Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

winrscmde has stopped working


  • Please log in to reply
21 replies to this topic

#1 Rashawn

Rashawn

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:12 PM

Posted 04 August 2012 - 11:17 PM

This happened recently this popup just keeps coming up, "winrscmde has stopped working"


00:08:21.0170 3728 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
00:08:21.0513 3728 ============================================================
00:08:21.0513 3728 Current date / time: 2012/08/05 00:08:21.0513
00:08:21.0513 3728 SystemInfo:
00:08:21.0513 3728
00:08:21.0513 3728 OS Version: 6.0.6002 ServicePack: 2.0
00:08:21.0513 3728 Product type: Workstation
00:08:21.0513 3728 ComputerName: ACER-PC
00:08:21.0513 3728 UserName: Administrator
00:08:21.0513 3728 Windows directory: C:\Windows
00:08:21.0513 3728 System windows directory: C:\Windows
00:08:21.0513 3728 Running under WOW64
00:08:21.0513 3728 Processor architecture: Intel x64
00:08:21.0513 3728 Number of processors: 2
00:08:21.0513 3728 Page size: 0x1000
00:08:21.0513 3728 Boot type: Normal boot
00:08:21.0513 3728 ============================================================
00:08:22.0059 3728 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:08:22.0074 3728 ============================================================
00:08:22.0074 3728 \Device\Harddisk0\DR0:
00:08:22.0074 3728 MBR partitions:
00:08:22.0074 3728 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2500800, BlocksNum 0x1BF08000
00:08:22.0074 3728 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E408800, BlocksNum 0x1BF7D000
00:08:22.0074 3728 ============================================================
00:08:22.0168 3728 C: <-> \Device\Harddisk0\DR0\Partition0
00:08:22.0449 3728 D: <-> \Device\Harddisk0\DR0\Partition1
00:08:22.0449 3728 ============================================================
00:08:22.0449 3728 Initialize success
00:08:22.0449 3728 ============================================================
00:08:41.0262 3864 ============================================================
00:08:41.0262 3864 Scan started
00:08:41.0262 3864 Mode: Manual;
00:08:41.0262 3864 ============================================================
00:08:42.0838 3864 Acer HomeMedia Connect Service (517d30057c726c797764bfd70a55d82a) C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
00:08:42.0854 3864 Acer HomeMedia Connect Service - ok
00:08:43.0212 3864 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
00:08:43.0212 3864 ACPI - ok
00:08:43.0384 3864 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:08:43.0384 3864 AdobeARMservice - ok
00:08:43.0774 3864 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:08:43.0836 3864 AdobeFlashPlayerUpdateSvc - ok
00:08:44.0180 3864 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
00:08:44.0226 3864 adp94xx - ok
00:08:44.0351 3864 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
00:08:44.0351 3864 adpahci - ok
00:08:44.0398 3864 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
00:08:44.0398 3864 adpu160m - ok
00:08:44.0414 3864 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
00:08:44.0429 3864 adpu320 - ok
00:08:44.0476 3864 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
00:08:44.0492 3864 AeLookupSvc - ok
00:08:44.0601 3864 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
00:08:44.0632 3864 AFD - ok
00:08:44.0694 3864 AgereModemAudio (48008d4ea73c1058f36d323a644410d4) C:\Program Files\LSI SoftModem\agr64svc.exe
00:08:44.0710 3864 AgereModemAudio - ok
00:08:44.0835 3864 AgereSoftModem (ddf52c4c92d831a4cdb7788b37585e36) C:\Windows\system32\DRIVERS\agrsm64.sys
00:08:44.0866 3864 AgereSoftModem - ok
00:08:45.0084 3864 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
00:08:45.0084 3864 agp440 - ok
00:08:45.0131 3864 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
00:08:45.0131 3864 aic78xx - ok
00:08:46.0052 3864 Akamai (29584f02a43e427c4227e3b1d9ff1b22) c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll
00:08:46.0052 3864 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll. md5: 29584f02a43e427c4227e3b1d9ff1b22
00:08:46.0083 3864 Akamai ( HiddenFile.Multi.Generic ) - warning
00:08:46.0083 3864 Akamai - detected HiddenFile.Multi.Generic (1)
00:08:46.0379 3864 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
00:08:46.0379 3864 ALG - ok
00:08:46.0457 3864 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
00:08:46.0457 3864 aliide - ok
00:08:46.0457 3864 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
00:08:46.0457 3864 amdide - ok
00:08:46.0504 3864 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\DRIVERS\amdk8.sys
00:08:46.0504 3864 AmdK8 - ok
00:08:46.0566 3864 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
00:08:46.0566 3864 Appinfo - ok
00:08:46.0785 3864 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:08:46.0785 3864 Apple Mobile Device - ok
00:08:46.0847 3864 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
00:08:46.0847 3864 arc - ok
00:08:46.0894 3864 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
00:08:46.0894 3864 arcsas - ok
00:08:46.0925 3864 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
00:08:46.0925 3864 AsyncMac - ok
00:08:47.0034 3864 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
00:08:47.0050 3864 atapi - ok
00:08:47.0237 3864 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
00:08:47.0284 3864 AudioEndpointBuilder - ok
00:08:47.0300 3864 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
00:08:47.0300 3864 AudioSrv - ok
00:08:47.0424 3864 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll
00:08:47.0440 3864 BFE - ok
00:08:47.0908 3864 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120711.002\BHDrvx64.sys
00:08:47.0939 3864 BHDrvx64 - ok
00:08:48.0360 3864 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\System32\qmgr.dll
00:08:48.0470 3864 BITS - ok
00:08:48.0594 3864 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
00:08:48.0594 3864 blbdrive - ok
00:08:48.0782 3864 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
00:08:48.0782 3864 Bonjour Service - ok
00:08:48.0813 3864 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
00:08:48.0813 3864 bowser - ok
00:08:48.0844 3864 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
00:08:48.0860 3864 BrFiltLo - ok
00:08:48.0875 3864 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
00:08:48.0875 3864 BrFiltUp - ok
00:08:48.0906 3864 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
00:08:48.0906 3864 Browser - ok
00:08:48.0953 3864 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
00:08:48.0953 3864 Brserid - ok
00:08:48.0969 3864 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
00:08:48.0969 3864 BrSerWdm - ok
00:08:48.0984 3864 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
00:08:48.0984 3864 BrUsbMdm - ok
00:08:49.0000 3864 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
00:08:49.0000 3864 BrUsbSer - ok
00:08:49.0016 3864 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
00:08:49.0016 3864 BTHMODEM - ok
00:08:49.0125 3864 BUNAgentSvc (09e6affae6c0e9158bf05c7d08d0107a) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
00:08:49.0140 3864 BUNAgentSvc - ok
00:08:49.0172 3864 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
00:08:49.0172 3864 cdfs - ok
00:08:49.0218 3864 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
00:08:49.0250 3864 cdrom - ok
00:08:49.0312 3864 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
00:08:49.0328 3864 CertPropSvc - ok
00:08:49.0343 3864 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
00:08:49.0359 3864 circlass - ok
00:08:49.0499 3864 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
00:08:49.0530 3864 CLFS - ok
00:08:49.0655 3864 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:08:49.0671 3864 clr_optimization_v2.0.50727_32 - ok
00:08:49.0780 3864 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:08:49.0780 3864 clr_optimization_v2.0.50727_64 - ok
00:08:49.0827 3864 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
00:08:49.0827 3864 cmdide - ok
00:08:49.0842 3864 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
00:08:49.0842 3864 Compbatt - ok
00:08:49.0858 3864 COMSysApp - ok
00:08:49.0920 3864 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
00:08:49.0936 3864 crcdisk - ok
00:08:49.0998 3864 CryptSvc (62740b9d2a137e8ced41a9e4239a7a31) C:\Windows\system32\cryptsvc.dll
00:08:49.0998 3864 CryptSvc - ok
00:08:50.0154 3864 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
00:08:50.0170 3864 DcomLaunch - ok
00:08:50.0217 3864 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
00:08:50.0232 3864 DfsC - ok
00:08:50.0654 3864 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
00:08:50.0763 3864 DFSR - ok
00:08:51.0184 3864 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
00:08:51.0184 3864 Dhcp - ok
00:08:51.0356 3864 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
00:08:51.0356 3864 disk - ok
00:08:51.0496 3864 dleaCATSCustConnectService (1017d70abe5483f40c10b7774397d120) C:\Windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe
00:08:51.0512 3864 dleaCATSCustConnectService - ok
00:08:51.0512 3864 dlea_device - ok
00:08:51.0558 3864 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
00:08:51.0558 3864 Dnscache - ok
00:08:51.0652 3864 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
00:08:51.0668 3864 dot3svc - ok
00:08:51.0808 3864 Dot4 (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys
00:08:51.0855 3864 Dot4 - ok
00:08:51.0902 3864 Dot4Print (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys
00:08:51.0933 3864 Dot4Print - ok
00:08:51.0964 3864 dot4usb (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys
00:08:51.0980 3864 dot4usb - ok
00:08:52.0058 3864 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
00:08:52.0073 3864 DPS - ok
00:08:52.0136 3864 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
00:08:52.0136 3864 drmkaud - ok
00:08:52.0416 3864 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
00:08:52.0479 3864 DXGKrnl - ok
00:08:52.0619 3864 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
00:08:52.0635 3864 E1G60 - ok
00:08:52.0666 3864 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
00:08:52.0666 3864 EapHost - ok
00:08:52.0760 3864 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
00:08:52.0775 3864 Ecache - ok
00:08:52.0900 3864 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
00:08:52.0916 3864 eeCtrl - ok
00:08:53.0025 3864 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
00:08:53.0040 3864 ehRecvr - ok
00:08:53.0072 3864 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
00:08:53.0072 3864 ehSched - ok
00:08:53.0087 3864 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
00:08:53.0087 3864 ehstart - ok
00:08:53.0415 3864 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
00:08:53.0415 3864 elxstor - ok
00:08:53.0524 3864 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
00:08:53.0540 3864 EMDMgmt - ok
00:08:53.0883 3864 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
00:08:53.0883 3864 EraserUtilRebootDrv - ok
00:08:53.0945 3864 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
00:08:53.0945 3864 ErrDev - ok
00:08:54.0023 3864 ETService (20d3741680ab88269badcdb161b36705) C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
00:08:54.0070 3864 ETService - ok
00:08:54.0117 3864 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
00:08:54.0132 3864 EventSystem - ok
00:08:54.0179 3864 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
00:08:54.0179 3864 exfat - ok
00:08:54.0273 3864 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
00:08:54.0273 3864 fastfat - ok
00:08:54.0320 3864 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
00:08:54.0320 3864 fdc - ok
00:08:54.0366 3864 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
00:08:54.0366 3864 fdPHost - ok
00:08:54.0429 3864 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
00:08:54.0429 3864 FDResPub - ok
00:08:54.0460 3864 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
00:08:54.0460 3864 FileInfo - ok
00:08:54.0476 3864 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
00:08:54.0476 3864 Filetrace - ok
00:08:54.0491 3864 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
00:08:54.0491 3864 flpydisk - ok
00:08:54.0554 3864 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
00:08:54.0554 3864 FltMgr - ok
00:08:54.0897 3864 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
00:08:54.0897 3864 FontCache - ok
00:08:55.0193 3864 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:08:55.0193 3864 FontCache3.0.0.0 - ok
00:08:55.0458 3864 ForceWare Intelligent Application Manager (IAM) (03ec8c6eeb24e245dad858c9fc6a1b68) C:\Program Files\bin32\nSvcAppFlt.exe
00:08:55.0505 3864 ForceWare Intelligent Application Manager (IAM) - ok
00:08:55.0724 3864 fssfltr (0e330639b19feb8de20b685576d9bf9d) C:\Windows\system32\DRIVERS\fssfltr.sys
00:08:55.0724 3864 fssfltr - ok
00:08:55.0926 3864 fsssvc (9b1622ebeb31b3411b13382ffcb8737d) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
00:08:55.0942 3864 fsssvc - ok
00:08:56.0020 3864 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys
00:08:56.0020 3864 Fs_Rec - ok
00:08:56.0067 3864 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
00:08:56.0067 3864 gagp30kx - ok
00:08:56.0129 3864 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:08:56.0129 3864 GEARAspiWDM - ok
00:08:56.0316 3864 getPlusHelper (0879dc7444a201df84e69c5dd5083d61) C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll
00:08:56.0316 3864 getPlusHelper - ok
00:08:56.0488 3864 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
00:08:56.0504 3864 gpsvc - ok
00:08:56.0660 3864 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:08:56.0660 3864 gupdate - ok
00:08:56.0691 3864 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:08:56.0691 3864 gupdatem - ok
00:08:56.0800 3864 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
00:08:56.0816 3864 HdAudAddService - ok
00:08:57.0034 3864 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
00:08:57.0050 3864 HDAudBus - ok
00:08:57.0112 3864 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
00:08:57.0143 3864 HidBth - ok
00:08:57.0268 3864 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
00:08:57.0284 3864 HidIr - ok
00:08:57.0330 3864 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\system32\hidserv.dll
00:08:57.0330 3864 hidserv - ok
00:08:57.0393 3864 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
00:08:57.0393 3864 HidUsb - ok
00:08:57.0440 3864 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
00:08:57.0440 3864 hkmsvc - ok
00:08:57.0502 3864 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
00:08:57.0502 3864 HpCISSs - ok
00:08:57.0720 3864 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
00:08:57.0767 3864 HTTP - ok
00:08:57.0908 3864 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
00:08:57.0923 3864 i2omp - ok
00:08:58.0095 3864 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
00:08:58.0095 3864 i8042prt - ok
00:08:58.0142 3864 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
00:08:58.0157 3864 iaStorV - ok
00:08:58.0454 3864 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:08:58.0485 3864 idsvc - ok
00:08:58.0812 3864 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120803.002\IDSvia64.sys
00:08:58.0844 3864 IDSVia64 - ok
00:08:59.0140 3864 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
00:08:59.0156 3864 iirsp - ok
00:08:59.0312 3864 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
00:08:59.0327 3864 IKEEXT - ok
00:08:59.0514 3864 int15 (8c7fa71cb1ebcd3ede8958d27b1bf0b4) C:\Windows\SysWOW64\drivers\int15_64.sys
00:08:59.0530 3864 int15 - ok
00:08:59.0577 3864 IntcAzAudAddService - ok
00:08:59.0608 3864 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
00:08:59.0608 3864 intelide - ok
00:08:59.0639 3864 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
00:08:59.0639 3864 intelppm - ok
00:08:59.0670 3864 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
00:08:59.0670 3864 IPBusEnum - ok
