Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't get rid of Google Redirect.


  • Please log in to reply
35 replies to this topic

#1 sarahann104

sarahann104

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Western Australia
  • Local time:12:48 AM

Posted 12 October 2012 - 07:44 PM

Hi guys,
As the title says I can't get rid of google redirect.
I have used Malwarebytes, super anti spyware, Tdss, a symantec tool i think is like tdss, and spybot.
I found a site that also says to delete lines in the host file but it won't let me save it afterwards. I have taken screenshots of the host file but don't know how to post them here. Below is what I am trying to delete but will wait for more advice.



# localhost name resolution is handle within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost


BC AdBot (Login to Remove)

 


#2 code13

code13

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:48 PM

Posted 12 October 2012 - 08:05 PM

You need to save it with Administrator priv.

#3 sarahann104

sarahann104
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Western Australia
  • Local time:12:48 AM

Posted 12 October 2012 - 08:12 PM

I am admin on my computer, I don't know how to specifically save something with Admin privileges as I am always logged in on this one, I hope that makes sense.

#4 code13

code13

  • Members
  • 136 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:48 PM

Posted 12 October 2012 - 08:21 PM

Yes, it makes sense.

Click Start, click Run, type
%systemroot%\system32\drivers\etc
then click OK.
Copy and paste the Host file to your desktop.
Rename the Hosts file in the "etc" folder to Hosts.old
Edit the Host file on your desktop and save.
Drag and drop it into the folder Etc.

If you don't mind having it done automated, Microsoft has a Fix it tool.
http://go.microsoft.com/?linkid=9668866


Microsoft Fix it 50267

Edited by code13, 12 October 2012 - 08:23 PM.


#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:48 AM

Posted 12 October 2012 - 08:32 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#6 sarahann104

sarahann104
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Western Australia
  • Local time:12:48 AM

Posted 13 October 2012 - 02:20 AM

I have earlier log results for TDSS ,as well if needed. From 2 days ago.
Sorry it has taken so long I had to work for a couple of hours.

