley\AppData\Roaming\AnyProtectEx
2015-01-07 17:05:43    --------    d-----w-    C:\Program Files (x86)\AnyProtectEx
2015-01-07 17:05:10    56432    ----a-w-    C:\Windows\System32\drivers\webinstrNHK.sys
2015-01-07 17:05:10    2019    ----a-w-    C:\Windows\patsearch.bin
2015-01-07 17:04:57    --------    d-----w-    C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30
2015-01-07 17:04:48    --------    d-----w-    C:\Program Files (x86)\Super Optimizer
2015-01-07 17:04:44    --------    d-----w-    C:\Program Files (x86)\predm
2015-01-07 17:00:28    --------    d-----w-    C:\Users\Ashley\AppData\Local\SmartWeb
2015-01-07 16:51:52    --------    d-----w-    C:\Program Files\CCleaner
2015-01-07 16:51:50    --------    d-----w-    C:\Users\Ashley\AppData\Local\wincheck
2015-01-07 16:50:40    --------    d-----w-    C:\Users\Ashley\AppData\Local\GeniusBox
2015-01-07 16:50:09    --------    d-----w-    C:\Program Files (x86)\28aeea84-e5dd-4769-9212-7eacddbe42a4
2015-01-07 16:50:07    --------    d-----w-    C:\Users\Ashley\AppData\Local\globalUpdate
2015-01-07 16:50:07    --------    d-----w-    C:\Program Files (x86)\globalUpdate
2015-01-07 16:35:02    --------    d-----w-    C:\ProgramData\makulitsidwe
2015-01-07 15:41:50    --------    d-----w-    C:\EEK
2015-01-07 15:39:22    43664    ----a-w-    C:\Windows\System32\drivers\hitmanpro37.sys
2015-01-07 12:43:03    --------    d-----w-    C:\ProgramData\HitmanPro
2015-01-07 08:27:07    --------    d-----w-    C:\Users\Ashley\AppData\Local\ElevatedDiagnostics
2015-01-07 08:21:14    11870360    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{925454B9-2117-4BF9-96DC-F17F0D218F03}\mpengine.dll
2015-01-07 08:19:17    --------    d-----w-    C:\Windows\pss
2014-12-30 06:43:39    --------    d-----w-    C:\Program Files\Microsoft Mouse and Keyboard Center
2014-12-29 09:31:07    --------    d-----w-    C:\Windows\SysWow64\X86
2014-12-29 09:31:07    --------    d-----w-    C:\Windows\SysWow64\AMD64
2014-12-29 09:30:17    --------    d-----w-    C:\Program Files (x86)\Ghostery
2014-12-29 09:30:06    --------    d-----w-    C:\Program Files (x86)\YoautubEAdBlloCCke
2014-12-29 09:29:54    --------    d-----w-    C:\Program Files (x86)\unisailees
2014-12-29 09:29:46    --------    d-----w-    C:\ProgramData\14357881760666442250
2014-12-29 09:29:46    --------    d-----w-    C:\Program Files (x86)\uuniSaalEs
2014-12-17 21:47:44    144384    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-12-17 21:47:44    115712    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-12-10 11:20:58    --------    d-----w-    C:\Windows\System32\appraiser
2014-12-10 11:01:13    3209728    ----a-w-    C:\Windows\SysWow64\mf.dll
2014-12-10 11:01:12    4121600    ----a-w-    C:\Windows\System32\mf.dll
2014-12-10 09:50:00    830976    ----a-w-    C:\Windows\System32\appraiser.dll
2014-12-10 09:50:00    741376    ----a-w-    C:\Windows\System32\invagent.dll
2014-12-10 09:50:00    413184    ----a-w-    C:\Windows\System32\generaltel.dll
2014-12-10 09:50:00    396800    ----a-w-    C:\Windows\System32\devinv.dll
2014-12-10 09:50:00    192000    ----a-w-    C:\Windows\System32\aepic.dll
2014-12-10 09:50:00    1232040    ----a-w-    C:\Windows\System32\aitstatic.exe
2014-12-10 09:50:00    1083392    ----a-w-    C:\Windows\System32\aeinv.dll
2014-12-10 09:46:50    346624    ----a-w-    C:\Windows\System32\WSManMigrationPlugin.dll
2014-12-09 03:58:45    94320    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
.
==================== Find3M  ====================
.
2015-01-08 00:41:04    129752    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-12-10 12:15:10    71344    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-10 12:15:10    701104    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-12-04 02:50:37    227328    ----a-w-    C:\Windows\System32\aepdu.dll
2014-11-24 22:04:56    275080    ------w-    C:\Windows\System32\MpSigStub.exe
2014-11-22 03:06:23    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-11-22 03:06:11    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-11-22 02:50:39    66560    ----a-w-    C:\Windows\System32\iesetup.dll
2014-11-22 02:50:10    580096    ----a-w-    C:\Windows\System32\vbscript.dll
2014-11-22 02:49:54    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-11-22 02:48:20    88064    ----a-w-    C:\Windows\System32\MshtmlDac.dll
2014-11-22 02:35:29    114688    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-11-22 02:34:51    814080    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-11-22 02:34:07    6039552    ----a-w-    C:\Windows\System32\jscript9.dll
2014-11-22 02:26:31    968704    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-22 02:20:44    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-11-22 02:14:16    77824    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-22 02:07:43    501248    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-11-22 02:07:17    62464    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-11-22 02:06:32    47616    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05:02    64000    ----a-w-    C:\Windows\SysWow64\MshtmlDac.dll
2014-11-22 01:54:30    620032    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-11-22 01:47:10    1359360    ----a-w-    C:\Windows\System32\mshtmlmedia.dll
2014-11-22 01:46:58    2125312    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-11-22 01:40:04    60416    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29:26    4299264    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-11-22 01:28:21    2358272    ----a-w-    C:\Windows\System32\wininet.dll
2014-11-22 01:22:49    2052096    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-11-22 01:21:57    1155072    ----a-w-    C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:00:20    1888256    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-11-21 14:14:22    63704    ----a-w-    C:\Windows\System32\drivers\mwac.sys
2014-11-21 14:14:12    93400    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-11-21 14:14:08    25816    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-11-19 12:31:16    1217192    ----a-w-    C:\Windows\SysWow64\FM20.DLL
2014-11-11 03:09:06    1424384    ----a-w-    C:\Windows\System32\WindowsCodecs.dll
2014-11-11 03:08:52    241152    ----a-w-    C:\Windows\System32\pku2u.dll
2014-11-11 03:08:48    728064    ----a-w-    C:\Windows\System32\kerberos.dll
2014-11-11 02:44:45    1230336    ----a-w-    C:\Windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44:32    186880    ----a-w-    C:\Windows\SysWow64\pku2u.dll
2014-11-11 02:44:25    550912    ----a-w-    C:\Windows\SysWow64\kerberos.dll
2014-11-11 01:46:26    119296    ----a-w-    C:\Windows\System32\drivers\tdx.sys
2014-11-08 03:16:08    2048    ----a-w-    C:\Windows\System32\tzres.dll
2014-11-08 02:45:09    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2014-10-30 02:03:43    165888    ----a-w-    C:\Windows\System32\charmap.exe
2014-10-30 01:45:43    155136    ----a-w-    C:\Windows\SysWow64\charmap.exe
2014-10-25 01:57:59    77824    ----a-w-    C:\Windows\System32\packager.dll
2014-10-25 01:32:37    67584    ----a-w-    C:\Windows\SysWow64\packager.dll
2014-10-18 02:05:23    861696    ----a-w-    C:\Windows\System32\oleaut32.dll
2014-10-18 01:33:18    571904    ----a-w-    C:\Windows\SysWow64\oleaut32.dll
2014-10-14 02:16:37    155064    ----a-w-    C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06    683520    ----a-w-    C:\Windows\System32\termsrv.dll
2014-10-14 02:13:00    3241984    ----a-w-    C:\Windows\System32\msi.dll
2014-10-14 02:12:57    1460736    ----a-w-    C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31    146432    ----a-w-    C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31    681984    ----a-w-    C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2014-10-14 01:50:41    2363904    ----a-w-    C:\Windows\SysWow64\msi.dll
2014-10-14 01:49:38    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30    146432    ----a-w-    C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02    681984    ----a-w-    C:\Windows\SysWow64\adtschema.dll
.
============= FINISH: 19:42:27.46 ===============
 

Attached Files


Edited by jeff matthews, 07 January 2015 - 09:53 PM.

    Advertisements

Register to Remove


#2 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 08 January 2015 - 12:16 AM

Hello jeff matthews, welcome to WhatTheTech's Malware Removal forum!
 
My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that. :)
 
======================================================
 
Please read through the points below to ensure this process moves as quickly and efficiently as possible.

  • Please ensure you read through my instructions thoroughly, and carry out each step in the order specified.
  • Please do not post logs using the CODEQUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.
  • Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation and providing the best set of instructions for you.
  • Please backup important files before proceeding with my instructions. Malware removal can be unpredictable.  
  • If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before proceeding.
  • Topics are locked if no response is made after 4 days. Please inform me if you require additional time to complete my instructions.
  • Ensure you are following this topic. Click etYzdbu.png at the top of the page. 
     

======================================================
 
Thank you for your description of the issues you're experiencing. 
 

I am going to provide some logs, first here is the MalewareBytes log that i scanned. It found around 550+ infections.

Only Potentially Unwanted Programmes (PUPs) were found, and are not of particularly great concern. 
 
Please run the following diagnostic scans so I can ascertain the state of your computer.
 
STEP 1

xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
  • Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run.
  • Right-Click FRST.exe / FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. 
     

STEP 2
YARWD1t.png.pagespeed.ce.nvhmVeYDe3.png TDSSKiller Scan

  • Please download TDSSKiller and save the file to your Desktop.
  • Right-Click TDSSKiller.exe and select xAVOiBNU.jpg.pagespeed.ic.H5HC6LkiJX.jpg Run as administrator to run the programme.
  • Click Change parameters. Place a checkmark next to Detect TDLFS file system and Verify file digital signatures.
  • ​Click Start Scan. Do not use the computer during the scan.
  • If objects are found, change the action to skip.
  • Click Continue and close the window.
  • A log will be created and saved to the root directory (usually C:\). Attach the file in your next reply.
     

======================================================
 
STEP 3
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • FRST.txt
  • Addition.txt
  • TDSSKiller log (attached)

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#3 jeff matthews

jeff matthews

    Advanced Member

  • Authentic Member
  • PipPipPipPip
  • 759 posts

Posted 08 January 2015 - 01:33 AM

Ok thank you, i will have to provide one extra step unfortunately and that is i will need to download these applications from another pc using a thumb drive and copy them onto the infected machine. Updates may be an issue until the internet is resolved. Will this be ok? Also alot of these applications i do already have, would it be ok to use the ones i have on the machine, or should i download completely new versions



#4 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 08 January 2015 - 01:43 AM

Hello, 
 
Both FRST and TDSSKiller can be saved to a thumb drive using a different machine, and transferred across to the infected machine. Ensure you move the files from your thumb drive to your Desktop.
 

Also alot of these applications i do already have, would it be ok to use the ones i have on the machine, or should i download completely new versions

Tools such as FRST are updated on a daily basis. It's important we use the most recent version. If, due to the issues you're experiencing with the Internet, you cannot update to the latest (by opening FRST and allowing the progamme to update), please do as mentioned above and transfer an updated version from a clean PC.


50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#5 jeff matthews

jeff matthews

    Advanced Member

  • Authentic Member
  • PipPipPipPip
  • 759 posts

Posted 08 January 2015 - 02:35 AM

Ok here are the logs.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by Ashley (administrator) on ASHLEY-PC on 08-01-2015 00:29:37
Running from C:\Users\Ashley\Desktop
Loaded Profile: Ashley (Available profiles: Ashley & Chuck)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CCE] => C:\Users\Ashley\Documents\Virus Utilities\cce_2.5.242177.201_x64\CCE\CCE.exe [7002032 2012-07-09] (COMODO)
HKLM-x32\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4297136 2012-10-30] (AVAST Software)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-11-21] (Malwarebytes Corporation)
HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5622512 2013-05-14] (SUPERAntiSpyware.com)
HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\...\MountPoints2: {c5429e11-26f2-11e4-8f1f-806e6f6e6963} - D:\Bin\ASSETUP.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-2650459626-1003566679-2177798267-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
BHO: avast! WebRep -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.8.23\coIEPlg.dll (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! WebRep -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\coIEPlg.dll (Symantec Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.8.23\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\coIEPlg.dll (Symantec Corporation)
Toolbar: HKU\S-1-5-21-2650459626-1003566679-2177798267-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.65

FireFox:
========
FF ProfilePath: C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3332128&octid=EB_ORIGINAL_CTID&ISID=I63E6038F-1CE3-493F-959E-FB6BE7E3EB4F&SearchSource=69&CUI=&SSPV=&Lay=1&UM=8&UP=SP169215C0-C634-4015-B514-907E872A5629
FF DefaultSearchEngine,S: WebSearch
FF DefaultSearchUrl: hxxp://websearch.searchoholic.info/?pid=21073&r=2014/12/29&hid=10223791501083041900&lg=EN&cc=US&unqvl=72&l=1&q=
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF SelectedSearchEngine: Trovi search
FF SelectedSearchEngine,S: WebSearch
FF Homepage: hxxp://www.trovi.com/?gd=&ctid=CT3332128&octid=EB_ORIGINAL_CTID&ISID=I63E6038F-1CE3-493F-959E-FB6BE7E3EB4F&SearchSource=55&CUI=&UM=8&UP=SP169215C0-C634-4015-B514-907E872A5629&SSPV=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\user.js
FF Extension: YoautubEAdBlloCCke - C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\Extensions\MXhp@Zr.edu [2014-12-29]
FF Extension: uuniSaalEs - C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\Extensions\piBes4Vs@M.org [2014-12-29]
FF Extension: WOT - C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-08-19]
FF Extension: Adblock Plus - C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-17]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.8.23\coFFPlgn
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.8.23\coFFPlgn [2015-01-07]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-20]
FF HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\...\Firefox\Extensions: [{DEB3EF69-9903-4024-9D7D-EBB2D0AA4C96}] - C:\Program Files (x86)\ver3BlockAndSurf\185.xpi

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\Exts\Chrome.crx [2014-10-20]
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-20]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\Exts\Chrome.crx [2014-10-20]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

ATTENTION: => Could not perform signature verification. Cryptographic Service is not running.