00:08:59.0717 3864 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:08:59.0717 3864 IpFilterDriver - ok
00:08:59.0826 3864 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll
00:08:59.0842 3864 iphlpsvc - ok
00:08:59.0842 3864 IpInIp - ok
00:08:59.0951 3864 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
00:08:59.0951 3864 IPMIDRV - ok
00:09:00.0029 3864 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
00:09:00.0029 3864 IPNAT - ok
00:09:00.0326 3864 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
00:09:00.0357 3864 iPod Service - ok
00:09:00.0404 3864 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
00:09:00.0419 3864 IRENUM - ok
00:09:00.0482 3864 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
00:09:00.0513 3864 isapnp - ok
00:09:00.0591 3864 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
00:09:00.0591 3864 iScsiPrt - ok
00:09:00.0606 3864 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
00:09:00.0606 3864 iteatapi - ok
00:09:00.0622 3864 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
00:09:00.0622 3864 iteraid - ok
00:09:01.0059 3864 jswpsapi (78d233d835a8876035ac559afe02b940) C:\Program Files (x86)\NETGEAR\WNDA3100\jswpsapi.exe
00:09:01.0121 3864 jswpsapi - ok
00:09:01.0215 3864 JSWPSLWF (d5f6061c3109db7608002665ea40ea86) C:\Windows\system32\DRIVERS\jswpslwfx.sys
00:09:01.0215 3864 JSWPSLWF - ok
00:09:01.0246 3864 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
00:09:01.0246 3864 kbdclass - ok
00:09:01.0293 3864 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
00:09:01.0293 3864 kbdhid - ok
00:09:01.0324 3864 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
00:09:01.0324 3864 KeyIso - ok
00:09:01.0402 3864 KSecDD (88956ad9fa510848ad176777a6c6c1f5) C:\Windows\system32\Drivers\ksecdd.sys
00:09:01.0418 3864 KSecDD - ok
00:09:01.0449 3864 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
00:09:01.0449 3864 ksthunk - ok
00:09:01.0496 3864 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
00:09:01.0511 3864 KtmRm - ok
00:09:01.0558 3864 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\system32\srvsvc.dll
00:09:01.0574 3864 LanmanServer - ok
00:09:01.0636 3864 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
00:09:01.0652 3864 LanmanWorkstation - ok
00:09:01.0776 3864 LightScribeService (793ff718477345cd5d232c50bed1e452) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
00:09:01.0776 3864 LightScribeService - ok
00:09:01.0823 3864 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
00:09:01.0823 3864 lltdio - ok
00:09:01.0995 3864 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
00:09:01.0995 3864 lltdsvc - ok
00:09:02.0026 3864 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
00:09:02.0026 3864 lmhosts - ok
00:09:02.0088 3864 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
00:09:02.0104 3864 LSI_FC - ok
00:09:02.0120 3864 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
00:09:02.0135 3864 LSI_SAS - ok
00:09:02.0135 3864 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
00:09:02.0135 3864 LSI_SCSI - ok
00:09:02.0166 3864 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
00:09:02.0166 3864 luafv - ok
00:09:02.0198 3864 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
00:09:02.0198 3864 Mcx2Svc - ok
00:09:02.0229 3864 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
00:09:02.0229 3864 megasas - ok
00:09:02.0276 3864 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
00:09:02.0276 3864 MegaSR - ok
00:09:02.0307 3864 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
00:09:02.0307 3864 MMCSS - ok
00:09:02.0400 3864 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
00:09:02.0400 3864 Modem - ok
00:09:02.0447 3864 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
00:09:02.0447 3864 monitor - ok
00:09:02.0494 3864 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
00:09:02.0494 3864 mouclass - ok
00:09:02.0556 3864 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
00:09:02.0556 3864 mouhid - ok
00:09:02.0588 3864 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
00:09:02.0603 3864 MountMgr - ok
00:09:02.0744 3864 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:09:02.0759 3864 MozillaMaintenance - ok
00:09:02.0822 3864 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
00:09:02.0822 3864 mpio - ok
00:09:02.0868 3864 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
00:09:02.0868 3864 mpsdrv - ok
00:09:03.0009 3864 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll
00:09:03.0040 3864 MpsSvc - ok
00:09:03.0087 3864 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
00:09:03.0087 3864 Mraid35x - ok
00:09:03.0134 3864 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
00:09:03.0149 3864 MRxDAV - ok
00:09:03.0243 3864 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
00:09:03.0243 3864 mrxsmb - ok
00:09:03.0352 3864 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:09:03.0352 3864 mrxsmb10 - ok
00:09:03.0414 3864 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:09:03.0414 3864 mrxsmb20 - ok
00:09:03.0477 3864 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
00:09:03.0477 3864 msahci - ok
00:09:03.0508 3864 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
00:09:03.0524 3864 msdsm - ok
00:09:03.0586 3864 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
00:09:03.0586 3864 MSDTC - ok
00:09:03.0648 3864 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
00:09:03.0680 3864 Msfs - ok
00:09:03.0726 3864 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
00:09:03.0726 3864 msisadrv - ok
00:09:03.0898 3864 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
00:09:03.0914 3864 MSiSCSI - ok
00:09:03.0929 3864 msiserver - ok
00:09:03.0992 3864 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
00:09:03.0992 3864 MSKSSRV - ok
00:09:04.0023 3864 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
00:09:04.0023 3864 MSPCLOCK - ok
00:09:04.0054 3864 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
00:09:04.0054 3864 MSPQM - ok
00:09:04.0257 3864 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
00:09:04.0272 3864 MsRPC - ok
00:09:04.0335 3864 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
00:09:04.0335 3864 mssmbios - ok
00:09:04.0366 3864 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
00:09:04.0366 3864 MSTEE - ok
00:09:04.0413 3864 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
00:09:04.0413 3864 Mup - ok
00:09:04.0943 3864 N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe
00:09:04.0943 3864 N360 - ok
00:09:05.0037 3864 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
00:09:05.0052 3864 napagent - ok
00:09:05.0146 3864 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
00:09:05.0146 3864 NativeWifiP - ok
00:09:05.0661 3864 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120803.035\ENG64.SYS
00:09:05.0676 3864 NAVENG - ok
00:09:06.0347 3864 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120803.035\EX64.SYS
00:09:06.0425 3864 NAVEX15 - ok
00:09:06.0768 3864 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
00:09:06.0784 3864 NDIS - ok
00:09:06.0831 3864 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
00:09:06.0846 3864 NdisTapi - ok
00:09:06.0846 3864 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
00:09:06.0846 3864 Ndisuio - ok
00:09:06.0893 3864 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
00:09:06.0893 3864 NdisWan - ok
00:09:06.0909 3864 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
00:09:06.0909 3864 NDProxy - ok
00:09:06.0956 3864 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll
00:09:06.0956 3864 Net Driver HPZ12 - ok
00:09:07.0034 3864 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
00:09:07.0049 3864 NetBIOS - ok
00:09:07.0096 3864 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
00:09:07.0096 3864 netbt - ok
00:09:07.0143 3864 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
00:09:07.0143 3864 Netlogon - ok
00:09:07.0190 3864 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
00:09:07.0205 3864 Netman - ok
00:09:07.0424 3864 NetMsmqActivator (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:09:07.0424 3864 NetMsmqActivator - ok
00:09:07.0455 3864 NetPipeActivator (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:09:07.0455 3864 NetPipeActivator - ok
00:09:07.0580 3864 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
00:09:07.0595 3864 netprofm - ok
00:09:07.0611 3864 NetTcpActivator (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:09:07.0626 3864 NetTcpActivator - ok
00:09:07.0642 3864 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:09:07.0642 3864 NetTcpPortSharing - ok
00:09:07.0704 3864 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
00:09:07.0720 3864 nfrd960 - ok
00:09:07.0767 3864 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
00:09:07.0767 3864 NlaSvc - ok
00:09:07.0892 3864 nosGetPlusHelper (ef7a048fe8e3f102c78c9bd7c448bb6c) C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll
00:09:07.0892 3864 nosGetPlusHelper - ok
00:09:08.0016 3864 npf (c31fa031335eff434b2d94278e74bcce) C:\Windows\system32\drivers\npf.sys
00:09:08.0016 3864 npf - ok
00:09:08.0063 3864 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
00:09:08.0063 3864 Npfs - ok
00:09:08.0126 3864 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
00:09:08.0126 3864 nsi - ok
00:09:08.0172 3864 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
00:09:08.0172 3864 nsiproxy - ok
00:09:08.0328 3864 nSvcIp (c5117e7ff9f373ad470ce5379617f464) C:\Program Files\bin32\nSvcIp.exe
00:09:08.0360 3864 nSvcIp - ok
00:09:08.0999 3864 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
00:09:09.0108 3864 Ntfs - ok
00:09:09.0233 3864 NTIBackupSvc (a2b6583a5652a385dff5e4f49ad48761) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
00:09:09.0249 3864 NTIBackupSvc - ok
00:09:09.0280 3864 NTISchedulerSvc (40b87fe8a1a9a5ac9e5a91d96f212bcd) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
00:09:09.0280 3864 NTISchedulerSvc - ok
00:09:09.0530 3864 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
00:09:09.0530 3864 Null - ok
00:09:09.0810 3864 NVENETFD (98350606682594521d56eccb5d01ecf7) C:\Windows\system32\DRIVERS\nvmfdx64.sys
00:09:09.0842 3864 NVENETFD - ok
00:09:10.0076 3864 NVHDA (ad37248bd442d41c9a896e53eb8a85ee) C:\Windows\system32\drivers\nvhda64v.sys
00:09:10.0076 3864 NVHDA - ok
00:09:11.0963 3864 nvlddmkm (feffc8474be060ea7349a172b9810415) C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:09:12.0213 3864 nvlddmkm - ok
00:09:12.0416 3864 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
00:09:12.0416 3864 nvraid - ok
00:09:12.0462 3864 nvsmu (f6c6d8298dd85507f680437ec2e6899c) C:\Windows\system32\DRIVERS\nvsmu.sys
00:09:12.0462 3864 nvsmu - ok
00:09:12.0509 3864 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
00:09:12.0509 3864 nvstor - ok
00:09:12.0556 3864 nvstor64 (14e8409cce4bfc7591f8697a8748dc5b) C:\Windows\system32\DRIVERS\nvstor64.sys
00:09:12.0556 3864 nvstor64 - ok
00:09:12.0603 3864 nvsvc (18aa5ff4ee3fe45a64b98589c62b7fc0) C:\Windows\system32\nvvsvc.exe
00:09:12.0618 3864 nvsvc - ok
00:09:12.0650 3864 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
00:09:12.0650 3864 nv_agp - ok
00:09:12.0665 3864 NwlnkFlt - ok
00:09:12.0665 3864 NwlnkFwd - ok
00:09:12.0806 3864 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
00:09:12.0806 3864 ohci1394 - ok
00:09:12.0915 3864 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
00:09:12.0930 3864 p2pimsvc - ok
00:09:12.0946 3864 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
00:09:12.0946 3864 p2psvc - ok
00:09:12.0993 3864 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
00:09:13.0008 3864 Parport - ok
00:09:13.0071 3864 partmgr (b43751085e2abe389da466bc62a4b987) C:\Windows\system32\drivers\partmgr.sys
00:09:13.0086 3864 partmgr - ok
00:09:13.0102 3864 PCAMp50a64 (304e6ac43613a9c43896c4300009442b) C:\Windows\system32\Drivers\PCAMp50a64.sys
00:09:13.0118 3864 PCAMp50a64 - ok
00:09:13.0133 3864 PCASp50a64 (18b6869e23937175144e6f1d3cb85fc2) C:\Windows\system32\Drivers\PCASp50a64.sys
00:09:13.0133 3864 PCASp50a64 - ok
00:09:13.0211 3864 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
00:09:13.0227 3864 PcaSvc - ok
00:09:13.0352 3864 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
00:09:13.0383 3864 pci - ok
00:09:13.0430 3864 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
00:09:13.0445 3864 pciide - ok
00:09:13.0476 3864 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
00:09:13.0476 3864 pcmcia - ok
00:09:13.0570 3864 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
00:09:13.0586 3864 PEAUTH - ok
00:09:13.0726 3864 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
00:09:13.0726 3864 PerfHost - ok
00:09:14.0085 3864 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
00:09:14.0116 3864 pla - ok
00:09:14.0475 3864 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
00:09:14.0490 3864 PlugPlay - ok
00:09:14.0568 3864 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll
00:09:14.0568 3864 Pml Driver HPZ12 - ok
00:09:14.0771 3864 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
00:09:14.0787 3864 PNRPAutoReg - ok
00:09:14.0802 3864 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
00:09:14.0802 3864 PNRPsvc - ok
00:09:14.0990 3864 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
00:09:15.0005 3864 PolicyAgent - ok
00:09:15.0130 3864 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
00:09:15.0130 3864 PptpMiniport - ok
00:09:15.0161 3864 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\DRIVERS\processr.sys
00:09:15.0177 3864 Processor - ok
00:09:15.0239 3864 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
00:09:15.0255 3864 ProfSvc - ok
00:09:15.0286 3864 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
00:09:15.0302 3864 ProtectedStorage - ok
00:09:15.0380 3864 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
00:09:15.0380 3864 PSched - ok
00:09:15.0614 3864 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
00:09:15.0645 3864 ql2300 - ok
00:09:15.0941 3864 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
00:09:15.0957 3864 ql40xx - ok
00:09:16.0035 3864 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
00:09:16.0050 3864 QWAVE - ok
00:09:16.0082 3864 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
00:09:16.0082 3864 QWAVEdrv - ok
00:09:16.0206 3864 RapiMgr (ed4e69c31ef566266be13638ebe9da56) C:\Windows\WindowsMobile\rapimgr.dll
00:09:16.0206 3864 RapiMgr - ok
00:09:16.0206 3864 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
00:09:16.0206 3864 RasAcd - ok
00:09:16.0253 3864 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
00:09:16.0253 3864 RasAuto - ok
00:09:16.0300 3864 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
00:09:16.0300 3864 Rasl2tp - ok
00:09:16.0331 3864 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
00:09:16.0331 3864 RasMan - ok
00:09:16.0378 3864 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
00:09:16.0378 3864 RasPppoe - ok
00:09:16.0409 3864 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
00:09:16.0409 3864 RasSstp - ok
00:09:16.0456 3864 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
00:09:16.0456 3864 rdbss - ok
00:09:16.0487 3864 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
00:09:16.0487 3864 RDPCDD - ok
00:09:16.0518 3864 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
00:09:16.0518 3864 rdpdr - ok
00:09:16.0534 3864 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
00:09:16.0534 3864 RDPENCDD - ok
00:09:16.0581 3864 RDPWD (ae4bd9e1c33d351d8e607fc81f15160c) C:\Windows\system32\drivers\RDPWD.sys
00:09:16.0596 3864 RDPWD - ok
00:09:16.0643 3864 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
00:09:16.0643 3864 RemoteAccess - ok
00:09:16.0690 3864 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
00:09:16.0706 3864 RemoteRegistry - ok
00:09:16.0737 3864 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
00:09:16.0737 3864 RpcLocator - ok
00:09:16.0862 3864 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
00:09:16.0877 3864 RpcSs - ok