10:17:52.0246 0732 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
10:17:54.0248 0732 ============================================================
10:17:54.0248 0732 Current date / time: 2012/10/13 10:17:54.0248
10:17:54.0248 0732 SystemInfo:
10:17:54.0248 0732
10:17:54.0249 0732 OS Version: 6.1.7601 ServicePack: 1.0
10:17:54.0249 0732 Product type: Workstation
10:17:54.0249 0732 ComputerName: SARAH-PC
10:17:54.0249 0732 UserName: Sarah
10:17:54.0249 0732 Windows directory: C:\Windows
10:17:54.0249 0732 System windows directory: C:\Windows
10:17:54.0249 0732 Running under WOW64
10:17:54.0249 0732 Processor architecture: Intel x64
10:17:54.0249 0732 Number of processors: 4
10:17:54.0249 0732 Page size: 0x1000
10:17:54.0249 0732 Boot type: Normal boot
10:17:54.0249 0732 ============================================================
10:17:56.0277 0732 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:17:56.0288 0732 ============================================================
10:17:56.0288 0732 \Device\Harddisk0\DR0:
10:17:56.0288 0732 MBR partitions:
10:17:56.0288 0732 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B58800, BlocksNum 0x32000
10:17:56.0288 0732 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B8A800, BlocksNum 0x395BD000
10:17:56.0288 0732 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3B147800, BlocksNum 0x395BEDB0
10:17:56.0288 0732 ============================================================
10:17:56.0353 0732 C: <-> \Device\Harddisk0\DR0\Partition2
10:17:56.0413 0732 D: <-> \Device\Harddisk0\DR0\Partition3
10:17:56.0414 0732 ============================================================
10:17:56.0414 0732 Initialize success
10:17:56.0414 0732 ============================================================
10:18:07.0862 1500 ============================================================
10:18:07.0862 1500 Scan started
10:18:07.0862 1500 Mode: Manual; TDLFS;
10:18:07.0862 1500 ============================================================
10:18:08.0685 1500 ================ Scan system memory ========================
10:18:08.0685 1500 System memory - ok
10:18:08.0685 1500 ================ Scan services =============================
10:18:08.0768 1500 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
10:18:08.0779 1500 !SASCORE - ok
10:18:08.0929 1500 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:18:08.0932 1500 1394ohci - ok
10:18:08.0951 1500 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:18:08.0955 1500 ACPI - ok
10:18:08.0983 1500 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:18:08.0985 1500 AcpiPmi - ok
10:18:09.0085 1500 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:18:09.0086 1500 AdobeARMservice - ok
10:18:09.0180 1500 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:18:09.0216 1500 AdobeFlashPlayerUpdateSvc - ok
10:18:09.0242 1500 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:18:09.0247 1500 adp94xx - ok
10:18:09.0271 1500 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:18:09.0275 1500 adpahci - ok
10:18:09.0295 1500 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:18:09.0298 1500 adpu320 - ok
10:18:09.0327 1500 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:18:09.0328 1500 AeLookupSvc - ok
10:18:09.0375 1500 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:18:09.0381 1500 AFD - ok
10:18:09.0394 1500 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:18:09.0395 1500 agp440 - ok
10:18:09.0407 1500 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:18:09.0409 1500 ALG - ok
10:18:09.0422 1500 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:18:09.0423 1500 aliide - ok
10:18:09.0437 1500 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:18:09.0438 1500 amdide - ok
10:18:09.0456 1500 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:18:09.0458 1500 AmdK8 - ok
10:18:09.0471 1500 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:18:09.0473 1500 AmdPPM - ok
10:18:09.0496 1500 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:18:09.0498 1500 amdsata - ok
10:18:09.0506 1500 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:18:09.0509 1500 amdsbs - ok
10:18:09.0537 1500 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:18:09.0538 1500 amdxata - ok
10:18:09.0566 1500 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:18:09.0567 1500 AppID - ok
10:18:09.0585 1500 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:18:09.0594 1500 AppIDSvc - ok
10:18:09.0643 1500 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:18:09.0644 1500 Appinfo - ok
10:18:09.0720 1500 [ D8E18021F91AD79CA8491CB5A5DA22D4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:18:09.0721 1500 Apple Mobile Device - ok
10:18:09.0742 1500 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
10:18:09.0744 1500 arc - ok
10:18:09.0763 1500 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:18:09.0765 1500 arcsas - ok
10:18:09.0829 1500 ASPI32 - ok
10:18:09.0870 1500 aspnet_state - ok
10:18:09.0880 1500 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:18:09.0881 1500 AsyncMac - ok
10:18:09.0922 1500 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:18:09.0923 1500 atapi - ok
10:18:09.0975 1500 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:18:09.0981 1500 AudioEndpointBuilder - ok
10:18:09.0993 1500 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:18:09.0998 1500 AudioSrv - ok
10:18:10.0029 1500 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:18:10.0041 1500 AxInstSV - ok
10:18:10.0064 1500 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:18:10.0087 1500 b06bdrv - ok
10:18:10.0125 1500 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:18:10.0128 1500 b57nd60a - ok
10:18:10.0157 1500 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:18:10.0159 1500 BDESVC - ok
10:18:10.0190 1500 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:18:10.0191 1500 Beep - ok
10:18:10.0253 1500 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
10:18:10.0259 1500 BFE - ok
10:18:10.0443 1500 [ A45BE4E091636F6C86D6E4FC945D5A26 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120928.001\BHDrvx64.sys
10:18:10.0452 1500 BHDrvx64 - ok
10:18:10.0479 1500 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
10:18:10.0488 1500 BITS - ok
10:18:10.0499 1500 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:18:10.0500 1500 blbdrive - ok
10:18:10.0572 1500 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:18:10.0577 1500 Bonjour Service - ok
10:18:10.0629 1500 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:18:10.0640 1500 bowser - ok
10:18:10.0657 1500 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:18:10.0658 1500 BrFiltLo - ok
10:18:10.0672 1500 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:18:10.0674 1500 BrFiltUp - ok
10:18:10.0709 1500 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
10:18:10.0710 1500 Browser - ok
10:18:10.0725 1500 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:18:10.0730 1500 Brserid - ok
10:18:10.0776 1500 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:18:10.0777 1500 BrSerWdm - ok
10:18:10.0798 1500 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:18:10.0800 1500 BrUsbMdm - ok
10:18:10.0812 1500 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:18:10.0814 1500 BrUsbSer - ok
10:18:10.0825 1500 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:18:10.0827 1500 BTHMODEM - ok
10:18:10.0853 1500 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:18:10.0873 1500 bthserv - ok
10:18:10.0954 1500 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\0604000.009\ccSetx64.sys
10:18:10.0957 1500 ccSet_N360 - ok
10:18:11.0011 1500 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:18:11.0025 1500 cdfs - ok
10:18:11.0073 1500 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:18:11.0075 1500 cdrom - ok
10:18:11.0119 1500 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:18:11.0120 1500 CertPropSvc - ok
10:18:11.0136 1500 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:18:11.0138 1500 circlass - ok
10:18:11.0162 1500 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:18:11.0166 1500 CLFS - ok
10:18:11.0186 1500 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:18:11.0189 1500 clr_optimization_v2.0.50727_32 - ok
10:18:11.0230 1500 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:18:11.0241 1500 clr_optimization_v2.0.50727_64 - ok
10:18:11.0350 1500 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:18:11.0372 1500 clr_optimization_v4.0.30319_32 - ok
10:18:11.0417 1500 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:18:11.0419 1500 clr_optimization_v4.0.30319_64 - ok
10:18:11.0432 1500 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:18:11.0433 1500 CmBatt - ok
10:18:11.0445 1500 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:18:11.0447 1500 cmdide - ok
10:18:11.0483 1500 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
10:18:11.0488 1500 CNG - ok
10:18:11.0501 1500 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:18:11.0502 1500 Compbatt - ok
10:18:11.0547 1500 [ 19431BE8FC5EFB79551E2171D2B53D47 ] CompFilter64 C:\Windows\system32\DRIVERS\lvbflt64.sys
10:18:11.0548 1500 CompFilter64 - ok
10:18:11.0587 1500 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:18:11.0589 1500 CompositeBus - ok
10:18:11.0594 1500 COMSysApp - ok
10:18:11.0606 1500 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:18:11.0628 1500 crcdisk - ok
10:18:11.0674 1500 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:18:11.0676 1500 CryptSvc - ok
10:18:11.0716 1500 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:18:11.0722 1500 DcomLaunch - ok
10:18:11.0775 1500 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:18:11.0778 1500 defragsvc - ok
10:18:11.0807 1500 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:18:11.0809 1500 DfsC - ok
10:18:11.0842 1500 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:18:11.0846 1500 Dhcp - ok
10:18:11.0863 1500 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:18:11.0865 1500 discache - ok
10:18:11.0873 1500 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:18:11.0875 1500 Disk - ok
10:18:11.0903 1500 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:18:11.0905 1500 Dnscache - ok
10:18:11.0941 1500 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:18:11.0944 1500 dot3svc - ok
10:18:11.0967 1500 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:18:11.0969 1500 DPS - ok
10:18:11.0981 1500 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:18:11.0999 1500 drmkaud - ok
10:18:12.0040 1500 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:18:12.0047 1500 DXGKrnl - ok
10:18:12.0057 1500 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:18:12.0059 1500 EapHost - ok
10:18:12.0129 1500 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:18:12.0201 1500 ebdrv - ok
10:18:12.0260 1500 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
10:18:12.0279 1500 eeCtrl - ok
10:18:12.0296 1500 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
10:18:12.0298 1500 EFS - ok
10:18:12.0349 1500 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:18:12.0356 1500 ehRecvr - ok
10:18:12.0382 1500 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:18:12.0384 1500 ehSched - ok
10:18:12.0412 1500 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:18:12.0419 1500 elxstor - ok
10:18:12.0475 1500 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
10:18:12.0476 1500 EraserUtilRebootDrv - ok
10:18:12.0491 1500 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:18:12.0492 1500 ErrDev - ok
10:18:12.0533 1500 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:18:12.0538 1500 EventSystem - ok
10:18:12.0552 1500 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:18:12.0556 1500 exfat - ok
10:18:12.0577 1500 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:18:12.0580 1500 fastfat - ok
10:18:12.0622 1500 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:18:12.0630 1500 Fax - ok
10:18:12.0671 1500 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:18:12.0686 1500 fdc - ok
10:18:12.0707 1500 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:18:12.0708 1500 fdPHost - ok
10:18:12.0717 1500 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:18:12.0718 1500 FDResPub - ok
10:18:12.0736 1500 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:18:12.0737 1500 FileInfo - ok
10:18:12.0746 1500 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:18:12.0747 1500 Filetrace - ok
10:18:12.0825 1500 [ 24E57C2F50C276D0BE997214DA025D13 ] Fitbit C:\Program Files (x86)\Fitbit\fitbit.exe
10:18:12.0834 1500 Fitbit - ok
10:18:12.0852 1500 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:18:12.0853 1500 flpydisk - ok
10:18:12.0894 1500 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:18:12.0897 1500 FltMgr - ok
10:18:12.0944 1500 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
10:18:12.0955 1500 FontCache - ok
10:18:13.0002 1500 [ 919B583C22B6E4FB967795997B1C4B24 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:18:13.0005 1500 FontCache3.0.0.0 - ok
10:18:13.0058 1500 [ A9FF65EA14E4CABFCC1BB8ECE111A249 ] ForceWare Intelligent Application Manager (IAM) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
10:18:13.0065 1500 ForceWare Intelligent Application Manager (IAM) - ok
10:18:13.0091 1500 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:18:13.0092 1500 FsDepends - ok
10:18:13.0122 1500 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:18:13.0123 1500 Fs_Rec - ok
10:18:13.0165 1500 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:18:13.0168 1500 fvevol - ok
10:18:13.0188 1500 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:18:13.0190 1500 gagp30kx - ok
10:18:13.0220 1500 [ AF4DEE5531395DEE72B35B36C9671FD0 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:18:13.0239 1500 GEARAspiWDM - ok
10:18:13.0271 1500 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:18:13.0279 1500 gpsvc - ok
10:18:13.0352 1500 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
10:18:13.0364 1500 Greg_Service - ok
10:18:13.0452 1500 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:18:13.0453 1500 gupdate - ok
10:18:13.0477 1500 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:18:13.0478 1500 gupdatem - ok
10:18:13.0504 1500 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:18:13.0520 1500 gusvc - ok
10:18:13.0553 1500 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:18:13.0568 1500 hcw85cir - ok
10:18:13.0623 1500 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:18:13.0627 1500 HdAudAddService - ok
10:18:13.0645 1500 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:18:13.0646 1500 HDAudBus - ok
10:18:13.0662 1500 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:18:13.0664 1500 HidBatt - ok
10:18:13.0686 1500 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:18:13.0688 1500 HidBth - ok
10:18:13.0700 1500 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:18:13.0702 1500 HidIr - ok
10:18:13.0727 1500 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
10:18:13.0728 1500 hidserv - ok
10:18:13.0748 1500 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:18:13.0749 1500 HidUsb - ok
10:18:13.0776 1500 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:18:13.0778 1500 hkmsvc - ok
10:18:13.0811 1500 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:18:13.0814 1500 HomeGroupListener - ok
10:18:13.0852 1500 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:18:13.0855 1500 HomeGroupProvider - ok
10:18:13.0896 1500 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:18:13.0903 1500 HpSAMD - ok
10:18:14.0065 1500 [ E23FE84B6BC3CFC55F48C327A6316220 ] hshld C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
10:18:14.0070 1500 hshld - ok
10:18:14.0101 1500 [ A60C877E1CD3AA2E4E5CCD8AF305C0F1 ] HssDrv C:\Windows\system32\DRIVERS\HssDrv.sys
10:18:14.0120 1500 HssDrv - ok
10:18:14.0206 1500 [ C7B4E25747A5BD715026B9D769F51C5E ] HssSrv C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
10:18:14.0211 1500 HssSrv - ok
10:18:14.0234 1500 [ 152C3118097A3462790B50AE5F5CDAAA ] HssTrayService C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
10:18:14.0235 1500 HssTrayService - ok
10:18:14.0321 1500 [ 76B79A1AFDD992812C21C0C015744D15 ] HssWd C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
10:18:14.0326 1500 HssWd - ok
10:18:14.0384 1500 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:18:14.0392 1500 HTTP - ok
10:18:14.0438 1500 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:18:14.0452 1500 hwpolicy - ok
10:18:14.0490 1500 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:18:14.0492 1500 i8042prt - ok
10:18:14.0523 1500 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:18:14.0528 1500 iaStorV - ok
10:18:14.0575 1500 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:18:14.0585 1500 idsvc - ok
10:18:14.0756 1500 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20121012.001\IDSvia64.sys
10:18:14.0761 1500 IDSVia64 - ok
10:18:14.0782 1500 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:18:14.0784 1500 iirsp - ok
10:18:14.0884 1500 [ CE1EE31FFF730CA975A5535D8A71AF61 ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
10:18:14.0885 1500 IJPLMSVC - ok
10:18:14.0909 1500 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:18:14.0918 1500 IKEEXT - ok
10:18:15.0006 1500 [ BC64B75E8E0A0B8982AB773483164E72 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:18:15.0029 1500 IntcAzAudAddService - ok
10:18:15.0051 1500 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:18:15.0053 1500 intelide - ok
10:18:15.0076 1500 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:18:15.0077 1500 intelppm - ok
10:18:15.0099 1500 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:18:15.0101 1500 IPBusEnum - ok
10:18:15.0128 1500 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:18:15.0130 1500 IpFilterDriver - ok
10:18:15.0166 1500 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:18:15.0171 1500 iphlpsvc - ok
10:18:15.0212 1500 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:18:15.0230 1500 IPMIDRV - ok
10:18:15.0250 1500 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:18:15.0252 1500 IPNAT - ok
10:18:15.0324 1500 [ 3C0D4B3E80FC4854CA325DD123CC4DED ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:18:15.0334 1500 iPod Service - ok
10:18:15.0374 1500 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:18:15.0390 1500 IRENUM - ok
10:18:15.0405 1500 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:18:15.0407 1500 isapnp - ok
10:18:15.0440 1500 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:18:15.0444 1500 iScsiPrt - ok
10:18:15.0513 1500 [ FE1A970E7CE330BB844E333C374C6599 ] iWinTrusted C:\Program Files (x86)\iWin Games\iWinTrusted.exe
10:18:15.0516 1500 iWinTrusted - ok
10:18:15.0534 1500 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:18:15.0535 1500 kbdclass - ok
10:18:15.0558 1500 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:18:15.0559 1500 kbdhid - ok
10:18:15.0568 1500 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
10:18:15.0569 1500 KeyIso - ok
10:18:15.0607 1500 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:18:15.0622 1500 KSecDD - ok
10:18:15.0642 1500 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:18:15.0645 1500 KSecPkg - ok
10:18:15.0650 1500 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:18:15.0659 1500 ksthunk - ok
10:18:15.0683 1500 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:18:15.0705 1500 KtmRm - ok
10:18:15.0747 1500 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:18:15.0750 1500 LanmanServer - ok
10:18:15.0785 1500 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:18:15.0787 1500 LanmanWorkstation - ok
10:18:15.0817 1500 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:18:15.0819 1500 lltdio - ok
10:18:15.0860 1500 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:18:15.0866 1500 lltdsvc - ok
10:18:15.0897 1500 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:18:15.0898 1500 lmhosts - ok
10:18:15.0926 1500 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:18:15.0928 1500 LSI_FC - ok
10:18:15.0939 1500 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:18:15.0941 1500 LSI_SAS - ok
10:18:15.0950 1500 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:18:15.0952 1500 LSI_SAS2 - ok
10:18:15.0963 1500 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:18:15.0965 1500 LSI_SCSI - ok
10:18:15.0994 1500 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:18:15.0996 1500 luafv - ok
10:18:16.0044 1500 [ 8BB169810C66B32364886A8751325181 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
10:18:16.0047 1500 LVRS64 - ok
10:18:16.0169 1500 [ D49858FB1432A0601FCE2A9E452D6BC9 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
10:18:16.0250 1500 LVUVC64 - ok
10:18:16.0301 1500 lxdi_device - ok
10:18:16.0341 1500 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:18:16.0356 1500 Mcx2Svc - ok
10:18:16.0369 1500 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:18:16.0371 1500 megasas - ok
10:18:16.0392 1500 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:18:16.0409 1500 MegaSR - ok
10:18:16.0445 1500 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:18:16.0447 1500 MMCSS - ok
10:18:16.0465 1500 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:18:16.0467 1500 Modem - ok
10:18:16.0492 1500 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:18:16.0493 1500 monitor - ok
10:18:16.0534 1500 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:18:16.0535 1500 mouclass - ok
10:18:16.0548 1500 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:18:16.0550 1500 mouhid - ok
10:18:16.0584 1500 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:18:16.0586 1500 mountmgr - ok
10:18:16.0655 1500 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:18:16.0666 1500 MozillaMaintenance - ok
10:18:16.0697 1500 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:18:16.0699 1500 mpio - ok
10:18:16.0718 1500 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:18:16.0720 1500 mpsdrv - ok
10:18:16.0766 1500 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:18:16.0775 1500 MpsSvc - ok
10:18:16.0825 1500 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:18:16.0828 1500 MRxDAV - ok
10:18:16.0870 1500 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:18:16.0882 1500 mrxsmb - ok
10:18:16.0906 1500 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:18:16.0920 1500 mrxsmb10 - ok
10:18:16.0938 1500 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:18:16.0940 1500 mrxsmb20 - ok
10:18:16.0960 1500 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:18:16.0974 1500 msahci - ok
10:18:16.0998 1500 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:18:17.0000 1500 msdsm - ok
10:18:17.0026 1500 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:18:17.0029 1500 MSDTC - ok
10:18:17.0061 1500 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:18:17.0077 1500 Msfs - ok
10:18:17.0098 1500 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:18:17.0100 1500 mshidkmdf - ok
10:18:17.0118 1500 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:18:17.0119 1500 msisadrv - ok
10:18:17.0149 1500 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:18:17.0167 1500 MSiSCSI - ok
10:18:17.0173 1500 msiserver - ok
10:18:17.0200 1500 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:18:17.0209 1500 MSKSSRV - ok
10:18:17.0231 1500 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:18:17.0232 1500 MSPCLOCK - ok
10:18:17.0240 1500 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:18:17.0241 1500 MSPQM - ok
10:18:17.0273 1500 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:18:17.0277 1500 MsRPC - ok
10:18:17.0304 1500 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:18:17.0305 1500 mssmbios - ok
10:18:17.0322 1500 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:18:17.0323 1500 MSTEE - ok
10:18:17.0337 1500 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:18:17.0339 1500 MTConfig - ok
10:18:17.0367 1500 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:18:17.0369 1500 Mup - ok
10:18:17.0389 1500 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
10:18:17.0390 1500 mwlPSDFilter - ok
10:18:17.0406 1500 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
10:18:17.0407 1500 mwlPSDNServ - ok
10:18:17.0436 1500 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
10:18:17.0437 1500 mwlPSDVDisk - ok
10:18:17.0508 1500 [ 2F139207F618EC2933830227EEFFDDB4 ] MWLService C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
10:18:17.0513 1500 MWLService - ok
10:18:17.0587 1500 [ F2840DBFE9322F35557219AE82CC4597 ] N360 C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ccSvcHst.exe
10:18:17.0588 1500 N360 - ok
10:18:17.0660 1500 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:18:17.0665 1500 napagent - ok
10:18:17.0696 1500 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:18:17.0708 1500 NativeWifiP - ok
10:18:17.0783 1500 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20121012.016\ENG64.SYS
10:18:17.0803 1500 NAVENG - ok
10:18:17.0850 1500 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20121012.016\EX64.SYS
10:18:17.0875 1500 NAVEX15 - ok
10:18:17.0909 1500 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
10:18:17.0920 1500 NDIS - ok
10:18:17.0949 1500 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:18:17.0951 1500 NdisCap - ok
10:18:17.0965 1500 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:18:17.0977 1500 NdisTapi - ok