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808 2012-10-30] (AVAST Software)
S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [133912 2012-10-30] (AVAST Software)
S4 cae99edb; c:\Program Files (x86)\Super Optimizer\SupOptStats.dll [2801768 2015-01-07] ()
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2011-09-06] ()
S4 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\NST.exe [130104 2014-09-20] (Symantec Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S1 A2DDA; C:\EEK\BIN\a2ddax64.sys [26176 2015-01-07] (Emsisoft GmbH)
S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [25232 2012-10-30] (AVAST Software)
R1 aswFW; C:\Windows\System32\Drivers\aswFW.sys [132864 2012-10-30] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-30] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [71600 2012-10-30] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12368 2012-09-21] (ALWIL Software)
R0 aswNdis2; C:\Windows\System32\Drivers\aswNdis2.sys [262656 2012-10-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [54072 2012-10-15] (AVAST Software)
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [984144 2012-10-30] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [370288 2012-10-30] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59728 2012-10-30] (AVAST Software)
S1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07080.017\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2015-01-07] (Emsisoft GmbH)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-01-07] ()
S0 lqffzi; No ImagePath
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-07] (Malwarebytes Corporation)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S2 webinstrNHK; C:\Windows\system32\Drivers\webinstrNHK.sys [56432 2015-01-07] (Corsica)
S0 wjtvys; No ImagePath
S3 ALSysIO; \??\C:\Users\Ashley\AppData\Local\Temp\ALSysIO64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 00:29 - 2015-01-08 00:30 - 00012556 _____ () C:\Users\Ashley\Desktop\FRST.txt
2015-01-08 00:29 - 2015-01-08 00:29 - 00000000 ____D () C:\FRST
2015-01-08 00:29 - 2015-01-08 00:25 - 04187592 _____ (Kaspersky Lab ZAO) C:\Users\Ashley\Desktop\tdsskiller.exe
2015-01-08 00:29 - 2015-01-08 00:23 - 02124288 _____ (Farbar) C:\Users\Ashley\Desktop\FRST64.exe
2015-01-07 19:42 - 2015-01-07 19:42 - 00014009 _____ () C:\Users\Ashley\Desktop\dds.txt
2015-01-07 19:42 - 2015-01-07 19:42 - 00007121 _____ () C:\Users\Ashley\Desktop\attach.txt
2015-01-07 19:41 - 2015-01-07 19:38 - 00688992 ____R (Swearware) C:\Users\Ashley\Desktop\dds.com
2015-01-07 09:17 - 2015-01-07 09:17 - 00000512 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 405fe981-ffa0-480d-8fba-2444e54b8324.job
2015-01-07 09:17 - 2015-01-07 09:17 - 00000512 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 0508beb0-306f-4a8a-8ee8-3eeefbc167d1.job
2015-01-07 09:17 - 2015-01-07 09:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-01-07 09:15 - 2015-01-07 09:15 - 00000000 __SHD () C:\Users\Ashley\AppData\Local\EmieBrowserModeList
2015-01-07 09:10 - 2015-01-07 09:10 - 00003254 _____ () C:\Windows\System32\Tasks\Super Optimizer Schedule
2015-01-07 09:10 - 2015-01-07 09:10 - 00000000 ____D () C:\Users\Ashley\Documents\Super Optimizer
2015-01-07 09:10 - 2015-01-07 09:10 - 00000000 ____D () C:\Users\Ashley\AppData\Roaming\Super Optimizer
2015-01-07 09:09 - 2015-01-07 09:09 - 00000000 ____D () C:\SUPERDelete
2015-01-07 09:06 - 2015-01-07 09:06 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2015-01-07 09:06 - 2015-01-07 09:06 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2015-01-07 09:06 - 2015-01-07 09:06 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2015-01-07 09:06 - 2015-01-07 09:06 - 00001049 _____ () C:\Users\Ashley\Desktop\AnyProtect.lnk
2015-01-07 09:06 - 2015-01-07 09:06 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2015-01-07 09:06 - 2015-01-07 09:06 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2015-01-07 09:06 - 2015-01-07 09:06 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2015-01-07 09:06 - 2015-01-07 09:06 - 00000000 ____D () C:\Windows\SysWOW64\Flash
2015-01-07 09:06 - 2015-01-07 09:06 - 00000000 ____D () C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2015-01-07 09:05 - 2015-01-07 09:06 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2015-01-07 09:05 - 2015-01-07 09:05 - 00613057 _____ (CMI Limited) C:\Users\Ashley\AppData\Local\nsy3251.tmp
2015-01-07 09:05 - 2015-01-07 09:05 - 00002019 _____ () C:\Windows\patsearch.bin
2015-01-07 09:05 - 2015-01-07 09:05 - 00000000 __SHD () C:\Users\Ashley\AppData\Roaming\AnyProtectEx
2015-01-07 09:05 - 2015-01-07 09:05 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstrNHK_01009.Wdf
2015-01-07 09:05 - 2015-01-07 09:04 - 00056432 _____ (Corsica) C:\Windows\system32\Drivers\webinstrNHK.sys
2015-01-07 09:04 - 2015-01-07 09:06 - 00000000 ____D () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30
2015-01-07 09:04 - 2015-01-07 09:04 - 00004626 _____ () C:\Windows\System32\Tasks\Runner IC
2015-01-07 09:04 - 2015-01-07 09:04 - 00001090 _____ () C:\Users\Ashley\Desktop\Super Optimizer.lnk
2015-01-07 09:04 - 2015-01-07 09:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
2015-01-07 09:04 - 2015-01-07 09:04 - 00000000 ____D () C:\Program Files (x86)\Super Optimizer
2015-01-07 09:04 - 2015-01-07 09:04 - 00000000 ____D () C:\Program Files (x86)\predm
2015-01-07 09:00 - 2015-01-07 17:04 - 00000000 ____D () C:\Users\Ashley\AppData\Local\SmartWeb
2015-01-07 09:00 - 2015-01-07 09:40 - 00008917 _____ () C:\Windows\WindowsUpdate.log
2015-01-07 08:59 - 2015-01-07 08:59 - 00001056 _____ () C:\Users\Ashley\Desktop\Continue Live Installation.lnk
2015-01-07 08:58 - 2015-01-07 08:58 - 00001973 _____ () C:\Users\Ashley\Desktop\Sync Folder.lnk
2015-01-07 08:56 - 2015-01-07 16:31 - 00001053 _____ () C:\Windows\setupact.log
2015-01-07 08:56 - 2015-01-07 08:56 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-07 08:55 - 2015-01-07 17:05 - 00140632 _____ () C:\Windows\PFRO.log
2015-01-07 08:51 - 2015-01-07 09:05 - 00000000 ____D () C:\Users\Ashley\AppData\Local\wincheck
2015-01-07 08:51 - 2015-01-07 08:51 - 04645232 _____ (Piriform Ltd) C:\Users\Ashley\Desktop\ccsetup409.exe
2015-01-07 08:51 - 2015-01-07 08:51 - 00000782 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-07 08:51 - 2015-01-07 08:51 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-07 08:50 - 2015-01-07 17:04 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-01-07 08:50 - 2015-01-07 08:50 - 00001344 _____ () C:\Windows\Tasks\XSNOUNY.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00001342 _____ () C:\Windows\Tasks\BLPMKG.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000470 _____ () C:\Windows\Tasks\Client.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000454 _____ () C:\Windows\Tasks\Validate Uninstaller.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000450 _____ () C:\Windows\Tasks\Validate Updater.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000414 _____ () C:\Windows\Tasks\Check Updates.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000410 _____ () C:\Windows\Tasks\Run Tasks.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000064 _____ () C:\Users\Ashley\AppData\Local\55e2ee417d89b23c44dd0dae815edf92
2015-01-07 08:50 - 2015-01-07 08:50 - 00000000 ____D () C:\Users\Ashley\AppData\Local\globalUpdate
2015-01-07 08:50 - 2015-01-07 08:50 - 00000000 ____D () C:\Users\Ashley\AppData\Local\GeniusBox
2015-01-07 08:50 - 2015-01-07 08:50 - 00000000 ____D () C:\Program Files (x86)\28aeea84-e5dd-4769-9212-7eacddbe42a4
2015-01-07 08:49 - 2015-01-07 08:49 - 00000282 _____ () C:\Windows\Tasks\LaunchSignup.job
2015-01-07 08:45 - 2015-01-07 08:45 - 00001332 _____ () C:\Users\Ashley\Desktop\SUPERAntiSpyware Scan Log - 01-07-2015 - 08-44-22.log
2015-01-07 08:35 - 2015-01-07 08:46 - 00000000 ____D () C:\ProgramData\makulitsidwe
2015-01-07 08:14 - 2015-01-07 08:14 - 00000176 _____ () C:\Users\Ashley\Desktop\Scan_150107-081418.txt
2015-01-07 07:46 - 2015-01-07 07:46 - 00380416 _____ () C:\Users\Ashley\Downloads\gscxyzlt.exe
2015-01-07 07:41 - 2015-01-07 07:42 - 00000000 ____D () C:\EEK
2015-01-07 07:41 - 2015-01-07 07:41 - 00000743 _____ () C:\Users\Ashley\Desktop\Start Emsisoft Emergency Kit.lnk
2015-01-07 07:39 - 2015-01-07 07:39 - 00043664 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2015-01-07 07:38 - 2015-01-07 07:38 - 00004722 _____ () C:\Users\Ashley\Desktop\HitmanPro_20150107_0738.log
2015-01-07 07:37 - 2015-01-07 07:37 - 00001714 _____ () C:\Windows\system32\.crusader
2015-01-07 04:43 - 2015-01-07 07:38 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-01-07 04:38 - 2015-01-07 04:42 - 165090088 _____ () C:\Users\Ashley\Downloads\EmsisoftEmergencyKit.exe
2015-01-07 04:16 - 2015-01-07 04:16 - 04166770 _____ () C:\Users\Ashley\Downloads\tdsskiller.zip
2015-01-07 03:27 - 2015-01-07 09:03 - 00000000 ____D () C:\Users\Ashley\Documents\Virus Utilities
2015-01-07 03:20 - 2015-01-07 03:24 - 25543261 _____ () C:\Users\Ashley\Downloads\cce_2.5.242177.201_x64.zip
2015-01-07 00:26 - 2013-06-18 17:12 - 26190240 _____ (SUPERAntiSpyware.com) C:\Users\Ashley\Desktop\SUPERAntiSpyware.exe
2015-01-07 00:19 - 2015-01-07 09:11 - 00000000 ____D () C:\Windows\pss
2014-12-29 22:43 - 2014-12-29 22:43 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-12-29 22:43 - 2014-12-29 22:43 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-12-29 22:43 - 2014-12-29 22:43 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-12-29 22:43 - 2014-12-29 22:43 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-12-29 22:43 - 2014-12-29 22:43 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-12-29 22:43 - 2014-12-29 22:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-12-29 22:43 - 2014-12-29 22:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-12-29 22:43 - 2014-12-29 22:43 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-12-29 01:31 - 2014-12-29 01:31 - 00000000 ____D () C:\Windows\SysWOW64\X86
2014-12-29 01:31 - 2014-12-29 01:31 - 00000000 ____D () C:\Windows\SysWOW64\AMD64
2014-12-29 01:30 - 2015-01-07 03:22 - 00000000 ____D () C:\Program Files (x86)\YoautubEAdBlloCCke
2014-12-29 01:30 - 2014-12-29 01:30 - 00000000 ____D () C:\Program Files (x86)\Ghostery
2014-12-29 01:29 - 2015-01-07 03:22 - 00000000 ____D () C:\Program Files (x86)\unisailees
2014-12-29 01:29 - 2014-12-29 01:29 - 00000000 ____D () C:\ProgramData\14357881760666442250
2014-12-29 01:29 - 2014-12-29 01:29 - 00000000 ____D () C:\Program Files (x86)\uuniSaalEs
2014-12-29 01:00 - 2014-12-29 00:52 - 504015269 _____ () C:\Users\Ashley\Desktop\wolfblood.s03e08.720p.webrip.x264-failed.mkv
2014-12-29 01:00 - 2014-12-29 00:51 - 498921497 _____ () C:\Users\Ashley\Desktop\wolfblood.s03e07.720p.webrip.x264-failed.mkv
2014-12-28 23:56 - 2014-12-31 17:34 - 00000000 ____D () C:\Users\Ashley\Downloads\Wolfblood S3
2014-12-17 13:47 - 2014-12-12 21:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-17 13:47 - 2014-12-12 19:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-11 02:33 - 2014-12-11 05:54 - 00000000 ____D () C:\Users\Ashley\Downloads\Heroes
2014-12-10 03:20 - 2014-12-10 03:20 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 03:01 - 2014-10-17 18:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 03:01 - 2014-10-17 17:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 01:50 - 2014-12-03 18:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 01:50 - 2014-12-03 18:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 01:50 - 2014-12-03 18:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 01:50 - 2014-12-03 18:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 01:50 - 2014-12-03 18:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 01:50 - 2014-12-03 18:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 01:50 - 2014-12-01 15:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 01:49 - 2014-12-03 18:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 01:49 - 2014-11-26 17:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 01:49 - 2014-11-26 17:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 01:49 - 2014-11-21 19:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 01:49 - 2014-11-21 19:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 01:49 - 2014-11-21 19:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 01:49 - 2014-11-21 18:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 01:49 - 2014-11-21 18:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 01:49 - 2014-11-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 01:49 - 2014-11-21 18:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 01:49 - 2014-11-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 01:49 - 2014-11-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 01:49 - 2014-11-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 01:49 - 2014-11-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 01:49 - 2014-11-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 01:49 - 2014-11-21 18:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 01:49 - 2014-11-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 01:49 - 2014-11-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 01:49 - 2014-11-21 18:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 01:49 - 2014-11-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 01:49 - 2014-11-21 18:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 01:49 - 2014-11-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 01:49 - 2014-11-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 01:49 - 2014-11-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 01:49 - 2014-11-21 18:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 01:49 - 2014-11-21 18:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 01:49 - 2014-11-21 18:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 01:49 - 2014-11-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 01:49 - 2014-11-21 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 01:49 - 2014-11-21 18:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 01:49 - 2014-11-21 17:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 01:49 - 2014-11-21 17:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 01:49 - 2014-11-21 17:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 01:49 - 2014-11-21 17:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 01:49 - 2014-11-21 17:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 01:49 - 2014-11-21 17:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 01:49 - 2014-11-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 01:49 - 2014-11-21 17:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 01:49 - 2014-11-21 17:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 01:49 - 2014-11-21 17:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 01:49 - 2014-11-21 17:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 01:49 - 2014-11-21 17:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 01:49 - 2014-11-21 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 01:49 - 2014-11-21 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 01:49 - 2014-11-21 17:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 01:49 - 2014-11-21 17:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 01:49 - 2014-11-21 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 01:49 - 2014-11-21 17:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 01:49 - 2014-11-21 17:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 01:49 - 2014-11-21 17:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 01:49 - 2014-11-21 17:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 01:49 - 2014-11-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 01:49 - 2014-11-21 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 01:49 - 2014-11-21 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 01:49 - 2014-11-21 16:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 01:49 - 2014-11-10 19:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 01:49 - 2014-11-10 18:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 01:49 - 2014-11-10 17:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 01:46 - 2014-11-07 19:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 01:46 - 2014-11-07 18:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 01:46 - 2014-10-29 18:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 01:46 - 2014-10-29 17:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 01:46 - 2014-10-02 18:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 01:46 - 2014-10-02 18:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 01:46 - 2014-10-02 18:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 01:46 - 2014-10-02 18:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 01:46 - 2014-10-02 18:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 01:46 - 2014-10-02 17:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 01:46 - 2014-10-02 17:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 01:46 - 2014-10-02 17:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 01:46 - 2014-10-02 17:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 01:46 - 2014-10-02 17:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-07 16:41 - 2014-08-23 22:32 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-07 09:17 - 2014-08-23 22:37 - 00001768 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-01-07 09:17 - 2014-08-23 22:37 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-07 09:06 - 2014-08-20 15:01 - 00000000 ____D () C:\Users\Ashley\AppData\Roaming\uTorrent
2015-01-07 09:05 - 2009-07-13 20:45 - 00028928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-07 09:05 - 2009-07-13 20:45 - 00028928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-07 09:03 - 2009-07-13 21:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-07 08:56 - 2014-08-17 17:33 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-07 08:56 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-07 08:54 - 2014-11-13 12:33 - 00000000 ____D () C:\Users\Ashley\AppData\Local\CrashDumps
2015-01-07 08:54 - 2014-10-22 01:16 - 00000000 ____D () C:\Windows\Minidump
2015-01-07 08:54 - 2014-08-18 09:14 - 00000000 ____D () C:\Windows\Panther
2015-01-07 08:50 - 2014-08-17 17:40 - 00000000 ____D () C:\Program Files (x86)\ASM104xUSB3
2015-01-07 04:06 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\Web
2015-01-07 03:15 - 2014-08-23 22:31 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-07 03:15 - 2014-08-23 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-07 03:15 - 2014-08-23 22:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-07 00:21 - 2014-08-26 17:38 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-01-07 00:15 - 2014-08-17 18:03 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-07 00:10 - 2014-08-17 17:33 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-01 21:21 - 2014-08-17 17:29 - 00000000 ____D () C:\ProgramData\Norton
2014-12-31 05:14 - 2009-07-13 20:45 - 00409568 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-30 00:49 - 2014-08-23 12:12 - 00109688 _____ () C:\Users\Chuck\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-30 00:49 - 2014-08-17 17:52 - 00109688 _____ () C:\Users\Ashley\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-29 21:54 - 2014-11-07 16:36 - 00000000 ____D () C:\Users\Chuck\AppData\Local\CrashDumps
2014-12-11 16:48 - 2014-08-17 17:33 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-11 02:33 - 2014-12-05 03:32 - 00000000 ____D () C:\Users\Ashley\Downloads\Buffy the Vampire Slayer Classics (Dark Horse, 2011-...) (01-...)
2014-12-11 02:21 - 2014-08-17 18:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-10 05:24 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-12-10 04:15 - 2014-08-17 18:03 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 04:15 - 2014-08-17 18:03 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 04:15 - 2014-08-17 18:03 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-10 03:20 - 2014-08-19 02:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 03:20 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 03:20 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 03:05 - 2014-11-28 16:05 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 03:04 - 2014-08-21 01:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 03:02 - 2014-08-21 01:39 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Ashley\AppData\Local\Temp\99648137-C26F-E6FB-3819-EB158432D633.dll
C:\Users\Ashley\AppData\Local\Temp\99648137-C26F-E6FB-3819-EB158432D633.exe
C:\Users\Ashley\AppData\Local\Temp\A8B293B6-0520-1E1E-C444-05C89AD3F685.exe
C:\Users\Ashley\AppData\Local\Temp\amisetup8163__11003.exe
C:\Users\Ashley\AppData\Local\Temp\amisetup8199__11005.exe
C:\Users\Ashley\AppData\Local\Temp\CloudBackup4064.exe
C:\Users\Ashley\AppData\Local\Temp\supoptsetup.exe
C:\Users\Ashley\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-12-25 00:58

==================== End Of Log ============================

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015
Ran by Ashley at 2015-01-08 00:30:11
Running from C:\Users\Ashley\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\...\uTorrent) (Version: 3.4.2.36802 - BitTorrent Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.4 - CMI Limited) <==== ATTENTION
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
ASUS Product Register Program (HKLM-x32\...\{49BE9B8A-E858-4533-A74A-64306C13DB59}) (Version: 1.0.014 - ASUS)
avast! Internet Security (HKLM-x32\...\avast) (Version: 7.0.1474.0 - AVAST Software)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MP Navigator EX 5.1 (HKLM-x32\...\MP Navigator EX 5.1) (Version:  - )
Canon MX510 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX510_series) (Version:  - )
Canon MX510 series On-screen Manual (HKLM-x32\...\Canon MX510 series On-screen Manual) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version:  - )
CBR Reader (HKLM-x32\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version:  - cbrreader.com)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
DVDFab 9.0.4.2 (27/05/2013) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
GeniusBox 2.0 (HKLM-x32\...\GeniusBox) (Version: 2.0 - GeniusBox 2.0)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Idle Crawler (HKLM-x32\...\F12554C8-33A4-1849-80EB-56C2622F6A30) (Version: 125.0.0.472 - EUROHAUTE LTD) <==== ATTENTION
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
KCP-0.5.4.0 (HKLM-x32\...\Kawaii Codec Pack_is1) (Version: 0.5.4.0 - Haruhichan.com)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.8.23 - Symantec Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Super Optimizer v3.2 (HKLM-x32\...\Super Optimizer_is1) (Version: 3.2.0.1 - Super PC Tools ltd)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.74 - VSO Software)
WinCheck (HKLM-x32\...\wincheck) (Version: 1.0.0.0 - WinCheck) <==== ATTENTION!
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
Zoompic (HKLM-x32\...\zoompic) (Version: 1.1.0.29 - Zoompic) <==== ATTENTION!