00:09:16.0955 3864 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
00:09:16.0955 3864 rspndr - ok
00:09:17.0002 3864 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
00:09:17.0002 3864 SamSs - ok
00:09:17.0018 3864 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
00:09:17.0033 3864 sbp2port - ok
00:09:17.0080 3864 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
00:09:17.0096 3864 SCardSvr - ok
00:09:17.0205 3864 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
00:09:17.0220 3864 Schedule - ok
00:09:17.0267 3864 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
00:09:17.0267 3864 SCPolicySvc - ok
00:09:17.0314 3864 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
00:09:17.0330 3864 SDRSVC - ok
00:09:17.0392 3864 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
00:09:17.0392 3864 secdrv - ok
00:09:17.0423 3864 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
00:09:17.0423 3864 seclogon - ok
00:09:17.0486 3864 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll
00:09:17.0486 3864 SENS - ok
00:09:17.0501 3864 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
00:09:17.0517 3864 Serenum - ok
00:09:17.0532 3864 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
00:09:17.0532 3864 Serial - ok
00:09:17.0564 3864 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
00:09:17.0564 3864 sermouse - ok
00:09:17.0657 3864 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
00:09:17.0657 3864 SessionEnv - ok
00:09:17.0688 3864 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
00:09:17.0688 3864 sffdisk - ok
00:09:17.0704 3864 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
00:09:17.0704 3864 sffp_mmc - ok
00:09:17.0735 3864 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
00:09:17.0735 3864 sffp_sd - ok
00:09:17.0751 3864 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
00:09:17.0751 3864 sfloppy - ok
00:09:18.0063 3864 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll
00:09:18.0094 3864 SharedAccess - ok
00:09:18.0172 3864 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
00:09:18.0188 3864 ShellHWDetection - ok
00:09:18.0219 3864 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
00:09:18.0234 3864 SiSRaid2 - ok
00:09:18.0250 3864 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
00:09:18.0250 3864 SiSRaid4 - ok
00:09:18.0328 3864 SkypeUpdate (ea396139541706b4b433641d62ea53ce) C:\Program Files (x86)\Skype\Updater\Updater.exe
00:09:18.0562 3864 SkypeUpdate - ok
00:09:19.0046 3864 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
00:09:19.0202 3864 slsvc - ok
00:09:19.0451 3864 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
00:09:19.0467 3864 SLUINotify - ok
00:09:19.0560 3864 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
00:09:19.0576 3864 Smb - ok
00:09:19.0607 3864 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
00:09:19.0607 3864 SNMPTRAP - ok
00:09:19.0638 3864 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
00:09:19.0654 3864 spldr - ok
00:09:19.0701 3864 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
00:09:19.0701 3864 Spooler - ok
00:09:19.0935 3864 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\N360x64\0502020.003\SRTSP64.SYS
00:09:19.0950 3864 SRTSP - ok
00:09:19.0966 3864 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\N360x64\0502020.003\SRTSPX64.SYS
00:09:19.0966 3864 SRTSPX - ok
00:09:20.0044 3864 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
00:09:20.0044 3864 srv - ok
00:09:20.0091 3864 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
00:09:20.0091 3864 srv2 - ok
00:09:20.0106 3864 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
00:09:20.0122 3864 srvnet - ok
00:09:20.0153 3864 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
00:09:20.0153 3864 SSDPSRV - ok
00:09:20.0184 3864 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
00:09:20.0184 3864 SstpSvc - ok
00:09:20.0309 3864 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
00:09:20.0356 3864 stisvc - ok
00:09:20.0387 3864 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
00:09:20.0387 3864 swenum - ok
00:09:20.0465 3864 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
00:09:20.0481 3864 swprv - ok
00:09:20.0512 3864 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
00:09:20.0512 3864 Symc8xx - ok
00:09:20.0762 3864 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\N360x64\0502020.003\SYMDS64.SYS
00:09:20.0777 3864 SymDS - ok
00:09:21.0120 3864 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\N360x64\0502020.003\SYMEFA64.SYS
00:09:21.0167 3864 SymEFA - ok
00:09:21.0214 3864 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
00:09:21.0230 3864 SymEvent - ok
00:09:21.0276 3864 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS
00:09:21.0292 3864 SymIRON - ok
00:09:21.0323 3864 SYMTDIv (61d06be74fa23ebb7d816e4468edd19e) C:\Windows\System32\Drivers\N360x64\0502020.003\SYMTDIV.SYS
00:09:21.0339 3864 SYMTDIv - ok
00:09:21.0354 3864 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
00:09:21.0370 3864 Sym_hi - ok
00:09:21.0370 3864 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
00:09:21.0386 3864 Sym_u3 - ok
00:09:21.0510 3864 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
00:09:21.0526 3864 SysMain - ok
00:09:21.0557 3864 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
00:09:21.0557 3864 TabletInputService - ok
00:09:21.0635 3864 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
00:09:21.0635 3864 TapiSrv - ok
00:09:21.0666 3864 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
00:09:21.0666 3864 TBS - ok
00:09:21.0947 3864 Tcpip (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\drivers\tcpip.sys
00:09:21.0978 3864 Tcpip - ok
00:09:22.0852 3864 Tcpip6 (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\DRIVERS\tcpip.sys
00:09:22.0852 3864 Tcpip6 - ok
00:09:23.0772 3864 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
00:09:23.0788 3864 tcpipreg - ok
00:09:23.0835 3864 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
00:09:23.0835 3864 TDPIPE - ok
00:09:23.0897 3864 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
00:09:23.0897 3864 TDTCP - ok
00:09:24.0053 3864 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
00:09:24.0069 3864 tdx - ok
00:09:24.0147 3864 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
00:09:24.0147 3864 TermDD - ok
00:09:24.0272 3864 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
00:09:24.0303 3864 TermService - ok
00:09:24.0396 3864 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
00:09:24.0412 3864 Themes - ok
00:09:24.0521 3864 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
00:09:24.0521 3864 THREADORDER - ok
00:09:24.0568 3864 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
00:09:24.0584 3864 TrkWks - ok
00:09:24.0646 3864 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
00:09:24.0646 3864 TrustedInstaller - ok
00:09:24.0677 3864 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
00:09:24.0708 3864 tssecsrv - ok
00:09:24.0740 3864 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
00:09:24.0740 3864 tunmp - ok
00:09:24.0786 3864 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
00:09:24.0786 3864 tunnel - ok
00:09:24.0833 3864 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
00:09:24.0833 3864 uagp35 - ok
00:09:25.0098 3864 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
00:09:25.0114 3864 udfs - ok
00:09:25.0301 3864 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
00:09:25.0301 3864 UI0Detect - ok
00:09:25.0332 3864 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
00:09:25.0332 3864 uliagpkx - ok
00:09:25.0364 3864 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
00:09:25.0364 3864 uliahci - ok
00:09:25.0395 3864 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
00:09:25.0395 3864 UlSata - ok
00:09:25.0426 3864 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
00:09:25.0426 3864 ulsata2 - ok
00:09:25.0442 3864 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
00:09:25.0442 3864 umbus - ok
00:09:25.0488 3864 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
00:09:25.0488 3864 upnphost - ok
00:09:25.0535 3864 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
00:09:25.0535 3864 USBAAPL64 - ok
00:09:25.0566 3864 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
00:09:25.0566 3864 usbaudio - ok
00:09:25.0613 3864 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
00:09:25.0613 3864 usbccgp - ok
00:09:25.0644 3864 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
00:09:25.0644 3864 usbcir - ok
00:09:25.0660 3864 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
00:09:25.0676 3864 usbehci - ok
00:09:25.0707 3864 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
00:09:25.0722 3864 usbhub - ok
00:09:25.0722 3864 usbohci (e406b003a354776d317762694956b0fc) C:\Windows\system32\DRIVERS\usbohci.sys
00:09:25.0722 3864 usbohci - ok
00:09:25.0754 3864 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
00:09:25.0754 3864 usbprint - ok
00:09:25.0800 3864 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
00:09:25.0800 3864 usbscan - ok
00:09:25.0863 3864 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:09:25.0878 3864 USBSTOR - ok
00:09:25.0894 3864 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
00:09:25.0894 3864 usbuhci - ok
00:09:26.0003 3864 usb_rndisx (1e36bb1a3c5aaf2aa9fa9a126df8c16c) C:\Windows\system32\DRIVERS\usb8023x.sys
00:09:26.0034 3864 usb_rndisx - ok
00:09:26.0066 3864 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
00:09:26.0066 3864 UxSms - ok
00:09:26.0253 3864 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
00:09:26.0284 3864 vds - ok
00:09:26.0331 3864 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
00:09:26.0331 3864 vga - ok
00:09:26.0346 3864 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
00:09:26.0346 3864 VgaSave - ok
00:09:26.0378 3864 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
00:09:26.0378 3864 viaide - ok
00:09:26.0424 3864 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
00:09:26.0424 3864 volmgr - ok
00:09:26.0846 3864 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
00:09:26.0892 3864 volmgrx - ok
00:09:27.0017 3864 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
00:09:27.0017 3864 volsnap - ok
00:09:27.0314 3864 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
00:09:27.0314 3864 vsmraid - ok
00:09:28.0094 3864 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
00:09:28.0156 3864 VSS - ok
00:09:28.0749 3864 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
00:09:28.0780 3864 W32Time - ok
00:09:28.0936 3864 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
00:09:28.0936 3864 WacomPen - ok
00:09:29.0342 3864 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
00:09:29.0388 3864 Wanarp - ok
00:09:29.0388 3864 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
00:09:29.0404 3864 Wanarpv6 - ok
00:09:29.0607 3864 WcesComm (382a7b0b632ec98de5f0658da9de6159) C:\Windows\WindowsMobile\wcescomm.dll
00:09:29.0638 3864 WcesComm - ok
00:09:29.0732 3864 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
00:09:29.0747 3864 wcncsvc - ok
00:09:29.0794 3864 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
00:09:29.0794 3864 WcsPlugInService - ok
00:09:29.0841 3864 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
00:09:29.0872 3864 Wd - ok
00:09:29.0997 3864 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
00:09:30.0012 3864 Wdf01000 - ok
00:09:30.0059 3864 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
00:09:30.0059 3864 WdiServiceHost - ok
00:09:30.0059 3864 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
00:09:30.0075 3864 WdiSystemHost - ok
00:09:30.0200 3864 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
00:09:30.0200 3864 WebClient - ok
00:09:30.0231 3864 Wecsvc (bd9a749f36710ffa02e0e530f7451936) C:\Windows\system32\wecsvc.dll
00:09:30.0246 3864 Wecsvc - ok
00:09:30.0262 3864 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
00:09:30.0262 3864 wercplsupport - ok
00:09:30.0293 3864 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
00:09:30.0293 3864 WerSvc - ok
00:09:30.0340 3864 WinDefend - ok
00:09:30.0356 3864 WinHttpAutoProxySvc - ok
00:09:30.0512 3864 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
00:09:30.0512 3864 Winmgmt - ok
00:09:30.0902 3864 WinRM (42717db2be3a075d0f0cd5c927c27a43) C:\Windows\system32\WsmSvc.dll
00:09:30.0964 3864 WinRM - ok
00:09:31.0120 3864 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
00:09:31.0136 3864 Wlansvc - ok
00:09:31.0713 3864 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:09:31.0791 3864 wlidsvc - ok
00:09:32.0103 3864 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
00:09:32.0103 3864 WmiAcpi - ok
00:09:32.0368 3864 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
00:09:32.0399 3864 wmiApSrv - ok
00:09:32.0586 3864 WMPNetworkSvc - ok
00:09:32.0789 3864 WNDA3100 (ae06d75f402de21c922bcecb30f8fb50) C:\Windows\system32\DRIVERS\WNDA31vx.sys
00:09:32.0805 3864 WNDA3100 - ok
00:09:32.0883 3864 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
00:09:32.0898 3864 WPCSvc - ok
00:09:32.0930 3864 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
00:09:32.0945 3864 WPDBusEnum - ok
00:09:32.0992 3864 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
00:09:33.0008 3864 WpdUsb - ok
00:09:33.0086 3864 WPFFontCache_v0400 - ok
00:09:33.0164 3864 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
00:09:33.0179 3864 ws2ifsl - ok
00:09:33.0226 3864 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\System32\wscsvc.dll
00:09:33.0226 3864 wscsvc - ok
00:09:33.0242 3864 WSearch - ok
00:09:33.0632 3864 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
00:09:33.0710 3864 wuauserv - ok
00:09:33.0959 3864 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
00:09:33.0975 3864 WUDFRd - ok
00:09:34.0022 3864 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
00:09:34.0037 3864 wudfsvc - ok
00:09:34.0100 3864 MBR (0x1B8) (ef932eaa6ef4c94e66a7f6ceec7eb422) \Device\Harddisk0\DR0
00:09:34.0162 3864 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
00:09:34.0162 3864 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
00:09:34.0193 3864 Boot (0x1200) (0ed85b04fd64a4d2f541e4c8e83d26c9) \Device\Harddisk0\DR0\Partition0
00:09:34.0193 3864 \Device\Harddisk0\DR0\Partition0 - ok
00:09:34.0209 3864 Boot (0x1200) (fb518f74b476ef33a613fb0c45c18ddf) \Device\Harddisk0\DR0\Partition1
00:09:34.0271 3864 \Device\Harddisk0\DR0\Partition1 - ok
00:09:34.0287 3864 ============================================================
00:09:34.0287 3864 Scan finished
00:09:34.0287 3864 ============================================================
00:09:34.0302 2716 Detected object count: 2
00:09:34.0302 2716 Actual detected object count: 2
00:10:04.0956 2716 c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll - copied to quarantine
00:10:04.0956 2716 Akamai ( HiddenFile.Multi.Generic ) - User select action: Quarantine
00:10:07.0733 2716 \Device\Harddisk0\DR0\# - copied to quarantine
00:10:07.0733 2716 \Device\Harddisk0\DR0 - copied to quarantine
00:10:07.0811 2716 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
00:10:07.0811 2716 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
00:10:07.0811 2716 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
00:10:07.0811 2716 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
00:10:07.0889 2716 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
00:10:07.0905 2716 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
00:10:07.0905 2716 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
00:10:07.0905 2716 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
00:10:07.0905 2716 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
00:10:07.0905 2716 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
00:10:08.0030 2716 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
00:10:08.0076 2716 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
00:10:08.0108 2716 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
00:10:08.0108 2716 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Quarantine