10:18:18.0005 1500 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:18:18.0022 1500 Ndisuio - ok
10:18:18.0052 1500 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:18:18.0055 1500 NdisWan - ok
10:18:18.0091 1500 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:18:18.0093 1500 NDProxy - ok
10:18:18.0150 1500 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
10:18:18.0178 1500 Nero BackItUp Scheduler 4.0 - ok
10:18:18.0195 1500 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:18:18.0196 1500 NetBIOS - ok
10:18:18.0227 1500 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:18:18.0231 1500 NetBT - ok
10:18:18.0245 1500 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
10:18:18.0247 1500 Netlogon - ok
10:18:18.0285 1500 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:18:18.0288 1500 Netman - ok
10:18:18.0325 1500 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:18:18.0341 1500 NetMsmqActivator - ok
10:18:18.0346 1500 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:18:18.0348 1500 NetPipeActivator - ok
10:18:18.0374 1500 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:18:18.0407 1500 netprofm - ok
10:18:18.0412 1500 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:18:18.0414 1500 NetTcpActivator - ok
10:18:18.0418 1500 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:18:18.0420 1500 NetTcpPortSharing - ok
10:18:18.0435 1500 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:18:18.0438 1500 nfrd960 - ok
10:18:18.0477 1500 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:18:18.0480 1500 NlaSvc - ok
10:18:18.0499 1500 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:18:18.0501 1500 Npfs - ok
10:18:18.0511 1500 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:18:18.0513 1500 nsi - ok
10:18:18.0530 1500 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:18:18.0550 1500 nsiproxy - ok
10:18:18.0584 1500 [ C04F5DEF37E55F6A34428B050F44D3D6 ] nSvcIp C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
10:18:18.0587 1500 nSvcIp - ok
10:18:18.0648 1500 [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:18:18.0670 1500 Ntfs - ok
10:18:18.0764 1500 [ BD691091AC7D9713D8F0B07C6B099E6C ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
10:18:18.0765 1500 NTI IScheduleSvc - ok
10:18:18.0786 1500 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
10:18:18.0787 1500 NTIDrvr - ok
10:18:18.0799 1500 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:18:18.0800 1500 Null - ok
10:18:18.0824 1500 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
10:18:18.0830 1500 NVENETFD - ok
10:18:18.0859 1500 [ 181E7FE39211E04128A30708906627D8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
10:18:18.0860 1500 NVHDA - ok
10:18:19.0093 1500 [ AC8CBE9A0663E88F6429EE5530D5E32B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:18:19.0202 1500 nvlddmkm - ok
10:18:19.0234 1500 [ 956A1F47826514C1EA0C295FE13C7377 ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
10:18:19.0237 1500 NVNET - ok
10:18:19.0260 1500 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:18:19.0262 1500 nvraid - ok
10:18:19.0299 1500 [ AFDE3015BB8D76E26BEC3B287C5443A0 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
10:18:19.0300 1500 nvsmu - ok
10:18:19.0336 1500 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:18:19.0338 1500 nvstor - ok
10:18:19.0358 1500 [ 7C7EEF51979658CE15BBC04F96A77D56 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
10:18:19.0360 1500 nvstor64 - ok
10:18:19.0386 1500 [ B9CF28813A6F19DA9776A7E49C61CD6E ] nvsvc C:\Windows\system32\nvvsvc.exe
10:18:19.0392 1500 nvsvc - ok
10:18:19.0413 1500 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:18:19.0415 1500 nv_agp - ok
10:18:19.0483 1500 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:18:19.0501 1500 odserv - ok
10:18:19.0524 1500 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:18:19.0526 1500 ohci1394 - ok
10:18:19.0570 1500 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:18:19.0587 1500 ose - ok
10:18:19.0618 1500 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:18:19.0623 1500 p2pimsvc - ok
10:18:19.0679 1500 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:18:19.0684 1500 p2psvc - ok
10:18:19.0708 1500 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:18:19.0710 1500 Parport - ok
10:18:19.0736 1500 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:18:19.0738 1500 partmgr - ok
10:18:19.0749 1500 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:18:19.0751 1500 PcaSvc - ok
10:18:19.0767 1500 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:18:19.0770 1500 pci - ok
10:18:19.0781 1500 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
10:18:19.0782 1500 pciide - ok
10:18:19.0809 1500 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:18:19.0824 1500 pcmcia - ok
10:18:19.0838 1500 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:18:19.0839 1500 pcw - ok
10:18:19.0859 1500 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:18:19.0865 1500 PEAUTH - ok
10:18:19.0920 1500 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:18:19.0922 1500 PerfHost - ok
10:18:19.0986 1500 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:18:20.0001 1500 pla - ok
10:18:20.0053 1500 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:18:20.0057 1500 PlugPlay - ok
10:18:20.0066 1500 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:18:20.0068 1500 PNRPAutoReg - ok
10:18:20.0076 1500 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:18:20.0079 1500 PNRPsvc - ok
10:18:20.0121 1500 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:18:20.0126 1500 PolicyAgent - ok
10:18:20.0168 1500 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:18:20.0170 1500 Power - ok
10:18:20.0196 1500 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:18:20.0197 1500 PptpMiniport - ok
10:18:20.0214 1500 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:18:20.0215 1500 Processor - ok
10:18:20.0233 1500 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
10:18:20.0235 1500 ProfSvc - ok
10:18:20.0246 1500 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:18:20.0247 1500 ProtectedStorage - ok
10:18:20.0293 1500 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:18:20.0295 1500 Psched - ok
10:18:20.0336 1500 [ CD33CB6FECF65520466F95AB89CC4AF5 ] PSSDK42 C:\Windows\system32\Drivers\pssdk42.sys
10:18:20.0347 1500 PSSDK42 - ok
10:18:20.0390 1500 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:18:20.0411 1500 ql2300 - ok
10:18:20.0444 1500 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:18:20.0446 1500 ql40xx - ok
10:18:20.0473 1500 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:18:20.0476 1500 QWAVE - ok
10:18:20.0495 1500 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:18:20.0496 1500 QWAVEdrv - ok
10:18:20.0513 1500 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:18:20.0514 1500 RasAcd - ok
10:18:20.0537 1500 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:18:20.0539 1500 RasAgileVpn - ok
10:18:20.0547 1500 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:18:20.0549 1500 RasAuto - ok
10:18:20.0582 1500 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:18:20.0584 1500 Rasl2tp - ok
10:18:20.0633 1500 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:18:20.0638 1500 RasMan - ok
10:18:20.0651 1500 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:18:20.0666 1500 RasPppoe - ok
10:18:20.0683 1500 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:18:20.0684 1500 RasSstp - ok
10:18:20.0718 1500 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:18:20.0722 1500 rdbss - ok
10:18:20.0762 1500 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:18:20.0763 1500 rdpbus - ok
10:18:20.0782 1500 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:18:20.0783 1500 RDPCDD - ok
10:18:20.0798 1500 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:18:20.0799 1500 RDPENCDD - ok
10:18:20.0812 1500 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:18:20.0813 1500 RDPREFMP - ok
10:18:20.0855 1500 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:18:20.0870 1500 RDPWD - ok
10:18:20.0909 1500 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:18:20.0922 1500 rdyboost - ok
10:18:20.0952 1500 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:18:20.0954 1500 RemoteAccess - ok
10:18:20.0961 1500 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:18:20.0972 1500 RemoteRegistry - ok
10:18:20.0998 1500 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:18:21.0000 1500 RpcEptMapper - ok
10:18:21.0032 1500 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:18:21.0048 1500 RpcLocator - ok
10:18:21.0083 1500 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
10:18:21.0087 1500 RpcSs - ok
10:18:21.0097 1500 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:18:21.0098 1500 rspndr - ok
10:18:21.0112 1500 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
10:18:21.0113 1500 SamSs - ok
10:18:21.0178 1500 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
10:18:21.0179 1500 SASDIFSV - ok
10:18:21.0197 1500 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
10:18:21.0198 1500 SASKUTIL - ok
10:18:21.0231 1500 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:18:21.0233 1500 sbp2port - ok
10:18:21.0331 1500 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
10:18:21.0352 1500 SBSDWSCService - ok
10:18:21.0377 1500 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:18:21.0388 1500 SCardSvr - ok
10:18:21.0411 1500 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:18:21.0422 1500 scfilter - ok
10:18:21.0472 1500 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:18:21.0484 1500 Schedule - ok
10:18:21.0519 1500 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:18:21.0520 1500 SCPolicySvc - ok
10:18:21.0560 1500 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:18:21.0563 1500 SDRSVC - ok
10:18:21.0582 1500 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:18:21.0583 1500 secdrv - ok
10:18:21.0611 1500 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:18:21.0630 1500 seclogon - ok
10:18:21.0653 1500 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
10:18:21.0655 1500 SENS - ok
10:18:21.0672 1500 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:18:21.0674 1500 SensrSvc - ok
10:18:21.0701 1500 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:18:21.0703 1500 Serenum - ok
10:18:21.0716 1500 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:18:21.0718 1500 Serial - ok
10:18:21.0740 1500 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:18:21.0742 1500 sermouse - ok
10:18:21.0786 1500 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:18:21.0788 1500 SessionEnv - ok
10:18:21.0823 1500 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:18:21.0824 1500 sffdisk - ok
10:18:21.0842 1500 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:18:21.0843 1500 sffp_mmc - ok
10:18:21.0862 1500 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:18:21.0863 1500 sffp_sd - ok
10:18:21.0881 1500 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:18:21.0882 1500 sfloppy - ok
10:18:21.0907 1500 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:18:21.0928 1500 SharedAccess - ok
10:18:21.0967 1500 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:18:21.0971 1500 ShellHWDetection - ok
10:18:21.0992 1500 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:18:21.0993 1500 SiSRaid2 - ok
10:18:22.0005 1500 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:18:22.0007 1500 SiSRaid4 - ok
10:18:22.0045 1500 [ 4C9F8E72F87F50A6125AAA31B63B2D18 ] SIUSBXP C:\Windows\system32\drivers\SiUSBXp.sys
10:18:22.0046 1500 SIUSBXP - ok
10:18:22.0104 1500 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:18:22.0106 1500 SkypeUpdate - ok
10:18:22.0131 1500 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:18:22.0133 1500 Smb - ok
10:18:22.0198 1500 [ 83DB3F47BA0C49CDF4C8D1F182D8CD21 ] SNL320XP C:\Windows\system32\DRIVERS\9kdUSB64.sys
10:18:22.0200 1500 SNL320XP - ok
10:18:22.0237 1500 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:18:22.0239 1500 SNMPTRAP - ok
10:18:22.0250 1500 SNP2STD - ok
10:18:22.0260 1500 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:18:22.0261 1500 spldr - ok
10:18:22.0295 1500 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
10:18:22.0303 1500 Spooler - ok
10:18:22.0408 1500 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:18:22.0479 1500 sppsvc - ok
10:18:22.0508 1500 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:18:22.0527 1500 sppuinotify - ok
10:18:22.0619 1500 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\N360x64\0604000.009\SRTSP64.SYS
10:18:22.0635 1500 SRTSP - ok
10:18:22.0654 1500 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\N360x64\0604000.009\SRTSPX64.SYS
10:18:22.0672 1500 SRTSPX - ok
10:18:22.0703 1500 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:18:22.0724 1500 srv - ok
10:18:22.0743 1500 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:18:22.0748 1500 srv2 - ok
10:18:22.0796 1500 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:18:22.0798 1500 srvnet - ok
10:18:22.0825 1500 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:18:22.0828 1500 SSDPSRV - ok
10:18:22.0843 1500 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:18:22.0845 1500 SstpSvc - ok
10:18:22.0861 1500 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:18:22.0863 1500 stexstor - ok
10:18:22.0909 1500 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:18:22.0916 1500 stisvc - ok
10:18:22.0942 1500 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
10:18:22.0943 1500 swenum - ok
10:18:22.0961 1500 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:18:22.0967 1500 swprv - ok
10:18:22.0998 1500 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\N360x64\0604000.009\SYMDS64.SYS
10:18:23.0004 1500 SymDS - ok
10:18:23.0035 1500 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\N360x64\0604000.009\SYMEFA64.SYS
10:18:23.0059 1500 SymEFA - ok
10:18:23.0089 1500 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
10:18:23.0108 1500 SymEvent - ok
10:18:23.0157 1500 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\N360x64\0604000.009\Ironx64.SYS
10:18:23.0158 1500 SymIRON - ok
10:18:23.0200 1500 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\N360x64\0604000.009\SYMNETS.SYS
10:18:23.0203 1500 SymNetS - ok
10:18:23.0263 1500 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:18:23.0302 1500 SysMain - ok
10:18:23.0334 1500 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:18:23.0336 1500 TabletInputService - ok
10:18:23.0381 1500 [ F33FDC72298DF4BF9813A55D21F4EB31 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
10:18:23.0392 1500 taphss - ok
10:18:23.0424 1500 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:18:23.0429 1500 TapiSrv - ok
10:18:23.0445 1500 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:18:23.0447 1500 TBS - ok
10:18:23.0510 1500 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:18:23.0552 1500 Tcpip - ok
10:18:23.0588 1500 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:18:23.0599 1500 TCPIP6 - ok
10:18:23.0639 1500 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:18:23.0641 1500 tcpipreg - ok
10:18:23.0664 1500 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:18:23.0673 1500 TDPIPE - ok
10:18:23.0693 1500 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:18:23.0704 1500 TDTCP - ok
10:18:23.0753 1500 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:18:23.0755 1500 tdx - ok
10:18:23.0791 1500 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:18:23.0792 1500 TermDD - ok
10:18:23.0832 1500 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:18:23.0840 1500 TermService - ok
10:18:23.0875 1500 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:18:23.0877 1500 Themes - ok
10:18:23.0901 1500 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:18:23.0903 1500 THREADORDER - ok
10:18:23.0920 1500 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:18:23.0922 1500 TrkWks - ok
10:18:23.0968 1500 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:18:23.0970 1500 TrustedInstaller - ok
10:18:23.0996 1500 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:18:23.0998 1500 tssecsrv - ok
10:18:24.0030 1500 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:18:24.0032 1500 TsUsbFlt - ok
10:18:24.0079 1500 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:18:24.0081 1500 tunnel - ok
10:18:24.0096 1500 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:18:24.0097 1500 uagp35 - ok
10:18:24.0113 1500 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
10:18:24.0114 1500 UBHelper - ok
10:18:24.0155 1500 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:18:24.0160 1500 udfs - ok
10:18:24.0186 1500 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:18:24.0190 1500 UI0Detect - ok
10:18:24.0286 1500 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:18:24.0288 1500 uliagpkx - ok
10:18:24.0332 1500 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
10:18:24.0334 1500 umbus - ok
10:18:24.0346 1500 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:18:24.0360 1500 UmPass - ok
10:18:24.0441 1500 [ 6AA98EEB910E3D3A718592834EBE61D7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
10:18:24.0446 1500 UMVPFSrv - ok
10:18:24.0499 1500 [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
10:18:24.0501 1500 Updater Service - ok
10:18:24.0523 1500 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:18:24.0527 1500 upnphost - ok
10:18:24.0544 1500 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
10:18:24.0553 1500 usbaudio - ok
10:18:24.0577 1500 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:18:24.0579 1500 usbccgp - ok
10:18:24.0625 1500 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:18:24.0627 1500 usbcir - ok
10:18:24.0642 1500 [ 74EE782B1D9C241EFE425565854C661C ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:18:24.0643 1500 usbehci - ok
10:18:24.0668 1500 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\Windows\system32\drivers\usbhub.sys
10:18:24.0672 1500 usbhub - ok
10:18:24.0705 1500 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:18:24.0706 1500 usbohci - ok
10:18:24.0718 1500 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:18:24.0720 1500 usbprint - ok
10:18:24.0757 1500 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:18:24.0759 1500 usbscan - ok
10:18:24.0778 1500 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:18:24.0779 1500 USBSTOR - ok
10:18:24.0796 1500 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:18:24.0797 1500 usbuhci - ok
10:18:24.0810 1500 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:18:24.0812 1500 UxSms - ok
10:18:24.0835 1500 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
10:18:24.0836 1500 VaultSvc - ok
10:18:24.0857 1500 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:18:24.0858 1500 vdrvroot - ok
10:18:24.0897 1500 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:18:24.0904 1500 vds - ok
10:18:24.0930 1500 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:18:24.0946 1500 vga - ok
10:18:24.0963 1500 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:18:24.0965 1500 VgaSave - ok
10:18:24.0985 1500 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:18:24.0988 1500 vhdmp - ok
10:18:25.0025 1500 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:18:25.0026 1500 viaide - ok
10:18:25.0039 1500 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:18:25.0040 1500 volmgr - ok
10:18:25.0072 1500 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:18:25.0076 1500 volmgrx - ok
10:18:25.0132 1500 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:18:25.0136 1500 volsnap - ok
10:18:25.0165 1500 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:18:25.0168 1500 vsmraid - ok
10:18:25.0225 1500 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:18:25.0255 1500 VSS - ok
10:18:25.0284 1500 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
10:18:25.0286 1500 vwifibus - ok
10:18:25.0309 1500 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:18:25.0315 1500 W32Time - ok
10:18:25.0330 1500 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:18:25.0332 1500 WacomPen - ok
10:18:25.0350 1500 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:18:25.0368 1500 WANARP - ok
10:18:25.0373 1500 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:18:25.0374 1500 Wanarpv6 - ok
10:18:25.0431 1500 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:18:25.0452 1500 WatAdminSvc - ok
10:18:25.0504 1500 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:18:25.0527 1500 wbengine - ok
10:18:25.0555 1500 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:18:25.0559 1500 WbioSrvc - ok
10:18:25.0632 1500 [ 8F105ADE434064ADFBBFBE198513B84F ] WCMVCAM C:\Windows\system32\DRIVERS\wcmvcam64.sys
10:18:25.0640 1500 WCMVCAM - ok
10:18:25.0686 1500 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:18:25.0691 1500 wcncsvc - ok
10:18:25.0702 1500 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:18:25.0705 1500 WcsPlugInService - ok
10:18:25.0731 1500 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:18:25.0733 1500 Wd - ok
10:18:25.0758 1500 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:18:25.0765 1500 Wdf01000 - ok
10:18:25.0794 1500 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:18:25.0796 1500 WdiServiceHost - ok
10:18:25.0801 1500 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:18:25.0803 1500 WdiSystemHost - ok
10:18:25.0846 1500 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:18:25.0850 1500 WebClient - ok
10:18:25.0867 1500 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:18:25.0882 1500 Wecsvc - ok
10:18:25.0905 1500 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:18:25.0907 1500 wercplsupport - ok
10:18:25.0921 1500 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:18:25.0923 1500 WerSvc - ok
10:18:25.0942 1500 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:18:25.0943 1500 WfpLwf - ok
10:18:25.0959 1500 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:18:25.0960 1500 WIMMount - ok
10:18:25.0977 1500 WinDefend - ok
10:18:25.0985 1500 WinHttpAutoProxySvc - ok
10:18:26.0043 1500 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:18:26.0045 1500 Winmgmt - ok
10:18:26.0100 1500 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:18:26.0146 1500 WinRM - ok
10:18:26.0222 1500 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:18:26.0224 1500 WinUsb - ok
10:18:26.0249 1500 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:18:26.0260 1500 Wlansvc - ok
10:18:26.0358 1500 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:18:26.0417 1500 wlidsvc - ok
10:18:26.0427 1500 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:18:26.0428 1500 WmiAcpi - ok
10:18:26.0446 1500 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:18:26.0448 1500 wmiApSrv - ok
10:18:26.0472 1500 WMPNetworkSvc - ok
10:18:26.0495 1500 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:18:26.0497 1500 WPCSvc - ok
10:18:26.0532 1500 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:18:26.0534 1500 WPDBusEnum - ok
10:18:26.0558 1500 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:18:26.0559 1500 ws2ifsl - ok
10:18:26.0574 1500 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
10:18:26.0577 1500 wscsvc - ok
10:18:26.0581 1500 WSearch - ok
10:18:26.0655 1500 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
10:18:26.0710 1500 wuauserv - ok
10:18:26.0740 1500 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:18:26.0742 1500 WudfPf - ok
10:18:26.0773 1500 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:18:26.0775 1500 WUDFRd - ok
10:18:26.0804 1500 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:18:26.0806 1500 wudfsvc - ok
10:18:26.0841 1500 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
10:18:26.0845 1500 WwanSvc - ok
10:18:26.0896 1500 [ 741D9BBFE2A392031157A39D921CE052 ] zghsdiag C:\Windows\system32\DRIVERS\zghsdiag.sys
10:18:26.0898 1500 zghsdiag - ok
10:18:26.0904 1500 ================ Scan global ===============================
10:18:26.0924 1500 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:18:26.0960 1500 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
10:18:26.0979 1500 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
10:18:27.0003 1500 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:18:27.0045 1500 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:18:27.0050 1500 [Global] - ok
10:18:27.0050 1500 ================ Scan MBR ==================================
10:18:27.0079 1500 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:18:27.0321 1500 \Device\Harddisk0\DR0 - ok
10:18:27.0321 1500 ================ Scan VBR ==================================
10:18:27.0325 1500 [ F42E11B6ACCA276ED8D5BD21E4DD70E7 ] \Device\Harddisk0\DR0\Partition1
10:18:27.0326 1500 \Device\Harddisk0\DR0\Partition1 - ok
10:18:27.0337 1500 [ 924396C299360D53842989FF46715977 ] \Device\Harddisk0\DR0\Partition2
10:18:27.0338 1500 \Device\Harddisk0\DR0\Partition2 - ok
10:18:27.0357 1500 [ 66F0BEB493B1310E0EDE283547C4BFCD ] \Device\Harddisk0\DR0\Partition3
10:18:27.0358 1500 \Device\Harddisk0\DR0\Partition3 - ok
10:18:27.0359 1500 ============================================================
10:18:27.0359 1500 Scan finished
10:18:27.0359 1500 ============================================================
10:18:27.0374 2556 Detected object count: 0
10:18:27.0374 2556 Actual detected object count: 0