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

Could not list restore points.
Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2009-06-10 13:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0A34076C-7C19-4B57-99E0-1511B5A565E3} - System32\Tasks\Super Optimizer Schedule => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe [2014-12-26] (SUPER PC TOOLS LIMITED)
Task: {1D4568D6-E7ED-4FD4-81D4-9E06C08D619A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2012-10-30] (AVAST Software)
Task: {2383CADB-BC8D-4B03-B1A7-15B2FB86CBC7} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {286B1FB2-E492-499A-A07C-2D391D99C79A} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-01-07] (AnyProtect.com) <==== ATTENTION
Task: {39F5A2DE-68ED-4E42-B65F-09BCF4BF3DA3} - \BlockAndSurf Update No Task File <==== ATTENTION
Task: {3E12A637-10FC-47A1-9B4A-3F2CF0945231} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {56F93B1D-8557-4713-9DC9-9C4AF49842B8} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {664DDD14-3249-429B-A4C1-40969E91B163} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {676D9544-1738-4D8A-8A0C-D6E5686DD943} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-01-07] (AnyProtect.com) <==== ATTENTION
Task: {6B801873-B3A2-4C74-9CED-08B4638255B5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {6D58477C-6572-4645-86EA-089A577D9752} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {733874A1-2C90-47B6-8205-029879364D7D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {7A7FAE54-D8BC-4C3E-8447-0D6C8F1A4071} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-01-07] (AnyProtect.com) <==== ATTENTION
Task: {7BD730F5-2D2C-414D-A96B-028036691365} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {7DE2E9BE-06FC-4B78-AE19-C87EBB01D6BB} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {8D2A1FB9-D9D6-4FCC-93A6-B4440188F340} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {99F973DB-AE0B-4CC3-B8A6-9B202955A605} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {9FC2D183-6C20-46F5-8FA2-73385FAFC75C} - \Voo Update No Task File <==== ATTENTION
Task: {A83040FC-1ADB-48FF-B060-2A22374D7315} - \SmartWeb Upgrade Trigger Task No Task File <==== ATTENTION
Task: {A8F8A9B7-F3F5-4B87-A456-E62516B926AF} - System32\Tasks\Runner IC => %LOCALAPPDATA%\F12554C8-33A4-1849-80EB-56C2622F6A30\Runner.exe
Task: {D1B6C965-176F-4907-8FB2-CC155BB3EEA1} - System32\Tasks\{BA9F18D4-E395-4EAF-AA1F-E68AC28632A5} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {D54B1E34-5209-4F5C-86C0-D3D1814714A2} - System32\Tasks\Microsoft\Windows\Maintenance\Update IC => %LOCALAPPDATA%\F12554C8-33A4-1849-80EB-56C2622F6A30\Runner.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\BLPMKG.job => C:\Users\Ashley\AppData\Roaming\BLPMKG.exe <==== ATTENTION
Task: C:\Windows\Tasks\Check Updates.job => C:\Users\Ashley\AppData\Local\GeniusBox\Updater.exe
Task: C:\Windows\Tasks\Client.job => C:\Users\Ashley\AppData\Local\GeniusBox\client.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\LaunchSignup.job => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: C:\Windows\Tasks\Run Tasks.job => C:\Users\Ashley\AppData\Local\GeniusBox\Tasks.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 0508beb0-306f-4a8a-8ee8-3eeefbc167d1.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 405fe981-ffa0-480d-8fba-2444e54b8324.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\Validate Uninstaller.job => C:\Users\Ashley\AppData\Local\GeniusBox\Uninstall.exe
Task: C:\Windows\Tasks\Validate Updater.job => C:\Users\Ashley\AppData\Local\GeniusBox\Updater.exe
Task: C:\Windows\Tasks\XSNOUNY.job => C:\Users\Ashley\AppData\Roaming\XSNOUNY.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: ALG => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AppIDSvc => 3
MSCONFIG\Services: AudioEndpointBuilder => 2
MSCONFIG\Services: AudioSrv => 2
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: BFE => 2
MSCONFIG\Services: BITS => 2
MSCONFIG\Services: Browser => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: cae99edb => 2
MSCONFIG\Services: CertPropSvc => 3
MSCONFIG\Services: clr_optimization_v4.0.30319_32 => 2
MSCONFIG\Services: clr_optimization_v4.0.30319_64 => 2
MSCONFIG\Services: CltMngSvc => 2
MSCONFIG\Services: COMSysApp => 3
MSCONFIG\Services: CryptSvc => 2
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: Dhcp => 2
MSCONFIG\Services: Dnscache => 2
MSCONFIG\Services: dot3svc => 3
MSCONFIG\Services: DPS => 2
MSCONFIG\Services: EapHost => 3
MSCONFIG\Services: EFS => 3
MSCONFIG\Services: ehRecvr => 3
MSCONFIG\Services: ehSched => 3
MSCONFIG\Services: eventlog => 2
MSCONFIG\Services: EventSystem => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: fdPHost => 3
MSCONFIG\Services: FDResPub => 3
MSCONFIG\Services: FontCache => 2
MSCONFIG\Services: FontCache3.0.0.0 => 3
MSCONFIG\Services: globalUpdate => 2
MSCONFIG\Services: globalUpdatem => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: hidserv => 3
MSCONFIG\Services: hkmsvc => 3
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: IEEtwCollectorService => 3
MSCONFIG\Services: IJPLMSVC => 2
MSCONFIG\Services: IKEEXT => 2
MSCONFIG\Services: Intel® Capability Licensing Service Interface => 2
MSCONFIG\Services: IPBusEnum => 3
MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: KeyIso => 3
MSCONFIG\Services: KtmRm => 3
MSCONFIG\Services: LanmanServer => 2
MSCONFIG\Services: LanmanWorkstation => 2
MSCONFIG\Services: lltdsvc => 3
MSCONFIG\Services: lmhosts => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: Microsoft SharePoint Workspace Audit Service => 3
MSCONFIG\Services: MMCSS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: MSDTC => 3
MSCONFIG\Services: MSiSCSI => 3
MSCONFIG\Services: msiserver => 3
MSCONFIG\Services: napagent => 3
MSCONFIG\Services: Netlogon => 3
MSCONFIG\Services: Netman => 3
MSCONFIG\Services: netprofm => 3
MSCONFIG\Services: NlaSvc => 2
MSCONFIG\Services: nsi => 2
MSCONFIG\Services: ose => 3
MSCONFIG\Services: osppsvc => 3
MSCONFIG\Services: p2pimsvc => 3
MSCONFIG\Services: p2psvc => 3
MSCONFIG\Services: PcaSvc => 2
MSCONFIG\Services: PerfHost => 3
MSCONFIG\Services: pla => 3
MSCONFIG\Services: PNRPAutoReg => 3
MSCONFIG\Services: PNRPsvc => 3
MSCONFIG\Services: PolicyAgent => 3
MSCONFIG\Services: Power => 2
MSCONFIG\Services: ProtectedStorage => 3
MSCONFIG\Services: QWAVE => 3
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 3
MSCONFIG\Services: RemoteRegistry => 3
MSCONFIG\Services: RpcLocator => 3
MSCONFIG\Services: SamSs => 2
MSCONFIG\Services: SCardSvr => 3
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: SDRSVC => 3
MSCONFIG\Services: seclogon => 3
MSCONFIG\Services: SENS => 2
MSCONFIG\Services: SensrSvc => 3
MSCONFIG\Services: serverca => 2
MSCONFIG\Services: servervo => 2
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: ShellHWDetection => 2
MSCONFIG\Services: SNMPTRAP => 3
MSCONFIG\Services: Spooler => 2
MSCONFIG\Services: sppuinotify => 3
MSCONFIG\Services: SSDPSRV => 3
MSCONFIG\Services: SstpSvc => 3
MSCONFIG\Services: stisvc => 3
MSCONFIG\Services: swprv => 3
MSCONFIG\Services: SWUpdater => 2
MSCONFIG\Services: SysMain => 2
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TBS => 3
MSCONFIG\Services: TermService => 3
MSCONFIG\Services: Themes => 2
MSCONFIG\Services: THREADORDER => 3
MSCONFIG\Services: TrkWks => 2
MSCONFIG\Services: TrustedInstaller => 3
MSCONFIG\Services: UI0Detect => 3
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: upnphost => 3
MSCONFIG\Services: UxSms => 2
MSCONFIG\Services: VaultSvc => 3
MSCONFIG\Services: vds => 3
MSCONFIG\Services: VSS => 3
MSCONFIG\Services: W32Time => 3
MSCONFIG\Services: WatAdminSvc => 3
MSCONFIG\Services: wbengine => 3
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: wcncsvc => 3
MSCONFIG\Services: WcsPlugInService => 3
MSCONFIG\Services: WdiServiceHost => 3
MSCONFIG\Services: WdiSystemHost => 3
MSCONFIG\Services: WebClient => 3
MSCONFIG\Services: Wecsvc => 3
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WinDefend => 2
MSCONFIG\Services: WinHttpAutoProxySvc => 3
MSCONFIG\Services: Winmgmt => 2
MSCONFIG\Services: WinRM => 3
MSCONFIG\Services: Wlansvc => 3
MSCONFIG\Services: wmiApSrv => 3
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\Services: wudfsvc => 3
MSCONFIG\Services: WwanSvc => 3
MSCONFIG\startupfolder: C:^Users^Ashley^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^SmartWeb.lnk => C:\Windows\pss\SmartWeb.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Ashley^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^StormWatch.lnk => C:\Windows\pss\StormWatch.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Ashley^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^StormWatchApp.lnk => C:\Windows\pss\StormWatchApp.lnk.Startup
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: ospd_us_611 => "C:\Program Files (x86)\ospd_us_611\ospd_us_611.exe"
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
MSCONFIG\startupreg: SmartWeb => C:\Users\Ashley\AppData\Local\SmartWeb\SmartWebHelper.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: Super Optimizer => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\Ashley\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: WinCheck => C:\Users\Ashley\AppData\Local\wincheck\wincheck.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-2650459626-1003566679-2177798267-500 - Administrator - Disabled)
Ashley (S-1-5-21-2650459626-1003566679-2177798267-1000 - Administrator - Enabled) => C:\Users\Ashley
Chuck (S-1-5-21-2650459626-1003566679-2177798267-1001 - Administrator - Enabled) => C:\Users\Chuck
Guest (S-1-5-21-2650459626-1003566679-2177798267-501 - Limited - Enabled)
Kristi (S-1-5-21-2650459626-1003566679-2177798267-1002 - Limited - Enabled)
Teri (S-1-5-21-2650459626-1003566679-2177798267-1003 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/07/2015 09:33:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://ctldl.windows...F5B856976AD.crt> with error: 12007 (0x2ee7).

Error: (01/07/2015 09:28:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://ctldl.windows...F5B856976AD.crt> with error: 12007 (0x2ee7).

Error: (01/07/2015 09:01:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program nsb2C67.tmp version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 158c

Start Time: 01d02a9b3da0ab52

Termination Time: 14

Application Path: C:\Users\Ashley\AppData\Local\Temp\nsb2C67.tmp

Report Id:

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)

Error: (01/07/2015 08:57:54 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:54 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index server cannot update or access information because of a database error.  Stop and restart the search service.  If the problem persists, reset and recrawl the content index.  In some cases it may be necessary to delete and recreate the content index.  (HRESULT : 0x8004117f) (0x8004117f)


System errors:
=============
Error: (01/07/2015 05:07:50 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Security Center service depends on the Windows Management Instrumentation service which failed to start because of the following error:
%%1058

Error: (01/07/2015 05:05:50 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswSnx
aswSP
aswTdi
ccSet_NST
discache
lqffzi
SASDIFSV
SASKUTIL
spldr
Wanarpv6
wjtvys

Error: (01/07/2015 05:05:50 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error:
%%1058

Error: (01/07/2015 04:35:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Security Center service depends on the Windows Management Instrumentation service which failed to start because of the following error:
%%1058

Error: (01/07/2015 04:33:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswSnx
aswSP
aswTdi
ccSet_NST
discache
lqffzi
SASDIFSV
SASKUTIL
spldr
Wanarpv6
wjtvys

Error: (01/07/2015 04:33:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error:
%%1058

Error: (01/07/2015 04:31:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswKbd
aswSnx
aswSP
aswTdi
ccSet_NST
discache
SASDIFSV
SASKUTIL
spldr
Wanarpv6
wjtvys

Error: (01/07/2015 04:31:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error:
%%1058

Error: (01/07/2015 09:32:25 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Security Center service depends on the Windows Management Instrumentation service which failed to start because of the following error:
%%1058

Error: (01/07/2015 09:30:25 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswSnx
aswSP
aswTdi
ccSet_NST
discache
SASDIFSV
SASKUTIL
spldr
Wanarpv6
wjtvys


Microsoft Office Sessions:
=========================
Error: (01/07/2015 09:33:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windows...6976AD.crt12007 (0x2ee7)

Error: (01/07/2015 09:28:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windows...6976AD.crt12007 (0x2ee7)

Error: (01/07/2015 09:01:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: nsb2C67.tmp0.0.0.0158c01d02a9b3da0ab5214C:\Users\Ashley\AppData\Local\Temp\nsb2C67.tmp

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description:
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (01/07/2015 08:57:54 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (01/07/2015 08:57:54 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index server cannot update or access information because of a database error.  Stop and restart the search service.  If the problem persists, reset and recrawl the content index.  In some cases it may be necessary to delete and recreate the content index.  (HRESULT : 0x8004117f) (0x8004117f)


==================== Memory info ===========================

Processor: Intel® Core™ i3-3220 CPU @ 3.30GHz
Percentage of memory in use: 9%
Total physical RAM: 8134.5 MB
Available physical RAM: 7402.3 MB
Total Pagefile: 16267.17 MB
Available Pagefile: 15577.78 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.66 GB) (Free:116.5 GB) NTFS
Drive e: () (Removable) (Total:14.9 GB) (Free:12.5 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 7C7BECB8)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 14.9 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

Attached Files


Edited by jeff matthews, 08 January 2015 - 02:38 AM.


#6 jeff matthews

jeff matthews

    Advanced Member

  • Authentic Member
  • PipPipPipPip
  • 759 posts

Posted 08 January 2015 - 08:41 PM

So what em i looking at here? I see though the logs, there is alot corruption. Does that mean the machine is heavily infected?



#7 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 08 January 2015 - 08:59 PM

Hello, 

 

Were you unable to run FRST in Normal Mode? If you can, please do so. 

 

Please attach the TDSSKiller log in your next reply. I will provide the next set of instructions afterwards.


50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#8 jeff matthews

jeff matthews

    Advanced Member

  • Authentic Member
  • PipPipPipPip
  • 759 posts

Posted 08 January 2015 - 11:13 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by Ashley (administrator) on ASHLEY-PC on 08-01-2015 20:58:05
Running from C:\Users\Ashley\Desktop
Loaded Profile: Ashley (Available profiles: Ashley & Chuck)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\NST.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\NST.exe
(SUPER PC TOOLS LIMITED) C:\Program Files (x86)\Super Optimizer\SupOptSmartScan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
() C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Runner.exe
(The Chromium Authors) C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\chrome.exe
(The Chromium Authors) C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Users\Ashley\AppData\Local\wincheck\wincheck.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CCE] => C:\Users\Ashley\Documents\Virus Utilities\cce_2.5.242177.201_x64\CCE\CCE.exe [7002032 2012-07-09] (COMODO)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2780776 2011-07-19] (CANON INC.)
HKLM-x32\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4297136 2012-10-30] (AVAST Software)
HKLM-x32\...\Run: [WinCheck] => C:\Users\Ashley\AppData\Local\wincheck\wincheck.exe [529920 2015-01-07] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SmartWeb] => C:\Users\Ashley\AppData\Local\SmartWeb\SmartWebHelper.exe
HKLM-x32\...\Run: [ospd_us_611] => "C:\Program Files (x86)\ospd_us_611\ospd_us_611.exe"
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [439440 2011-09-27] (CANON INC.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1637496 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5622512 2013-05-14] (SUPERAntiSpyware.com)
HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\...\Run: [uTorrent] => C:\Users\Ashley\AppData\Roaming\uTorrent\uTorrent.exe [1378640 2014-12-16] (BitTorrent Inc.)
HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\...\Run: [Super Optimizer] => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe [676968 2014-12-26] (SUPER PC TOOLS LIMITED)
HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\...\MountPoints2: {c5429e11-26f2-11e4-8f1f-806e6f6e6963} - D:\Bin\ASSETUP.exe
Startup: C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk
ShortcutTarget: SmartWeb.lnk -> C:\Users\Ashley\AppData\Local\SmartWeb\SmartWebHelper.exe (No File)
Startup: C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk
ShortcutTarget: StormWatch.lnk -> C:\Program Files (x86)\StormWatch\StormWatch.exe (No File)
Startup: C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatchApp.lnk
ShortcutTarget: StormWatchApp.lnk -> C:\Program Files (x86)\StormWatch\StormWatchApp.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-2650459626-1003566679-2177798267-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
BHO: avast! WebRep -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.8.23\coIEPlg.dll (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! WebRep -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\coIEPlg.dll (Symantec Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.8.23\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\coIEPlg.dll (Symantec Corporation)
Toolbar: HKU\S-1-5-21-2650459626-1003566679-2177798267-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.65

FireFox:
========
FF ProfilePath: C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3332128&octid=EB_ORIGINAL_CTID&ISID=I63E6038F-1CE3-493F-959E-FB6BE7E3EB4F&SearchSource=69&CUI=&SSPV=&Lay=1&UM=8&UP=SP169215C0-C634-4015-B514-907E872A5629
FF DefaultSearchEngine,S: WebSearch
FF DefaultSearchUrl: hxxp://websearch.searchoholic.info/?pid=21073&r=2014/12/29&hid=10223791501083041900&lg=EN&cc=US&unqvl=72&l=1&q=
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF SelectedSearchEngine: Trovi search
FF SelectedSearchEngine,S: WebSearch
FF Homepage: hxxp://www.trovi.com/?gd=&ctid=CT3332128&octid=EB_ORIGINAL_CTID&ISID=I63E6038F-1CE3-493F-959E-FB6BE7E3EB4F&SearchSource=55&CUI=&UM=8&UP=SP169215C0-C634-4015-B514-907E872A5629&SSPV=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\user.js
FF Extension: YoautubEAdBlloCCke - C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\Extensions\MXhp@Zr.edu [2014-12-29]
FF Extension: uuniSaalEs - C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\Extensions\piBes4Vs@M.org [2014-12-29]
FF Extension: WOT - C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-08-19]
FF Extension: Adblock Plus - C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-17]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.8.23\coFFPlgn
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.8.23\coFFPlgn [2015-01-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-20]
FF HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\...\Firefox\Extensions: [{DEB3EF69-9903-4024-9D7D-EBB2D0AA4C96}] - C:\Program Files (x86)\ver3BlockAndSurf\185.xpi