BC AdBot (Login to Remove)

 


#2 Rashawn

Rashawn
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:12 PM

Posted 04 August 2012 - 11:38 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-05 00:13:35
-----------------------------
00:13:35.752 OS Version: Windows x64 6.0.6002 Service Pack 2
00:13:35.752 Number of processors: 2 586 0x6B02
00:13:35.752 ComputerName: ACER-PC UserName:
00:13:43.319 Initialize success
00:27:52.709 AVAST engine defs: 12080401
00:27:57.672 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005d
00:27:57.688 Disk 0 Vendor: Hitachi_ GM4O Size: 476940MB BusType: 6
00:27:57.688 Device \Driver\nvstor64 -> MajorFunction fffffa80054df5e8
00:27:57.704 Disk 0 MBR read successfully
00:27:57.719 Disk 0 MBR scan
00:27:57.735 Disk 0 unknown MBR code
00:27:57.766 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 18944 MB offset 2048
00:27:57.797 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 228880 MB offset 38799360
00:27:57.844 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 229114 MB offset 507545600
00:27:57.922 Disk 0 scanning C:\Windows\system32\drivers
00:28:14.895 Service scanning
00:28:49.715 Modules scanning
00:28:49.715 Disk 0 trace - called modules:
00:28:49.731 ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys >>UNKNOWN [0xfffffa80054df5e8]<<hal.dll
00:28:49.731 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004eea790]
00:28:49.746 3 CLASSPNP.SYS[fffffa6000dc9c33] -> nt!IofCallDriver -> [0xfffffa8004a6b930]
00:28:49.746 5 acpi.sys[fffffa60008f5fde] -> nt!IofCallDriver -> \Device\0000005d[0xfffffa80040fe630]
00:28:49.762 \Driver\nvstor64[0xfffffa80054d2420] -> IRP_MJ_CREATE -> 0xfffffa80054df5e8
00:28:51.650 AVAST engine scan C:\Windows
00:28:57.718 AVAST engine scan C:\Windows\system32
00:33:13.932 AVAST engine scan C:\Windows\system32\drivers
00:33:33.853 AVAST engine scan C:\Users\Administrator
00:36:22.796 Disk 0 MBR has been saved successfully to "C:\Users\Administrator\Documents\MBR.dat"
00:36:22.796 The log file has been saved successfully to "C:\Users\Administrator\Documents\aswMBR Log.txt"

#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:12 PM

Posted 05 August 2012 - 12:36 AM

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#4 Rashawn

Rashawn
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:12 PM

Posted 06 August 2012 - 06:15 PM

C:\Program Files (x86)\DealPly\zugo-rj.exe a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Program Files (x86)\Windows Live\Messenger\msimg32.dll Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\Program Files (x86)\Windows Live\Messenger\riched20.dll Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\Program Files (x86)\Yontoo Layers Runtime (Drop Down Deals)\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application cleaned by deleting - quarantined
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\05.08.2012_00.08.21\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\05.08.2012_00.08.21\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\05.08.2012_00.08.21\mbr0000\tdlfs0000\tsk0005.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\05.08.2012_00.08.21\mbr0000\tdlfs0000\tsk0009.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\05.08.2012_00.08.21\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined

#5 Rashawn

Rashawn
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:12 PM

Posted 14 August 2012 - 10:18 PM

I'm sorry but the malwarebytes seems to take forever to scan

#6 Rashawn

Rashawn
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:12 PM

Posted 15 August 2012 - 10:17 PM

The minitool box is not letting me download. My computer does not trust it....

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:12 PM

Posted 15 August 2012 - 10:18 PM

Disable your antivirus and download

#8 Rashawn

Rashawn
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:12 PM

Posted 15 August 2012 - 10:18 PM

I also can't download the FSS.... What programs are these?

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:12 PM

Posted 15 August 2012 - 10:22 PM

Check my previous reply :)

#10 Rashawn

Rashawn
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:12 PM

Posted 15 August 2012 - 10:25 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Administrator (administrator) on 15-08-2012 at 23:22:26
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

RangeMax Dual Band Wireless-N USB Adapter = Wireless Network Connection (Connected)
NVIDIA nForce 10/100/1000 Mbps Ethernet = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Acer-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : RangeMax Dual Band Wireless-N USB Adapter
Physical Address. . . . . . . . . : 00-1F-33-EF-F1-EA
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::314a:7d34:15b3:523d%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.8(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, August 15, 2012 11:11:10 PM
Lease Expires . . . . . . . . . . : Saturday, August 18, 2012 11:11:10 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 285220659
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0C-C8-E9-DC-00-1D-72-A2-18-B6
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NVIDIA nForce 10/100/1000 Mbps Ethernet
Physical Address. . . . . . . . . : 00-1D-72-A2-18-B6
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{846CCB92-D6CC-4A9C-8536-CB2C2AED7315}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{14CB052C-C242-478A-9092-BAFB6698FABB}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: www.routerlogin.com
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:802::1007
173.194.43.3
173.194.43.2
173.194.43.6
173.194.43.14
173.194.43.5
173.194.43.7
173.194.43.8
173.194.43.4
173.194.43.9
173.194.43.0
173.194.43.1



Pinging google.com [74.125.228.70] with 32 bytes of data:

Reply from 74.125.228.70: bytes=32 time=139ms TTL=55

Reply from 74.125.228.70: bytes=32 time=54ms TTL=55



Ping statistics for 74.125.228.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 54ms, Maximum = 139ms, Average = 96ms

Server: www.routerlogin.com
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.138.253.109
72.30.38.140
98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

Reply from 98.139.183.24: bytes=32 time=131ms TTL=51

Reply from 98.139.183.24: bytes=32 time=112ms TTL=49



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 112ms, Maximum = 131ms, Average = 121ms

Server: www.routerlogin.com
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time=11ms TTL=128

Reply from 127.0.0.1: bytes=32 time=3ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 3ms, Maximum = 11ms, Average = 7ms

===========================================================================
Interface List
11 ...00 1f 33 ef f1 ea ...... RangeMax Dual Band Wireless-N USB Adapter
10 ...00 1d 72 a2 18 b6 ...... NVIDIA nForce 10/100/1000 Mbps Ethernet
1 ........................... Software Loopback Interface 1
13 ...00 00 00 00 00 00 00 e0 isatap.{846CCB92-D6CC-4A9C-8536-CB2C2AED7315}
15 ...00 00 00 00 00 00 00 e0 isatap.{14CB052C-C242-478A-9092-BAFB6698FABB}
12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.8 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.8 276
192.168.1.8 255.255.255.255 On-link 192.168.1.8 276
192.168.1.255 255.255.255.255 On-link 192.168.1.8 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.8 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.8 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 276 fe80::/64 On-link
11 276 fe80::314a:7d34:15b3:523d/128
On-link
1 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/15/2012 11:22:49 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x4fe23011, faulting module svchost.exe, version 6.0.6001.18000, time stamp 0x4fe23011, exception code 0xc0000005, fault offset 0x00001e98,
process id 0x1100, application start time 0xsvchost.exe0.

Error: (08/15/2012 11:22:47 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x4fe23011, faulting module svchost.exe, version 6.0.6001.18000, time stamp 0x4fe23011, exception code 0xc0000005, fault offset 0x00001e98,
process id 0x1280, application start time 0xsvchost.exe0.

Error: (08/15/2012 11:22:32 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x4fe23011, faulting module svchost.exe, version 6.0.6001.18000, time stamp 0x4fe23011, exception code 0xc0000005, fault offset 0x00001e98,
process id 0x1244, application start time 0xsvchost.exe0.

Error: (08/15/2012 11:22:32 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x4fe23011, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x74f9a57d,
process id 0xf68, application start time 0xsvchost.exe0.

Error: (08/15/2012 11:22:16 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x4fe23011, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x74f9a57d,
process id 0xd90, application start time 0xsvchost.exe0.

Error: (08/15/2012 11:22:16 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x4fe23011, faulting module svchost.exe, version 6.0.6001.18000, time stamp 0x4fe23011, exception code 0xc0000005, fault offset 0x00001e98,
process id 0x1030, application start time 0xsvchost.exe0.

Error: (08/15/2012 11:22:03 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x4fe23011, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x74f9a57d,
process id 0xb64, application start time 0xsvchost.exe0.

Error: (08/15/2012 11:22:02 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x4fe23011, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x74f9a57d,
process id 0x122c, application start time 0xsvchost.exe0.

Error: (08/15/2012 11:21:43 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x4fe23011, faulting module svchost.exe, version 6.0.6001.18000, time stamp 0x4fe23011, exception code 0xc0000005, fault offset 0x00001e98,
process id 0x1064, application start time 0xsvchost.exe0.

Error: (08/15/2012 11:21:41 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x4fe23011, faulting module svchost.exe, version 6.0.6001.18000, time stamp 0x4fe23011, exception code 0xc0000005, fault offset 0x00001e98,
process id 0x124c, application start time 0xsvchost.exe0.


System errors:
=============
Error: (08/15/2012 11:17:20 PM) (Source: Service Control Manager) (User: )
Description: Windows Update

Error: (08/15/2012 11:11:54 PM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (08/15/2012 11:10:48 PM) (Source: Microsoft-Windows-ResourcePublication) (User: NT AUTHORITY)
Description: Provider\Microsoft.Base.Publication/Publication/Computer

Error: (08/15/2012 11:10:17 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (08/15/2012 11:10:00 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (08/15/2012 04:25:47 PM) (Source: Service Control Manager) (User: )
Description: 30000TrkWks

Error: (08/15/2012 04:25:17 PM) (Source: Service Control Manager) (User: )
Description: 30000SysMain

Error: (08/15/2012 04:24:47 PM) (Source: Service Control Manager) (User: )
Description: 30000TrkWks

Error: (08/15/2012 01:39:49 PM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (08/15/2012 01:38:45 PM) (Source: Microsoft-Windows-ResourcePublication) (User: NT AUTHORITY)
Description: Provider\Microsoft.Base.Publication/Publication/Computer


Microsoft Office Sessions:
=========================
Error: (08/15/2012 11:22:49 PM) (Source: Application Error)(User: )
Description: svchost.exe6.0.6001.180004fe23011svchost.exe6.0.6001.180004fe23011c000000500001e98110001cd7b5e693ee80e

Error: (08/15/2012 11:22:47 PM) (Source: Application Error)(User: )
Description: svchost.exe6.0.6001.180004fe23011svchost.exe6.0.6001.180004fe23011c000000500001e98128001cd7b5e6836af6e

Error: (08/15/2012 11:22:32 PM) (Source: Application Error)(User: )
Description: svchost.exe6.0.6001.180004fe23011svchost.exe6.0.6001.180004fe23011c000000500001e98124401cd7b5e5da8cfbe

Error: (08/15/2012 11:22:32 PM) (Source: Application Error)(User: )
Description: svchost.exe6.0.6001.180004fe23011unknown0.0.0.000000000c000000574f9a57df6801cd7b5e5ed4e40e

Error: (08/15/2012 11:22:16 PM) (Source: Application Error)(User: )
Description: svchost.exe6.0.6001.180004fe23011unknown0.0.0.000000000c000000574f9a57dd9001cd7b5e5644438e

Error: (08/15/2012 11:22:16 PM) (Source: Application Error)(User: )
Description: svchost.exe6.0.6001.180004fe23011svchost.exe6.0.6001.180004fe23011c000000500001e98103001cd7b5e55e049ce

Error: (08/15/2012 11:22:03 PM) (Source: Application Error)(User: )
Description: svchost.exe6.0.6001.180004fe23011unknown0.0.0.000000000c000000574f9a57db6401cd7b5e4b14ad6e

Error: (08/15/2012 11:22:02 PM) (Source: Application Error)(User: )
Description: svchost.exe6.0.6001.180004fe23011unknown0.0.0.000000000c000000574f9a57d122c01cd7b5e49d0f26e

Error: (08/15/2012 11:21:43 PM) (Source: Application Error)(User: )
Description: svchost.exe6.0.6001.180004fe23011svchost.exe6.0.6001.180004fe23011c000000500001e98106401cd7b5e3dab7afe

Error: (08/15/2012 11:21:41 PM) (Source: Application Error)(User: )
Description: svchost.exe6.0.6001.180004fe23011svchost.exe6.0.6001.180004fe23011c000000500001e98124c01cd7b5e3d960e9e


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 6.2.1)
Akamai NetSession Interface
Apple Mobile Device Support (Version: 5.2.0.6)
Bonjour (Version: 3.0.0.10)
Dell V310-V510 Series
iCloud (Version: 1.1.0.40)
IMVU Avatar Chat Software
iTunes (Version: 10.6.3.25)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
MobileMe Control Panel (Version: 3.1.8.0)
NVIDIA Drivers (Version: 1.10)
NVIDIA ForceWare Network Access Manager (Version: 1.00.6776)
PVSonyDll (Version: 1.00.0001)
s3pe - Sims3 Package Editor (Version: 11-0402-0951)
Windows Live Family Safety (Version: 14.0.8064.206)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Yontoo Layers Runtime (Drop Down Deals) 1.10.01 (Version: 1.10.01)

========================= Memory info: ===================================

Percentage of memory in use: 55%
Total physical RAM: 3837.62 MB
Available physical RAM: 1714.34 MB
Total Pagefile: 7859.78 MB
Available Pagefile: 5371.61 MB
Total Virtual: 4095.88 MB
Available Virtual: 3993.56 MB

========================= Partitions: =====================================

1 Drive c: (ACER) (Fixed) (Total:223.52 GB) (Free:46.08 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:223.74 GB) (Free:223.54 GB) NTFS

========================= Users: ========================================

User accounts for \\ACER-PC

Administrator Guest


**** End of log ****

#11 Rashawn

Rashawn
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:12 PM

Posted 15 August 2012 - 10:27 PM

Farbar Service Scanner Version: 06-08-2012
Ran by Administrator (administrator) on 15-08-2012 at 23:23:34
Running from "C:\Users\Administrator\Downloads"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcsvc.dll
[2009-06-08 18:37] - [2009-04-11 03:11] - 0268288 ____A (Microsoft Corporation) 3ED0321127CE70ACDAABBF77E157C2A7

C:\Windows\System32\drivers\afd.sys
[2012-02-14 20:50] - [2012-01-03 10:25] - 0404992 ____A (Microsoft Corporation) C4F6CE6087760AD70960C9EB130E7943

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-05-08 16:50] - [2012-03-30 08:45] - 1423744 ____A (Microsoft Corporation) 46D448E9117464E4D3BBF36D7E3FA48E

C:\Windows\System32\dnsrslvr.dll
[2011-04-14 16:16] - [2011-03-02 12:12] - 0117760 ____A (Microsoft Corporation) 06230F1B721494A6DF8D47FD395BB1B0

C:\Windows\System32\mpssvc.dll
[2009-06-08 18:37] - [2009-04-11 03:11] - 0603136 ____A (Microsoft Corporation) 897E3BAF68BA406A61682AE39C83900C

C:\Windows\System32\bfe.dll
[2009-06-08 18:36] - [2009-04-11 03:11] - 0458240 ____A (Microsoft Corporation) FFB96C2589FFA60473EAD78B39FBDE29

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe
[2009-06-08 18:38] - [2009-04-11 03:11] - 1433600 ____A (Microsoft Corporation) B75232DAD33BFD95BF6F0A3E6BFF51E1

C:\Windows\System32\wscsvc.dll
[2009-06-08 18:36] - [2009-04-11 03:11] - 0074752 ____A (Microsoft Corporation) 9EA3E6D0EF7A5C2B9181961052A4B01A

C:\Windows\System32\wbem\WMIsvc.dll
[2009-06-08 18:37] - [2009-04-11 03:11] - 0221696 ____A (Microsoft Corporation) D2E7296ED1BD26D8DB2799770C077A02

C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll
[2009-06-08 18:38] - [2009-04-11 03:11] - 1081856 ____A (Microsoft Corporation) 6D316F4859634071CC25C4FD4589AD2C

C:\Windows\System32\es.dll
[2009-06-08 18:37] - [2009-04-11 03:11] - 0361984 ____A (Microsoft Corporation) E12F22B73F153DECE721CD45EC05B4AF

C:\Windows\System32\cryptsvc.dll
[2012-07-11 12:25] - [2012-04-23 12:25] - 0174592 ____A (Microsoft Corporation) 62740B9D2A137E8CED41A9E4239A7A31