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-13 09:04:33
-----------------------------
09:04:33.422 OS Version: Windows x64 6.1.7601 Service Pack 1
09:04:33.423 Number of processors: 4 586 0x170A
09:04:33.424 ComputerName: SARAH-PC UserName: Sarah
09:04:35.359 Initialize success
09:11:13.330 AVAST engine defs: 12101202
09:13:07.876 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006f
09:13:07.879 Disk 0 Vendor: WDC_WD10 01.0 Size: 953869MB BusType: 3
09:13:07.893 Disk 0 MBR read successfully
09:13:07.896 Disk 0 MBR scan
09:13:07.902 Disk 0 Windows 7 default MBR code
09:13:07.905 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 14000 MB offset 2048
09:13:07.918 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 28674048
09:13:07.928 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 469882 MB offset 28878848
09:13:07.949 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 469885 MB offset 991197184
09:13:07.979 Disk 0 scanning C:\Windows\system32\drivers
09:13:17.899 Service scanning
09:13:40.278 Modules scanning
09:13:40.288 Disk 0 trace - called modules:
09:13:40.372 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
09:13:40.381 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800502a060]
09:13:40.388 3 CLASSPNP.SYS[fffff8800168743f] -> nt!IofCallDriver -> [0xfffffa80049b5750]
09:13:40.394 5 ACPI.sys[fffff88000f597a1] -> nt!IofCallDriver -> \Device\0000006f[0xfffffa80049b5060]
09:13:41.594 AVAST engine scan C:\Windows
09:13:44.291 AVAST engine scan C:\Windows\system32
09:17:15.163 AVAST engine scan C:\Windows\system32\drivers
09:17:34.350 AVAST engine scan C:\Users\Sarah
09:49:49.520 AVAST engine scan C:\ProgramData
09:53:53.525 Scan finished successfully
10:08:52.418 Disk 0 MBR has been saved successfully to "C:\Users\Sarah\Documents\MBR.dat"
10:08:52.425 The log file has been saved successfully to "C:\Users\Sarah\Documents\aswMBR.txt"