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\Exts\Chrome.crx [2014-10-20]
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-20]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\Exts\Chrome.crx [2014-10-20]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808 2012-10-30] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [133912 2012-10-30] (AVAST Software)
R2 cae99edb; c:\Program Files (x86)\Super Optimizer\SupOptStats.dll [2801768 2015-01-07] ()
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2011-09-06] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\NST.exe [130104 2014-09-20] (Symantec Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 A2DDA; C:\EEK\BIN\a2ddax64.sys [26176 2015-01-07] (Emsisoft GmbH)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [25232 2012-10-30] (AVAST Software)
R1 aswFW; C:\Windows\System32\Drivers\aswFW.sys [132864 2012-10-30] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [71600 2012-10-30] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12368 2012-09-21] (ALWIL Software)
R0 aswNdis2; C:\Windows\System32\Drivers\aswNdis2.sys [262656 2012-10-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [54072 2012-10-15] (AVAST Software)
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [984144 2012-10-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [370288 2012-10-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59728 2012-10-30] (AVAST Software)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07080.017\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2015-01-07] (Emsisoft GmbH)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-01-07] ()
S0 lqffzi; No ImagePath
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 webinstrNHK; C:\Windows\system32\Drivers\webinstrNHK.sys [56432 2015-01-07] (Corsica)
S0 wjtvys; No ImagePath
S3 ALSysIO; \??\C:\Users\Ashley\AppData\Local\Temp\ALSysIO64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 00:30 - 2015-01-08 00:30 - 00032873 _____ () C:\Users\Ashley\Desktop\Addition.txt
2015-01-08 00:29 - 2015-01-08 20:58 - 00017758 _____ () C:\Users\Ashley\Desktop\FRST.txt
2015-01-08 00:29 - 2015-01-08 20:58 - 00000000 ____D () C:\FRST
2015-01-08 00:29 - 2015-01-08 00:25 - 04187592 _____ (Kaspersky Lab ZAO) C:\Users\Ashley\Desktop\tdsskiller.exe
2015-01-08 00:29 - 2015-01-08 00:23 - 02124288 _____ (Farbar) C:\Users\Ashley\Desktop\FRST64.exe
2015-01-07 19:42 - 2015-01-07 19:42 - 00014009 _____ () C:\Users\Ashley\Desktop\dds.txt
2015-01-07 19:42 - 2015-01-07 19:42 - 00007121 _____ () C:\Users\Ashley\Desktop\attach.txt
2015-01-07 19:41 - 2015-01-07 19:38 - 00688992 ____R (Swearware) C:\Users\Ashley\Desktop\dds.com
2015-01-07 09:17 - 2015-01-07 09:17 - 00000512 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 405fe981-ffa0-480d-8fba-2444e54b8324.job
2015-01-07 09:17 - 2015-01-07 09:17 - 00000512 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 0508beb0-306f-4a8a-8ee8-3eeefbc167d1.job
2015-01-07 09:17 - 2015-01-07 09:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-01-07 09:15 - 2015-01-07 09:15 - 00000000 __SHD () C:\Users\Ashley\AppData\Local\EmieBrowserModeList
2015-01-07 09:10 - 2015-01-08 20:52 - 00003254 _____ () C:\Windows\System32\Tasks\Super Optimizer Schedule
2015-01-07 09:10 - 2015-01-07 09:10 - 00000000 ____D () C:\Users\Ashley\Documents\Super Optimizer
2015-01-07 09:10 - 2015-01-07 09:10 - 00000000 ____D () C:\Users\Ashley\AppData\Roaming\Super Optimizer
2015-01-07 09:09 - 2015-01-07 09:09 - 00000000 ____D () C:\SUPERDelete
2015-01-07 09:06 - 2015-01-08 20:51 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2015-01-07 09:06 - 2015-01-08 20:51 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2015-01-07 09:06 - 2015-01-08 20:51 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2015-01-07 09:06 - 2015-01-07 09:06 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2015-01-07 09:06 - 2015-01-07 09:06 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2015-01-07 09:06 - 2015-01-07 09:06 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2015-01-07 09:06 - 2015-01-07 09:06 - 00001049 _____ () C:\Users\Ashley\Desktop\AnyProtect.lnk
2015-01-07 09:06 - 2015-01-07 09:06 - 00000000 ____D () C:\Windows\SysWOW64\Flash
2015-01-07 09:06 - 2015-01-07 09:06 - 00000000 ____D () C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2015-01-07 09:05 - 2015-01-07 09:06 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2015-01-07 09:05 - 2015-01-07 09:05 - 00613057 _____ (CMI Limited) C:\Users\Ashley\AppData\Local\nsy3251.tmp
2015-01-07 09:05 - 2015-01-07 09:05 - 00002019 _____ () C:\Windows\patsearch.bin
2015-01-07 09:05 - 2015-01-07 09:05 - 00000000 __SHD () C:\Users\Ashley\AppData\Roaming\AnyProtectEx
2015-01-07 09:05 - 2015-01-07 09:05 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstrNHK_01009.Wdf
2015-01-07 09:05 - 2015-01-07 09:04 - 00056432 _____ (Corsica) C:\Windows\system32\Drivers\webinstrNHK.sys
2015-01-07 09:04 - 2015-01-07 09:06 - 00000000 ____D () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30
2015-01-07 09:04 - 2015-01-07 09:04 - 00004626 _____ () C:\Windows\System32\Tasks\Runner IC
2015-01-07 09:04 - 2015-01-07 09:04 - 00001090 _____ () C:\Users\Ashley\Desktop\Super Optimizer.lnk
2015-01-07 09:04 - 2015-01-07 09:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
2015-01-07 09:04 - 2015-01-07 09:04 - 00000000 ____D () C:\Program Files (x86)\Super Optimizer
2015-01-07 09:04 - 2015-01-07 09:04 - 00000000 ____D () C:\Program Files (x86)\predm
2015-01-07 09:00 - 2015-01-08 20:56 - 00032200 _____ () C:\Windows\WindowsUpdate.log
2015-01-07 09:00 - 2015-01-07 17:04 - 00000000 ____D () C:\Users\Ashley\AppData\Local\SmartWeb
2015-01-07 08:59 - 2015-01-07 08:59 - 00001056 _____ () C:\Users\Ashley\Desktop\Continue Live Installation.lnk
2015-01-07 08:58 - 2015-01-07 08:58 - 00001973 _____ () C:\Users\Ashley\Desktop\Sync Folder.lnk
2015-01-07 08:56 - 2015-01-08 20:51 - 00001109 _____ () C:\Windows\setupact.log
2015-01-07 08:56 - 2015-01-07 08:56 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-07 08:55 - 2015-01-07 17:05 - 00140632 _____ () C:\Windows\PFRO.log
2015-01-07 08:51 - 2015-01-07 09:05 - 00000000 ____D () C:\Users\Ashley\AppData\Local\wincheck
2015-01-07 08:51 - 2015-01-07 08:51 - 04645232 _____ (Piriform Ltd) C:\Users\Ashley\Desktop\ccsetup409.exe
2015-01-07 08:51 - 2015-01-07 08:51 - 00000782 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-07 08:51 - 2015-01-07 08:51 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-07 08:50 - 2015-01-07 17:04 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-01-07 08:50 - 2015-01-07 08:50 - 00001344 _____ () C:\Windows\Tasks\XSNOUNY.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00001342 _____ () C:\Windows\Tasks\BLPMKG.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000470 _____ () C:\Windows\Tasks\Client.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000454 _____ () C:\Windows\Tasks\Validate Uninstaller.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000450 _____ () C:\Windows\Tasks\Validate Updater.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000414 _____ () C:\Windows\Tasks\Check Updates.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000410 _____ () C:\Windows\Tasks\Run Tasks.job
2015-01-07 08:50 - 2015-01-07 08:50 - 00000064 _____ () C:\Users\Ashley\AppData\Local\55e2ee417d89b23c44dd0dae815edf92
2015-01-07 08:50 - 2015-01-07 08:50 - 00000000 ____D () C:\Users\Ashley\AppData\Local\globalUpdate
2015-01-07 08:50 - 2015-01-07 08:50 - 00000000 ____D () C:\Users\Ashley\AppData\Local\GeniusBox
2015-01-07 08:50 - 2015-01-07 08:50 - 00000000 ____D () C:\Program Files (x86)\28aeea84-e5dd-4769-9212-7eacddbe42a4
2015-01-07 08:49 - 2015-01-07 08:49 - 00000282 _____ () C:\Windows\Tasks\LaunchSignup.job
2015-01-07 08:45 - 2015-01-07 08:45 - 00001332 _____ () C:\Users\Ashley\Desktop\SUPERAntiSpyware Scan Log - 01-07-2015 - 08-44-22.log
2015-01-07 08:35 - 2015-01-07 08:46 - 00000000 ____D () C:\ProgramData\makulitsidwe
2015-01-07 08:14 - 2015-01-07 08:14 - 00000176 _____ () C:\Users\Ashley\Desktop\Scan_150107-081418.txt
2015-01-07 07:46 - 2015-01-07 07:46 - 00380416 _____ () C:\Users\Ashley\Downloads\gscxyzlt.exe
2015-01-07 07:41 - 2015-01-07 07:42 - 00000000 ____D () C:\EEK
2015-01-07 07:41 - 2015-01-07 07:41 - 00000743 _____ () C:\Users\Ashley\Desktop\Start Emsisoft Emergency Kit.lnk
2015-01-07 07:39 - 2015-01-07 07:39 - 00043664 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2015-01-07 07:38 - 2015-01-07 07:38 - 00004722 _____ () C:\Users\Ashley\Desktop\HitmanPro_20150107_0738.log
2015-01-07 07:37 - 2015-01-07 07:37 - 00001714 _____ () C:\Windows\system32\.crusader
2015-01-07 04:43 - 2015-01-07 07:38 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-01-07 04:38 - 2015-01-07 04:42 - 165090088 _____ () C:\Users\Ashley\Downloads\EmsisoftEmergencyKit.exe
2015-01-07 04:16 - 2015-01-07 04:16 - 04166770 _____ () C:\Users\Ashley\Downloads\tdsskiller.zip
2015-01-07 03:27 - 2015-01-07 09:03 - 00000000 ____D () C:\Users\Ashley\Documents\Virus Utilities
2015-01-07 03:20 - 2015-01-07 03:24 - 25543261 _____ () C:\Users\Ashley\Downloads\cce_2.5.242177.201_x64.zip
2015-01-07 00:26 - 2013-06-18 17:12 - 26190240 _____ (SUPERAntiSpyware.com) C:\Users\Ashley\Desktop\SUPERAntiSpyware.exe
2015-01-07 00:19 - 2015-01-08 20:50 - 00000000 ____D () C:\Windows\pss
2014-12-29 22:43 - 2014-12-29 22:43 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-12-29 22:43 - 2014-12-29 22:43 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-12-29 22:43 - 2014-12-29 22:43 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-12-29 22:43 - 2014-12-29 22:43 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-12-29 22:43 - 2014-12-29 22:43 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-12-29 22:43 - 2014-12-29 22:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-12-29 22:43 - 2014-12-29 22:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-12-29 22:43 - 2014-12-29 22:43 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-12-29 01:31 - 2014-12-29 01:31 - 00000000 ____D () C:\Windows\SysWOW64\X86
2014-12-29 01:31 - 2014-12-29 01:31 - 00000000 ____D () C:\Windows\SysWOW64\AMD64
2014-12-29 01:30 - 2015-01-07 03:22 - 00000000 ____D () C:\Program Files (x86)\YoautubEAdBlloCCke
2014-12-29 01:30 - 2014-12-29 01:30 - 00000000 ____D () C:\Program Files (x86)\Ghostery
2014-12-29 01:29 - 2015-01-07 03:22 - 00000000 ____D () C:\Program Files (x86)\unisailees
2014-12-29 01:29 - 2014-12-29 01:29 - 00000000 ____D () C:\ProgramData\14357881760666442250
2014-12-29 01:29 - 2014-12-29 01:29 - 00000000 ____D () C:\Program Files (x86)\uuniSaalEs
2014-12-29 01:00 - 2014-12-29 00:52 - 504015269 _____ () C:\Users\Ashley\Desktop\wolfblood.s03e08.720p.webrip.x264-failed.mkv
2014-12-29 01:00 - 2014-12-29 00:51 - 498921497 _____ () C:\Users\Ashley\Desktop\wolfblood.s03e07.720p.webrip.x264-failed.mkv
2014-12-28 23:56 - 2014-12-31 17:34 - 00000000 ____D () C:\Users\Ashley\Downloads\Wolfblood S3
2014-12-17 13:47 - 2014-12-12 21:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-17 13:47 - 2014-12-12 19:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-11 02:33 - 2014-12-11 05:54 - 00000000 ____D () C:\Users\Ashley\Downloads\Heroes
2014-12-10 03:20 - 2014-12-10 03:20 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 03:01 - 2014-10-17 18:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 03:01 - 2014-10-17 17:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 01:50 - 2014-12-03 18:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 01:50 - 2014-12-03 18:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 01:50 - 2014-12-03 18:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 01:50 - 2014-12-03 18:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 01:50 - 2014-12-03 18:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 01:50 - 2014-12-03 18:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 01:50 - 2014-12-01 15:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 01:49 - 2014-12-03 18:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 01:49 - 2014-11-26 17:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 01:49 - 2014-11-26 17:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 01:49 - 2014-11-21 19:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 01:49 - 2014-11-21 19:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 01:49 - 2014-11-21 19:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 01:49 - 2014-11-21 18:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 01:49 - 2014-11-21 18:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 01:49 - 2014-11-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 01:49 - 2014-11-21 18:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 01:49 - 2014-11-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 01:49 - 2014-11-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 01:49 - 2014-11-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 01:49 - 2014-11-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 01:49 - 2014-11-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 01:49 - 2014-11-21 18:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 01:49 - 2014-11-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 01:49 - 2014-11-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 01:49 - 2014-11-21 18:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 01:49 - 2014-11-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 01:49 - 2014-11-21 18:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 01:49 - 2014-11-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 01:49 - 2014-11-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 01:49 - 2014-11-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 01:49 - 2014-11-21 18:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 01:49 - 2014-11-21 18:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 01:49 - 2014-11-21 18:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 01:49 - 2014-11-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 01:49 - 2014-11-21 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 01:49 - 2014-11-21 18:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 01:49 - 2014-11-21 17:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 01:49 - 2014-11-21 17:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 01:49 - 2014-11-21 17:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 01:49 - 2014-11-21 17:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 01:49 - 2014-11-21 17:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 01:49 - 2014-11-21 17:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 01:49 - 2014-11-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 01:49 - 2014-11-21 17:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 01:49 - 2014-11-21 17:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 01:49 - 2014-11-21 17:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 01:49 - 2014-11-21 17:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 01:49 - 2014-11-21 17:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 01:49 - 2014-11-21 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 01:49 - 2014-11-21 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 01:49 - 2014-11-21 17:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 01:49 - 2014-11-21 17:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 01:49 - 2014-11-21 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 01:49 - 2014-11-21 17:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 01:49 - 2014-11-21 17:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 01:49 - 2014-11-21 17:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 01:49 - 2014-11-21 17:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 01:49 - 2014-11-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 01:49 - 2014-11-21 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 01:49 - 2014-11-21 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 01:49 - 2014-11-21 16:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 01:49 - 2014-11-10 19:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 01:49 - 2014-11-10 18:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 01:49 - 2014-11-10 17:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 01:46 - 2014-11-07 19:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 01:46 - 2014-11-07 18:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 01:46 - 2014-10-29 18:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 01:46 - 2014-10-29 17:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 01:46 - 2014-10-02 18:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 01:46 - 2014-10-02 18:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 01:46 - 2014-10-02 18:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 01:46 - 2014-10-02 18:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 01:46 - 2014-10-02 18:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 01:46 - 2014-10-02 17:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 01:46 - 2014-10-02 17:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 01:46 - 2014-10-02 17:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 01:46 - 2014-10-02 17:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 01:46 - 2014-10-02 17:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 20:57 - 2014-08-20 15:01 - 00000000 ____D () C:\Users\Ashley\AppData\Roaming\uTorrent
2015-01-08 20:57 - 2009-07-13 21:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-08 20:52 - 2014-08-17 17:33 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-08 20:51 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-07 16:41 - 2014-08-23 22:32 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-07 09:17 - 2014-08-23 22:37 - 00001768 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-01-07 09:17 - 2014-08-23 22:37 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-07 09:05 - 2009-07-13 20:45 - 00028928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-07 09:05 - 2009-07-13 20:45 - 00028928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-07 08:54 - 2014-11-13 12:33 - 00000000 ____D () C:\Users\Ashley\AppData\Local\CrashDumps
2015-01-07 08:54 - 2014-10-22 01:16 - 00000000 ____D () C:\Windows\Minidump
2015-01-07 08:54 - 2014-08-18 09:14 - 00000000 ____D () C:\Windows\Panther
2015-01-07 08:50 - 2014-08-17 17:40 - 00000000 ____D () C:\Program Files (x86)\ASM104xUSB3
2015-01-07 04:06 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\Web
2015-01-07 03:15 - 2014-08-23 22:31 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-07 03:15 - 2014-08-23 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-07 03:15 - 2014-08-23 22:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-07 00:21 - 2014-08-26 17:38 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-01-07 00:15 - 2014-08-17 18:03 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-07 00:10 - 2014-08-17 17:33 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-01 21:21 - 2014-08-17 17:29 - 00000000 ____D () C:\ProgramData\Norton
2014-12-31 05:14 - 2009-07-13 20:45 - 00409568 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-30 00:49 - 2014-08-23 12:12 - 00109688 _____ () C:\Users\Chuck\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-30 00:49 - 2014-08-17 17:52 - 00109688 _____ () C:\Users\Ashley\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-29 21:54 - 2014-11-07 16:36 - 00000000 ____D () C:\Users\Chuck\AppData\Local\CrashDumps
2014-12-11 16:48 - 2014-08-17 17:33 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-11 02:33 - 2014-12-05 03:32 - 00000000 ____D () C:\Users\Ashley\Downloads\Buffy the Vampire Slayer Classics (Dark Horse, 2011-...) (01-...)
2014-12-11 02:21 - 2014-08-17 18:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-10 05:24 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-12-10 04:15 - 2014-08-17 18:03 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 04:15 - 2014-08-17 18:03 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 04:15 - 2014-08-17 18:03 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-10 03:20 - 2014-08-19 02:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 03:20 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 03:20 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 03:05 - 2014-11-28 16:05 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 03:04 - 2014-08-21 01:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 03:02 - 2014-08-21 01:39 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Ashley\AppData\Local\Temp\99648137-C26F-E6FB-3819-EB158432D633.dll
C:\Users\Ashley\AppData\Local\Temp\99648137-C26F-E6FB-3819-EB158432D633.exe
C:\Users\Ashley\AppData\Local\Temp\A8B293B6-0520-1E1E-C444-05C89AD3F685.exe
C:\Users\Ashley\AppData\Local\Temp\amisetup8163__11003.exe
C:\Users\Ashley\AppData\Local\Temp\amisetup8199__11005.exe
C:\Users\Ashley\AppData\Local\Temp\CloudBackup4064.exe
C:\Users\Ashley\AppData\Local\Temp\supoptsetup.exe
C:\Users\Ashley\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-25 00:58

==================== End Of Log ============================

 

 

 

 

 

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015
Ran by Ashley at 2015-01-08 20:59:13
Running from C:\Users\Ashley\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Internet Security (Disabled - Out of date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Internet Security (Disabled - Out of date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: avast! Internet Security (Disabled) {131692B0-0864-D491-4E21-3A3A1D8BBB47}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\...\uTorrent) (Version: 3.4.2.36802 - BitTorrent Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.4 - CMI Limited) <==== ATTENTION
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
ASUS Product Register Program (HKLM-x32\...\{49BE9B8A-E858-4533-A74A-64306C13DB59}) (Version: 1.0.014 - ASUS)
avast! Internet Security (HKLM-x32\...\avast) (Version: 7.0.1474.0 - AVAST Software)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MP Navigator EX 5.1 (HKLM-x32\...\MP Navigator EX 5.1) (Version:  - )
Canon MX510 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX510_series) (Version:  - )
Canon MX510 series On-screen Manual (HKLM-x32\...\Canon MX510 series On-screen Manual) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version:  - )
CBR Reader (HKLM-x32\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version:  - cbrreader.com)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
DVDFab 9.0.4.2 (27/05/2013) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
GeniusBox 2.0 (HKLM-x32\...\GeniusBox) (Version: 2.0 - GeniusBox 2.0)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Idle Crawler (HKLM-x32\...\F12554C8-33A4-1849-80EB-56C2622F6A30) (Version: 125.0.0.472 - EUROHAUTE LTD) <==== ATTENTION
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
KCP-0.5.4.0 (HKLM-x32\...\Kawaii Codec Pack_is1) (Version: 0.5.4.0 - Haruhichan.com)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.8.23 - Symantec Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Super Optimizer v3.2 (HKLM-x32\...\Super Optimizer_is1) (Version: 3.2.0.1 - Super PC Tools ltd)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.74 - VSO Software)
WinCheck (HKLM-x32\...\wincheck) (Version: 1.0.0.0 - WinCheck) <==== ATTENTION!
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
Zoompic (HKLM-x32\...\zoompic) (Version: 1.1.0.29 - Zoompic) <==== ATTENTION!

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

23-12-2014 03:37:16 Windows Update
29-12-2014 22:43:06 DCInstallRestorePoint
29-12-2014 23:11:09 Windows Update
02-01-2015 18:21:56 Windows Update
07-01-2015 00:20:10 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2009-06-10 13:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0A34076C-7C19-4B57-99E0-1511B5A565E3} - System32\Tasks\Super Optimizer Schedule => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe [2014-12-26] (SUPER PC TOOLS LIMITED)
Task: {1D4568D6-E7ED-4FD4-81D4-9E06C08D619A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2012-10-30] (AVAST Software)
Task: {2383CADB-BC8D-4B03-B1A7-15B2FB86CBC7} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {286B1FB2-E492-499A-A07C-2D391D99C79A} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-01-07] (AnyProtect.com) <==== ATTENTION
Task: {39F5A2DE-68ED-4E42-B65F-09BCF4BF3DA3} - \BlockAndSurf Update No Task File <==== ATTENTION
Task: {3E12A637-10FC-47A1-9B4A-3F2CF0945231} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {56F93B1D-8557-4713-9DC9-9C4AF49842B8} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {664DDD14-3249-429B-A4C1-40969E91B163} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {676D9544-1738-4D8A-8A0C-D6E5686DD943} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-01-07] (AnyProtect.com) <==== ATTENTION
Task: {6B801873-B3A2-4C74-9CED-08B4638255B5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {6D58477C-6572-4645-86EA-089A577D9752} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {733874A1-2C90-47B6-8205-029879364D7D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {7A7FAE54-D8BC-4C3E-8447-0D6C8F1A4071} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-01-07] (AnyProtect.com) <==== ATTENTION
Task: {7BD730F5-2D2C-414D-A96B-028036691365} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {7DE2E9BE-06FC-4B78-AE19-C87EBB01D6BB} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {8D2A1FB9-D9D6-4FCC-93A6-B4440188F340} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {99F973DB-AE0B-4CC3-B8A6-9B202955A605} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {9FC2D183-6C20-46F5-8FA2-73385FAFC75C} - \Voo Update No Task File <==== ATTENTION
Task: {A83040FC-1ADB-48FF-B060-2A22374D7315} - \SmartWeb Upgrade Trigger Task No Task File <==== ATTENTION
Task: {A8F8A9B7-F3F5-4B87-A456-E62516B926AF} - System32\Tasks\Runner IC => %LOCALAPPDATA%\F12554C8-33A4-1849-80EB-56C2622F6A30\Runner.exe
Task: {D1B6C965-176F-4907-8FB2-CC155BB3EEA1} - System32\Tasks\{BA9F18D4-E395-4EAF-AA1F-E68AC28632A5} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {D54B1E34-5209-4F5C-86C0-D3D1814714A2} - System32\Tasks\Microsoft\Windows\Maintenance\Update IC => %LOCALAPPDATA%\F12554C8-33A4-1849-80EB-56C2622F6A30\Runner.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\BLPMKG.job => C:\Users\Ashley\AppData\Roaming\BLPMKG.exe <==== ATTENTION
Task: C:\Windows\Tasks\Check Updates.job => C:\Users\Ashley\AppData\Local\GeniusBox\Updater.exe
Task: C:\Windows\Tasks\Client.job => C:\Users\Ashley\AppData\Local\GeniusBox\client.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\LaunchSignup.job => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: C:\Windows\Tasks\Run Tasks.job => C:\Users\Ashley\AppData\Local\GeniusBox\Tasks.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 0508beb0-306f-4a8a-8ee8-3eeefbc167d1.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 405fe981-ffa0-480d-8fba-2444e54b8324.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\Validate Uninstaller.job => C:\Users\Ashley\AppData\Local\GeniusBox\Uninstall.exe
Task: C:\Windows\Tasks\Validate Updater.job => C:\Users\Ashley\AppData\Local\GeniusBox\Updater.exe
Task: C:\Windows\Tasks\XSNOUNY.job => C:\Users\Ashley\AppData\Roaming\XSNOUNY.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-08-26 17:38 - 2011-09-06 03:32 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-12-30 00:46 - 2014-12-30 00:46 - 00392768 _____ () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Runner.exe
2015-01-07 07:45 - 2015-01-07 07:45 - 00529920 _____ () C:\Users\Ashley\AppData\Local\wincheck\wincheck.exe
2014-10-20 01:54 - 2012-10-30 23:35 - 01825280 _____ () C:\Program Files\AVAST Software\Avast\defs\12103100\algo.dll
2015-01-07 09:04 - 2015-01-07 09:04 - 02801768 _____ () c:\Program Files (x86)\Super Optimizer\SupOptStats.dll
2014-10-15 03:34 - 2014-10-15 03:34 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll
2014-08-17 17:41 - 2012-02-01 15:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-08-17 17:39 - 2012-06-25 09:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-12-30 00:47 - 2014-12-30 00:47 - 00098368 _____ () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Modules\ManXec.dll
2014-12-30 00:47 - 2014-12-30 00:47 - 00078400 _____ () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Modules\CmdProc.dll
2014-12-30 00:48 - 2014-12-30 00:48 - 00122432 _____ () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Modules\WblSupp.dll
2014-12-30 00:48 - 2014-12-30 00:48 - 00044608 _____ () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Modules\PrfIns.dll
2014-12-30 00:48 - 2014-12-30 00:48 - 00054336 _____ () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Modules\WbSes.dll
2014-12-30 00:48 - 2014-12-30 00:48 - 00116800 _____ () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Modules\WdcMan.dll
2015-01-07 09:06 - 2014-10-23 00:14 - 01091584 _____ () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\libglesv2.dll
2015-01-07 09:06 - 2014-10-23 00:19 - 00167936 _____ () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\libEGL.dll
2015-01-07 09:06 - 2014-10-23 00:26 - 08569856 _____ () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\pdf.dll
2015-01-07 09:06 - 2014-10-23 00:20 - 00324608 _____ () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\ppGoogleNaClPluginChrome.dll
2015-01-07 09:06 - 2014-10-23 00:23 - 00880128 _____ () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\ffmpegsumo.dll
2015-01-07 09:06 - 2014-09-22 20:07 - 14891848 _____ () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30\Chrome-bin\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: CltMngSvc => 2
MSCONFIG\Services: globalUpdate => 2
MSCONFIG\Services: globalUpdatem => 3
MSCONFIG\Services: serverca => 2
MSCONFIG\Services: servervo => 2
MSCONFIG\Services: SWUpdater => 2

========================= Accounts: ==========================

Administrator (S-1-5-21-2650459626-1003566679-2177798267-500 - Administrator - Disabled)
Ashley (S-1-5-21-2650459626-1003566679-2177798267-1000 - Administrator - Enabled) => C:\Users\Ashley
Chuck (S-1-5-21-2650459626-1003566679-2177798267-1001 - Administrator - Enabled) => C:\Users\Chuck
Guest (S-1-5-21-2650459626-1003566679-2177798267-501 - Limited - Enabled)
Kristi (S-1-5-21-2650459626-1003566679-2177798267-1002 - Limited - Enabled)
Teri (S-1-5-21-2650459626-1003566679-2177798267-1003 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/08/2015 08:52:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/07/2015 09:33:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://ctldl.windows...F5B856976AD.crt> with error: 12007 (0x2ee7).