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2009-06-08 18:38] - [2009-04-11 03:11] - 0719872 ____A (Microsoft Corporation) CF8B9A3A5E7DC57724A89D0C3E8CF9EF



**** End of log ****

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:12 PM

Posted 15 August 2012 - 10:28 PM

Will wait for Malwarebytes and adware cleaner log

#13 Rashawn

Rashawn
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:12 PM

Posted 15 August 2012 - 10:39 PM

# AdwCleaner v1.801 - Logfile created 08/15/2012 at 23:27:27
# Updated 14/08/2012 by Xplode
# Operating system : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# User : Administrator - ACER-PC
# Boot Mode : Normal
# Running from : C:\Users\Administrator\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Users\Administrator\AppData\Local\Babylon
Deleted on reboot : C:\Users\Administrator\AppData\Local\Conduit
Deleted on reboot : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpkbfdhlbdkjohbhnhabfecpmcdlcmff
Deleted on reboot : C:\Users\Administrator\AppData\Local\OpenCandy
Deleted on reboot : C:\Users\Administrator\AppData\Local\TempDir
Deleted on reboot : C:\Users\ADMINI~1\AppData\Local\Temp\CT3072253
Deleted on reboot : C:\Users\Administrator\AppData\LocalLow\boost_interprocess
Deleted on reboot : C:\Users\Administrator\AppData\LocalLow\Conduit
Deleted on reboot : C:\Users\Administrator\AppData\LocalLow\ConduitEngine
Deleted on reboot : C:\Users\Administrator\AppData\LocalLow\facemoods.com
Deleted on reboot : C:\Users\Administrator\AppData\LocalLow\IncrediMail_MediaBar_4
Deleted on reboot : C:\Users\Administrator\AppData\LocalLow\PriceGong
Deleted on reboot : C:\Users\Administrator\AppData\LocalLow\Toolbar4
Deleted on reboot : C:\Users\Administrator\AppData\Roaming\Babylon
Deleted on reboot : C:\Users\Administrator\AppData\Roaming\kikin
Deleted on reboot : C:\Users\Administrator\AppData\Roaming\OpenCandy
Deleted on reboot : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6q0id4hm.default\Conduit
Deleted on reboot : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6q0id4hm.default\ConduitCommon
Deleted on reboot : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6q0id4hm.default\ConduitEngine
Deleted on reboot : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6q0id4hm.default\CT2117678
Deleted on reboot : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6q0id4hm.default\CT2612669
Deleted on reboot : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6q0id4hm.default\CT2786678
Deleted on reboot : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6q0id4hm.default\CT2878731
Deleted on reboot : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6q0id4hm.default\CT3072253
Deleted on reboot : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6q0id4hm.default\Searchqutoolbar
Deleted on reboot : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6q0id4hm.default\Smartbar
Deleted on reboot : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6q0id4hm.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
Deleted on reboot : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6q0id4hm.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}
Deleted on reboot : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6q0id4hm.default\extensions\{90eee664-34b1-422a-a782-779af65cdf6d}
Deleted on reboot : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6q0id4hm.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}
Deleted on reboot : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6q0id4hm.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
Deleted on reboot : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6q0id4hm.default\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86}
Deleted on reboot : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6q0id4hm.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
Deleted on reboot : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6q0id4hm.default\extensions\engine@conduit.com
Deleted on reboot : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6q0id4hm.default\extensions\ffxtlbr@babylon.com
Deleted on reboot : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6q0id4hm.default\extensions\plugin@yontoo.com
Deleted on reboot : C:\ProgramData\Babylon
Deleted on reboot : C:\ProgramData\boost_interprocess
Deleted on reboot : C:\ProgramData\InstallMate
Deleted on reboot : C:\ProgramData\SweetIM
Deleted on reboot : C:\ProgramData\Tarma Installer
Deleted on reboot : C:\ProgramData\Trymedia
Deleted on reboot : C:\ProgramData\WeCareReminder
Deleted on reboot : C:\Program Files (x86)\Conduit
Deleted on reboot : C:\Program Files (x86)\ConduitEngine
Deleted on reboot : C:\Program Files (x86)\DealPly
Deleted on reboot : C:\Program Files (x86)\Free Offers from Freeze.com
Deleted on reboot : C:\Program Files (x86)\IncrediMail_MediaBar_4
Deleted on reboot : C:\Program Files (x86)\kikin
Deleted on reboot : C:\Program Files (x86)\SweetIM
Deleted on reboot : C:\Program Files (x86)\Windows iLivid Toolbar
Deleted on reboot : C:\ProgramData\Premium
Deleted on reboot : C:\Users\Administrator\AppData\Local\bearshare
File Deleted : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6q0id4hm.default\searchplugins\Conduit.xml
File Deleted : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6q0id4hm.default\searchplugins\MyStart Search.xml
File Deleted : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6q0id4hm.default\searchplugins\SearchResults.xml
File Deleted : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6q0id4hm.default\searchplugins\SweetIm.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrch.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchResults.xml
File Deleted : C:\user.js

***** [Registry] *****

[*] Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060655.FCTB000060655Pos
[*] Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060655.FCTB000060655Pos.1
[*] Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060655.IEToolbar
[*] Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060655.IEToolbar.1
[*] Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060655.IEToolbar.3
[*] Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060655.JSOptionsImpl
[*] Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060655.JSOptionsImpl.1
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2117678
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2418376
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2612669
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2878731
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A81A974F-8A22-43E6-9243-5198FF758DA1}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SweetIm
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\SOFTWARE\CompeteInc
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\conduitEngine
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lpkbfdhlbdkjohbhnhabfecpmcdlcmff
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\IncrediMail_MediaBar_4
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A81A974F-8A22-43E6-9243-5198FF758DA1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\alotToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IncrediMail_MediaBar_4 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 406 MediaBar
Key Deleted : HKLM\SOFTWARE\SweetIM
[x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
[x64] Key Deleted : HKLM\SOFTWARE\Tarma Installer

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E601996F-E400-41CA-804B-CD6373A7EEE2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{90EEE664-34B1-422A-A782-779AF65CDF6D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0B0C55D-3513-4185-A4E3-5F675CA1CE78}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6375F65B-D13A-44AC-8F72-037AC120970B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90EEE664-34B1-422A-A782-779AF65CDF6D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E601996F-E400-41CA-804B-CD6373A7EEE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{90EEE664-34B1-422A-A782-779AF65CDF6D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E601996F-E400-41CA-804B-CD6373A7EEE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90EEE664-34B1-422A-A782-779AF65CDF6D}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{90EEE664-34B1-422A-A782-779AF65CDF6D}]
[x64] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6q0id4hm.default\prefs.js

C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6q0id4hm.default\user.js ... Deleted !