ESET log
C:\ProgramData\Spybot - Search & Destroy\Recovery\IncrediBar131.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\IncrediBar25.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\IncrediBar9.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\Users\Sarah\Desktop\Random Icons\HSS-1.54-install-anchorfree-243-ask3.exe a variant of Win32/HotSpotShield application cleaned by deleting - quarantined

Edited by sarahann104, 13 October 2012 - 02:21 AM.


#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:48 AM

Posted 13 October 2012 - 07:47 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#8 sarahann104

sarahann104
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Western Australia
  • Local time:12:48 AM

Posted 13 October 2012 - 08:37 PM

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.13.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Sarah :: SARAH-PC [administrator]

14/10/2012 7:42:13 AM
mbam-log-2012-10-14 (07-42-13).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 491486
Time elapsed: 1 hour(s), 50 minute(s), 31 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

MiniToolBox by Farbar Version: 23-07-2012
Ran by Sarah (administrator) on 14-10-2012 at 09:34:50
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

# ::1 localhost

========================= IP Configuration: ================================

NVIDIA nForce Networking Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration


Server: dns.iinet.net.au
Address: 203.0.178.191

Name: google.com
Addresses: 2404:6800:4006:802::1008
74.125.237.70
74.125.237.64
74.125.237.65
74.125.237.67
74.125.237.66
74.125.237.68
74.125.237.69
74.125.237.72
74.125.237.71
74.125.237.78
74.125.237.73


Pinging google.com [74.125.237.39] with 32 bytes of data:
Reply from 74.125.237.39: bytes=32 time=678ms TTL=53
Reply from 74.125.237.39: bytes=32 time=738ms TTL=52

Ping statistics for 74.125.237.39:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 678ms, Maximum = 738ms, Average = 708ms
Server: dns.iinet.net.au
Address: 203.0.178.191

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=977ms TTL=50
Reply from 72.30.38.140: bytes=32 time=1076ms TTL=50

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 977ms, Maximum = 1076ms, Average = 1026ms
Server: dns.iinet.net.au
Address: 203.0.178.191

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...00 ff 2f e7 8d 1b ......Anchorfree HSS Adapter
10...44 87 fc 77 1e a6 ......NVIDIA nForce 10/100/1000 Mbps Ethernet
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
20...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
21...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 220.235.66.109 220.235.66.110 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
220.235.66.108 255.255.255.252 On-link 220.235.66.110 276
220.235.66.110 255.255.255.255 On-link 220.235.66.110 276
220.235.66.111 255.255.255.255 On-link 220.235.66.110 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 220.235.66.110 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 220.235.66.110 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
21 1125 ::/0 2002:c058:6301::c058:6301
1 306 ::1/128 On-link
20 58 2001::/32 On-link
20 306 2001:0:4137:9e76:2467:1d28:2314:bd91/128
On-link
21 1025 2002::/16 On-link
21 281 2002:dceb:426e::dceb:426e/128
On-link
10 276 fe80::/64 On-link
20 306 fe80::/64 On-link
20 306 fe80::2467:1d28:2314:bd91/128
On-link
10 276 fe80::2c2f:91aa:2e35:cbe2/128
On-link
1 306 ff00::/8 On-link
20 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/13/2012 05:01:39 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/13/2012 03:09:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/13/2012 10:20:32 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/13/2012 10:20:13 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/13/2012 09:16:47 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/12/2012 01:44:48 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8050

Error: (10/12/2012 01:44:48 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8050

Error: (10/12/2012 01:44:48 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/12/2012 01:44:47 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7051

Error: (10/12/2012 01:44:47 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7051


System errors:
=============
Error: (10/14/2012 07:36:54 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ASPI32

Error: (10/14/2012 07:36:50 AM) (Source: Service Control Manager) (User: )
Description: The WebcamMax, WDM Video Capture service failed to start due to the following error:
%%1058

Error: (10/14/2012 07:36:50 AM) (Source: Service Control Manager) (User: )
Description: The SBSD Security Center Service service depends on the Security Center service which failed to start because of the following error:
%%1058

Error: (10/14/2012 07:36:36 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (10/13/2012 06:52:58 PM) (Source: nvstor64) (User: )
Description: Data error on device.



Device: \Device\RaidPort0

Model: WDC WD10EADS-00M2B0

Firmware Version: 01.0

Serial Number: WD-WMAV51650911

Port: 0

Error: (10/13/2012 06:52:55 PM) (Source: nvstor64) (User: )
Description: Data error on device.



Device: \Device\RaidPort0

Model: WDC WD10EADS-00M2B0

Firmware Version: 01.0

Serial Number: WD-WMAV51650911

Port: 0

Error: (10/13/2012 06:52:52 PM) (Source: nvstor64) (User: )
Description: Data error on device.



Device: \Device\RaidPort0

Model: WDC WD10EADS-00M2B0

Firmware Version: 01.0

Serial Number: WD-WMAV51650911

Port: 0

Error: (10/13/2012 06:52:50 PM) (Source: nvstor64) (User: )
Description: Data error on device.



Device: \Device\RaidPort0

Model: WDC WD10EADS-00M2B0

Firmware Version: 01.0

Serial Number: WD-WMAV51650911

Port: 0

Error: (10/13/2012 06:52:47 PM) (Source: nvstor64) (User: )
Description: Data error on device.



Device: \Device\RaidPort0

Model: WDC WD10EADS-00M2B0

Firmware Version: 01.0

Serial Number: WD-WMAV51650911

Port: 0

Error: (10/13/2012 06:52:45 PM) (Source: nvstor64) (User: )
Description: Data error on device.



Device: \Device\RaidPort0

Model: WDC WD10EADS-00M2B0

Firmware Version: 01.0

Serial Number: WD-WMAV51650911

Port: 0


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
ABBYY FineReader 6.0 Sprint (Version: 6.00.1990.41618)
Acer Backup Manager (Version: 2.0.2.19)
Acer eRecovery Management (Version: 4.05.3005)
Acer GameZone Console (Version: 5.1.0.2)
Acer Registration (Version: 1.02.3006)
Acer ScreenSaver (Version: 1.2.0812)
Acer Updater (Version: 1.01.3017)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 2.7.0.19530)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.5 (Version: 11.5.8.612)
Advertising Center (Version: 0.0.0.2)
Alice Greenfingers
Amazon Kindle
Amazonia
Any Video Converter 3.4.0
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 4.0.0.96)
Apple Software Update (Version: 2.1.3.127)
µTorrent (Version: 3.1.3)
Backup Manager Advance (Version: 2.0.2.19)
Basic Domain Manager
Basic Domain Manager (Version: 3.0.0.1)
Bejeweled 3
Belltech Greeting Card Designer 2.1
Big Fish Games: Game Manager (Version: 3.0.1.60)
Bonjour (Version: 3.0.0.10)
calibre (Version: 0.8.58)
CameraHelperMsi (Version: 13.20.1182.0)
Canon Easy-PhotoPrint EX
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MG4100 series MP Drivers
Canon MG4100 series On-screen Manual
Canon MP Navigator EX 5.0
Canon My Printer
Canon Solution Menu EX
Chicken Invaders 2
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Dairy Dash
DivX Setup (Version: 2.6.1.9)
Dora Saves the Crystal Kingdom
Dream Day First Home
DVD Flick 1.3.0.7 (Version: 1.3.0.7)
e-tax 2011 (Version: 10.1.671)
e-tax 2012 (Version: 6.0.577)
erLT (Version: 1.20.138.34)
ESET Online Scanner v3
eSobi v2 (Version: 2.0.4.000274)
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
Farm Frenzy 2
Farm Mania: Hot Vacation (remove only)
Farmer's Market (remove only)
Fast Directory Submitter 1.54
First Class Flurry
Fitbit Base Station (Driver Removal)
Fitbit v1.3.3 (Version: 1.3.3)
Free Realms Installer (Version: 1.0.3.118)
GetDataBack for FAT (Version: 4.22.000)
GetDataBack for NTFS (Version: 4.22.000)
Google Chrome (Version: 22.0.1229.94)
Google Earth Plug-in (Version: 6.2.2.6613)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
Graboid Video 3.11 (Version: 3.11)
Granny In Paradise
Heroes of Hellas
Hospital Tycoon
Hotel Dash 2: Lost Luxuries (remove only)
Hotkey Utility (Version: 1.00.3004)
Hotspot Shield 2.72 (Version: 2.72)
Identity Card (Version: 1.00.3002)
ImagXpress (Version: 7.0.74.0)
iTunes (Version: 10.5.0.142)
iWin Toolbar (Version: 6.9.0.16)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Jet Set Go (remove only)
Junk Mail filter update (Version: 14.0.8089.726)
Lexmark 3500-4500 Series
Lexmark Fax Solutions
Life Quest (remove only)
Logitech Webcam Software (Version: 2.0)
LWS Facebook (Version: 13.20.1166.0)
LWS Gallery (Version: 13.20.1166.0)
LWS Help_main (Version: 13.20.1182.0)
LWS Launcher (Version: 13.20.1166.0)
LWS Motion Detection (Version: 13.20.1176.0)
LWS Pictures And Video (Version: 13.20.1182.0)
LWS Twitter (Version: 13.20.1166.0)
LWS Video Mask Maker (Version: 13.10.1216.0)
LWS VideoEffects (Version: 13.20.1182.0)
LWS Webcam Software (Version: 13.20.1168.0)
LWS WLM Plugin (Version: 1.20.1166.0)
LWS YouTube Plugin (Version: 13.20.1166.0)
Magic Article Rewriter (Version: 1.8.4)
Magic Article Submitter (Version: 1.5.0)
Magic Tokens Database 2.0 (Version: 2.0.0)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Market Samurai (Version: 0.87.70)
Merriam Websters Spell Jam
Micro Niche Finder 5.0
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSRedist (Version: 9.0.30729.4148)
MSRedx64 (Version: 9.0.30729.4148)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
My Life Story (remove only)
MyWinLocker (Version: 3.1.76.0)
Nancy Drew Curse of Blackmoor Manor (remove only)
Nero 9 Essentials
Nero ControlCenter (Version: 9.0.0.1)
Nero DiscSpeed (Version: 5.4.7.201)
Nero DiscSpeed Help (Version: 5.4.4.100)
Nero DriveSpeed (Version: 4.4.7.201)
Nero DriveSpeed Help (Version: 4.4.4.100)
Nero Express Help (Version: 9.4.9.100)
Nero InfoTool (Version: 6.4.7.201)
Nero InfoTool Help (Version: 6.4.4.100)
Nero Installer (Version: 4.4.8.1)
Nero Online Upgrade (Version: 1.3.0.0)
Nero StartSmart (Version: 9.4.11.209)
Nero StartSmart Help (Version: 9.4.11.208)
Nero StartSmart OEM (Version: 9.16.0.100)
NeroExpress (Version: 9.4.10.505)
neroxml (Version: 1.0.0)
Norton 360 (Version: 6.4.0.9)
Norton Online Backup (Version: 1.2.0.36)
Now Playing (Version: 1.2.5)
NVIDIA Control Panel 267.24 (Version: 267.24)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA ForceWare Network Access Manager (Version: 1.00.7305)
NVIDIA GAME System Software 2.8.1 (Version: 2.8.1)
NVIDIA Graphics Driver 267.24 (Version: 267.24)
NVIDIA Install Application (Version: 2.265.36.0)
NVIDIA PhysX (Version: 9.09.1112)
OpenOffice.org 3.2 (Version: 3.2.9502)
Premiumplay Codec-C
PVSonyDll (Version: 1.00.0001)
QuickTime (Version: 7.71.80.42)
Realtek High Definition Audio Driver (Version: 6.0.1.5898)
Sherlock Holmes - The Awakened - Remastered (Version: 1.00.0777)
Skype Toolbars (Version: 1.0.4051)
Skype™ 5.10 (Version: 5.10.116)
SmartGlobe™ Deluxe V3.12
Spybot - Search & Destroy (Version: 1.6.2)
Stand O Food 3 (remove only)
Summer Resort Mogul (remove only)
SUPERAntiSpyware (Version: 5.5.1006)
The Ultimate PLR Article Collection (Version: 1.0.21.0)
Turbo Lister 2 (Version: 2.00.0000)
Twisted Lands: Shadow Town: Collector's Edition (remove only)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
uTorrentControl2 Toolbar (Version: 6.8.9.0)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Virtual Villagers 5: New Believers (remove only)
VLC media player 1.0.1 (Version: 1.0.1)
WebMagnates - Auto Blogging Software (Version: 1.0.0)
Welcome Center (Version: 1.00.3008)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Writer (Version: 14.0.8089.0726)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
WinZip 14.5 (Version: 14.5.9095)
XviD & MP3 Codec Pack (remove only)
XviD MPEG-4 Video Codec (Version: XviD-1.0.3-20122004)