Error: (01/07/2015 09:28:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://ctldl.windows...F5B856976AD.crt> with error: 12007 (0x2ee7).

Error: (01/07/2015 09:01:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program nsb2C67.tmp version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 158c

Start Time: 01d02a9b3da0ab52

Termination Time: 14

Application Path: C:\Users\Ashley\AppData\Local\Temp\nsb2C67.tmp

Report Id:

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)

Error: (01/07/2015 08:57:54 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (01/08/2015 08:52:01 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
lqffzi
wjtvys

Error: (01/08/2015 08:50:33 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (01/07/2015 05:07:50 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Security Center service depends on the Windows Management Instrumentation service which failed to start because of the following error:
%%1058

Error: (01/07/2015 05:05:50 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswSnx
aswSP
aswTdi
ccSet_NST
discache
lqffzi
SASDIFSV
SASKUTIL
spldr
Wanarpv6
wjtvys

Error: (01/07/2015 05:05:50 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error:
%%1058

Error: (01/07/2015 04:35:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Security Center service depends on the Windows Management Instrumentation service which failed to start because of the following error:
%%1058

Error: (01/07/2015 04:33:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswSnx
aswSP
aswTdi
ccSet_NST
discache
lqffzi
SASDIFSV
SASKUTIL
spldr
Wanarpv6
wjtvys

Error: (01/07/2015 04:33:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error:
%%1058

Error: (01/07/2015 04:31:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswKbd
aswSnx
aswSP
aswTdi
ccSet_NST
discache
SASDIFSV
SASKUTIL
spldr
Wanarpv6
wjtvys

Error: (01/07/2015 04:31:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error:
%%1058


Microsoft Office Sessions:
=========================
Error: (01/08/2015 08:52:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/07/2015 09:33:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windows...6976AD.crt12007 (0x2ee7)

Error: (01/07/2015 09:28:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windows...6976AD.crt12007 (0x2ee7)

Error: (01/07/2015 09:01:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: nsb2C67.tmp0.0.0.0158c01d02a9b3da0ab5214C:\Users\Ashley\AppData\Local\Temp\nsb2C67.tmp

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description:
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/07/2015 08:57:57 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (01/07/2015 08:57:54 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore


==================== Memory info ===========================

Processor: Intel® Core™ i3-3220 CPU @ 3.30GHz
Percentage of memory in use: 28%
Total physical RAM: 8134.5 MB
Available physical RAM: 5844.31 MB
Total Pagefile: 16267.17 MB
Available Pagefile: 13426.48 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.66 GB) (Free:116.52 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 7C7BECB8)

Partition: GPT Partition Type.

==================== End Of Log ============================

 

 

 

 

 

 

 

 


Edited by jeff matthews, 08 January 2015 - 11:24 PM.