Deleted : user_pref("CT2117678..clientLogIsEnabled", false);
Deleted : user_pref("CT2117678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2117678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2117678.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2117678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2117678.AppTrackingLastCheckTime", "Sat Feb 18 2012 20:40:58 GMT-0500 (Eastern Standard[...]
Deleted : user_pref("CT2117678.BrowserCompStateIsOpen_129798078546999233", true);
Deleted : user_pref("CT2117678.BrowserCompStateIsOpen_129808998463171277", true);
Deleted : user_pref("CT2117678.CTID", "CT2117678");
Deleted : user_pref("CT2117678.CurrentServerDate", "5-8-2012");
Deleted : user_pref("CT2117678.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2117678.DialogsGetterLastCheckTime", "Sat Aug 04 2012 00:01:58 GMT-0400 (Eastern Daylig[...]
Deleted : user_pref("CT2117678.DownloadReferralCookieData", "");
Deleted : user_pref("CT2117678.EMailNotifierPollDate", "Tue Feb 28 2012 21:34:21 GMT-0500 (Eastern Standard Ti[...]
Deleted : user_pref("CT2117678.FirstServerDate", "22-8-2010");
Deleted : user_pref("CT2117678.FirstTime", true);
Deleted : user_pref("CT2117678.FirstTimeFF3", true);
Deleted : user_pref("CT2117678.FirstTimeSettingsDone", true);
Deleted : user_pref("CT2117678.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2117678.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2117678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2117678.HasUserGlobalKeys", true);
Deleted : user_pref("CT2117678.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2117678.HomepageBeforeUnload", "hxxp://www.msn.com/?pc=Z131&install_date=20110912");
Deleted : user_pref("CT2117678.Initialize", true);
Deleted : user_pref("CT2117678.InitializeCommonPrefs", true);
Deleted : user_pref("CT2117678.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2117678.InstallationType", "UnknownIntegration");
Deleted : user_pref("CT2117678.InstalledDate", "Sat Aug 21 2010 19:04:54 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT2117678.InvalidateCache", false);
Deleted : user_pref("CT2117678.IsAlertDBUpdated", true);
Deleted : user_pref("CT2117678.IsGrouping", false);
Deleted : user_pref("CT2117678.IsMulticommunity", false);
Deleted : user_pref("CT2117678.IsOpenThankYouPage", true);
Deleted : user_pref("CT2117678.IsOpenUninstallPage", true);
Deleted : user_pref("CT2117678.LanguagePackLastCheckTime", "Sat Aug 04 2012 00:01:58 GMT-0400 (Eastern Dayligh[...]
Deleted : user_pref("CT2117678.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2117678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2117678.LastLogin_2.7.2.0", "Sat Aug 21 2010 19:04:54 GMT-0400 (Eastern Daylight Time)"[...]
Deleted : user_pref("CT2117678.LastLogin_3.12.0.7", "Tue Apr 24 2012 21:39:09 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2117678.LastLogin_3.12.2.3", "Wed May 30 2012 20:48:32 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2117678.LastLogin_3.13.0.6", "Sun Jul 15 2012 21:11:46 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2117678.LastLogin_3.14.1.0", "Sat Aug 04 2012 22:06:42 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2117678.LastLogin_3.9.0.3", "Tue Feb 28 2012 21:34:32 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT2117678.LatestVersion", "3.14.1.0");
Deleted : user_pref("CT2117678.Locale", "en-us");
Deleted : user_pref("CT2117678.LoginCache", 4);
Deleted : user_pref("CT2117678.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2117678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2117678.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2117678.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2117678.RadioIsPodcast", false);
Deleted : user_pref("CT2117678.RadioLastCheckTime", "Tue Feb 28 2012 22:27:54 GMT-0500 (Eastern Standard Time)[...]
Deleted : user_pref("CT2117678.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2117678.RadioLastUpdateServer", "128929877726170000");
Deleted : user_pref("CT2117678.RadioMediaID", "9583498");
Deleted : user_pref("CT2117678.RadioMediaType", "Media Player");
Deleted : user_pref("CT2117678.RadioMenuSelectedID", "EBRadioMenu_CT21176789583498");
Deleted : user_pref("CT2117678.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT2117678.RadioStationName", "ABC%20Newsradio%20");
Deleted : user_pref("CT2117678.RadioStationURL", "hxxp://www.abc.net.au/streaming/newsradio.asx");
Deleted : user_pref("CT2117678.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT2117678.SearchEngineBeforeUnload", "Yahoo");
Deleted : user_pref("CT2117678.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2117678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT211[...]
Deleted : user_pref("CT2117678.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2117678.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2117678.SearchInNewTabLastCheckTime", "Sat Aug 04 2012 00:01:41 GMT-0400 (Eastern Dayli[...]
Deleted : user_pref("CT2117678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2117678.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2117678.SearchProtectorEnabled", false);
Deleted : user_pref("CT2117678.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2117678.ServiceMapLastCheckTime", "Sat Aug 04 2012 00:01:41 GMT-0400 (Eastern Daylight [...]
Deleted : user_pref("CT2117678.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2117678.SettingsLastCheckTime", "Sat Aug 04 2012 22:06:41 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT2117678.SettingsLastUpdate", "1343176789");
Deleted : user_pref("CT2117678.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2117678.ThirdPartyComponentsLastCheck", "Sat Feb 18 2012 20:34:35 GMT-0500 (Eastern Sta[...]
Deleted : user_pref("CT2117678.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT2117678.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2117678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2117678");
Deleted : user_pref("CT2117678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2117678.UserID", "UN29484905481012447");
Deleted : user_pref("CT2117678.ValidationData_Toolbar", 0);
Deleted : user_pref("CT2117678.WeatherNetwork", "");
Deleted : user_pref("CT2117678.WeatherPollDate", "Tue Feb 28 2012 21:08:22 GMT-0500 (Eastern Standard Time)");
Deleted : user_pref("CT2117678.WeatherUnit", "F");
Deleted : user_pref("CT2117678.alertChannelId", "522511");
Deleted : user_pref("CT2117678.backendstorage.twitter_v1.8.0_twitter_app_open_t_f", "66616C7365");
Deleted : user_pref("CT2117678.backendstorage.twitter_v1.9.0_twitter_app_open_t_f", "66616C7365");
Deleted : user_pref("CT2117678.clientLogIsEnabled", false);
Deleted : user_pref("CT2117678.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT2117678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2117678.globalFirstTimeInfoLastCheckTime", "Tue Feb 28 2012 20:34:58 GMT-0500 (Eastern [...]
Deleted : user_pref("CT2117678.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2117678.initDone", true);
Deleted : user_pref("CT2117678.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2117678.isFirstRadioInstallation", false);
Deleted : user_pref("CT2117678.myStuffEnabled", true);
Deleted : user_pref("CT2117678.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2117678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2117678.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2117678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2117678.oldAppsList", "128719124367600658,128719124391506909,111,128743405168894430,128[...]
Deleted : user_pref("CT2117678.revertSettingsEnabled", false);
Deleted : user_pref("CT2117678.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2117678.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2117678.testingCtid", "");
Deleted : user_pref("CT2117678.toolbarAppMetaDataLastCheckTime", "Sat Aug 04 2012 00:01:50 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2117678.toolbarContextMenuLastCheckTime", "Sat Feb 18 2012 20:34:57 GMT-0500 (Eastern S[...]
Deleted : user_pref("CT2117678.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CT2117678.usagesFlag", 2);
Deleted : user_pref("CT2612669..clientLogIsEnabled", false);
Deleted : user_pref("CT2612669..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2612669..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2612669.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2612669.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2612669.AppTrackingLastCheckTime", "Sat Feb 18 2012 20:40:58 GMT-0500 (Eastern Standard[...]
Deleted : user_pref("CT2612669.BrowserCompStateIsOpen_129482420034282070", true);
Deleted : user_pref("CT2612669.BrowserCompStateIsOpen_129683190780749804", true);
Deleted : user_pref("CT2612669.CT2612669", "CT2612669");
Deleted : user_pref("CT2612669.CommunitiesChangesLastCheckTime", "0");
Deleted : user_pref("CT2612669.CurrentServerDate", "6-7-2012");
Deleted : user_pref("CT2612669.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2612669.DialogsGetterLastCheckTime", "Wed Jul 04 2012 18:01:48 GMT-0400 (Eastern Daylig[...]
Deleted : user_pref("CT2612669.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]
Deleted : user_pref("CT2612669.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2612669.FeedLastCount129206864782289142", 44);
Deleted : user_pref("CT2612669.FeedPollDate129206864782914144", "Tue Feb 28 2012 21:34:23 GMT-0500 (Eastern St[...]
Deleted : user_pref("CT2612669.FeedTTL129206864782914144", 40);
Deleted : user_pref("CT2612669.FirstServerDate", "9-4-2011");
Deleted : user_pref("CT2612669.FirstTime", true);
Deleted : user_pref("CT2612669.FirstTimeFF3", true);
Deleted : user_pref("CT2612669.FixPageNotFoundErrors", false);
Deleted : user_pref("CT2612669.GroupingInvalidateCache", false);
Deleted : user_pref("CT2612669.GroupingLastCheckTime", "0");
Deleted : user_pref("CT2612669.GroupingLastServerUpdateTime", "0");
Deleted : user_pref("CT2612669.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2612669.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2612669.HasUserGlobalKeys", true);
Deleted : user_pref("CT2612669.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2612669.HomepageBeforeUnload", "hxxp://www.msn.com/?pc=Z131&install_date=20110912");
Deleted : user_pref("CT2612669.Initialize", true);
Deleted : user_pref("CT2612669.InitializeCommonPrefs", true);
Deleted : user_pref("CT2612669.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2612669.InstalledDate", "Fri Apr 08 2011 21:02:43 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT2612669.InvalidateCache", false);
Deleted : user_pref("CT2612669.IsAlertDBUpdated", true);
Deleted : user_pref("CT2612669.IsGrouping", false);
Deleted : user_pref("CT2612669.IsMulticommunity", false);
Deleted : user_pref("CT2612669.IsOpenThankYouPage", true);
Deleted : user_pref("CT2612669.IsOpenUninstallPage", true);
Deleted : user_pref("CT2612669.LanguagePackLastCheckTime", "Thu Jul 05 2012 17:35:51 GMT-0400 (Eastern Dayligh[...]
Deleted : user_pref("CT2612669.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2612669.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2612669.LastLogin_3.12.0.7", "Tue Apr 24 2012 21:39:03 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2612669.LastLogin_3.12.2.3", "Wed May 30 2012 20:48:26 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2612669.LastLogin_3.13.0.6", "Fri Jul 06 2012 01:13:45 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2612669.LastLogin_3.3.3.2", "Tue Apr 26 2011 19:26:38 GMT-0400 (Eastern Daylight Time)"[...]
Deleted : user_pref("CT2612669.LastLogin_3.9.0.3", "Tue Feb 28 2012 21:34:12 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT2612669.LatestVersion", "3.13.0.6");
Deleted : user_pref("CT2612669.Locale", "en");
Deleted : user_pref("CT2612669.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2612669.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2612669.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2612669.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2612669.RadioLastCheckTime", "0");
Deleted : user_pref("CT2612669.RadioLastUpdateIPServer", "0");
Deleted : user_pref("CT2612669.RadioLastUpdateServer", "0");
Deleted : user_pref("CT2612669.SavedHomepage", "hxxp://start.facemoods.com/?a=ironto");
Deleted : user_pref("CT2612669.SearchEngineBeforeUnload", "Yahoo");
Deleted : user_pref("CT2612669.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2612669.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT261[...]
Deleted : user_pref("CT2612669.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2612669.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2612669.SearchInNewTabLastCheckTime", "Thu Jul 05 2012 17:35:51 GMT-0400 (Eastern Dayli[...]
Deleted : user_pref("CT2612669.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2612669.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2612669.SearchProtectorEnabled", false);
Deleted : user_pref("CT2612669.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2612669.ServiceMapLastCheckTime", "Thu Jul 05 2012 17:35:51 GMT-0400 (Eastern Daylight [...]
Deleted : user_pref("CT2612669.SettingsLastCheckTime", "Fri Jul 06 2012 01:13:38 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT2612669.SettingsLastUpdate", "1340880315");
Deleted : user_pref("CT2612669.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2612669.ThirdPartyComponentsLastCheck", "Sat Feb 18 2012 20:34:02 GMT-0500 (Eastern Sta[...]
Deleted : user_pref("CT2612669.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT2612669.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2612669.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2612669.UserID", "UN72323431494434715");
Deleted : user_pref("CT2612669.ValidationData_Search", 0);
Deleted : user_pref("CT2612669.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2612669.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT2612669.alertChannelId", "1005466");
Deleted : user_pref("CT2612669.approveUntrustedApps", true);
Deleted : user_pref("CT2612669.autoDisableScopes", 10);
Deleted : user_pref("CT2612669.backendstorage.2612669a129684723478947121000000paramsgk3", "7B22757064617465526[...]
Deleted : user_pref("CT2612669.backendstorage.cb_firstuse0100", "31");
Deleted : user_pref("CT2612669.backendstorage.cb_user_id_000", "43423335333334353339333534365F46697265666F78")[...]
Deleted : user_pref("CT2612669.backendstorage.cbcountry_001", "5553");
Deleted : user_pref("CT2612669.backendstorage.cbfirsttime", "5361742046656220313820323031322032303A33353A30342[...]
Deleted : user_pref("CT2612669.backendstorage.fb_dailyactivity", "31333033373639353236323233");
Deleted : user_pref("CT2612669.backendstorage.fb_lifetimesent", "54525545");
Deleted : user_pref("CT2612669.backendstorage.shoppingapp.gk.exipres", "4D6F6E204A756E20313820323031322032303A[...]
Deleted : user_pref("CT2612669.backendstorage.shoppingapp.gk.geolocation", "756E6974656420737461746573");
Deleted : user_pref("CT2612669.backendstorage.url_history0001", "687474703A2F2F6E6268732E6E62707363686F6F6C732[...]
Deleted : user_pref("CT2612669.components.129296598392950474", false);
Deleted : user_pref("CT2612669.defaultSearch", "false");
Deleted : user_pref("CT2612669.embeddedsData", "[{\"appId\":\"129170380618247104\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT2612669.enableAlerts", "false");
Deleted : user_pref("CT2612669.enableSearchFromAddressBar", "true");
Deleted : user_pref("CT2612669.firstTimeDialogOpened", true);
Deleted : user_pref("CT2612669.fixPageNotFoundError", "true");
Deleted : user_pref("CT2612669.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT2612669.fixUrls", true);
Deleted : user_pref("CT2612669.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2612669.globalFirstTimeInfoLastCheckTime", "Tue Feb 28 2012 20:34:12 GMT-0500 (Eastern [...]
Deleted : user_pref("CT2612669.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2612669.initDone", true);
Deleted : user_pref("CT2612669.installId", "ConduitNSISIntegration");
Deleted : user_pref("CT2612669.installType", "ConduitNSISIntegration");
Deleted : user_pref("CT2612669.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2612669.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2612669.isNewTabEnabled", true);
Deleted : user_pref("CT2612669.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT2612669.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT2612669.myStuffEnabled", true);
Deleted : user_pref("CT2612669.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2612669.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2612669.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2612669.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2612669.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...]
Deleted : user_pref("CT2612669.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Deleted : user_pref("CT2612669.oldAppsList", "129170380618247103,129170380618247104,111,129174085518698803,129[...]
Deleted : user_pref("CT2612669.openThankYouPage", "false");
Deleted : user_pref("CT2612669.openUninstallPage", "true");
Deleted : user_pref("CT2612669.revertSettingsEnabled", false);
Deleted : user_pref("CT2612669.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT2612669.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2612669.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2612669.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2612669.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT2612669.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT2612669.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT2612669.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT2612669.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT2612669.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT2612669.serviceLayer_services_login_10.10.20.14_lastUpdate", "1344133766806");
Deleted : user_pref("CT2612669.serviceLayer_services_serviceMap_lastUpdate", "1344053103653");
Deleted : user_pref("CT2612669.serviceLayer_services_toolbarSettings_lastUpdate", "1344133767037");
Deleted : user_pref("CT2612669.serviceLayer_services_translation_lastUpdate", "1344053106643");
Deleted : user_pref("CT2612669.settingsINI", true);
Deleted : user_pref("CT2612669.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT2612669.smartbar.CTID", "CT2612669");
Deleted : user_pref("CT2612669.smartbar.Uninstall", "0");
Deleted : user_pref("CT2612669.smartbar.toolbarName", "IMVU Inc ");
Deleted : user_pref("CT2612669.startPage", "false");
Deleted : user_pref("CT2612669.testingCtid", "");
Deleted : user_pref("CT2612669.toolbarAppMetaDataLastCheckTime", "Thu Jul 05 2012 17:36:03 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2612669.toolbarBornServerTime", "9-4-2011");
Deleted : user_pref("CT2612669.toolbarContextMenuLastCheckTime", "Sat Feb 18 2012 20:34:12 GMT-0500 (Eastern S[...]
Deleted : user_pref("CT2612669.toolbarCurrentServerTime", "5-8-2012");
Deleted : user_pref("CT2612669.usagesFlag", 2);
Deleted : user_pref("CT2786678..clientLogIsEnabled", false);
Deleted : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2786678.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2786678.AppTrackingLastCheckTime", "Wed Aug 01 2012 14:59:22 GMT-0400 (Eastern Daylight[...]
Deleted : user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true);
Deleted : user_pref("CT2786678.CTID", "CT2786678");
Deleted : user_pref("CT2786678.CurrentServerDate", "5-8-2012");
Deleted : user_pref("CT2786678.DSChangedManually", false);
Deleted : user_pref("CT2786678.DSProtectChoice", true);
Deleted : user_pref("CT2786678.DSProtectCount", 2);
Deleted : user_pref("CT2786678.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2786678.DialogsGetterLastCheckTime", "Sat Aug 04 2012 00:02:21 GMT-0400 (Eastern Daylig[...]
Deleted : user_pref("CT2786678.DownloadReferralCookieData", "");
Deleted : user_pref("CT2786678.EMailNotifierPollDate", "Sat Aug 04 2012 22:27:11 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT2786678.FeedLastCount5690698542593514850", 501);