========================= Memory info: ===================================

Percentage of memory in use: 67%
Total physical RAM: 4095.23 MB
Available physical RAM: 1349.11 MB
Total Pagefile: 8188.66 MB
Available Pagefile: 4700.91 MB
Total Virtual: 4095.88 MB
Available Virtual: 3977.11 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:458.87 GB) (Free:307.81 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:458.87 GB) (Free:79.07 GB) NTFS
3 Drive e: (MacDiarmidHisto) (CDROM) (Total:0.11 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\SARAH-PC

Administrator ASPNET Guest
Heidi Joshua Sarah

========================= Restore Points ==================================


**** End of log ****

#9 sarahann104

sarahann104
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Western Australia
  • Local time:12:48 AM

Posted 13 October 2012 - 08:39 PM

Farbar Service Scanner Version: 07-10-2012
Ran by Sarah (administrator) on 14-10-2012 at 09:39:08
Running from "C:\Users\Sarah\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Disabled. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-10-10 19:42] - [2012-06-02 13:41] - 0184320 ____A (Microsoft Corporation) 9C01375BE382E834CC26D1B7EAF2C4FE

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#10 sarahann104

sarahann104
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Western Australia
  • Local time:12:48 AM

Posted 13 October 2012 - 08:47 PM

# AdwCleaner v2.004 - Logfile created 10/14/2012 at 09:41:11
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Sarah - SARAH-PC
# Boot Mode : Normal
# Running from : C:\Users\Sarah\Downloads\adwcleaner (2).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Users\Sarah\AppData\Local\Temp\Zynga
File Deleted : C:\user.js
File Deleted : C:\Windows\SysWOW64\conduitEngine.tmp
Folder Deleted : C:\Users\Heidi\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Heidi\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Heidi\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Heidi\AppData\LocalLow\iWin
Folder Deleted : C:\Users\Joshua\AppData\LocalLow\uTorrentControl2
Folder Deleted : C:\Users\Sarah\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\h6qlx01c.default\ConduitCommon
Folder Deleted : C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\h6qlx01c.default\CT3072253
Folder Deleted : C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\h6qlx01c.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
Folder Deleted : C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\h6qlx01c.default\extensions\info@allpremiumplay.info

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\iWin
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl2
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CE0C2586-DA36-452B-ACDB-320D9BCB19BF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9537B676-E328-4AFA-9B74-26CD742160DC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CE0C2586-DA36-452B-ACDB-320D9BCB19BF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho
Key Deleted : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho.1.0
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0000435.FBApi
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0000435.FBApi.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0000435.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0000435.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1678857
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\iWin
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9537B676-E328-4AFA-9B74-26CD742160DC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\Software\uTorrentControl2
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9537B676-E328-4AFA-9B74-26CD742160DC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CE0C2586-DA36-452B-ACDB-320D9BCB19BF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F0356CB6-4AB7-425B-A31C-0369E0CB5E81}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0E4921D2-9B95-4E6C-BA22-9A96D2C737A6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{548F22E8-9BB6-43CD-B58C-CFECEF33B573}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71164231-CD9D-4C56-A847-D12846A79CB8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B4751D10-3EDB-4D65-949C-64F41AFD832B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE0C2586-DA36-452B-ACDB-320D9BCB19BF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iWin Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F0356CB6-4AB7-425B-A31C-0369E0CB5E81}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CE0C2586-DA36-452B-ACDB-320D9BCB19BF}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CE0C2586-DA36-452B-ACDB-320D9BCB19BF}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{CE0C2586-DA36-452B-ACDB-320D9BCB19BF}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{CE0C2586-DA36-452B-ACDB-320D9BCB19BF}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\h6qlx01c.default\prefs.js

C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\h6qlx01c.default\user.js ... Deleted !