#9 jeff matthews

jeff matthews

    Advanced Member

  • Authentic Member
  • PipPipPipPip
  • 759 posts

Posted 08 January 2015 - 11:25 PM

21:22:33.0475 0x0774  TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
21:22:33.0475 0x0774  UEFI system
21:22:36.0486 0x0774  ============================================================
21:22:36.0486 0x0774  Current date / time: 2015/01/08 21:22:36.0486
21:22:36.0486 0x0774  SystemInfo:
21:22:36.0486 0x0774  
21:22:36.0486 0x0774  OS Version: 6.1.7601 ServicePack: 1.0
21:22:36.0486 0x0774  Product type: Workstation
21:22:36.0486 0x0774  ComputerName: ASHLEY-PC
21:22:36.0486 0x0774  UserName: Ashley
21:22:36.0486 0x0774  Windows directory: C:\Windows
21:22:36.0486 0x0774  System windows directory: C:\Windows
21:22:36.0486 0x0774  Running under WOW64
21:22:36.0486 0x0774  Processor architecture: Intel x64
21:22:36.0486 0x0774  Number of processors: 4
21:22:36.0486 0x0774  Page size: 0x1000
21:22:36.0486 0x0774  Boot type: Safe boot with network
21:22:36.0486 0x0774  ============================================================
21:22:36.0798 0x0774  KLMD registered as C:\Windows\system32\drivers\67031402.sys
21:22:37.0266 0x0774  System UUID: {E4CF1D53-82AD-1ED0-07FE-A2D9830807F5}
21:22:37.0624 0x0774  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:22:37.0624 0x0774  ============================================================
21:22:37.0624 0x0774  \Device\Harddisk0\DR0:
21:22:37.0624 0x0774  GPT partitions:
21:22:37.0624 0x0774  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {C53F8A91-DED2-475F-A1A1-869DE6BBB531}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
21:22:37.0624 0x0774  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {00CDC040-518D-4BF4-8A4F-CC03FD47DB8C}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
21:22:37.0624 0x0774  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6707D8AF-5FD2-4B4E-AC57-5ACB55DE6FAF}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x1D153000
21:22:37.0624 0x0774  MBR partitions:
21:22:37.0624 0x0774  ============================================================
21:22:37.0640 0x0774  C: <-> \Device\Harddisk0\DR0\Partition3
21:22:37.0640 0x0774  ============================================================
21:22:37.0640 0x0774  Initialize success
21:22:37.0640 0x0774  ============================================================
21:22:43.0677 0x03c4  ============================================================
21:22:43.0677 0x03c4  Scan started
21:22:43.0677 0x03c4  Mode: Manual; SigCheck; TDLFS;
21:22:43.0677 0x03c4  ============================================================
21:22:43.0677 0x03c4  KSN ping started
21:22:46.0548 0x03c4  KSN ping finished: true
21:22:46.0860 0x03c4  ================ Scan system memory ========================
21:22:46.0860 0x03c4  System memory - ok
21:22:46.0860 0x03c4  ================ Scan services =============================
21:22:46.0953 0x03c4  [ ABDCD326E1DD1C62509ED94C278A7453, 51E2722C7D2588BE1C29A1680C988B9BE45433E147CCE285C3A918216418E44B ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
21:22:47.0078 0x03c4  !SASCORE - ok
21:22:47.0218 0x03c4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:22:47.0250 0x03c4  1394ohci - ok
21:22:47.0328 0x03c4  [ D27A8B7BB0E15DFBFC6B4E774EE17AD9, CBAD45B3FFFD30C34AF918009F699B65F89043D0799FC25D2472381912F86F93 ] A2DDA           C:\EEK\BIN\a2ddax64.sys
21:22:47.0343 0x03c4  A2DDA - ok
21:22:47.0374 0x03c4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:22:47.0374 0x03c4  ACPI - ok
21:22:47.0421 0x03c4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:22:47.0468 0x03c4  AcpiPmi - ok
21:22:47.0530 0x03c4  [ 749F94C424524285DCDA84D695ABC12F, E5AD194AF5B8B4FDB3976D3E3F9EF942DECFEC4EBAA9881A8EF7707BB781E4AD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:22:47.0546 0x03c4  AdobeFlashPlayerUpdateSvc - ok
21:22:47.0577 0x03c4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:22:47.0593 0x03c4  adp94xx - ok
21:22:47.0624 0x03c4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:22:47.0640 0x03c4  adpahci - ok
21:22:47.0671 0x03c4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:22:47.0671 0x03c4  adpu320 - ok
21:22:47.0702 0x03c4  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:22:47.0827 0x03c4  AeLookupSvc - ok
21:22:47.0874 0x03c4  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
21:22:47.0936 0x03c4  AFD - ok
21:22:47.0967 0x03c4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
21:22:47.0967 0x03c4  agp440 - ok
21:22:47.0998 0x03c4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
21:22:48.0045 0x03c4  ALG - ok
21:22:48.0092 0x03c4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:22:48.0092 0x03c4  aliide - ok
21:22:48.0201 0x03c4  ALSysIO - ok
21:22:48.0264 0x03c4  [ F17B1902DFCED1C24DB57492A7896FF8, 966AB1A072A8AF98D7EDD2A388D919B50FC41A06E1C51B04B2C2F54F1BA7F0D5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:22:48.0310 0x03c4  AMD External Events Utility - ok
21:22:48.0342 0x03c4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:22:48.0357 0x03c4  amdide - ok
21:22:48.0373 0x03c4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:22:48.0404 0x03c4  AmdK8 - ok
21:22:48.0763 0x03c4  [ 81FCDBBA547919D59DC134ED717658B4, 9A95C4400CAE00F25EE10BAE8949CF7317954742EB6F0831AAAEA4A2C220E56B ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
21:22:49.0215 0x03c4  amdkmdag - ok
21:22:49.0278 0x03c4  [ AF6B384E03D15471EDCEDDDEBAA363B2, 2D8CFA26D69A8FF0FAC6EBA2E5A62977B21ECBA0C65458072FEC4A886B3EDD73 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
21:22:49.0309 0x03c4  amdkmdap - ok
21:22:49.0324 0x03c4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
21:22:49.0340 0x03c4  AmdPPM - ok
21:22:49.0387 0x03c4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:22:49.0387 0x03c4  amdsata - ok
21:22:49.0418 0x03c4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:22:49.0418 0x03c4  amdsbs - ok
21:22:49.0434 0x03c4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:22:49.0434 0x03c4  amdxata - ok
21:22:49.0480 0x03c4  [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID           C:\Windows\system32\drivers\appid.sys
21:22:49.0496 0x03c4  AppID - ok
21:22:49.0512 0x03c4  [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:22:49.0512 0x03c4  AppIDSvc - ok
21:22:49.0543 0x03c4  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
21:22:49.0574 0x03c4  Appinfo - ok
21:22:49.0590 0x03c4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
21:22:49.0605 0x03c4  arc - ok
21:22:49.0605 0x03c4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:22:49.0621 0x03c4  arcsas - ok
21:22:49.0668 0x03c4  [ 425A881DFFB426660A6861DC44927DD3, 575878CD7B7E2E6DD9D7051D0637C72D5795F863D32EA47B6A0B8A336D520D47 ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
21:22:49.0683 0x03c4  asmthub3 - ok
21:22:49.0714 0x03c4  [ 0B19AE36FAAE5294B19B0AD4E5F2F37E, 654627BCE074752A06CAE501778AE044589E20E9568367F00A66C45E2A00B143 ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
21:22:49.0714 0x03c4  asmtxhci - ok
21:22:49.0824 0x03c4  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:22:49.0855 0x03c4  aspnet_state - ok
21:22:49.0902 0x03c4  [ 4FCAEF0C5BE7629AEB878998E0FE959B, B792796DEC82CB81CC834DCD4109908C0294556B7FAC9DD6EE329F6508DFA63C ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
21:22:49.0902 0x03c4  aswFsBlk - ok
21:22:49.0933 0x03c4  [ 9FFC732E12FF53E05FE9E02C8C00CE87, ED2A8F20C40F531D27AF878A252DDB4F9355E6EFE77406CF7C99A15CD4A87208 ] aswFW           C:\Windows\system32\drivers\aswFW.sys
21:22:49.0933 0x03c4  aswFW - ok
21:22:49.0948 0x03c4  [ 6B91E6D483AADB3FC4E13E2355200611, 246423703AEA346B99B5F81F1846F0C34DF1178859DD59BCA6393A7CDD8D48AC ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
21:22:49.0964 0x03c4  aswKbd - ok
21:22:49.0964 0x03c4  [ B50CDD87772D6A11CB90924AAD399DF8, 0B42764FD632DB9D5A276904B3D55BC36610BB461591BC730AAE4DC25EBE354A ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
21:22:49.0964 0x03c4  aswMonFlt - ok
21:22:49.0995 0x03c4  [ 518B8D447A1975AB46DA093A2E743256, 7AAA2CAA96AEBFD371C740ACBFB74F30ED92EE8444E30FABF0DCE0123DB0AEE9 ] aswNdis         C:\Windows\system32\DRIVERS\aswNdis.sys
21:22:49.0995 0x03c4  aswNdis - ok
21:22:50.0011 0x03c4  [ 5A832BBB1B563B6B3FDA46239B630037, FD12DCFDFDFC272D2C39D77CD6400D52D8D9FF6FAAFED232B7E542EFEB3DD877 ] aswNdis2        C:\Windows\system32\drivers\aswNdis2.sys
21:22:50.0026 0x03c4  aswNdis2 - ok
21:22:50.0042 0x03c4  [ 57768C7DB4681F2510F247F82EF31D4F, AFD99BEBCE4BD7BFDF65DDC1D69EBE46613B4FF49CC4E4397FFCA7EAF80AAF12 ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
21:22:50.0042 0x03c4  aswRdr - ok
21:22:50.0073 0x03c4  [ E71D826A1F3CE9C9DE3E77F2D02AFFBF, 0BC40A3A3AE43B8A20D8C81EFDF716628500295D8C79CD6CD4458900D31CF41E ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
21:22:50.0089 0x03c4  aswSnx - ok
21:22:50.0120 0x03c4  [ 538A32E2C99BF073D4CA76C30BEDAA60, 89D1C35AB914923AB9B19A4E6DB968AC08303522AFAF55A907146182E7E8DAA5 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
21:22:50.0120 0x03c4  aswSP - ok
21:22:50.0136 0x03c4  [ 6EDC79D73745FD44C41B55B2D13D0B70, CDC35864852D1576B1A4372B55F945628092AECCFC9A01693753100225AF5DD1 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
21:22:50.0136 0x03c4  aswTdi - ok
21:22:50.0167 0x03c4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:22:50.0198 0x03c4  AsyncMac - ok
21:22:50.0229 0x03c4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:22:50.0245 0x03c4  atapi - ok
21:22:50.0276 0x03c4  [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:22:50.0307 0x03c4  AtiHDAudioService - ok
21:22:50.0354 0x03c4  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:22:50.0416 0x03c4  AudioEndpointBuilder - ok
21:22:50.0432 0x03c4  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:22:50.0448 0x03c4  AudioSrv - ok
21:22:50.0494 0x03c4  [ 8FA553E9AE69808D99C164733A0F9590, D3F5BA7000EF311A0E4772B5BF9B0BFFCA721FA971D87DD76B7E8B9B06E9BBC3 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:22:50.0510 0x03c4  avast! Antivirus - ok
21:22:50.0526 0x03c4  [ BC0E07A768A0A14C48E3CE1875F2C377, 38E551AD9897B8BFC190BC5F3414FFAE0E762E8D52F33CCB1173B678269505D4 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
21:22:50.0526 0x03c4  avast! Firewall - ok
21:22:50.0557 0x03c4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:22:50.0619 0x03c4  AxInstSV - ok
21:22:50.0666 0x03c4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
21:22:50.0697 0x03c4  b06bdrv - ok
21:22:50.0744 0x03c4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:22:50.0760 0x03c4  b57nd60a - ok
21:22:50.0791 0x03c4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:22:50.0806 0x03c4  BDESVC - ok
21:22:50.0838 0x03c4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:22:50.0869 0x03c4  Beep - ok
21:22:50.0916 0x03c4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
21:22:50.0947 0x03c4  BFE - ok
21:22:50.0978 0x03c4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
21:22:51.0103 0x03c4  BITS - ok
21:22:51.0150 0x03c4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:22:51.0165 0x03c4  blbdrive - ok
21:22:51.0212 0x03c4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:22:51.0228 0x03c4  bowser - ok
21:22:51.0259 0x03c4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:22:51.0274 0x03c4  BrFiltLo - ok
21:22:51.0290 0x03c4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:22:51.0306 0x03c4  BrFiltUp - ok
21:22:51.0352 0x03c4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
21:22:51.0368 0x03c4  Browser - ok
21:22:51.0384 0x03c4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:22:51.0399 0x03c4  Brserid - ok
21:22:51.0415 0x03c4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:22:51.0430 0x03c4  BrSerWdm - ok
21:22:51.0446 0x03c4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:22:51.0446 0x03c4  BrUsbMdm - ok
21:22:51.0462 0x03c4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:22:51.0477 0x03c4  BrUsbSer - ok
21:22:51.0508 0x03c4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:22:51.0524 0x03c4  BTHMODEM - ok
21:22:51.0555 0x03c4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
21:22:51.0571 0x03c4  bthserv - ok
21:22:51.0602 0x03c4  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] cae99edb        C:\Windows\system32\rundll32.exe
21:22:51.0618 0x03c4  cae99edb - ok
21:22:51.0680 0x03c4  [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_NST       C:\Windows\system32\drivers\NSTx64\7DE07080.017\ccSetx64.sys
21:22:51.0680 0x03c4  ccSet_NST - ok
21:22:51.0711 0x03c4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:22:51.0742 0x03c4  cdfs - ok
21:22:51.0774 0x03c4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:22:51.0789 0x03c4  cdrom - ok
21:22:51.0789 0x03c4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:22:51.0820 0x03c4  CertPropSvc - ok
21:22:51.0836 0x03c4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
21:22:51.0852 0x03c4  circlass - ok
21:22:51.0945 0x03c4  [ B794DCF38C965FA2F93C45A7C3D582C5, 0E483EAF835B85AA4B6F449F9BB68AF0A3EE4192D29CD72F4B812F1E4D9E9A7C ] cleanhlp        C:\EEK\bin\cleanhlp64.sys
21:22:51.0945 0x03c4  cleanhlp - ok
21:22:51.0961 0x03c4  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
21:22:51.0976 0x03c4  CLFS - ok
21:22:52.0039 0x03c4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:22:52.0039 0x03c4  clr_optimization_v2.0.50727_32 - ok
21:22:52.0086 0x03c4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:22:52.0086 0x03c4  clr_optimization_v2.0.50727_64 - ok
21:22:52.0164 0x03c4  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:22:52.0226 0x03c4  clr_optimization_v4.0.30319_32 - ok
21:22:52.0242 0x03c4  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:22:52.0273 0x03c4  clr_optimization_v4.0.30319_64 - ok
21:22:52.0304 0x03c4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
21:22:52.0320 0x03c4  CmBatt - ok
21:22:52.0320 0x03c4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:22:52.0335 0x03c4  cmdide - ok
21:22:52.0366 0x03c4  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
21:22:52.0398 0x03c4  CNG - ok
21:22:52.0413 0x03c4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
21:22:52.0413 0x03c4  Compbatt - ok
21:22:52.0444 0x03c4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
21:22:52.0460 0x03c4  CompositeBus - ok
21:22:52.0476 0x03c4  COMSysApp - ok
21:22:52.0491 0x03c4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:22:52.0491 0x03c4  crcdisk - ok
21:22:52.0538 0x03c4  [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:22:52.0569 0x03c4  CryptSvc - ok
21:22:52.0600 0x03c4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:22:52.0647 0x03c4  DcomLaunch - ok
21:22:52.0678 0x03c4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:22:52.0710 0x03c4  defragsvc - ok
21:22:52.0741 0x03c4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:22:52.0756 0x03c4  DfsC - ok
21:22:52.0788 0x03c4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:22:52.0819 0x03c4  Dhcp - ok
21:22:52.0819 0x03c4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
21:22:52.0850 0x03c4  discache - ok
21:22:52.0866 0x03c4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
21:22:52.0881 0x03c4  Disk - ok
21:22:52.0928 0x03c4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:22:52.0944 0x03c4  Dnscache - ok
21:22:52.0959 0x03c4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:22:52.0990 0x03c4  dot3svc - ok
21:22:53.0006 0x03c4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
21:22:53.0022 0x03c4  DPS - ok
21:22:53.0068 0x03c4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:22:53.0084 0x03c4  drmkaud - ok
21:22:53.0146 0x03c4  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:22:53.0162 0x03c4  DXGKrnl - ok
21:22:53.0178 0x03c4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
21:22:53.0209 0x03c4  EapHost - ok
21:22:53.0302 0x03c4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
21:22:53.0380 0x03c4  ebdrv - ok
21:22:53.0427 0x03c4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
21:22:53.0458 0x03c4  EFS - ok
21:22:53.0505 0x03c4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:22:53.0568 0x03c4  ehRecvr - ok
21:22:53.0583 0x03c4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
21:22:53.0599 0x03c4  ehSched - ok
21:22:53.0646 0x03c4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:22:53.0661 0x03c4  elxstor - ok
21:22:53.0661 0x03c4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:22:53.0677 0x03c4  ErrDev - ok
21:22:53.0724 0x03c4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
21:22:53.0770 0x03c4  EventSystem - ok
21:22:53.0786 0x03c4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:22:53.0817 0x03c4  exfat - ok
21:22:53.0817 0x03c4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:22:53.0848 0x03c4  fastfat - ok
21:22:53.0895 0x03c4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
21:22:53.0926 0x03c4  Fax - ok
21:22:53.0942 0x03c4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
21:22:53.0958 0x03c4  fdc - ok
21:22:53.0973 0x03c4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
21:22:53.0989 0x03c4  fdPHost - ok
21:22:54.0004 0x03c4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:22:54.0020 0x03c4  FDResPub - ok
21:22:54.0036 0x03c4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:22:54.0036 0x03c4  FileInfo - ok
21:22:54.0051 0x03c4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:22:54.0067 0x03c4  Filetrace - ok
21:22:54.0067 0x03c4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:22:54.0082 0x03c4  flpydisk - ok
21:22:54.0114 0x03c4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:22:54.0129 0x03c4  FltMgr - ok
21:22:54.0192 0x03c4  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
21:22:54.0223 0x03c4  FontCache - ok
21:22:54.0270 0x03c4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:22:54.0270 0x03c4  FontCache3.0.0.0 - ok
21:22:54.0301 0x03c4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:22:54.0301 0x03c4  FsDepends - ok
21:22:54.0332 0x03c4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:22:54.0348 0x03c4  Fs_Rec - ok
21:22:54.0394 0x03c4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:22:54.0394 0x03c4  fvevol - ok
21:22:54.0426 0x03c4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:22:54.0426 0x03c4  gagp30kx - ok
21:22:54.0457 0x03c4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:22:54.0504 0x03c4  gpsvc - ok
21:22:54.0582 0x03c4  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:22:54.0597 0x03c4  gupdate - ok
21:22:54.0597 0x03c4  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:22:54.0597 0x03c4  gupdatem - ok
21:22:54.0613 0x03c4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:22:54.0628 0x03c4  hcw85cir - ok
21:22:54.0675 0x03c4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:22:54.0738 0x03c4  HdAudAddService - ok
21:22:54.0769 0x03c4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:22:54.0769 0x03c4  HDAudBus - ok
21:22:54.0769 0x03c4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
21:22:54.0784 0x03c4  HidBatt - ok
21:22:54.0800 0x03c4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:22:54.0816 0x03c4  HidBth - ok
21:22:54.0831 0x03c4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:22:54.0847 0x03c4  HidIr - ok
21:22:54.0862 0x03c4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
21:22:54.0894 0x03c4  hidserv - ok
21:22:54.0925 0x03c4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:22:54.0940 0x03c4  HidUsb - ok
21:22:54.0972 0x03c4  [ 545EE654B04D52AF2E7F5F393D1F7D75, 3035171E5E54F6E6FB8BFCA237FCE5564BE3F58EEDA54441334FF3B71EEE1D24 ] hitmanpro37     C:\Windows\system32\drivers\hitmanpro37.sys
21:22:54.0972 0x03c4  hitmanpro37 - ok
21:22:55.0003 0x03c4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:22:55.0018 0x03c4  hkmsvc - ok
21:22:55.0034 0x03c4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:22:55.0065 0x03c4  HomeGroupListener - ok
21:22:55.0081 0x03c4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:22:55.0096 0x03c4  HomeGroupProvider - ok
21:22:55.0128 0x03c4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:22:55.0128 0x03c4  HpSAMD - ok
21:22:55.0159 0x03c4  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:22:55.0206 0x03c4  HTTP - ok
21:22:55.0221 0x03c4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:22:55.0221 0x03c4  hwpolicy - ok
21:22:55.0237 0x03c4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:22:55.0252 0x03c4  i8042prt - ok
21:22:55.0284 0x03c4  [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
21:22:55.0284 0x03c4  iaStor - ok
21:22:55.0346 0x03c4  [ 545462D0DBE24AF379BA869B7C185CCD, 056F9D0D5FD4FEF37665A35A4029722FF60D02A69854E952DC361CC0E5CD26F9 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
21:22:55.0346 0x03c4  IAStorDataMgrSvc - ok
21:22:55.0408 0x03c4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:22:55.0408 0x03c4  iaStorV - ok
21:22:55.0471 0x03c4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:22:55.0502 0x03c4  idsvc - ok
21:22:55.0502 0x03c4  IEEtwCollectorService - ok
21:22:55.0533 0x03c4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:22:55.0533 0x03c4  iirsp - ok
21:22:55.0611 0x03c4  [ 54E0F4CCD6CE99A807459AF928DD64AC, 65EBD9757B811E8F1060F23C4936DBED5FBBEDA290CC4CD7F7781CC3D189BE8B ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
21:22:55.0627 0x03c4  IJPLMSVC - ok
21:22:55.0674 0x03c4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
21:22:55.0705 0x03c4  IKEEXT - ok
21:22:55.0814 0x03c4  [ 9CC645EB9697AA4F2D5A39835C80A0A2, 39861B19E9BF17F5250D571996167A178606150B62C876529D3699817FDDC42A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:22:55.0923 0x03c4  IntcAzAudAddService - ok
21:22:55.0970 0x03c4  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:22:55.0986 0x03c4  Intel® Capability Licensing Service Interface - ok
21:22:56.0017 0x03c4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:22:56.0017 0x03c4  intelide - ok
21:22:56.0032 0x03c4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:22:56.0048 0x03c4  intelppm - ok
21:22:56.0079 0x03c4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:22:56.0110 0x03c4  IPBusEnum - ok
21:22:56.0126 0x03c4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:22:56.0142 0x03c4  IpFilterDriver - ok
21:22:56.0188 0x03c4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:22:56.0220 0x03c4  iphlpsvc - ok
21:22:56.0235 0x03c4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:22:56.0235 0x03c4  IPMIDRV - ok
21:22:56.0235 0x03c4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:22:56.0282 0x03c4  IPNAT - ok
21:22:56.0282 0x03c4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:22:56.0298 0x03c4  IRENUM - ok
21:22:56.0313 0x03c4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:22:56.0313 0x03c4  isapnp - ok
21:22:56.0360 0x03c4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:22:56.0360 0x03c4  iScsiPrt - ok
21:22:56.0376 0x03c4  [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:22:56.0391 0x03c4  iusb3hcs - ok
21:22:56.0407 0x03c4  [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
21:22:56.0422 0x03c4  iusb3hub - ok
21:22:56.0454 0x03c4  [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:22:56.0469 0x03c4  iusb3xhc - ok
21:22:56.0516 0x03c4  [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
21:22:56.0532 0x03c4  jhi_service - ok
21:22:56.0547 0x03c4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:22:56.0563 0x03c4  kbdclass - ok
21:22:56.0578 0x03c4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:22:56.0594 0x03c4  kbdhid - ok
21:22:56.0610 0x03c4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
21:22:56.0610 0x03c4  KeyIso - ok
21:22:56.0656 0x03c4  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:22:56.0656 0x03c4  KSecDD - ok
21:22:56.0688 0x03c4  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:22:56.0703 0x03c4  KSecPkg - ok
21:22:56.0719 0x03c4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:22:56.0734 0x03c4  ksthunk - ok
21:22:56.0766 0x03c4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:22:56.0797 0x03c4  KtmRm - ok
21:22:56.0828 0x03c4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:22:56.0859 0x03c4  LanmanServer - ok
21:22:56.0875 0x03c4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:22:56.0890 0x03c4  LanmanWorkstation - ok
21:22:56.0922 0x03c4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:22:56.0953 0x03c4  lltdio - ok
21:22:56.0984 0x03c4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:22:57.0015 0x03c4  lltdsvc - ok
21:22:57.0031 0x03c4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:22:57.0046 0x03c4  lmhosts - ok
21:22:57.0093 0x03c4  [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:22:57.0109 0x03c4  LMS - ok
21:22:57.0109 0x03c4  lqffzi - ok
21:22:57.0140 0x03c4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:22:57.0156 0x03c4  LSI_FC - ok
21:22:57.0156 0x03c4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:22:57.0171 0x03c4  LSI_SAS - ok
21:22:57.0171 0x03c4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:22:57.0187 0x03c4  LSI_SAS2 - ok
21:22:57.0202 0x03c4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:22:57.0202 0x03c4  LSI_SCSI - ok
21:22:57.0218 0x03c4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:22:57.0249 0x03c4  luafv - ok
21:22:57.0280 0x03c4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:22:57.0280 0x03c4  Mcx2Svc - ok
21:22:57.0296 0x03c4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:22:57.0312 0x03c4  megasas - ok
21:22:57.0327 0x03c4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:22:57.0327 0x03c4  MegaSR - ok
21:22:57.0358 0x03c4  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
21:22:57.0358 0x03c4  MEIx64 - ok
21:22:57.0421 0x03c4  Microsoft SharePoint Workspace Audit Service - ok
21:22:57.0468 0x03c4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
21:22:57.0499 0x03c4  MMCSS - ok
21:22:57.0514 0x03c4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
21:22:57.0530 0x03c4  Modem - ok
21:22:57.0546 0x03c4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:22:57.0561 0x03c4  monitor - ok
21:22:57.0577 0x03c4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:22:57.0592 0x03c4  mouclass - ok
21:22:57.0608 0x03c4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:22:57.0624 0x03c4  mouhid - ok
21:22:57.0639 0x03c4  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:22:57.0639 0x03c4  mountmgr - ok
21:22:57.0686 0x03c4  [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:22:57.0702 0x03c4  MozillaMaintenance - ok
21:22:57.0717 0x03c4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:22:57.0717 0x03c4  mpio - ok
21:22:57.0748 0x03c4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:22:57.0780 0x03c4  mpsdrv - ok
21:22:57.0826 0x03c4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:22:57.0873 0x03c4  MpsSvc - ok
21:22:57.0904 0x03c4  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:22:57.0936 0x03c4  MRxDAV - ok
21:22:57.0967 0x03c4  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:22:57.0982 0x03c4  mrxsmb - ok
21:22:57.0998 0x03c4  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:22:58.0014 0x03c4  mrxsmb10 - ok
21:22:58.0045 0x03c4  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:22:58.0060 0x03c4  mrxsmb20 - ok
21:22:58.0092 0x03c4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:22:58.0092 0x03c4  msahci - ok
21:22:58.0123 0x03c4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:22:58.0123 0x03c4  msdsm - ok
21:22:58.0138 0x03c4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
21:22:58.0154 0x03c4  MSDTC - ok
21:22:58.0170 0x03c4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:22:58.0201 0x03c4  Msfs - ok
21:22:58.0216 0x03c4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:22:58.0232 0x03c4  mshidkmdf - ok
21:22:58.0248 0x03c4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:22:58.0263 0x03c4  msisadrv - ok
21:22:58.0279 0x03c4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:22:58.0326 0x03c4  MSiSCSI - ok
21:22:58.0326 0x03c4  msiserver - ok
21:22:58.0341 0x03c4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:22:58.0372 0x03c4  MSKSSRV - ok
21:22:58.0388 0x03c4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:22:58.0419 0x03c4  MSPCLOCK - ok
21:22:58.0450 0x03c4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:22:58.0482 0x03c4  MSPQM - ok
21:22:58.0513 0x03c4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:22:58.0513 0x03c4  MsRPC - ok
21:22:58.0528 0x03c4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:22:58.0544 0x03c4  mssmbios - ok
21:22:58.0544 0x03c4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:22:58.0575 0x03c4  MSTEE - ok
21:22:58.0591 0x03c4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:22:58.0606 0x03c4  MTConfig - ok