Deleted : user_pref("CT2786678.FeedPollDate2429156812186649977", "Sat Aug 04 2012 22:07:04 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813040823546", "Sat Aug 04 2012 22:07:04 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813130095866", "Sat Aug 04 2012 22:07:04 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813224203613", "Sat Aug 04 2012 22:07:04 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813230837251", "Sat Aug 04 2012 22:07:04 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813454291735", "Sat Aug 04 2012 22:07:04 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813729834876", "Sat Aug 04 2012 22:07:04 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156813860870021", "Sat Aug 04 2012 22:07:04 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156814264681793", "Sat Aug 04 2012 22:07:04 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156814863075366", "Sat Aug 04 2012 22:07:04 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2786678.FeedPollDate2429156815257761081", "Sat Aug 04 2012 22:07:04 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2786678.FeedTTL2429156813040823546", 15);
Deleted : user_pref("CT2786678.FeedTTL2429156813130095866", 10);
Deleted : user_pref("CT2786678.FeedTTL2429156813454291735", 5);
Deleted : user_pref("CT2786678.FeedTTL2429156814264681793", 5);
Deleted : user_pref("CT2786678.FirstServerDate", "29-8-2011");
Deleted : user_pref("CT2786678.FirstTime", true);
Deleted : user_pref("CT2786678.FirstTimeFF3", true);
Deleted : user_pref("CT2786678.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2786678.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2786678.HPProtectChoice", true);
Deleted : user_pref("CT2786678.HPProtectCount", 120);
Deleted : user_pref("CT2786678.HasUserGlobalKeys", true);
Deleted : user_pref("CT2786678.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2786678.HomepageBeforeUnload", "hxxp://www.msn.com/?pc=Z131&install_date=20110912");
Deleted : user_pref("CT2786678.Initialize", true);
Deleted : user_pref("CT2786678.InitializeCommonPrefs", true);
Deleted : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2786678.InstallationType", "Unknown");
Deleted : user_pref("CT2786678.InstalledDate", "Mon Aug 29 2011 00:53:02 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT2786678.IsAlertDBUpdated", true);
Deleted : user_pref("CT2786678.IsGrouping", false);
Deleted : user_pref("CT2786678.IsInitSetupIni", true);
Deleted : user_pref("CT2786678.IsMulticommunity", false);
Deleted : user_pref("CT2786678.IsOpenThankYouPage", true);
Deleted : user_pref("CT2786678.IsOpenUninstallPage", true);
Deleted : user_pref("CT2786678.IsProtectorsInit", true);
Deleted : user_pref("CT2786678.LanguagePackLastCheckTime", "Sat Aug 04 2012 00:02:21 GMT-0400 (Eastern Dayligh[...]
Deleted : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2786678.LastLogin_3.10.0.1", "Wed Apr 18 2012 17:37:17 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2786678.LastLogin_3.12.0.7", "Tue Apr 24 2012 21:39:03 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2786678.LastLogin_3.12.2.3", "Wed May 30 2012 20:48:40 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2786678.LastLogin_3.13.0.6", "Tue Jul 17 2012 14:31:13 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2786678.LastLogin_3.14.1.0", "Sat Aug 04 2012 22:07:04 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2786678.LastLogin_3.6.0.10", "Thu Sep 22 2011 15:37:54 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2786678.LastLogin_3.7.0.6", "Tue Nov 08 2011 19:01:19 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT2786678.LastLogin_3.8.0.8", "Mon Dec 05 2011 18:23:48 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT2786678.LastLogin_3.8.1.0", "Thu Jan 12 2012 14:10:06 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT2786678.LastLogin_3.9.0.3", "Thu Mar 08 2012 15:10:45 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT2786678.LatestVersion", "3.14.1.0");
Deleted : user_pref("CT2786678.Locale", "en");
Deleted : user_pref("CT2786678.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2786678.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2786678.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2786678.OriginalFirstVersion", "3.6.0.10");
Deleted : user_pref("CT2786678.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2786678.SearchEngineBeforeUnload", "IncrediMail MediaBar 4 Customized Web Search");
Deleted : user_pref("CT2786678.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT278[...]
Deleted : user_pref("CT2786678.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Sat Aug 04 2012 00:02:16 GMT-0400 (Eastern Dayli[...]
Deleted : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Deleted : user_pref("CT2786678.SearchInNewTabUserEnabled", false);
Deleted : user_pref("CT2786678.SearchProtectorEnabled", false);
Deleted : user_pref("CT2786678.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2786678.ServiceMapLastCheckTime", "Sat Aug 04 2012 00:02:17 GMT-0400 (Eastern Daylight [...]
Deleted : user_pref("CT2786678.SettingsLastCheckTime", "Sat Aug 04 2012 22:07:01 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT2786678.SettingsLastUpdate", "1340118047");
Deleted : user_pref("CT2786678.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Thu Jul 19 2012 17:36:58 GMT-0400 (Eastern Day[...]
Deleted : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1331805997");
Deleted : user_pref("CT2786678.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678");
Deleted : user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2786678.UserID", "UN05826201749595061");
Deleted : user_pref("CT2786678.ValidationData_Search", 0);
Deleted : user_pref("CT2786678.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2786678.WeatherNetwork", "");
Deleted : user_pref("CT2786678.WeatherPollDate", "Sat Aug 04 2012 22:07:04 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT2786678.WeatherUnit", "F");
Deleted : user_pref("CT2786678.alertChannelId", "1178763");
Deleted : user_pref("CT2786678.backendstorage.cb_experience_000", "39");
Deleted : user_pref("CT2786678.backendstorage.cb_firstuse0100", "31");
Deleted : user_pref("CT2786678.backendstorage.cb_user_id_000", "43423135363236393436373531305F46697265666F78")[...]
Deleted : user_pref("CT2786678.backendstorage.cbcountry_000", "5553");
Deleted : user_pref("CT2786678.backendstorage.cbcountry_001", "5553");
Deleted : user_pref("CT2786678.backendstorage.cbfirsttime", "5765642053657020323820323031312031343A33383A34312[...]
Deleted : user_pref("CT2786678.backendstorage.for_aoi", "31333135393630303233");
Deleted : user_pref("CT2786678.backendstorage.for_ccid", "5369636B6C657276696C6C65");
Deleted : user_pref("CT2786678.backendstorage.for_cdtr6", "31333135393630303233");
Deleted : user_pref("CT2786678.backendstorage.for_cid", "5553");
Deleted : user_pref("CT2786678.backendstorage.for_ip", "36382E33392E3230382E313734");
Deleted : user_pref("CT2786678.backendstorage.for_lcut", "31333434303532393730");
Deleted : user_pref("CT2786678.backendstorage.for_rid", "4E4A");
Deleted : user_pref("CT2786678.backendstorage.for_zoneid", "3130323632");
Deleted : user_pref("CT2786678.backendstorage.url_history", "687474703A2F2F666F72756D732E61746F7A7465616368657[...]
Deleted : user_pref("CT2786678.backendstorage.url_history0001", "687474703A2F2F7777772E796F75747562652E636F6D2[...]
Deleted : user_pref("CT2786678.backendstorage.url_history_time", "31333238363731313438363738");
Deleted : user_pref("CT2786678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2786678.globalFirstTimeInfoLastCheckTime", "Sat Aug 04 2012 00:02:21 GMT-0400 (Eastern [...]
Deleted : user_pref("CT2786678.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2786678.initDone", true);
Deleted : user_pref("CT2786678.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2786678.myStuffEnabled", true);
Deleted : user_pref("CT2786678.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2786678.oldAppsList", "129295695672325902,129295695672325903,1000234,129789450454597254[...]
Deleted : user_pref("CT2786678.revertSettingsEnabled", false);
Deleted : user_pref("CT2786678.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2786678.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2786678.testingCtid", "");
Deleted : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Sat Aug 04 2012 00:02:21 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Tue Jul 24 2012 20:34:18 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2786678.usagesFlag", 2);
Deleted : user_pref("CT2878731..clientLogIsEnabled", false);
Deleted : user_pref("CT2878731..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2878731..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2878731.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2878731.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2878731.AppTrackingLastCheckTime", "Sat Aug 04 2012 00:02:21 GMT-0400 (Eastern Daylight[...]
Deleted : user_pref("CT2878731.BrowserCompStateIsOpen_129464797912330589", true);
Deleted : user_pref("CT2878731.BrowserCompStateIsOpen_129681670698307667", true);
Deleted : user_pref("CT2878731.BrowserCompStateIsOpen_129723008978368387", true);
Deleted : user_pref("CT2878731.BrowserCompStateIsOpen_129742214538719221", true);
Deleted : user_pref("CT2878731.BrowserCompStateIsOpen_129847533896103519", true);
Deleted : user_pref("CT2878731.BrowserCompStateIsOpen_129851888285318420", true);
Deleted : user_pref("CT2878731.CT2878731", "CT2878731");
Deleted : user_pref("CT2878731.CT2878736.CommunityChanged", true);
Deleted : user_pref("CT2878731.CT2878736.alertChannelId", "1270703");
Deleted : user_pref("CT2878731.CT2878740.CommunityChanged", true);
Deleted : user_pref("CT2878731.CT2878740.alertChannelId", "1270707");
Deleted : user_pref("CT2878731.CT2878743.CommunityChanged", true);
Deleted : user_pref("CT2878731.CT2878743.alertChannelId", "1270710");
Deleted : user_pref("CT2878731.CT2878746.CommunityChanged", true);
Deleted : user_pref("CT2878731.CT2878746.alertChannelId", "1270713");
Deleted : user_pref("CT2878731.CT2878751.CommunityChanged", true);
Deleted : user_pref("CT2878731.CT2878751.alertChannelId", "1270718");
Deleted : user_pref("CT2878731.CT2878754.CommunityChanged", true);
Deleted : user_pref("CT2878731.CT2878754.alertChannelId", "1270721");
Deleted : user_pref("CT2878731.CT2878761.CommunityChanged", true);
Deleted : user_pref("CT2878731.CT2878761.alertChannelId", "1270727");
Deleted : user_pref("CT2878731.CommunitiesChangesLastCheckTime", "Sat Jan 07 2012 20:17:38 GMT-0500 (Eastern S[...]
Deleted : user_pref("CT2878731.CommunitiesChangesLastUrl", "hxxp://grouping.services.conduit.com/GroupingReque[...]
Deleted : user_pref("CT2878731.CommunityChanged", true);
Deleted : user_pref("CT2878731.CurrentServerDate", "5-8-2012");
Deleted : user_pref("CT2878731.DSChangedManually", false);
Deleted : user_pref("CT2878731.DSInstall", true);
Deleted : user_pref("CT2878731.DSProtectChoice", true);
Deleted : user_pref("CT2878731.DSProtectCount", 51);
Deleted : user_pref("CT2878731.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2878731.DialogsGetterLastCheckTime", "Sat Aug 04 2012 00:02:14 GMT-0400 (Eastern Daylig[...]
Deleted : user_pref("CT2878731.DownloadDomainsCheckInterval", "168");
Deleted : user_pref("CT2878731.DownloadDomainsListLastCheckTime", "Sat Jan 07 2012 20:18:24 GMT-0500 (Eastern [...]
Deleted : user_pref("CT2878731.DownloadDomainsListLastServerUpdateTime", "1201069983");
Deleted : user_pref("CT2878731.DownloadReferralCookieData", "");
Deleted : user_pref("CT2878731.FirstServerDate", "6-11-2011");
Deleted : user_pref("CT2878731.FirstTime", true);
Deleted : user_pref("CT2878731.FirstTimeFF3", true);
Deleted : user_pref("CT2878731.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2878731.GroupingLastCheckTime", "Sat Jan 07 2012 17:04:27 GMT-0500 (Eastern Standard Ti[...]
Deleted : user_pref("CT2878731.GroupingLastErrorCode", "");
Deleted : user_pref("CT2878731.GroupingLastResponse", true);
Deleted : user_pref("CT2878731.GroupingLastServerUpdateTime", "129690351930000000");
Deleted : user_pref("CT2878731.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2878731.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2878731.HPInstall", false);
Deleted : user_pref("CT2878731.HPProtectChoice", true);
Deleted : user_pref("CT2878731.HPProtectCount", 17);
Deleted : user_pref("CT2878731.HasUserGlobalKeys", true);
Deleted : user_pref("CT2878731.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2878731.HomepageBeforeUnload", "hxxp://www.msn.com/?pc=Z131&install_date=20110912");
Deleted : user_pref("CT2878731.Initialize", true);
Deleted : user_pref("CT2878731.InitializeCommonPrefs", true);
Deleted : user_pref("CT2878731.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2878731.InstallationType", "Unknown");
Deleted : user_pref("CT2878731.InstalledDate", "Sat Nov 05 2011 22:11:33 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT2878731.InvalidateCache", false);
Deleted : user_pref("CT2878731.IsAlertDBUpdated", true);
Deleted : user_pref("CT2878731.IsGrouping", false);
Deleted : user_pref("CT2878731.IsInitSetupIni", true);
Deleted : user_pref("CT2878731.IsMulticommunity", false);
Deleted : user_pref("CT2878731.IsOpenThankYouPage", true);
Deleted : user_pref("CT2878731.IsOpenUninstallPage", true);
Deleted : user_pref("CT2878731.IsProtectorsInit", true);
Deleted : user_pref("CT2878731.LanguagePackLastCheckTime", "Sat Aug 04 2012 00:02:14 GMT-0400 (Eastern Dayligh[...]
Deleted : user_pref("CT2878731.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2878731.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2878731.LastLogin_3.10.0.1", "Tue Apr 24 2012 21:39:20 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2878731.LastLogin_3.12.2.3", "Wed May 30 2012 20:48:33 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2878731.LastLogin_3.13.0.6", "Sun Jul 15 2012 21:11:52 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2878731.LastLogin_3.14.1.0", "Sat Aug 04 2012 22:06:54 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2878731.LastLogin_3.7.0.6", "Thu Nov 10 2011 21:07:37 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT2878731.LastLogin_3.8.0.8", "Tue Dec 27 2011 15:11:58 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT2878731.LastLogin_3.8.1.0", "Tue Jan 31 2012 14:40:59 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT2878731.LastLogin_3.9.0.3", "Thu Mar 08 2012 15:10:42 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT2878731.LatestVersion", "3.14.1.0");
Deleted : user_pref("CT2878731.Locale", "en");
Deleted : user_pref("CT2878731.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2878731.MCDetectTooltipShow", false);
Deleted : user_pref("CT2878731.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2878731.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2878731.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2878731.OriginalFirstVersion", "3.7.0.6");
Deleted : user_pref("CT2878731.RadioIsPodcast", false);
Deleted : user_pref("CT2878731.RadioLastCheckTime", "Fri Jul 13 2012 19:12:55 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2878731.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2878731.RadioLastUpdateServer", "3");
Deleted : user_pref("CT2878731.RadioMediaID", "9962");
Deleted : user_pref("CT2878731.RadioMediaType", "Media Player");
Deleted : user_pref("CT2878731.RadioMenuSelectedID", "EBRadioMenu_CT28787319962");
Deleted : user_pref("CT2878731.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT2878731.RadioStationName", "California%20Rock");
Deleted : user_pref("CT2878731.RadioStationURL", "hxxp://feedlive.net/california.asx");
Deleted : user_pref("CT2878731.SearchBoxWidth", 165);
Deleted : user_pref("CT2878731.SearchCaption", "IncrediMail MediaBar 4 Customized Web Search");
Deleted : user_pref("CT2878731.SearchEngineBeforeUnload", "IncrediMail MediaBar 4 Customized Web Search");
Deleted : user_pref("CT2878731.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2878731.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT287[...]
Deleted : user_pref("CT2878731.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2878731.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2878731.SearchInNewTabLastCheckTime", "Sat Aug 04 2012 00:02:01 GMT-0400 (Eastern Dayli[...]
Deleted : user_pref("CT2878731.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2878731.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Deleted : user_pref("CT2878731.SearchProtectorEnabled", false);
Deleted : user_pref("CT2878731.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2878731.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT2878731.ServiceMapLastCheckTime", "Sat Aug 04 2012 00:02:05 GMT-0400 (Eastern Daylight [...]
Deleted : user_pref("CT2878731.SettingsLastCheckTime", "Sat Aug 04 2012 22:06:48 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT2878731.SettingsLastUpdate", "1340715252");
Deleted : user_pref("CT2878731.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2878731&SearchSource=13");
Deleted : user_pref("CT2878731.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2878731.ThirdPartyComponentsLastCheck", "Thu Jul 19 2012 17:36:45 GMT-0400 (Eastern Day[...]
Deleted : user_pref("CT2878731.ThirdPartyComponentsLastUpdate", "1331805997");
Deleted : user_pref("CT2878731.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2878731.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2878731");
Deleted : user_pref("CT2878731.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2878731.UserID", "UN64532683077598554");
Deleted : user_pref("CT2878731.ValidationData_Search", 1);
Deleted : user_pref("CT2878731.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2878731.WeatherNetwork", "");
Deleted : user_pref("CT2878731.WeatherPollDate", "Fri Jul 13 2012 20:33:21 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT2878731.WeatherUnit", "F");
Deleted : user_pref("CT2878731.alertChannelId", "1270698");
Deleted : user_pref("CT2878731.approveUntrustedApps", false);
Deleted : user_pref("CT2878731.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B4D4[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C474[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e.:2z527", "247E707571777278333228702A7B797B7B7E30273224262[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F5[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C434[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e06cg5el8:", "6E6D6E726B6B706D716F");
Deleted : user_pref("CT2878731.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737478717176737775242F4B4947[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E4129554[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D322934435[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e31;cj6j:fi;#ncf", "247E61393F236B25737072772A212C6E414F444[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e31;cj7fk;kg#8qkef)til", "247E61393F236B25737476742A212C6E4[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e31;cj7fk;kg#ncep@mc+vkn", "247E61393F236B25737471712A212C6[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e31;cj7fk;kg#oqq;igi+vkn", "247E61393F236B25737471722A212C6[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e31;cj<f8gbf8$odg", "247E61393F236B257078767A2A212C6E414F44[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e31;cj><5h;\"mbe", "247E61393F236B25756F73732A212C6E414F444[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e31;cjc<=fbj#ncf", "247E61393F236B25757677712A212C6E414F444[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e31;cjcj?h;;aa%peh", "247E61393F236B25757677732A212C6E414F4[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e31;cjg=g9!lad", "247E61393F236B256E747329202B6D404E434C317[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e31;cjh?=jcm;>>nb(shk", "247E61393F236B2573777129202B6D404E[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e31;cjhb>f!lad", "247E61393F236B2573737929202B6D404E434C317[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e31;cjhbege<hjqfob)til", "247E61393F236B257174717A2A212C6E4[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e31;cjhj>b?iodmakru*ujm", "247E61393F236B25717171792A212C6E[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e31;cjig=ki\"mbe", "247E61393F236B2574717829202B6D404E434C3[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A5[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D495[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B3[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347474[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E7823322934495[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A3027324948554[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B3[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A355[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4F544A5[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E31283353515[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C4[...]
