Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HotstartSearch - google redirect hijacker virus help


  • This topic is locked This topic is locked
10 replies to this topic

#1 AsusOops

AsusOops

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:33 PM

Posted 15 May 2013 - 07:42 AM

 

Hello, I've started having problems with a new virus out called hotstartsearch. I have tried many things to remove it already and so far it seems that nothing will work. A lot of anti-virus software I have and some that I have recently downloaded can't seem to touch it. (Norton, Anvi Smart Defender)

 

I am on a Windows 7, 64 bit and I use google chrome as my main browser however I just noticed that IE is infected too. If I search something in google on Chrome and IE it will redirect to hotstartsearch.com

 

Please help me remove this. I'm still not very knowledgeable on computers so bare with me.



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:33 PM

Posted 15 May 2013 - 09:39 AM

Welcome Asusoops

 

lets run these and see how it is after.

 

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

 

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

 

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

 

>>>>>

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
 
Do not change the default options on scan results.

 

 

Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.

>>>>

Now I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

 

NOTE:Sometimes if ESET finds no infections it will not create a log.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 AsusOops

AsusOops
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:33 PM

Posted 15 May 2013 - 10:18 AM

 
Hello and thank you!

Okay, I am to the ESET Online Scanner part. After checking the options under Computer Scan Settings and going to Advanced Settings below I see it saying 
 

Another antivirus software was detected. This may affect the performance and quality of the scan. Show list. 

And it was Norton. So I went to my Norton and disabled it for 15 minutes, that should work right? I wouldn't want to mess up the scan all because of Norton.
 
After scanning I've got all the logs to post on my next post.

Edited by AsusOops, 15 May 2013 - 10:18 AM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:33 PM

Posted 15 May 2013 - 11:13 AM

That's coorect to disable but it may need an hour


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 AsusOops

AsusOops
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:33 PM

Posted 15 May 2013 - 11:24 AM

 

The scan has found 3 threats so far and is at 99% and it has taken almost one hour so Norton came back on and I disabled it again but this time for an hour.

 

Does that mean I should run the ESET online scan again just to be sure?

I'll disable Norton for 5 hours or something.

 

EDIT: Okay after an hour and nine minutes it has finished. Norton is back on again, so if I do another scan I'm disabling for 5 hours it was the next option. 

 

Should I go ahead and list all my logs so far as well as this current ESET scan log? It found 3 threats.


Edited by AsusOops, 15 May 2013 - 11:35 AM.


#6 AsusOops

AsusOops
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:33 PM

Posted 15 May 2013 - 12:44 PM

Okay here are the logs

 

MiniToolBox Results


MiniToolBox by Farbar  Version:21-04-2013

Ran by Allen (administrator) on 15-05-2013 at 10:59:08
Running from "C:\Users\Allen\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
"network.proxy.type", 0
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Allen-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : triad.rr.com
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : triad.rr.com
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 54-04-A6-DB-DE-EE
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::605a:8f57:5223:b486%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, May 15, 2013 10:48:11 AM
   Lease Expires . . . . . . . . . . : Thursday, May 16, 2013 10:48:10 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 190055590
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-D1-CE-D2-54-04-A6-DB-DE-EE
   DNS Servers . . . . . . . . . . . : 209.18.47.61
                                       209.18.47.62
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.triad.rr.com:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : triad.rr.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3412:c2e4:be43:7a7d(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::3412:c2e4:be43:7a7d%13(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61
 
Name:    google.com
Addresses:  2607:f8b0:4002:c05::64
 173.194.37.46
 173.194.37.32
 173.194.37.33
 173.194.37.34
 173.194.37.35
 173.194.37.36
 173.194.37.37
 173.194.37.38
 173.194.37.39
 173.194.37.40
 173.194.37.41
 
 
Pinging google.com [74.125.130.101] with 32 bytes of data:
Reply from 74.125.130.101: bytes=32 time=30ms TTL=48
Reply from 74.125.130.101: bytes=32 time=32ms TTL=48
 
Ping statistics for 74.125.130.101:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 30ms, Maximum = 32ms, Average = 31ms
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61
 
Name:    yahoo.com
Addresses:  98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=977ms TTL=46
Reply from 206.190.36.45: bytes=32 time=955ms TTL=46
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 955ms, Maximum = 977ms, Average = 966ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 1ms, Maximum = 3ms, Average = 2ms
===========================================================================
Interface List
 11...54 04 a6 db de ee ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.100     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.100    276
    192.168.1.100  255.255.255.255         On-link     192.168.1.100    276
    192.168.1.255  255.255.255.255         On-link     192.168.1.100    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.100    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.100    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:4137:9e76:3412:c2e4:be43:7a7d/128
                                    On-link
 11    276 fe80::/64                On-link
 13    306 fe80::/64                On-link
 13    306 fe80::3412:c2e4:be43:7a7d/128
                                    On-link
 11    276 fe80::605a:8f57:5223:b486/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/15/2013 10:48:57 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/15/2013 08:29:10 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/15/2013 08:14:11 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/15/2013 08:13:25 AM) (Source: Application Error) (User: )
Description: Faulting application name: XBoxStat.exe, version: 1.20.146.0, time stamp: 0x4ac3f515
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18015, time stamp: 0x50b8479b
Exception code: 0xe06d7363
Fault offset: 0x0000000000009e5d
Faulting process id: 0xcf8
Faulting application start time: 0xXBoxStat.exe0
Faulting application path: XBoxStat.exe1
Faulting module path: XBoxStat.exe2
Report Id: XBoxStat.exe3
 