21:22:58.0622 0x03c4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
21:22:58.0622 0x03c4  Mup - ok
21:22:58.0653 0x03c4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
21:22:58.0684 0x03c4  napagent - ok
21:22:58.0700 0x03c4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:22:58.0731 0x03c4  NativeWifiP - ok
21:22:58.0794 0x03c4  [ D5C65661C49139648F1D124D9A8A90DE, 3F5066DBA1337D42E6D3CA01B0F970E93659F0F706B60CA39169FFA61E432598 ] NCO             C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\NST.exe
21:22:58.0809 0x03c4  NCO - ok
21:22:58.0872 0x03c4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:22:58.0903 0x03c4  NDIS - ok
21:22:58.0918 0x03c4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:22:58.0934 0x03c4  NdisCap - ok
21:22:58.0950 0x03c4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:22:58.0965 0x03c4  NdisTapi - ok
21:22:58.0981 0x03c4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:22:59.0012 0x03c4  Ndisuio - ok
21:22:59.0028 0x03c4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:22:59.0059 0x03c4  NdisWan - ok
21:22:59.0059 0x03c4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:22:59.0090 0x03c4  NDProxy - ok
21:22:59.0106 0x03c4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:22:59.0121 0x03c4  NetBIOS - ok
21:22:59.0137 0x03c4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:22:59.0168 0x03c4  NetBT - ok
21:22:59.0184 0x03c4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
21:22:59.0184 0x03c4  Netlogon - ok
21:22:59.0215 0x03c4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
21:22:59.0246 0x03c4  Netman - ok
21:22:59.0293 0x03c4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:22:59.0324 0x03c4  NetMsmqActivator - ok
21:22:59.0324 0x03c4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:22:59.0340 0x03c4  NetPipeActivator - ok
21:22:59.0371 0x03c4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
21:22:59.0386 0x03c4  netprofm - ok
21:22:59.0402 0x03c4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:22:59.0402 0x03c4  NetTcpActivator - ok
21:22:59.0418 0x03c4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:22:59.0418 0x03c4  NetTcpPortSharing - ok
21:22:59.0449 0x03c4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:22:59.0449 0x03c4  nfrd960 - ok
21:22:59.0480 0x03c4  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:22:59.0496 0x03c4  NlaSvc - ok
21:22:59.0511 0x03c4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:22:59.0527 0x03c4  Npfs - ok
21:22:59.0542 0x03c4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
21:22:59.0574 0x03c4  nsi - ok
21:22:59.0574 0x03c4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:22:59.0620 0x03c4  nsiproxy - ok
21:22:59.0683 0x03c4  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:22:59.0730 0x03c4  Ntfs - ok
21:22:59.0745 0x03c4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
21:22:59.0761 0x03c4  Null - ok
21:22:59.0808 0x03c4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:22:59.0808 0x03c4  nvraid - ok
21:22:59.0854 0x03c4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:22:59.0870 0x03c4  nvstor - ok
21:22:59.0886 0x03c4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:22:59.0886 0x03c4  nv_agp - ok
21:22:59.0901 0x03c4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:22:59.0917 0x03c4  ohci1394 - ok
21:22:59.0979 0x03c4  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:22:59.0995 0x03c4  ose - ok
21:23:00.0135 0x03c4  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:23:00.0260 0x03c4  osppsvc - ok
21:23:00.0291 0x03c4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:23:00.0322 0x03c4  p2pimsvc - ok
21:23:00.0338 0x03c4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
21:23:00.0354 0x03c4  p2psvc - ok
21:23:00.0385 0x03c4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
21:23:00.0400 0x03c4  Parport - ok
21:23:00.0432 0x03c4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:23:00.0432 0x03c4  partmgr - ok
21:23:00.0478 0x03c4  [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:23:00.0478 0x03c4  PcaSvc - ok
21:23:00.0510 0x03c4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
21:23:00.0510 0x03c4  pci - ok
21:23:00.0556 0x03c4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:23:00.0556 0x03c4  pciide - ok
21:23:00.0572 0x03c4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:23:00.0572 0x03c4  pcmcia - ok
21:23:00.0588 0x03c4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:23:00.0588 0x03c4  pcw - ok
21:23:00.0634 0x03c4  [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:23:00.0666 0x03c4  PEAUTH - ok
21:23:00.0712 0x03c4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:23:00.0728 0x03c4  PerfHost - ok
21:23:00.0790 0x03c4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
21:23:00.0837 0x03c4  pla - ok
21:23:00.0884 0x03c4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:23:00.0900 0x03c4  PlugPlay - ok
21:23:00.0915 0x03c4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:23:00.0931 0x03c4  PNRPAutoReg - ok
21:23:00.0931 0x03c4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:23:00.0946 0x03c4  PNRPsvc - ok
21:23:00.0993 0x03c4  [ E4799B87675C59AA1F620DE5C6F113BB, 094EE16D4CEC68DB316002994482344A6BFCFDE399131F7FA11BB46C2DCBF218 ] Point64         C:\Windows\system32\DRIVERS\point64.sys
21:23:01.0009 0x03c4  Point64 - ok
21:23:01.0024 0x03c4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:23:01.0071 0x03c4  PolicyAgent - ok
21:23:01.0087 0x03c4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
21:23:01.0118 0x03c4  Power - ok
21:23:01.0149 0x03c4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:23:01.0180 0x03c4  PptpMiniport - ok
21:23:01.0196 0x03c4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
21:23:01.0212 0x03c4  Processor - ok
21:23:01.0258 0x03c4  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:23:01.0290 0x03c4  ProfSvc - ok
21:23:01.0290 0x03c4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:23:01.0305 0x03c4  ProtectedStorage - ok
21:23:01.0321 0x03c4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:23:01.0336 0x03c4  Psched - ok
21:23:01.0383 0x03c4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:23:01.0414 0x03c4  ql2300 - ok
21:23:01.0430 0x03c4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:23:01.0446 0x03c4  ql40xx - ok
21:23:01.0477 0x03c4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
21:23:01.0492 0x03c4  QWAVE - ok
21:23:01.0508 0x03c4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:23:01.0524 0x03c4  QWAVEdrv - ok
21:23:01.0539 0x03c4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:23:01.0555 0x03c4  RasAcd - ok
21:23:01.0586 0x03c4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:23:01.0617 0x03c4  RasAgileVpn - ok
21:23:01.0617 0x03c4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
21:23:01.0648 0x03c4  RasAuto - ok
21:23:01.0648 0x03c4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:23:01.0680 0x03c4  Rasl2tp - ok
21:23:01.0680 0x03c4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
21:23:01.0711 0x03c4  RasMan - ok
21:23:01.0726 0x03c4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:23:01.0742 0x03c4  RasPppoe - ok
21:23:01.0758 0x03c4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:23:01.0789 0x03c4  RasSstp - ok
21:23:01.0804 0x03c4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:23:01.0836 0x03c4  rdbss - ok
21:23:01.0851 0x03c4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
21:23:01.0867 0x03c4  rdpbus - ok
21:23:01.0867 0x03c4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:23:01.0898 0x03c4  RDPCDD - ok
21:23:01.0898 0x03c4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:23:01.0929 0x03c4  RDPENCDD - ok
21:23:01.0945 0x03c4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:23:01.0976 0x03c4  RDPREFMP - ok
21:23:02.0007 0x03c4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:23:02.0038 0x03c4  RDPWD - ok
21:23:02.0070 0x03c4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:23:02.0070 0x03c4  rdyboost - ok
21:23:02.0101 0x03c4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:23:02.0132 0x03c4  RemoteAccess - ok
21:23:02.0163 0x03c4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:23:02.0194 0x03c4  RemoteRegistry - ok
21:23:02.0210 0x03c4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:23:02.0241 0x03c4  RpcEptMapper - ok
21:23:02.0257 0x03c4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
21:23:02.0272 0x03c4  RpcLocator - ok
21:23:02.0288 0x03c4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
21:23:02.0319 0x03c4  RpcSs - ok
21:23:02.0319 0x03c4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:23:02.0350 0x03c4  rspndr - ok
21:23:02.0397 0x03c4  [ 3713DACCA1025B05A6343104112708D9, 77830F361775166ED2408CFF9F0DBEDFF225895DD0FAC93F3DC5FFD8DBE0ED2B ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
21:23:02.0413 0x03c4  RTL8167 - ok
21:23:02.0428 0x03c4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
21:23:02.0428 0x03c4  SamSs - ok
21:23:02.0506 0x03c4  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
21:23:02.0506 0x03c4  SASDIFSV - ok
21:23:02.0522 0x03c4  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
21:23:02.0522 0x03c4  SASKUTIL - ok
21:23:02.0538 0x03c4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:23:02.0538 0x03c4  sbp2port - ok
21:23:02.0569 0x03c4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:23:02.0600 0x03c4  SCardSvr - ok
21:23:02.0616 0x03c4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:23:02.0631 0x03c4  scfilter - ok
21:23:02.0662 0x03c4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
21:23:02.0725 0x03c4  Schedule - ok
21:23:02.0756 0x03c4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:23:02.0772 0x03c4  SCPolicySvc - ok
21:23:02.0787 0x03c4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:23:02.0803 0x03c4  SDRSVC - ok
21:23:02.0818 0x03c4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:23:02.0834 0x03c4  secdrv - ok
21:23:02.0850 0x03c4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
21:23:02.0881 0x03c4  seclogon - ok
21:23:02.0881 0x03c4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
21:23:02.0912 0x03c4  SENS - ok
21:23:02.0943 0x03c4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:23:02.0943 0x03c4  SensrSvc - ok
21:23:02.0974 0x03c4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:23:02.0990 0x03c4  Serenum - ok
21:23:03.0021 0x03c4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:23:03.0037 0x03c4  Serial - ok
21:23:03.0052 0x03c4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:23:03.0068 0x03c4  sermouse - ok
21:23:03.0084 0x03c4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
21:23:03.0115 0x03c4  SessionEnv - ok
21:23:03.0115 0x03c4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:23:03.0115 0x03c4  sffdisk - ok
21:23:03.0130 0x03c4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:23:03.0130 0x03c4  sffp_mmc - ok
21:23:03.0130 0x03c4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:23:03.0146 0x03c4  sffp_sd - ok
21:23:03.0146 0x03c4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:23:03.0162 0x03c4  sfloppy - ok
21:23:03.0193 0x03c4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:23:03.0224 0x03c4  SharedAccess - ok
21:23:03.0240 0x03c4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:23:03.0255 0x03c4  ShellHWDetection - ok
21:23:03.0286 0x03c4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:23:03.0286 0x03c4  SiSRaid2 - ok
21:23:03.0302 0x03c4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:23:03.0302 0x03c4  SiSRaid4 - ok
21:23:03.0318 0x03c4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:23:03.0333 0x03c4  Smb - ok
21:23:03.0364 0x03c4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:23:03.0380 0x03c4  SNMPTRAP - ok
21:23:03.0396 0x03c4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:23:03.0411 0x03c4  spldr - ok
21:23:03.0442 0x03c4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
21:23:03.0474 0x03c4  Spooler - ok
21:23:03.0567 0x03c4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
21:23:03.0676 0x03c4  sppsvc - ok
21:23:03.0692 0x03c4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:23:03.0723 0x03c4  sppuinotify - ok
21:23:03.0770 0x03c4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:23:03.0801 0x03c4  srv - ok
21:23:03.0817 0x03c4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:23:03.0832 0x03c4  srv2 - ok
21:23:03.0864 0x03c4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:23:03.0879 0x03c4  srvnet - ok
21:23:03.0895 0x03c4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:23:03.0926 0x03c4  SSDPSRV - ok
21:23:03.0942 0x03c4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:23:03.0957 0x03c4  SstpSvc - ok
21:23:03.0973 0x03c4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:23:03.0988 0x03c4  stexstor - ok
21:23:04.0004 0x03c4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
21:23:04.0035 0x03c4  stisvc - ok
21:23:04.0051 0x03c4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:23:04.0051 0x03c4  swenum - ok
21:23:04.0066 0x03c4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
21:23:04.0098 0x03c4  swprv - ok
21:23:04.0144 0x03c4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
21:23:04.0207 0x03c4  SysMain - ok
21:23:04.0207 0x03c4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:23:04.0222 0x03c4  TabletInputService - ok
21:23:04.0254 0x03c4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:23:04.0285 0x03c4  TapiSrv - ok
21:23:04.0285 0x03c4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
21:23:04.0300 0x03c4  TBS - ok
21:23:04.0394 0x03c4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:23:04.0441 0x03c4  Tcpip - ok
21:23:04.0488 0x03c4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:23:04.0519 0x03c4  TCPIP6 - ok
21:23:04.0566 0x03c4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:23:04.0566 0x03c4  tcpipreg - ok
21:23:04.0597 0x03c4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:23:04.0612 0x03c4  TDPIPE - ok
21:23:04.0628 0x03c4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:23:04.0628 0x03c4  TDTCP - ok
21:23:04.0690 0x03c4  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:23:04.0706 0x03c4  tdx - ok
21:23:04.0706 0x03c4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:23:04.0722 0x03c4  TermDD - ok
21:23:04.0768 0x03c4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
21:23:04.0800 0x03c4  TermService - ok
21:23:04.0831 0x03c4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
21:23:04.0862 0x03c4  Themes - ok
21:23:04.0862 0x03c4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
21:23:04.0893 0x03c4  THREADORDER - ok
21:23:04.0909 0x03c4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
21:23:04.0940 0x03c4  TrkWks - ok
21:23:04.0987 0x03c4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:23:05.0002 0x03c4  TrustedInstaller - ok
21:23:05.0049 0x03c4  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:23:05.0049 0x03c4  tssecsrv - ok
21:23:05.0080 0x03c4  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:23:05.0096 0x03c4  TsUsbFlt - ok
21:23:05.0112 0x03c4  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
21:23:05.0127 0x03c4  TsUsbGD - ok
21:23:05.0158 0x03c4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:23:05.0174 0x03c4  tunnel - ok
21:23:05.0174 0x03c4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:23:05.0190 0x03c4  uagp35 - ok
21:23:05.0190 0x03c4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:23:05.0221 0x03c4  udfs - ok
21:23:05.0252 0x03c4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:23:05.0252 0x03c4  UI0Detect - ok
21:23:05.0268 0x03c4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:23:05.0268 0x03c4  uliagpkx - ok
21:23:05.0299 0x03c4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:23:05.0299 0x03c4  umbus - ok
21:23:05.0314 0x03c4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
21:23:05.0330 0x03c4  UmPass - ok
21:23:05.0408 0x03c4  [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:23:05.0424 0x03c4  UNS - ok
21:23:05.0439 0x03c4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
21:23:05.0470 0x03c4  upnphost - ok
21:23:05.0517 0x03c4  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:23:05.0548 0x03c4  usbccgp - ok
21:23:05.0580 0x03c4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:23:05.0595 0x03c4  usbcir - ok
21:23:05.0626 0x03c4  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:23:05.0642 0x03c4  usbehci - ok
21:23:05.0673 0x03c4  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:23:05.0673 0x03c4  usbhub - ok
21:23:05.0689 0x03c4  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:23:05.0704 0x03c4  usbohci - ok
21:23:05.0704 0x03c4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
21:23:05.0720 0x03c4  usbprint - ok
21:23:05.0720 0x03c4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:23:05.0751 0x03c4  USBSTOR - ok
21:23:05.0751 0x03c4  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:23:05.0767 0x03c4  usbuhci - ok
21:23:05.0782 0x03c4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
21:23:05.0814 0x03c4  UxSms - ok
21:23:05.0829 0x03c4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
21:23:05.0829 0x03c4  VaultSvc - ok
21:23:05.0860 0x03c4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:23:05.0860 0x03c4  vdrvroot - ok
21:23:05.0892 0x03c4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
21:23:05.0938 0x03c4  vds - ok
21:23:05.0954 0x03c4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:23:05.0954 0x03c4  vga - ok
21:23:05.0970 0x03c4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:23:06.0001 0x03c4  VgaSave - ok
21:23:06.0032 0x03c4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:23:06.0032 0x03c4  vhdmp - ok
21:23:06.0063 0x03c4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:23:06.0079 0x03c4  viaide - ok
21:23:06.0094 0x03c4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:23:06.0094 0x03c4  volmgr - ok
21:23:06.0110 0x03c4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:23:06.0126 0x03c4  volmgrx - ok
21:23:06.0157 0x03c4  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:23:06.0157 0x03c4  volsnap - ok
21:23:06.0188 0x03c4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:23:06.0188 0x03c4  vsmraid - ok
21:23:06.0235 0x03c4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
21:23:06.0297 0x03c4  VSS - ok
21:23:06.0313 0x03c4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:23:06.0328 0x03c4  vwifibus - ok
21:23:06.0344 0x03c4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
21:23:06.0375 0x03c4  W32Time - ok
21:23:06.0375 0x03c4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:23:06.0391 0x03c4  WacomPen - ok
21:23:06.0422 0x03c4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:23:06.0453 0x03c4  WANARP - ok
21:23:06.0453 0x03c4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:23:06.0484 0x03c4  Wanarpv6 - ok
21:23:06.0547 0x03c4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:23:06.0578 0x03c4  WatAdminSvc - ok
21:23:06.0640 0x03c4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
21:23:06.0687 0x03c4  wbengine - ok
21:23:06.0703 0x03c4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:23:06.0734 0x03c4  WbioSrvc - ok
21:23:06.0750 0x03c4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:23:06.0765 0x03c4  wcncsvc - ok
21:23:06.0781 0x03c4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:23:06.0796 0x03c4  WcsPlugInService - ok
21:23:06.0812 0x03c4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
21:23:06.0828 0x03c4  Wd - ok
21:23:06.0843 0x03c4  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
21:23:06.0874 0x03c4  WDC_SAM - ok
21:23:06.0921 0x03c4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:23:06.0952 0x03c4  Wdf01000 - ok
21:23:06.0968 0x03c4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:23:07.0015 0x03c4  WdiServiceHost - ok
21:23:07.0015 0x03c4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:23:07.0030 0x03c4  WdiSystemHost - ok
21:23:07.0062 0x03c4  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
21:23:07.0077 0x03c4  WebClient - ok
21:23:07.0124 0x03c4  [ 3B130F4FB69CB7312D03332D4DC42C6E, 1CDCF05749DDCD65854CE61083CDD06997936F58817F244840B69B174C39001D ] webinstrNHK     C:\Windows\system32\Drivers\webinstrNHK.sys
21:23:07.0124 0x03c4  webinstrNHK - ok
21:23:07.0155 0x03c4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:23:07.0186 0x03c4  Wecsvc - ok
21:23:07.0186 0x03c4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:23:07.0218 0x03c4  wercplsupport - ok
21:23:07.0233 0x03c4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:23:07.0264 0x03c4  WerSvc - ok
21:23:07.0296 0x03c4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:23:07.0311 0x03c4  WfpLwf - ok
21:23:07.0311 0x03c4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:23:07.0327 0x03c4  WIMMount - ok
21:23:07.0342 0x03c4  WinDefend - ok
21:23:07.0358 0x03c4  WinHttpAutoProxySvc - ok
21:23:07.0389 0x03c4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:23:07.0436 0x03c4  Winmgmt - ok
21:23:07.0514 0x03c4  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
21:23:07.0576 0x03c4  WinRM - ok
21:23:07.0592 0x03c4  wjtvys - ok
21:23:07.0639 0x03c4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:23:07.0717 0x03c4  Wlansvc - ok
21:23:07.0748 0x03c4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
21:23:07.0764 0x03c4  WmiAcpi - ok
21:23:07.0779 0x03c4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:23:07.0779 0x03c4  wmiApSrv - ok
21:23:07.0810 0x03c4  WMPNetworkSvc - ok
21:23:07.0810 0x03c4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:23:07.0826 0x03c4  WPCSvc - ok
21:23:07.0842 0x03c4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:23:07.0857 0x03c4  WPDBusEnum - ok
21:23:07.0873 0x03c4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:23:07.0904 0x03c4  ws2ifsl - ok
21:23:07.0920 0x03c4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
21:23:07.0935 0x03c4  wscsvc - ok
21:23:07.0935 0x03c4  WSearch - ok
21:23:08.0013 0x03c4  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:23:08.0076 0x03c4  wuauserv - ok
21:23:08.0138 0x03c4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:23:08.0138 0x03c4  WudfPf - ok
21:23:08.0169 0x03c4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:23:08.0185 0x03c4  WUDFRd - ok
21:23:08.0216 0x03c4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:23:08.0232 0x03c4  wudfsvc - ok
21:23:08.0278 0x03c4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:23:08.0294 0x03c4  WwanSvc - ok
21:23:08.0294 0x03c4  ================ Scan global ===============================
21:23:08.0325 0x03c4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
21:23:08.0356 0x03c4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:23:08.0372 0x03c4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:23:08.0388 0x03c4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:23:08.0419 0x03c4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
21:23:08.0419 0x03c4  [ Global ] - ok
21:23:08.0419 0x03c4  ================ Scan MBR ==================================
21:23:08.0434 0x03c4  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:23:08.0497 0x03c4  \Device\Harddisk0\DR0 - ok
21:23:08.0497 0x03c4  ================ Scan VBR ==================================
21:23:08.0528 0x03c4  [ C31D97D327887B954A9153BE05ECE27D ] \Device\Harddisk0\DR0\Partition1
21:23:08.0544 0x03c4  \Device\Harddisk0\DR0\Partition1 - ok
21:23:08.0559 0x03c4  [ F3A064945B5CD6ED0D5353F7FA7491C8 ] \Device\Harddisk0\DR0\Partition2
21:23:08.0559 0x03c4  \Device\Harddisk0\DR0\Partition2 - ok
21:23:08.0575 0x03c4  [ E84FF6B66BEA374C78448E8CA84C7095 ] \Device\Harddisk0\DR0\Partition3
21:23:08.0575 0x03c4  \Device\Harddisk0\DR0\Partition3 - ok
21:23:08.0575 0x03c4  ================ Scan generic autorun ======================
21:23:08.0856 0x03c4  [ 967A6ECF81F7637F84669A0F01A6C422, 487A9AD9D35B1D1B568629D3373E8C68DCF3CCA55C61002B6F16E363B7ACE7BE ] C:\Users\Ashley\Documents\Virus Utilities\cce_2.5.242177.201_x64\CCE\CCE.exe
21:23:09.0043 0x03c4  CCE - ok
21:23:09.0199 0x03c4  [ AF04B6DDF123991C625472494BC1221C, D02BEC96FF466187130B5868DCB70E56CEE25101A8889A1AEF3CFE60ECBE6DC6 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
21:23:09.0355 0x03c4  RTHDVCPL - ok
21:23:09.0448 0x03c4  [ 912993864DE980DE79E2317B109298AE, CD01E488E6331D0F00092A6F5B4B62F3404C9C5F0736887849AD215730C072D2 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
21:23:09.0526 0x03c4  CanonMyPrinter - ok
21:23:09.0667 0x03c4  [ 083649EF692A066880C9326020915AFE, 570DBF28F6D77890476F7B6A9C57F77DCC3C51038A1780540032B5FD9CF72190 ] C:\Program Files\AVAST Software\Avast\avastUI.exe
21:23:09.0776 0x03c4  avast - ok
21:23:09.0870 0x03c4  [ 35F9FC8D4B2FAB4ED396C7002A7E1990, 7BAD15FF11D097427337D03CF871481054CC01E49E536EBE744A80DE46AD0BA5 ] C:\Users\Ashley\AppData\Local\wincheck\wincheck.exe
21:23:09.0885 0x03c4  WinCheck - detected UnsignedFile.Multi.Generic ( 1 )
21:23:12.0990 0x03c4  WinCheck ( UnsignedFile.Multi.Generic ) - warning
21:23:16.0063 0x03c4  [ A005676B30AEB3C7703C317D992B193A, 446155F3AB94BF33DB91E7C2C1EED57ED449D82710BFC96DFA07DBA1D346399E ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
21:23:16.0063 0x03c4  USB3MON - ok
21:23:16.0172 0x03c4  [ 3CD5FD3FED5388DC01A072DB5D06C9CD, BED3D0CE4EF7A8D0FAB8B1E2E519D2B7F9BB81E62F5CBC6C968179FC20956165 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
21:23:16.0203 0x03c4  StartCCC - ok
21:23:16.0203 0x03c4  SmartWeb - ok
21:23:16.0203 0x03c4  ospd_us_611 - ok
21:23:16.0297 0x03c4  [ FB2693E1B53BCEDA1F054FF2C54881E6, 41E25F1EDE25F722F9B73527B2F8B05F38EC87964DBBDEA4F1306E207A78E894 ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
21:23:16.0312 0x03c4  IJNetworkScannerSelectorEX - ok
21:23:16.0328 0x03c4  [ 5514B64F7F2D25E09E2FDAF5D62B688C, 43263715ADC49250762A01E41DB2832C6A8B63CE4F66CDD8FC0B51DCA031DF27 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
21:23:16.0328 0x03c4  IAStorIcon - ok
21:23:16.0422 0x03c4  [ 7B59D1D1F458B322A722E95554BB591E, F184E22D37E013580AB7FD07172C1F662275D39E036CE22DFA62B2A43823E719 ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
21:23:16.0468 0x03c4  CanonSolutionMenuEx - ok
21:23:16.0531 0x03c4  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
21:23:16.0546 0x03c4  BCSSync - ok
21:23:16.0609 0x03c4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:23:16.0656 0x03c4  Sidebar - ok
21:23:16.0671 0x03c4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:23:16.0687 0x03c4  mctadmin - ok
21:23:16.0702 0x03c4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:23:16.0734 0x03c4  Sidebar - ok
21:23:16.0734 0x03c4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:23:16.0749 0x03c4  mctadmin - ok
21:23:16.0874 0x03c4  [ 320889E9BD1F1A041CB69E6A81E484EC, CE47C3BA44E0D5741C8BD41EAFD06BA68E5F1DB4B2EE31EAFD5BDD91C524CFA8 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
21:23:17.0014 0x03c4  SUPERAntiSpyware - ok
21:23:17.0139 0x03c4  [ 8E0EB63933A827D786DE027E42487E44, 387B1803C6F20DD525AE8C367F3997D2875102AE528CA1203D75399B74E41EFD ] C:\Users\Ashley\AppData\Roaming\uTorrent\uTorrent.exe
21:23:17.0186 0x03c4  uTorrent - ok
21:23:17.0248 0x03c4  [ 1DC98EB30899421BF7E4F8C0E9D6B1E7, AC7405DC42673CFF9718D14EB309393F51E95CBA9B2571A8A3D87489911B68FC ] C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe
21:23:17.0264 0x03c4  Super Optimizer - ok
21:23:17.0373 0x03c4  [ 7999235AE6A9F0FE1C007203F03A4618, D552A169E7E5EC43B675120F11E6A1790902C4068FAAFC2DE81DDB5FA50F18E8 ] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_246_Plugin.exe
21:23:17.0404 0x03c4  FlashPlayerUpdate - ok
21:23:17.0404 0x03c4  Waiting for KSN requests completion. In queue: 14
21:23:18.0418 0x03c4  Waiting for KSN requests completion. In queue: 14
21:23:19.0432 0x03c4  Waiting for KSN requests completion. In queue: 14
21:23:20.0446 0x03c4  Waiting for KSN requests completion. In queue: 14
21:23:21.0476 0x03c4  AV detected via SS2: avast! Internet Security, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 7.0.1474.765 ), 0x42010 ( disabled : outofdate )
21:23:21.0476 0x03c4  FW detected via SS2: avast! Internet Security, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 7.0.1474.765 ), 0x40010 ( disabled )
21:23:21.0476 0x03c4  Win FW state via NFP2: enabled
21:23:24.0440 0x03c4  ============================================================
21:23:24.0440 0x03c4  Scan finished
21:23:24.0440 0x03c4  ============================================================
21:23:24.0440 0x0378  Detected object count: 1
21:23:24.0440 0x0378  Actual detected object count: 1
21:23:31.0569 0x0378  WinCheck ( UnsignedFile.Multi.Generic ) - skipped by user
21:23:31.0569 0x0378  WinCheck ( UnsignedFile.Multi.Generic ) - User select action: Skip