Deleted : user_pref("CT2878731.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C322934215[...]
Deleted : user_pref("CT2878731.backendstorage./9b-0?3g>d", "6B3E6B696C6C6D417A74794548207C794978257C4D7C532A28[...]
Deleted : user_pref("CT2878731.backendstorage./9b-0?3g@6:5;", "");
Deleted : user_pref("CT2878731.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Deleted : user_pref("CT2878731.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332[...]
Deleted : user_pref("CT2878731.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");
Deleted : user_pref("CT2878731.backendstorage./9b3=>@44i48?", "372C2D32697576334236334148477B213F3E484F4E4D464[...]
Deleted : user_pref("CT2878731.backendstorage./9b5ba==9cjag", "6E6F713E3D6E716F7A44784845737A7C4E4A78517D");
Deleted : user_pref("CT2878731.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6E726B6B6F757071737979");
Deleted : user_pref("CT2878731.backendstorage./9b9643g3/9e", "6A");
Deleted : user_pref("CT2878731.backendstorage./9b<:222h64<", "393F352F3E");
Deleted : user_pref("CT2878731.backendstorage./9b=+03eh8h8j?:", "4443");
Deleted : user_pref("CT2878731.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Deleted : user_pref("CT2878731.backendstorage./9b?b0d:8aj62<h", "6D");
Deleted : user_pref("CT2878731.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Deleted : user_pref("CT2878731.backendstorage.cb_experience_000", "32");
Deleted : user_pref("CT2878731.backendstorage.cb_firstuse0100", "31");
Deleted : user_pref("CT2878731.backendstorage.cb_user_id_000", "43423334383935383932303735305F46697265666F78")[...]
Deleted : user_pref("CT2878731.backendstorage.cbcountry_000", "5553");
Deleted : user_pref("CT2878731.backendstorage.cbcountry_001", "5553");
Deleted : user_pref("CT2878731.backendstorage.cbfirsttime", "53756E204A616E20323920323031322031353A31343A31362[...]
Deleted : user_pref("CT2878731.backendstorage.hxxp://api10_thetrafficstat_net.pid2", "333434353739646336653766[...]
Deleted : user_pref("CT2878731.backendstorage.hxxp://api15_thetrafficstat_net.pid2", "623735316137623163323735[...]
Deleted : user_pref("CT2878731.backendstorage.hxxp://api16_thetrafficstat_net.pid2", "313439313031613863663231[...]
Deleted : user_pref("CT2878731.backendstorage.hxxp://api18_thetrafficstat_net.pid2", "363931613036363566313536[...]
Deleted : user_pref("CT2878731.backendstorage.hxxp://api19_thetrafficstat_net.pid2", "663231636138663931343834[...]
Deleted : user_pref("CT2878731.backendstorage.hxxp://api20_thetrafficstat_net.pid2", "663137396630303863616235[...]
Deleted : user_pref("CT2878731.backendstorage.hxxp://api21_thetrafficstat_net.pid2", "363563356662653864643530[...]
Deleted : user_pref("CT2878731.backendstorage.hxxp://api22_thetrafficstat_net.pid2", "623735316137623163323735[...]
Deleted : user_pref("CT2878731.backendstorage.hxxp://api25_thetrafficstat_net.pid2", "623735316137623163323735[...]
Deleted : user_pref("CT2878731.backendstorage.hxxp://api26_thetrafficstat_net.pid2", "363563356662653864643530[...]
Deleted : user_pref("CT2878731.backendstorage.hxxp://api28_thetrafficstat_net.pid2", "346435396536356536326263[...]
Deleted : user_pref("CT2878731.backendstorage.hxxp://api29_thetrafficstat_net.pid2", "616563306337633835346361[...]
Deleted : user_pref("CT2878731.backendstorage.hxxp://api30_thetrafficstat_net.pid2", "343331353534646333656539[...]
Deleted : user_pref("CT2878731.backendstorage.hxxp://api31_thetrafficstat_net.pid2", "313136316362383535643439[...]
Deleted : user_pref("CT2878731.backendstorage.hxxp://api32_thetrafficstat_net.pid2", "613265313334626232343861[...]
Deleted : user_pref("CT2878731.backendstorage.hxxp://api6_thetrafficstat_net.pid2", "6464363438653935303563333[...]
Deleted : user_pref("CT2878731.backendstorage.shoppingapp.gk.exipres", "5468752041756720303920323031322030303A[...]
Deleted : user_pref("CT2878731.backendstorage.shoppingapp.gk.geolocation", "756E6974656420737461746573");
Deleted : user_pref("CT2878731.backendstorage.url_history", "687474703A2F2F666F72756D732E61746F7A7465616368657[...]
Deleted : user_pref("CT2878731.backendstorage.url_history0001", "687474703A2F2F7777772E796F75747562652E636F6D2[...]
Deleted : user_pref("CT2878731.backendstorage.url_history_time", "31333238363731313438363733");
Deleted : user_pref("CT2878731.components.1000082", false);
Deleted : user_pref("CT2878731.components.1000234", false);
Deleted : user_pref("CT2878731.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2878731.globalFirstTimeInfoLastCheckTime", "Sat Aug 04 2012 00:02:14 GMT-0400 (Eastern [...]
Deleted : user_pref("CT2878731.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2878731.initDone", true);
Deleted : user_pref("CT2878731.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2878731.isFirstRadioInstallation", false);
Deleted : user_pref("CT2878731.myStuffEnabled", true);
Deleted : user_pref("CT2878731.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2878731.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2878731.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2878731.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2878731.oldAppsList", "129372264943337713,129372264944118965,111,129847533896103519,129[...]
Deleted : user_pref("CT2878731.revertSettingsEnabled", false);
Deleted : user_pref("CT2878731.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2878731.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2878731.testingCtid", "");
Deleted : user_pref("CT2878731.toolbarAppMetaDataLastCheckTime", "Sat Aug 04 2012 00:02:14 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2878731.toolbarContextMenuLastCheckTime", "Tue Jul 24 2012 20:34:16 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2878731.usagesFlag", 2);
Deleted : user_pref("CT3072253.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3072253.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT3072253.FirstTime", "true");
Deleted : user_pref("CT3072253.FirstTimeFF3", "true");
Deleted : user_pref("CT3072253.UserID", "UN87678272732633376");
Deleted : user_pref("CT3072253.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT3072253.autoDisableScopes", 10);
Deleted : user_pref("CT3072253.cbcountry_001", "US");
Deleted : user_pref("CT3072253.cbfirsttime", "Wed Aug 08 2012 18:05:45 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT3072253.defaultSearch", "FALSE");
Deleted : user_pref("CT3072253.embeddedsData", "[{\"appId\":\"129571859753931591\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT3072253.enableAlerts", "always");
Deleted : user_pref("CT3072253.enableSearchFromAddressBar", "FALSE");
Deleted : user_pref("CT3072253.firstTimeDialogOpened", "true");
Deleted : user_pref("CT3072253.fixPageNotFoundError", "true");
Deleted : user_pref("CT3072253.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT3072253.fixUrls", true);
Deleted : user_pref("CT3072253.installId", "fft5B9.tmp.exe");
Deleted : user_pref("CT3072253.installType", "XPE");
Deleted : user_pref("CT3072253.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3072253.isNewTabEnabled", true);
Deleted : user_pref("CT3072253.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT3072253.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT3072253.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Deleted : user_pref("CT3072253.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...]
Deleted : user_pref("CT3072253.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Deleted : user_pref("CT3072253.openThankYouPage", "true");
Deleted : user_pref("CT3072253.openUninstallPage", "FALSE");
Deleted : user_pref("CT3072253.search.searchAppId", "129571859753931591");
Deleted : user_pref("CT3072253.search.searchCount", "0");
Deleted : user_pref("CT3072253.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT3072253.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3072253.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT3072253.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT3072253.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT3072253.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3072253.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3072253.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT3072253.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1344414884393");
Deleted : user_pref("CT3072253.serviceLayer_services_appTracking_lastUpdate", "1344463534832");
Deleted : user_pref("CT3072253.serviceLayer_services_appsMetadata_lastUpdate", "1344908416477");
Deleted : user_pref("CT3072253.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1344463535293");
Deleted : user_pref("CT3072253.serviceLayer_services_login_10.10.20.14_lastUpdate", "1344924079674");
Deleted : user_pref("CT3072253.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1344414885475");
Deleted : user_pref("CT3072253.serviceLayer_services_searchAPI_lastUpdate", "1344913905330");
Deleted : user_pref("CT3072253.serviceLayer_services_serviceMap_lastUpdate", "1344913903756");
Deleted : user_pref("CT3072253.serviceLayer_services_toolbarContextMenu_lastUpdate", "1344414885424");
Deleted : user_pref("CT3072253.serviceLayer_services_toolbarSettings_lastUpdate", "1344924079788");
Deleted : user_pref("CT3072253.serviceLayer_services_translation_lastUpdate", "1344913904609");
Deleted : user_pref("CT3072253.settingsINI", true);
Deleted : user_pref("CT3072253.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT3072253.smartbar.CTID", "CT3072253");
Deleted : user_pref("CT3072253.smartbar.Uninstall", "0");
Deleted : user_pref("CT3072253.smartbar.toolbarName", "uTorrentControl2 ");
Deleted : user_pref("CT3072253.toolbarBornServerTime", "9-8-2012");
Deleted : user_pref("CT3072253.toolbarCurrentServerTime", "14-8-2012");
Deleted : user_pref("CT3072253.url_history0001", "hxxp://www.msn.com/?pc=Z131&install_date=20110912#:::clickha[...]
Deleted : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2612669");
Deleted : user_pref("CommunityToolbar.ConduitSearchList", " ,IncrediMail MediaBar 4 Customized Web Search");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2117678/CT2117678[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2612669/CT2612669[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2878731/CT2878731[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1005466/1001181/US", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/US", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1270698/1266370/US", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/522511/518381/US", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/US", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2117678", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2612669", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2878731", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2117678",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2612669",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2786678",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2878731",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2786678&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2878731&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2612669/CT2612669[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"8ec[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/20566976.xml", "\"a13df0005714429ab0c[...]
Deleted : user_pref("CommunityToolbar.EngineHiddenByUser", true);
Deleted : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Deleted : user_pref("CommunityToolbar.IsEngineShown", false);
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Administrator\\AppData\\Roaming\\Mo[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0");
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_e[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://youtube.conduitapps.com/v115/gadget.php?appMo[...]
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.crawler.com/search/dispatcher[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2117678,ConduitEngine,CT2612669,CT2786678,CT2878731");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2117678,CT2612669,CT2786678,CT2878731");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2786678,CT2878731");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sun Jun 05 2011 17:13:19 GMT-04[...]
Deleted : user_pref("CommunityToolbar.alert.alertEnabled", true);
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Jun 19 2011 19:06:36 GMT-0400 (Easte[...]
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Jun 22 2011 12:47:26 GMT-0400 (Eastern D[...]
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "970052e0-f649-4d6c-849c-85c4bdd90b77");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Tue May 22 2012 19:38:17 GMT-0400 (Eas[...]
Deleted : user_pref("CommunityToolbar.globalUserId", "7ba51fa7-2d9e-4f12-aae5-5f03df452ebf");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2878731");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Aug 04 2012 00:02:3[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Aug 04 2012 00:02:37 GMT-040[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Aug 04 2012 00:02:17 GMT-0400 (E[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "5910a9a6-df18-4a13-a05e-0e3cb0e118fe");
Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.msn.com/?pc=Z131&install_date=20110912");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", " ");
Deleted : user_pref("CommunityToolbar.twitter.user_20566976.LastCheckTime", "Tue Feb 28 2012 20:30:12 GMT-0500[...]
Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Wed May 25 2011 20:12:55 GMT-0400 (Eastern Dayl[...]
Deleted : user_pref("ConduitEngine.CTID", "ConduitEngine");
Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Mon Apr 25 2011 19:23:52 GMT-0400 (Eastern Da[...]
Deleted : user_pref("ConduitEngine.FirstServerDate", "03/25/2011 23");
Deleted : user_pref("ConduitEngine.FirstTime", true);
Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Deleted : user_pref("ConduitEngine.Initialize", true);
Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Deleted : user_pref("ConduitEngine.InstalledDate", "Fri Mar 25 2011 16:33:04 GMT-0400 (Eastern Daylight Time)"[...]
Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Tue Apr 26 2011 19:23:55 GMT-0400 (Eastern Day[...]
Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Tue Apr 26 2011 18:09:01 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Tue Apr 26 2011 18:09:01 GMT-0400 (Eastern Dayligh[...]
Deleted : user_pref("ConduitEngine.UserID", "UN00283888100693319");
Deleted : user_pref("ConduitEngine.componentAlertEnabled", false);
Deleted : user_pref("ConduitEngine.engineLocale", "en-US");
Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Tue Apr 26 2011 19:23:55 GMT-0400 (Easte[...]
Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Tue Apr 26 2011 18:09:01 GMT-0400 (East[...]
Deleted : user_pref("ConduitEngine.initDone", true);
Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Deleted : user_pref("ConduitEngine.usagesFlag", 2);
Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://www.crawler.com/search/dispatcher.aspx?tp[...]
Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT2878731");
Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Deleted : user_pref("browser.search.defaultthis.engineName", "IncrediMail MediaBar 4 Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2878731&Sea[...]
Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)");
Deleted : user_pref("browser.search.selectedEngine", "Search the web (Babylon)");
Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar.babExt", "somoto");
Deleted : user_pref("extensions.BabylonToolbar.babTrack", "affID=100789");
Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 23);
Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Deleted : user_pref("extensions.BabylonToolbar.dfltSrch", true);
Deleted : user_pref("extensions.BabylonToolbar.firstRun", false);
Deleted : user_pref("extensions.BabylonToolbar.hmpg", true);
Deleted : user_pref("extensions.BabylonToolbar.id", "1eca3cf8000000000000001f33eff1ea");
Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15323");
Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?AF=100789&babsrc=adbar[...]
Deleted : user_pref("extensions.BabylonToolbar.lastDP", 23);
Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1716:26:34");
Deleted : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "14.0");
Deleted : user_pref("extensions.BabylonToolbar.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_FFUP");
Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar.propectorlck", 81659030);
Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 1);
Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar.srchPrvdr", "Search the web (Babylon)");
Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "tb5");
Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1716:26:34");
Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "somoto");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=100789");
Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "1eca3cf8000000000000001f33eff1ea");
Deleted : user_pref("extensions.BabylonToolbar_i.id", "1eca3cf8000000000000001f33eff1ea");
Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15323");
Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb5");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1716:26:34");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Deleted : user_pref("extensions.facemoods._xpiupdate", true);
Deleted : user_pref("extensions.facemoods.aflt", "orgnl");
Deleted : user_pref("extensions.facemoods.fcmdVrsn", "1.2.7.5.4");
Deleted : user_pref("extensions.facemoods.firstRun", false);
Deleted : user_pref("extensions.facemoods.first_time", false);
Deleted : user_pref("extensions.facemoods.forceOptOutPrefs", true);
Deleted : user_pref("extensions.facemoods.id", "_#d41d118ca0f44f948621ce0d754b9f1f");
Deleted : user_pref("extensions.facemoods.instlDay", "_#15203");
Deleted : user_pref("extensions.facemoods.lastActv", "17");
Deleted : user_pref("extensions.facemoods.lastVrsnTs", "");
Deleted : user_pref("extensions.facemoods.prtnrId", "_#facemoods.com");
Deleted : user_pref("extensions.facemoods.showUpgradePrefs", true);
Deleted : user_pref("extensions.facemoods.sid", "_#d41d118ca0f44f948621ce0d754b9f1f");
Deleted : user_pref("extensions.facemoods.smplGrp", "free");
Deleted : user_pref("extensions.facemoods.update", "_#v1.4.0");
Deleted : user_pref("extensions.facemoods.vrsn", "_#1.4.17.5");
Deleted : user_pref("extensions.gamesbar.pogous.config.file", "<?xml version=\"1.0\" encoding=\"utf-8\"?>\r\n<[...]
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2878731&SearchSource=2&q=[...]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v [Unable to get version]

File : C:\Users\Administrator\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [99677 octets] - [15/08/2012 23:27:27]

########## EOF - C:\AdwCleaner[S1].txt - [99806 octets] ##########

#14 Rashawn

Rashawn
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:12 PM

Posted 15 August 2012 - 10:40 PM

I'm still scanning Malwarebytes.... since the popup of winrscmde is still popping up.

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:12 PM

Posted 15 August 2012 - 10:42 PM

Abort MBAM scan.

Download a new copy of TDSSkiller from here

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users