Deleted : user_pref("CT3072253..clientLogIsEnabled", true);
Deleted : user_pref("CT3072253..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT3072253..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT3072253.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT3072253.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT3072253.AppTrackingLastCheckTime", "Fri Aug 17 2012 11:02:29 GMT+0800");
Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129573915102477663", true);
Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129749445881800338", true);
Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129805375651312503", true);
Deleted : user_pref("CT3072253.CTID", "CT3072253");
Deleted : user_pref("CT3072253.CurrentServerDate", "11-10-2012");
Deleted : user_pref("CT3072253.DSInstall", false);
Deleted : user_pref("CT3072253.DialogsAlignMode", "LTR");
Deleted : user_pref("CT3072253.DialogsGetterLastCheckTime", "Thu Oct 11 2012 20:47:58 GMT+0800");
Deleted : user_pref("CT3072253.DownloadReferralCookieData", "");
Deleted : user_pref("CT3072253.FirstServerDate", "12-5-2012");
Deleted : user_pref("CT3072253.FirstTime", true);
Deleted : user_pref("CT3072253.FirstTimeFF3", true);
Deleted : user_pref("CT3072253.FixPageNotFoundErrors", true);
Deleted : user_pref("CT3072253.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT3072253.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT3072253.HPInstall", false);
Deleted : user_pref("CT3072253.HasUserGlobalKeys", true);
Deleted : user_pref("CT3072253.HomePageProtectorEnabled", false);
Deleted : user_pref("CT3072253.HomepageBeforeUnload", "hxxp://mystart.incredibar.com/mb119?a=6OyrXj0A7M&i=26")[...]
Deleted : user_pref("CT3072253.Initialize", true);
Deleted : user_pref("CT3072253.InitializeCommonPrefs", true);
Deleted : user_pref("CT3072253.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT3072253.InstallationId", "fft4648.tmp.exe");
Deleted : user_pref("CT3072253.InstallationType", "XPE");
Deleted : user_pref("CT3072253.InstalledDate", "Sat May 12 2012 08:11:39 GMT+0800");
Deleted : user_pref("CT3072253.IsAlertDBUpdated", true);
Deleted : user_pref("CT3072253.IsGrouping", false);
Deleted : user_pref("CT3072253.IsInitSetupIni", true);
Deleted : user_pref("CT3072253.IsMulticommunity", false);
Deleted : user_pref("CT3072253.IsOpenThankYouPage", true);
Deleted : user_pref("CT3072253.IsOpenUninstallPage", false);
Deleted : user_pref("CT3072253.LanguagePackLastCheckTime", "Thu Oct 11 2012 20:47:59 GMT+0800");
Deleted : user_pref("CT3072253.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT3072253.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT3072253.LastLogin_3.12.0.8", "Sat Aug 25 2012 15:59:43 GMT+0800");
Deleted : user_pref("CT3072253.LastLogin_3.14.1.0", "Tue Aug 28 2012 16:21:57 GMT+0800");
Deleted : user_pref("CT3072253.LastLogin_3.15.1.0", "Thu Oct 11 2012 20:47:58 GMT+0800");
Deleted : user_pref("CT3072253.LatestVersion", "3.14.1.0");
Deleted : user_pref("CT3072253.Locale", "en");
Deleted : user_pref("CT3072253.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT3072253.MCDetectTooltipShow", false);
Deleted : user_pref("CT3072253.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT3072253.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT3072253.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT3072253.OriginalFirstVersion", "3.12.0.8");
Deleted : user_pref("CT3072253.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT3072253.SearchBoxWidth", 209);
Deleted : user_pref("CT3072253.SearchCaption", "uTorrentControl2 Customized Web Search");
Deleted : user_pref("CT3072253.SearchEngineBeforeUnload", "MyStart Search");
Deleted : user_pref("CT3072253.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT3072253.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT307[...]
Deleted : user_pref("CT3072253.SearchInNewTabEnabled", true);
Deleted : user_pref("CT3072253.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT3072253.SearchInNewTabLastCheckTime", "Thu Oct 11 2012 20:47:54 GMT+0800");
Deleted : user_pref("CT3072253.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT3072253.SearchProtectorEnabled", false);
Deleted : user_pref("CT3072253.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT3072253.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT3072253.ServiceMapLastCheckTime", "Thu Oct 11 2012 20:47:57 GMT+0800");
Deleted : user_pref("CT3072253.SettingsLastCheckTime", "Thu Oct 11 2012 20:47:52 GMT+0800");
Deleted : user_pref("CT3072253.SettingsLastUpdate", "1349287948");
Deleted : user_pref("CT3072253.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13");
Deleted : user_pref("CT3072253.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT3072253.ThirdPartyComponentsLastCheck", "Thu Oct 11 2012 20:47:53 GMT+0800");
Deleted : user_pref("CT3072253.ThirdPartyComponentsLastUpdate", "1331805997");
Deleted : user_pref("CT3072253.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT3072253.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3072253");
Deleted : user_pref("CT3072253.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT3072253.UserID", "UN27782430389383777");
Deleted : user_pref("CT3072253.ValidationData_Search", 1);
Deleted : user_pref("CT3072253.ValidationData_Toolbar", 2);
Deleted : user_pref("CT3072253.alertChannelId", "1463702");
Deleted : user_pref("CT3072253.approveUntrustedApps", true);
Deleted : user_pref("CT3072253.autoDisableScopes", -1);
Deleted : user_pref("CT3072253.backendstorage.cb_experience_000", "37");
Deleted : user_pref("CT3072253.backendstorage.cb_user_id_000", "43423634333431383931373937325F46697265666F78")[...]
Deleted : user_pref("CT3072253.backendstorage.cbcountry_000", "4155");
Deleted : user_pref("CT3072253.backendstorage.cbcountry_001", "4155");
Deleted : user_pref("CT3072253.backendstorage.cbfirsttime", "536174204D617920313220323031322030383A31313A35312[...]
Deleted : user_pref("CT3072253.backendstorage.facebbok_user_cuid_100003842946834", "66373132303030312D66353838[...]
Deleted : user_pref("CT3072253.backendstorage.facebbok_user_id", "313030303033383432393436383334");
Deleted : user_pref("CT3072253.backendstorage.facebook_conduit_social_sskey_100003842946834", "426235553965364[...]
Deleted : user_pref("CT3072253.backendstorage.facebook_ctid_connect_send_n", "73656E646564");
Deleted : user_pref("CT3072253.backendstorage.facebook_first_visit", "6E6F744669727374");
Deleted : user_pref("CT3072253.backendstorage.facebook_last_message_choice", "756E72656164");
Deleted : user_pref("CT3072253.backendstorage.facebook_loggedin", "796573");
Deleted : user_pref("CT3072253.backendstorage.facebook_login_refresh", "302E31383031343939323634343538313233")[...]
Deleted : user_pref("CT3072253.backendstorage.facebook_login_status", "33");
Deleted : user_pref("CT3072253.backendstorage.facebook_lust_recieve", "333537333338392C333537333236392C3335313[...]
Deleted : user_pref("CT3072253.backendstorage.facebook_lust_recievegadet", "");
Deleted : user_pref("CT3072253.backendstorage.facebook_mode", "32");
Deleted : user_pref("CT3072253.backendstorage.facebook_permission_lastshow_100003842946834", "3133333930373138[...]
Deleted : user_pref("CT3072253.backendstorage.facebook_toolbar_not_numer", "31");
Deleted : user_pref("CT3072253.backendstorage.facebook_user_locale", "656E");
Deleted : user_pref("CT3072253.backendstorage.facebook_user_name", "3078303034382C3078303036352C3078303036392C[...]
Deleted : user_pref("CT3072253.backendstorage.facebook_user_token", "41414141414D4E753949536742414474704E79566[...]
Deleted : user_pref("CT3072253.backendstorage.facebooknotifications", "31");
Deleted : user_pref("CT3072253.backendstorage.hxxp://facebook_conduitapps_com/v3_13.facebook_last_visit_tab", [...]
Deleted : user_pref("CT3072253.backendstorage.hxxp://facebook_conduitapps_com/v3_13.facebook_permission_showsn[...]
Deleted : user_pref("CT3072253.backendstorage.url_history0001", "687474703A2F2F7777772E796F75747562652E636F6D2[...]
Deleted : user_pref("CT3072253.components.129573915102477663", false);
Deleted : user_pref("CT3072253.components.129593762370823811", false);
Deleted : user_pref("CT3072253.components.129749445881800338", false);
Deleted : user_pref("CT3072253.components.129805375651312503", false);
Deleted : user_pref("CT3072253.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT3072253.globalFirstTimeInfoLastCheckTime", "Thu Oct 11 2012 20:47:58 GMT+0800");
Deleted : user_pref("CT3072253.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT3072253.initDone", true);
Deleted : user_pref("CT3072253.isAppTrackingManagerOn", false);
Deleted : user_pref("CT3072253.myStuffEnabled", true);
Deleted : user_pref("CT3072253.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT3072253.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT3072253.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT3072253.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT3072253.navigateToUrlOnSearch", false);
Deleted : user_pref("CT3072253.oldAppsList", "129295695672325902,129571859753931591,111,129593762370823811,129[...]
Deleted : user_pref("CT3072253.revertSettingsEnabled", true);
Deleted : user_pref("CT3072253.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT3072253.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT3072253.testingCtid", "");
Deleted : user_pref("CT3072253.toolbarAppMetaDataLastCheckTime", "Thu Oct 11 2012 20:47:58 GMT+0800");
Deleted : user_pref("CT3072253.toolbarContextMenuLastCheckTime", "Thu Oct 11 2012 20:47:58 GMT+0800");
Deleted : user_pref("CT3072253.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3072253/CT3072253[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3072253", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3072253",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"4e9[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Sarah\\AppData\\Roaming\\Mozilla\\F[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.15.1.0");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://mystart.incredibar.com/mb119/?loc[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT3072253");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT3072253");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT3072253");
Deleted : user_pref("CommunityToolbar.globalUserId", "fc41cf94-62aa-450c-93ff-54dc4271b7c7");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3072253");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Thu Oct 11 2012 20:47:5[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Oct 11 2012 20:47:55 GMT+0800");
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "95619885-a41b-4ad9-83eb-374919173db8");
Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://mystart.incredibar.com/mb119?a=6OyrXj0A7M&i=2[...]
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "MyStart Search");
Deleted : user_pref("browser.search.defaultenginename", "MyStart Search");
Deleted : user_pref("extensions.crossriderapp435.435.InstallationThankYouPage", true);
Deleted : user_pref("extensions.crossriderapp435.435.InstallationTime", 1328441563);
Deleted : user_pref("extensions.crossriderapp435.435.InstallationUserSettings.searchUserConifrmation", false);
Deleted : user_pref("extensions.crossriderapp435.435.InstallationUserSettings.setHomepage", false);
Deleted : user_pref("extensions.crossriderapp435.435.InstallationUserSettings.setNewTab", false);
Deleted : user_pref("extensions.crossriderapp435.435.InstallationUserSettings.setSearch", false);
Deleted : user_pref("extensions.crossriderapp435.435.active", true);
Deleted : user_pref("extensions.crossriderapp435.435.addressbar", "");
Deleted : user_pref("extensions.crossriderapp435.435.affid", "0");
Deleted : user_pref("extensions.crossriderapp435.435.backgroundjs", "\n//------------------ PLUGIN START --[...]
Deleted : user_pref("extensions.crossriderapp435.435.backgroundver", 8);
Deleted : user_pref("extensions.crossriderapp435.435.certdomaininstaller", "");
Deleted : user_pref("extensions.crossriderapp435.435.changeprevious", false);
Deleted : user_pref("extensions.crossriderapp435.435.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:[...]
Deleted : user_pref("extensions.crossriderapp435.435.cookie.InstallationTime.value", "1328441563");
Deleted : user_pref("extensions.crossriderapp435.435.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:0[...]
Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_aoi.value", "%221329106681%22");
Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_parent_zoneid.value", "%2214974%22");
Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00[...]
Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_zoneid.value", "%2219173%22");
Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_ID.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_ID.value", "435");
Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_custom_zoneid.expiration", "Fri Feb 01 2030 [...]
Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_custom_zoneid.value", "14969");
Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_pubid.expiration", "Fri Feb 01 2030 00:00:00[...]
Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_pubid.value", "%222993%22");
Deleted : user_pref("extensions.crossriderapp435.435.description", "Premiumplay Codec check");
Deleted : user_pref("extensions.crossriderapp435.435.domain", "");
Deleted : user_pref("extensions.crossriderapp435.435.emailsig", "");
Deleted : user_pref("extensions.crossriderapp435.435.enablesearch", false);
Deleted : user_pref("extensions.crossriderapp435.435.exposesites", "");
Deleted : user_pref("extensions.crossriderapp435.435.fbremoteurl", "");
Deleted : user_pref("extensions.crossriderapp435.435.group", 0);
Deleted : user_pref("extensions.crossriderapp435.435.homepage", "");
Deleted : user_pref("extensions.crossriderapp435.435.iframe", false);
Deleted : user_pref("extensions.crossriderapp435.435.js", "\n\n$jquery(document).ready(function() {\n \n $[...]
Deleted : user_pref("extensions.crossriderapp435.435.manifesturl", "");
Deleted : user_pref("extensions.crossriderapp435.435.name", "Codec-V");
Deleted : user_pref("extensions.crossriderapp435.435.newtab", "");
Deleted : user_pref("extensions.crossriderapp435.435.opensearch", "");
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_10.code", "if(!appAPI.matchPages(\"search.[...]
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_10.name", "app_435_specific");
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_10.ver", 4);
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_13.code", "(function(a){a.selectedText=fun[...]
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_13.name", "CrossriderAppUtils");
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_13.ver", 2);
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefined[...]
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_14.name", "CrossriderUtils");
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_14.ver", 2);
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_15.code", "(function(f){var u={};var e=Mat[...]
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_15.name", "FacebookFFIE");
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_15.ver", 1);
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_16.code", "(function(f,B){if(typeof(B)==\"[...]
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_16.name", "FFAppAPIWrapper");
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_16.ver", 3);
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_17.code", "if(typeof window!==\"undefined\[...]
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_17.name", "jQuery");
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_17.ver", 1);
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_47.code", "(function(){appAPI.ready=functi[...]
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_47.name", "resources_background");
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_47.ver", 1);
Deleted : user_pref("extensions.crossriderapp435.435.plugins_lists.plugins_0", "17,14,16,47");
Deleted : user_pref("extensions.crossriderapp435.435.plugins_lists.plugins_1", "17,14,13,16,15,10");
Deleted : user_pref("extensions.crossriderapp435.435.pluginsurl", "hxxp://app-static.crossrider.com/plugin/app[...]
Deleted : user_pref("extensions.crossriderapp435.435.pluginsversion", 10);
Deleted : user_pref("extensions.crossriderapp435.435.premium", true);
Deleted : user_pref("extensions.crossriderapp435.435.publisher", "Premiumplay");
Deleted : user_pref("extensions.crossriderapp435.435.searchstatus", 0);
Deleted : user_pref("extensions.crossriderapp435.435.setnewtab", false);
Deleted : user_pref("extensions.crossriderapp435.435.settingsurl", "");
Deleted : user_pref("extensions.crossriderapp435.435.thankyou", "");
Deleted : user_pref("extensions.crossriderapp435.435.updateinterval", 360);
Deleted : user_pref("extensions.crossriderapp435.435.ver", 61);
Deleted : user_pref("extensions.crossriderapp435.apps", "435");
Deleted : user_pref("extensions.crossriderapp435.bic", "13554f53a4cde6adc3f3e0c228ea0927");
Deleted : user_pref("extensions.crossriderapp435.cid", 435);
Deleted : user_pref("extensions.crossriderapp435.firstrun", false);
Deleted : user_pref("extensions.crossriderapp435.hadappinstalled", true);
Deleted : user_pref("extensions.crossriderapp435.installationdate", 1328570252);
Deleted : user_pref("extensions.crossriderapp435.jsver", 3);
Deleted : user_pref("extensions.crossriderapp435.lastcheck", 22499367);
Deleted : user_pref("extensions.crossriderapp435.lastcheckitem", 22499422);
Deleted : user_pref("extensions.crossriderapp435.misc.lastBgWorkerTimer", "1345886815651");
Deleted : user_pref("extensions.crossriderapp435.misc.lastDomWorkerTimer", "1345886815650");
Deleted : user_pref("extensions.crossriderapp435.modetype", "production");
Deleted : user_pref("extensions.enabledAddons", "info@allpremiumplay.info:1.0,personas@christopher.beard:1.6.2[...]
Deleted : user_pref("extensions.incredibar.actvtyRptTime", "1336623735843");
Deleted : user_pref("extensions.incredibar.admin", false);
Deleted : user_pref("extensions.incredibar.aflt", "orgnl");
Deleted : user_pref("extensions.incredibar.cntry", "AU");
Deleted : user_pref("extensions.incredibar.dfltLng", "");
Deleted : user_pref("extensions.incredibar.dfltSrch", false);
Deleted : user_pref("extensions.incredibar.did", "10606");
Deleted : user_pref("extensions.incredibar.hdrMd5", "4942A73BB577A5978730AC705C160CC3");
Deleted : user_pref("extensions.incredibar.hmpg", false);
Deleted : user_pref("extensions.incredibar.id", "e0435e7f00000000000000ff2fe78d1b");
Deleted : user_pref("extensions.incredibar.installerproductid", "26");
Deleted : user_pref("extensions.incredibar.instlDay", "15375");
Deleted : user_pref("extensions.incredibar.instlRef", "");
Deleted : user_pref("extensions.incredibar.lastVrsnTs", "1.5.3.2719:31:45");
Deleted : user_pref("extensions.incredibar.newTab", false);
Deleted : user_pref("extensions.incredibar.noFFXTlbr", false);
Deleted : user_pref("extensions.incredibar.ppd", "48");
Deleted : user_pref("extensions.incredibar.prdct", "incredibar");
Deleted : user_pref("extensions.incredibar.productid", "26");
Deleted : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Deleted : user_pref("extensions.incredibar.sg", "none");
Deleted : user_pref("extensions.incredibar.smplGrp", "none");
Deleted : user_pref("extensions.incredibar.tlbrId", "base");
Deleted : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6OyrXj0A7M&loc=IB_T[...]
Deleted : user_pref("extensions.incredibar.upn2", "6OyrXj0A7M");
Deleted : user_pref("extensions.incredibar.upn2n", "92260847392524290");
Deleted : user_pref("extensions.incredibar.vrsn", "1.5.3.27");
Deleted : user_pref("extensions.incredibar.vrsnTs", "1.5.3.2719:31:45");
Deleted : user_pref("extensions.incredibar.vrsni", "1.5.3.27");
Deleted : user_pref("extensions.incredibar_i.aflt", "orgnl");
Deleted : user_pref("extensions.incredibar_i.dfltLng", "");
Deleted : user_pref("extensions.incredibar_i.did", "10606");
Deleted : user_pref("extensions.incredibar_i.excTlbr", "false");
Deleted : user_pref("extensions.incredibar_i.hardId", "e0435e7f00000000000000ff2fe78d1b");
Deleted : user_pref("extensions.incredibar_i.id", "e0435e7f00000000000000ff2fe78d1b");
Deleted : user_pref("extensions.incredibar_i.installerproductid", "26");
Deleted : user_pref("extensions.incredibar_i.instlDay", "15375");
Deleted : user_pref("extensions.incredibar_i.instlRef", "");
Deleted : user_pref("extensions.incredibar_i.ms_url_id", "");
Deleted : user_pref("extensions.incredibar_i.newTab", false);
Deleted : user_pref("extensions.incredibar_i.ppd", "48");
Deleted : user_pref("extensions.incredibar_i.prdct", "incredibar");
Deleted : user_pref("extensions.incredibar_i.productid", "26");
Deleted : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Deleted : user_pref("extensions.incredibar_i.smplGrp", "none");
Deleted : user_pref("extensions.incredibar_i.tlbrId", "base");
Deleted : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6OyrXj0A7M&loc=IB[...]
Deleted : user_pref("extensions.incredibar_i.upn2", "6OyrXj0A7M");
Deleted : user_pref("extensions.incredibar_i.upn2n", "92260847392524290");
Deleted : user_pref("extensions.incredibar_i.vrsn", "1.5.3.27");
Deleted : user_pref("extensions.incredibar_i.vrsnTs", "1.5.3.2719:31:45");
Deleted : user_pref("extensions.incredibar_i.vrsni", "1.5.3.27");
Deleted : user_pref("extensions.nurit5562nurit235.scode", "(function(){try{if('aol.com,mail.google.com,mystart[...]
Deleted : user_pref("extensions.snipit.askTbInstalled", true);
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=[...]