 



#10 jeff matthews

jeff matthews

    Advanced Member

  • Authentic Member
  • PipPipPipPip
  • 759 posts

Posted 08 January 2015 - 11:29 PM

Well evidently after i ran malewarebytes it did help out some. There is no longer a downloader in the background constantly installing programs. How ever its still impossible to use the internet efficiently, it redirects the link to different sites and loads of pop-ups appear and just clicking on anything, loads a potential unsafe site. Just being on this website alone, trying to click into the typing box will load different websites that say website forgery. I got one link that stated that my passwords and user ID's were stolen. Anyways it is a huge mess. Ontop of that the computer just unbearably slow and staggers quite alot.

 

That is just what i see upon first glance, other symptoms include missing icons, start menu missing. Audio is scrambled, certain applications load just a black CMD prompt and that is it. Certain menu buttons in the windows interface like network settings and power options, don't have a clickable link. You just can't open them. I try to use the run feature and it says its not a windows command.


Edited by jeff matthews, 08 January 2015 - 11:39 PM.

    Advertisements

Register to Remove


#11 jeff matthews

jeff matthews

    Advanced Member

  • Authentic Member
  • PipPipPipPip
  • 759 posts

Posted 09 January 2015 - 07:05 AM

Let me know if there is anything else required. I posted all the logs.



#12 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 09 January 2015 - 01:24 PM

Hello,
 

other symptoms include [...]

Once your machine has been cleaned of malware, we can address any additional issues. 
 
Please consider the following warning and proceed with the instructions below. 
 

goGMWSt.gifP2P Warning

------------------------------

I see you have peer-to-peer (P2P) file sharing software installed on your computer (uTorrent & KCP-0.5.4.0). I advise you avoid P2P file sharing programmes; they are a security risk which can make your computer susceptible to malware. File sharing networks are thoroughly infected and infested with malware - wormsbackdoor TrojansIRCBots, and rootkits propagate via P2P file sharing networks, gaming, and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans, and spyware. The best way to reduce the risk of infection is to avoid these types of web sites and not use P2P applications. Please read the following articles for more information.

Your P2P software can be removed by following the instructions below.
  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search for the aforementioned programme(s), right-click and click Uninstall.
If you choose not to, please refrain from using the programme(s) during this process.

 
STEP 1
EtQetiM.png Uninstall Software

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search for the following programmes, right-click and click Uninstall.
  • Note: Ensure you decline offers of additional software if applicable.
    • AnyProtect
    • GeniusBox 2.0
    • Idle Crawler
    • Super Optimizer v3.2
    • WinCheck
    • Zoompic 
  • Follow the prompts.
  • Reboot if necessary.
     

STEP 2
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Script

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the codebox below and paste into the Notepad document.
    start
    CreateRestorePoint: 
    CloseProcesses:
    (SUPER PC TOOLS LIMITED) C:\Program Files (x86)\Super Optimizer\SupOptSmartScan.exe
    C:\Program Files (x86)\Super Optimizer
    () C:\Users\Ashley\AppData\Local\wincheck\wincheck.exe
    C:\Users\Ashley\AppData\Local\wincheck
    HKLM-x32\...\Run: [WinCheck] => C:\Users\Ashley\AppData\Local\wincheck\wincheck.exe [529920 2015-01-07] ()
    HKLM-x32\...\Run: [SmartWeb] => C:\Users\Ashley\AppData\Local\SmartWeb\SmartWebHelper.exe
    C:\Users\Ashley\AppData\Local\SmartWeb
    HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\...\Run: [Super Optimizer] => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe [676968 2014-12-26] (SUPER PC TOOLS LIMITED)
    HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\...\MountPoints2: {c5429e11-26f2-11e4-8f1f-806e6f6e6963} - D:\Bin\ASSETUP.exe
    Startup: C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk
    ShortcutTarget: SmartWeb.lnk -> C:\Users\Ashley\AppData\Local\SmartWeb\SmartWebHelper.exe (No File)
    Startup: C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk
    ShortcutTarget: StormWatch.lnk -> C:\Program Files (x86)\StormWatch\StormWatch.exe (No File)
    Startup: C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatchApp.lnk
    ShortcutTarget: StormWatchApp.lnk -> C:\Program Files (x86)\StormWatch\StormWatchApp.exe (No File)
    C:\Program Files (x86)\StormWatch
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    SearchScopes: HKLM-x32 -> DefaultScope value is missing.
    SearchScopes: HKU\S-1-5-21-2650459626-1003566679-2177798267-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
    Toolbar: HKU\S-1-5-21-2650459626-1003566679-2177798267-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
    FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3332128&octid=EB_ORIGINAL_CTID&ISID=I63E6038F-1CE3-493F-959E-FB6BE7E3EB4F&SearchSource=69&CUI=&SSPV=&Lay=1&UM=8&UP=SP169215C0-C634-4015-B514-907E872A5629
    FF DefaultSearchEngine,S: WebSearch
    FF DefaultSearchUrl: hxxp://websearch.searchoholic.info/?pid=21073&r=2014/12/29&hid=10223791501083041900&lg=EN&cc=US&unqvl=72&l=1&q=
    FF SearchEngineOrder.1: WebSearch
    FF SearchEngineOrder.1,S: WebSearch
    FF SelectedSearchEngine: Trovi search
    FF SelectedSearchEngine,S: WebSearch
    FF Homepage: hxxp://www.trovi.com/?gd=&ctid=CT3332128&octid=EB_ORIGINAL_CTID&ISID=I63E6038F-1CE3-493F-959E-FB6BE7E3EB4F&SearchSource=55&CUI=&UM=8&UP=SP169215C0-C634-4015-B514-907E872A5629&SSPV=
    FF Extension: YoautubEAdBlloCCke - C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\Extensions\MXhp@Zr.edu [2014-12-29]
    C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\Extensions\MXhp@Zr.edu
    FF Extension: uuniSaalEs - C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\Extensions\piBes4Vs@M.org [2014-12-29]
    C:\Users\Ashley\AppData\Roaming\Mozilla\Firefox\Profiles\yrwqb25u.default\Extensions\piBes4Vs@M.org
    FF HKU\S-1-5-21-2650459626-1003566679-2177798267-1000\...\Firefox\Extensions: [{DEB3EF69-9903-4024-9D7D-EBB2D0AA4C96}] - C:\Program Files (x86)\ver3BlockAndSurf\185.xpi
    C:\Program Files (x86)\ver3BlockAndSurf
    CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
    CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
    R2 cae99edb; c:\Program Files (x86)\Super Optimizer\SupOptStats.dll [2801768 2015-01-07] ()
    S0 lqffzi; No ImagePath
    R2 webinstrNHK; C:\Windows\system32\Drivers\webinstrNHK.sys [56432 2015-01-07] (Corsica)
    C:\Windows\system32\Drivers\webinstrNHK.sys
    S0 wjtvys; No ImagePath
    S3 ALSysIO; \??\C:\Users\Ashley\AppData\Local\Temp\ALSysIO64.sys [X]
    2015-01-07 09:10 - 2015-01-08 20:52 - 00003254 _____ () C:\Windows\System32\Tasks\Super Optimizer Schedule
    2015-01-07 09:10 - 2015-01-07 09:10 - 00000000 ____D () C:\Users\Ashley\Documents\Super Optimizer
    2015-01-07 09:10 - 2015-01-07 09:10 - 00000000 ____D () C:\Users\Ashley\AppData\Roaming\Super Optimizer
    2015-01-07 09:06 - 2015-01-08 20:51 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
    2015-01-07 09:06 - 2015-01-08 20:51 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
    2015-01-07 09:06 - 2015-01-08 20:51 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
    2015-01-07 09:06 - 2015-01-07 09:06 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
    2015-01-07 09:06 - 2015-01-07 09:06 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
    2015-01-07 09:06 - 2015-01-07 09:06 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
    2015-01-07 09:06 - 2015-01-07 09:06 - 00001049 _____ () C:\Users\Ashley\Desktop\AnyProtect.lnk
    2015-01-07 09:06 - 2015-01-07 09:06 - 00000000 ____D () C:\Windows\SysWOW64\Flash
    2015-01-07 09:06 - 2015-01-07 09:06 - 00000000 ____D () C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
    2015-01-07 09:05 - 2015-01-07 09:06 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
    2015-01-07 09:05 - 2015-01-07 09:05 - 00613057 _____ (CMI Limited) C:\Users\Ashley\AppData\Local\nsy3251.tmp
    2015-01-07 09:05 - 2015-01-07 09:05 - 00002019 _____ () C:\Windows\patsearch.bin
    2015-01-07 09:05 - 2015-01-07 09:05 - 00000000 __SHD () C:\Users\Ashley\AppData\Roaming\AnyProtectEx
    2015-01-07 09:05 - 2015-01-07 09:05 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstrNHK_01009.Wdf
    2015-01-07 09:04 - 2015-01-07 09:06 - 00000000 ____D () C:\Users\Ashley\AppData\Local\F12554C8-33A4-1849-80EB-56C2622F6A30
    2015-01-07 09:04 - 2015-01-07 09:04 - 00004626 _____ () C:\Windows\System32\Tasks\Runner IC
    2015-01-07 09:04 - 2015-01-07 09:04 - 00001090 _____ () C:\Users\Ashley\Desktop\Super Optimizer.lnk
    2015-01-07 09:04 - 2015-01-07 09:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
    2015-01-07 09:04 - 2015-01-07 09:04 - 00000000 ____D () C:\Program Files (x86)\Super Optimizer
    2015-01-07 09:04 - 2015-01-07 09:04 - 00000000 ____D () C:\Program Files (x86)\predm
    2015-01-07 09:00 - 2015-01-07 17:04 - 00000000 ____D () C:\Users\Ashley\AppData\Local\SmartWeb
    2015-01-07 08:51 - 2015-01-07 08:51 - 04645232 _____ (Piriform Ltd) C:\Users\Ashley\Desktop\ccsetup409.exe
    2015-01-07 08:50 - 2015-01-07 17:04 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
    2015-01-07 08:50 - 2015-01-07 08:50 - 00001344 _____ () C:\Windows\Tasks\XSNOUNY.job
    2015-01-07 08:50 - 2015-01-07 08:50 - 00001342 _____ () C:\Windows\Tasks\BLPMKG.job
    2015-01-07 08:50 - 2015-01-07 08:50 - 00000470 _____ () C:\Windows\Tasks\Client.job
    2015-01-07 08:50 - 2015-01-07 08:50 - 00000454 _____ () C:\Windows\Tasks\Validate Uninstaller.job
    2015-01-07 08:50 - 2015-01-07 08:50 - 00000450 _____ () C:\Windows\Tasks\Validate Updater.job
    2015-01-07 08:50 - 2015-01-07 08:50 - 00000414 _____ () C:\Windows\Tasks\Check Updates.job
    2015-01-07 08:50 - 2015-01-07 08:50 - 00000410 _____ () C:\Windows\Tasks\Run Tasks.job
    2015-01-07 08:50 - 2015-01-07 08:50 - 00000064 _____ () C:\Users\Ashley\AppData\Local\55e2ee417d89b23c44dd0dae815edf92
    2015-01-07 08:50 - 2015-01-07 08:50 - 00000000 ____D () C:\Users\Ashley\AppData\Local\globalUpdate
    2015-01-07 08:50 - 2015-01-07 08:50 - 00000000 ____D () C:\Users\Ashley\AppData\Local\GeniusBox
    2015-01-07 08:50 - 2015-01-07 08:50 - 00000000 ____D () C:\Program Files (x86)\28aeea84-e5dd-4769-9212-7eacddbe42a4
    2015-01-07 08:49 - 2015-01-07 08:49 - 00000282 _____ () C:\Windows\Tasks\LaunchSignup.job
    2015-01-07 08:35 - 2015-01-07 08:46 - 00000000 ____D () C:\ProgramData\makulitsidwe
    2015-01-07 07:46 - 2015-01-07 07:46 - 00380416 _____ () C:\Users\Ashley\Downloads\gscxyzlt.exe
    2014-12-29 01:30 - 2015-01-07 03:22 - 00000000 ____D () C:\Program Files (x86)\YoautubEAdBlloCCke
    2014-12-29 01:29 - 2015-01-07 03:22 - 00000000 ____D () C:\Program Files (x86)\unisailees
    2014-12-29 01:29 - 2014-12-29 01:29 - 00000000 ____D () C:\ProgramData\14357881760666442250
    2014-12-29 01:29 - 2014-12-29 01:29 - 00000000 ____D () C:\Program Files (x86)\uuniSaalEs
    C:\Users\Ashley\AppData\Local\Temp\99648137-C26F-E6FB-3819-EB158432D633.dll
    C:\Users\Ashley\AppData\Local\Temp\99648137-C26F-E6FB-3819-EB158432D633.exe
    C:\Users\Ashley\AppData\Local\Temp\A8B293B6-0520-1E1E-C444-05C89AD3F685.exe
    C:\Users\Ashley\AppData\Local\Temp\amisetup8163__11003.exe
    C:\Users\Ashley\AppData\Local\Temp\amisetup8199__11005.exe
    C:\Users\Ashley\AppData\Local\Temp\CloudBackup4064.exe
    C:\Users\Ashley\AppData\Local\Temp\supoptsetup.exe
    C:\Users\Ashley\AppData\Local\Temp\vcredist_x64.exe
    Task: {0A34076C-7C19-4B57-99E0-1511B5A565E3} - System32\Tasks\Super Optimizer Schedule => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe [2014-12-26] (SUPER PC TOOLS LIMITED)
    Task: {286B1FB2-E492-499A-A07C-2D391D99C79A} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-01-07] (AnyProtect.com) <==== ATTENTION
    Task: {39F5A2DE-68ED-4E42-B65F-09BCF4BF3DA3} - \BlockAndSurf Update No Task File <==== ATTENTION
    Task: {676D9544-1738-4D8A-8A0C-D6E5686DD943} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-01-07] (AnyProtect.com) <==== ATTENTION
    Task: {7A7FAE54-D8BC-4C3E-8447-0D6C8F1A4071} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-01-07] (AnyProtect.com) <==== ATTENTION
    Task: {9FC2D183-6C20-46F5-8FA2-73385FAFC75C} - \Voo Update No Task File <==== ATTENTION
    Task: {A83040FC-1ADB-48FF-B060-2A22374D7315} - \SmartWeb Upgrade Trigger Task No Task File <==== ATTENTION
    Task: {A8F8A9B7-F3F5-4B87-A456-E62516B926AF} - System32\Tasks\Runner IC => %LOCALAPPDATA%\F12554C8-33A4-1849-80EB-56C2622F6A30\Runner.exe
    Task: {D54B1E34-5209-4F5C-86C0-D3D1814714A2} - System32\Tasks\Microsoft\Windows\Maintenance\Update IC => %LOCALAPPDATA%\F12554C8-33A4-1849-80EB-56C2622F6A30\Runner.exe
    Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
    Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
    Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
    Task: C:\Windows\Tasks\BLPMKG.job => C:\Users\Ashley\AppData\Roaming\BLPMKG.exe <==== ATTENTION
    C:\Users\Ashley\AppData\Roaming\BLPMKG.exe
    Task: C:\Windows\Tasks\Check Updates.job => C:\Users\Ashley\AppData\Local\GeniusBox\Updater.exe
    Task: C:\Windows\Tasks\Client.job => C:\Users\Ashley\AppData\Local\GeniusBox\client.exe
    Task: C:\Windows\Tasks\LaunchSignup.job => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
    C:\Program Files (x86)\MyPC Backup
    Task: C:\Windows\Tasks\Run Tasks.job => C:\Users\Ashley\AppData\Local\GeniusBox\Tasks.exe
    Task: C:\Windows\Tasks\Validate Uninstaller.job => C:\Users\Ashley\AppData\Local\GeniusBox\Uninstall.exe
    Task: C:\Windows\Tasks\Validate Updater.job => C:\Users\Ashley\AppData\Local\GeniusBox\Updater.exe
    Task: C:\Windows\Tasks\XSNOUNY.job => C:\Users\Ashley\AppData\Roaming\XSNOUNY.exe <==== ATTENTION
    C:\Users\Ashley\AppData\Roaming\XSNOUNY.exe
    reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\CltMngSvc" /f
    reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\globalUpdate" /f
    reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\globalUpdatem" /f
    CMD: ipconfig /flushdns
    CMD: netsh winsock reset all
    CMD: netsh int ipv4 reset
    CMD: netsh int ipv6 reset
    EmptyTemp:
    end
  • Click FileSave As and type fixlist.txt as the File Name
  • Important: The file must be saved in the same location as FRST64.exe. 

NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System.

  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Fix.
  • A log (Fixlog.txt) will open on your desktop. Copy the contents of the log and paste in your next reply.
     

STEP 3
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. 
     

======================================================
 
STEP 4
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Did the programmes uninstall OK? 
  • Fixlog.txt
  • FRST.txt
  • Addition.txt

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#13 jeff matthews

jeff matthews

    Advanced Member

  • Authentic Member
  • PipPipPipPip
  • 759 posts

Posted 09 January 2015 - 05:50 PM

Can i run these scans in safe mode, or do i have to be in normal mode? Arn't you supposed to like Drag the script into the program? I am scanning it in safe mode right now, but its taking a while. How long is this fix supposed to take. It just says "searching" and nothing else.


Edited by jeff matthews, 09 January 2015 - 06:14 PM.


#14 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 09 January 2015 - 06:10 PM

Normal Mode if you can.

If you can't, use Safe Mode for Step 1 and 2.
Step 3 should be performed in Normal Mode.

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#15 jeff matthews

jeff matthews

    Advanced Member

  • Authentic Member
  • PipPipPipPip
  • 759 posts

Posted 09 January 2015 - 06:36 PM

Ok, i am sorry i will have to redo it. I don't think it is supposed to be taking this long. Its just supposed to fix the registry errors right? That usually takes a few min for scripts. Hopefully restarting my machine won't cause any problems.


Related Topics




Also tagged with one or more of these keywords: Viruses, Maleware, Infection, CCcleaner, Internet connection issue, Rootkits, trovi search bar

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users