Profile name : default
File : C:\Users\Joshua\AppData\Roaming\Mozilla\Firefox\Profiles\1k8tu223.default\prefs.js

Deleted : user_pref("extensions.crossriderapp435.435.InstallationTime", 1328602606);
Deleted : user_pref("extensions.crossriderapp435.435.active", true);
Deleted : user_pref("extensions.crossriderapp435.435.addressbar", "");
Deleted : user_pref("extensions.crossriderapp435.435.affid", "0");
Deleted : user_pref("extensions.crossriderapp435.435.backgroundjs", "\n//------------------ PLUGIN START --[...]
Deleted : user_pref("extensions.crossriderapp435.435.backgroundver", 8);
Deleted : user_pref("extensions.crossriderapp435.435.certdomaininstaller", "");
Deleted : user_pref("extensions.crossriderapp435.435.changeprevious", false);
Deleted : user_pref("extensions.crossriderapp435.435.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:[...]
Deleted : user_pref("extensions.crossriderapp435.435.cookie.InstallationTime.value", "1328602606");
Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_aoi.value", "%221328602631%22");
Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_parent_zoneid.value", "%2214974%22");
Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00[...]
Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_zoneid.value", "%2218483%22");
Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_ID.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_ID.value", "435");
Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_custom_zoneid.expiration", "Fri Feb 01 2030 [...]
Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_custom_zoneid.value", "14969");
Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_pubid.expiration", "Fri Feb 01 2030 00:00:00[...]
Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_pubid.value", "%222993%22");
Deleted : user_pref("extensions.crossriderapp435.435.description", "Premiumplay Codec check");
Deleted : user_pref("extensions.crossriderapp435.435.domain", "");
Deleted : user_pref("extensions.crossriderapp435.435.emailsig", "");
Deleted : user_pref("extensions.crossriderapp435.435.enablesearch", false);
Deleted : user_pref("extensions.crossriderapp435.435.exposesites", "");
Deleted : user_pref("extensions.crossriderapp435.435.fbremoteurl", "");
Deleted : user_pref("extensions.crossriderapp435.435.group", 0);
Deleted : user_pref("extensions.crossriderapp435.435.homepage", "");
Deleted : user_pref("extensions.crossriderapp435.435.iframe", false);
Deleted : user_pref("extensions.crossriderapp435.435.js", "\n\n$jquery(document).ready(function() {\n \n $[...]
Deleted : user_pref("extensions.crossriderapp435.435.manifesturl", "");
Deleted : user_pref("extensions.crossriderapp435.435.name", "Codec-V");
Deleted : user_pref("extensions.crossriderapp435.435.newtab", "");
Deleted : user_pref("extensions.crossriderapp435.435.opensearch", "");
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_10.code", "if(!appAPI.matchPages(\"search.[...]
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_10.name", "app_435_specific");
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_10.ver", 4);
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_13.code", "(function(a){a.selectedText=fun[...]
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_13.name", "CrossriderAppUtils");
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_13.ver", 2);
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefined[...]
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_14.name", "CrossriderUtils");
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_14.ver", 2);
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_15.code", "(function(f){var u={};var e=Mat[...]
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_15.name", "FacebookFFIE");
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_15.ver", 1);
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_16.code", "(function(f,B){if(typeof(B)==\"[...]
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_16.name", "FFAppAPIWrapper");
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_16.ver", 3);
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_17.code", "if(typeof window!==\"undefined\[...]
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_17.name", "jQuery");
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_17.ver", 1);
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_47.code", "(function(){appAPI.ready=functi[...]
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_47.name", "resources_background");
Deleted : user_pref("extensions.crossriderapp435.435.plugins.plugin_47.ver", 1);
Deleted : user_pref("extensions.crossriderapp435.435.plugins_lists.plugins_0", "17,14,16,47");
Deleted : user_pref("extensions.crossriderapp435.435.plugins_lists.plugins_1", "17,14,13,16,15,10");
Deleted : user_pref("extensions.crossriderapp435.435.pluginsurl", "hxxp://app-static.crossrider.com/plugin/app[...]
Deleted : user_pref("extensions.crossriderapp435.435.pluginsversion", 10);
Deleted : user_pref("extensions.crossriderapp435.435.premium", true);
Deleted : user_pref("extensions.crossriderapp435.435.publisher", "Premiumplay");
Deleted : user_pref("extensions.crossriderapp435.435.searchstatus", 0);
Deleted : user_pref("extensions.crossriderapp435.435.setnewtab", false);
Deleted : user_pref("extensions.crossriderapp435.435.settingsurl", "");
Deleted : user_pref("extensions.crossriderapp435.435.thankyou", "");
Deleted : user_pref("extensions.crossriderapp435.435.updateinterval", 360);
Deleted : user_pref("extensions.crossriderapp435.435.ver", 61);
Deleted : user_pref("extensions.crossriderapp435.apps", "435");
Deleted : user_pref("extensions.crossriderapp435.bic", "13556e2eadbc00ec5dc58db2262861de");
Deleted : user_pref("extensions.crossriderapp435.cid", 435);
Deleted : user_pref("extensions.crossriderapp435.firstrun", false);
Deleted : user_pref("extensions.crossriderapp435.hadappinstalled", true);
Deleted : user_pref("extensions.crossriderapp435.installationdate", 1328602606);
Deleted : user_pref("extensions.crossriderapp435.jsver", 3);
Deleted : user_pref("extensions.crossriderapp435.lastcheck", 22500248);
Deleted : user_pref("extensions.crossriderapp435.lastcheckitem", 22500327);
Deleted : user_pref("extensions.crossriderapp435.misc.lastBgWorkerTimer", "1345948577311");
Deleted : user_pref("extensions.crossriderapp435.misc.lastDomWorkerTimer", "1345948577301");
Deleted : user_pref("extensions.crossriderapp435.modetype", "production");
Deleted : user_pref("extensions.enabledAddons", "{23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145,crossriderap[...]

Profile name : default
File : C:\Users\Heidi\AppData\Roaming\Mozilla\Firefox\Profiles\arrjm70i.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v22.0.1229.94

File : C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S2].txt - [359 octets] - [13/10/2012 21:22:30]
AdwCleaner[S3].txt - [42747 octets] - [14/10/2012 09:41:12]

########## EOF - C:\AdwCleaner[S3].txt - [42808 octets] ##########

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:48 AM

Posted 13 October 2012 - 08:59 PM

why is the security center disabled?

JUNKWARE TOOL log?

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#12 sarahann104

sarahann104
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Western Australia
  • Local time:12:48 AM

Posted 13 October 2012 - 09:06 PM

Junkware Removal Tool (JRT) by Thisisu
Version: 1.5.5 (10.13.2012)
OS: Windows 7 Home Premium x64
Ran by Sarah on Sun 14/10/2012 at 9:50:55.36
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services:

Failed to stop: [SERVICE-LOCKED!] iWinTrusted



*** Registry Values: 0 Detections



*** Registry Keys:

ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_classes_root\wow6432node\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\classes\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\classes\wow6432node\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\wow6432node\classes\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{f9e4a054-e9b1-4bc3-83a3-76a1ae736170}



*** Files:

Successfully deleted: [FILE] C:\Program Files (x86)\hotspot shield\hss.ico
Successfully deleted: [FILE] C:\Program Files (x86)\hotspot shield\license.txt
Successfully deleted: [FILE] C:\Program Files (x86)\hotspot shield\Uninstall.exe
Successfully deleted: [FILE] C:\Program Files (x86)\hotspot shield\hssie\config.txt
Successfully deleted: [FILE] C:\Program Files (x86)\hotspot shield\hssie\config_srch.txt
Successfully deleted: [FILE] C:\Program Files (x86)\hotspot shield\hssie\HssIE.dll
Successfully deleted: [FILE] C:\Program Files (x86)\hotspot shield\hssie\HssIE_64.dll



*** Folders:

Failed to delete: [FOLDER-LOCKED!] "C:\Program Files (x86)\hotspot shield"
Failed to delete: [FOLDER-LOCKED!] "C:\Program Files (x86)\hotspot shield\hssie"



*** FireFox detected and repaired

Removed the following from [PREFS.JS] :

user_pref("extensions.crossrider.bic", "13554f53a4cde6adc3f3e0c228ea0927");


*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Sun 14/10/2012 at 10:04:46.85
End of Report

#13 sarahann104

sarahann104
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Western Australia
  • Local time:12:48 AM

Posted 13 October 2012 - 09:08 PM

I have no idea why it is disabled,
Sorry the junkware was still running when I posted the rest. I will do the other things when I get back from work.
Thanks for your help.

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:48 AM

Posted 13 October 2012 - 09:11 PM

Ok,you need to run junkware tool again.Right click on the tool and select run as administrator and post the new log.

#15 sarahann104

sarahann104
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Western Australia
  • Local time:12:48 AM

Posted 13 October 2012 - 10:41 PM

Junkware Removal Tool (JRT) by Thisisu
Version: 1.5.5 (10.13.2012)
OS: Windows 7 Home Premium x64
Ran by Sarah on Sun 14/10/2012 at 11:27:48.81
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services:

Successfully stopped: [SERVICE] iWinTrusted
Successfully deleted: [SERVICE] iWinTrusted



*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}



*** Files:

Successfully deleted: [FILE] C:\Program Files (x86)\hotspot shield\hss.ico
Successfully deleted: [FILE] C:\Program Files (x86)\hotspot shield\license.txt
Successfully deleted: [FILE] C:\Program Files (x86)\hotspot shield\Uninstall.exe
Successfully deleted: [FILE] C:\Program Files (x86)\hotspot shield\hssie\config.txt
Successfully deleted: [FILE] C:\Program Files (x86)\hotspot shield\hssie\config_srch.txt
Successfully deleted: [FILE] C:\Program Files (x86)\hotspot shield\hssie\HssIE.dll
Successfully deleted: [FILE] C:\Program Files (x86)\hotspot shield\hssie\HssIE_64.dll



*** Folders:

Failed to delete: [FOLDER-LOCKED!] "C:\Program Files (x86)\hotspot shield"



*** FireFox detected and repaired

Removed the following from [PREFS.JS] :

user_pref("extensions.crossrider.bic", "13a5d4f02015038ced09f5d5c84cbbbc");
user_pref("extensions.crossriderapp435.435.InstallationTime", 1350185190);
user_pref("extensions.crossriderapp435.435.active", true);
user_pref("extensions.crossriderapp435.435.addressbar", "");
user_pref("extensions.crossriderapp435.435.certdomaininstaller", "");
user_pref("extensions.crossriderapp435.435.changeprevious", false);
user_pref("extensions.crossriderapp435.435.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0800");
user_pref("extensions.crossriderapp435.435.cookie.InstallationTime.value", "1350185190");
user_pref("extensions.crossriderapp435.435.description", "Premiumplay Codec check");
user_pref("extensions.crossriderapp435.435.domain", "");
user_pref("extensions.crossriderapp435.435.enablesearch", false);
user_pref("extensions.crossriderapp435.435.fbremoteurl", "");
user_pref("extensions.crossriderapp435.435.group", 0);
user_pref("extensions.crossriderapp435.435.homepage", "");
user_pref("extensions.crossriderapp435.435.iframe", false);
user_pref("extensions.crossriderapp435.435.manifesturl", "");
user_pref("extensions.crossriderapp435.435.name", "Codec-V");
user_pref("extensions.crossriderapp435.435.newtab", "");
user_pref("extensions.crossriderapp435.435.opensearch", "");
user_pref("extensions.crossriderapp435.435.pluginsurl", "http://app-static.crossrider.com/plugin/apps/435/plugins/085/ff/plugins.json");
user_pref("extensions.crossriderapp435.435.publisher", "Premiumplay");
user_pref("extensions.crossriderapp435.435.searchstatus", 0);
user_pref("extensions.crossriderapp435.435.setnewtab", false);
user_pref("extensions.crossriderapp435.435.settingsurl", "");
user_pref("extensions.crossriderapp435.435.thankyou", "");
user_pref("extensions.crossriderapp435.435.updateinterval", 360);
user_pref("extensions.crossriderapp435.435.ver", 0);
user_pref("extensions.crossriderapp435.bic", "13a5d4f02015038ced09f5d5c84cbbbc");
user_pref("extensions.crossriderapp435.firstrun", false);
user_pref("extensions.crossriderapp435.installationdate", 1350185190);
user_pref("extensions.crossriderapp435.lastcheck", 22503087);
user_pref("extensions.crossriderapp435.lastcheckitem", 22503087);
user_pref("extensions.crossriderapp435.modetype", "production");
user_pref("extensions.crossriderapp435.reportInstall", true);


*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Sun 14/10/2012 at 11:41:37.81
End of Report




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users