Error: (05/14/2013 11:38:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/14/2013 11:37:38 PM) (Source: Application Error) (User: )
Description: Faulting application name: XBoxStat.exe, version: 1.20.146.0, time stamp: 0x4ac3f515
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18015, time stamp: 0x50b8479b
Exception code: 0xe06d7363
Fault offset: 0x0000000000009e5d
Faulting process id: 0xda8
Faulting application start time: 0xXBoxStat.exe0
Faulting application path: XBoxStat.exe1
Faulting module path: XBoxStat.exe2
Report Id: XBoxStat.exe3
 
Error: (05/14/2013 10:50:33 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/14/2013 10:44:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/14/2013 10:29:10 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/14/2013 10:28:30 PM) (Source: Application Error) (User: )
Description: Faulting application name: XBoxStat.exe, version: 1.20.146.0, time stamp: 0x4ac3f515
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18015, time stamp: 0x50b8479b
Exception code: 0xe06d7363
Fault offset: 0x0000000000009e5d
Faulting process id: 0x95c
Faulting application start time: 0xXBoxStat.exe0
Faulting application path: XBoxStat.exe1
Faulting module path: XBoxStat.exe2
Report Id: XBoxStat.exe3
 
 
System errors:
=============
Error: (05/15/2013 10:48:20 AM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater14.2.0 service failed to start due to the following error: 
%%2
 
Error: (05/15/2013 10:48:13 AM) (Source: Service Control Manager) (User: )
Description: The Htsysm service failed to start due to the following error: 
%%2
 
Error: (05/15/2013 08:44:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2830290).
 
Error: (05/15/2013 08:42:44 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2820331).
 
Error: (05/15/2013 08:42:44 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2798162).
 
Error: (05/15/2013 08:42:27 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2813956).
 
Error: (05/15/2013 08:42:22 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2829361).
 
Error: (05/15/2013 08:36:02 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2804579).
 
Error: (05/15/2013 08:28:53 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
SRTSP
 
Error: (05/15/2013 08:28:41 AM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater14.2.0 service failed to start due to the following error: 
%%2
 
 
Microsoft Office Sessions:
=========================
Error: (05/15/2013 10:48:57 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/15/2013 08:29:10 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/15/2013 08:14:11 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/15/2013 08:13:25 AM) (Source: Application Error)(User: )
Description: XBoxStat.exe1.20.146.04ac3f515KERNELBASE.dll6.1.7601.1801550b8479be06d73630000000000009e5dcf801ce5165989fa595C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exeC:\Windows\system32\KERNELBASE.dlld73a3a11-bd58-11e2-822b-5404a6dbdeee
 
Error: (05/14/2013 11:38:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/14/2013 11:37:38 PM) (Source: Application Error)(User: )
Description: XBoxStat.exe1.20.146.04ac3f515KERNELBASE.dll6.1.7601.1801550b8479be06d73630000000000009e5dda801ce511d8beb4105C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exeC:\Windows\system32\KERNELBASE.dllc9ed7d6f-bd10-11e2-acee-5404a6dbdeee
 
Error: (05/14/2013 10:50:33 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/14/2013 10:44:08 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/14/2013 10:29:10 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/14/2013 10:28:30 PM) (Source: Application Error)(User: )
Description: XBoxStat.exe1.20.146.04ac3f515KERNELBASE.dll6.1.7601.1801550b8479be06d73630000000000009e5d95c01ce5113e04844c9C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exeC:\Windows\system32\KERNELBASE.dll21469aeb-bd07-11e2-ac4c-5404a6dbdeee
 
 
=========================== Installed Programs ============================
 
µTorrent (Version: 3.1.3)
64 Bit HP CIO Components Installer (Version: 1.2.0)
AD Blocker (Version: 2.0)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (Version: 11.7.700.169)
Adobe Reader X (10.1.6) (Version: 10.1.6)
AI Manager (Version: 1.09.07)
AI Suite II (Version: 1.01.40)
Akamai NetSession Interface
Amnesia - The Dark Descent  (Version: 1.0.0)
Anti-phishing Domain Advisor (Version: 1.1.0.1)
Anvi Smart Defender 1.8 (Version: 1.8)
Asmedia ASM104x USB 3.0 Host Controller Driver (Version: 1.14.1.0)
ASUS Backup Wizard (Version: 1.01.00)
ASUS Easy Update (Version: 2.00.22)
ASUS WebStorage (Version: 3.0.104.216)
AsusVibe2.0 (Version: 2.0.4.628)
Bcool (Version: )
Best Buy pc app (Version: 3.3.0.0)
Best Buy pc app (Version: 3.5.752.2)
BFlix (Version: 0.0.0.1)
BucksBee Loyalty Plugin - 100884.rs for Chrome
BurnToDisk version 1.0 (Version: 1.0)
Control ActiveX de Windows Live Mesh para conexiones remotas (Version: 15.4.5722.2)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (Version: 15.4.5722.2)
D3DX10 (Version: 15.4.2368.0902)
DealPly
DealPly (Version: )
DefaultTab (Version: 1.2.8.0)
DefaultTab Chrome (Version: 1.1.14)
Dll-Files.com Fixer (Version: 1.0)
Download Updater (AOL Inc.)
Driver Genius Professional Edition (Version: 11.0)
Fast Free Converter (Version: 3.0)
FINAL FANTASY XI (Version: 1.010.0)
FINAL FANTASY XI: Chains of Promathia (Version: 1.27.0)
FINAL FANTASY XI: Rise of the Zilart (Version: 1.18.0)
FINAL FANTASY XI: Treasures of Aht Urhgan (Version: 1.35.0)
FINAL FANTASY XI: Wings of the Goddess (Version: 1.42.0)
Free Download Manager 3.8
Galería fotográfica de Windows Live (Version: 15.4.3502.0922)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
GameStop App (Version: 4.00)
Google Chrome (Version: 26.0.1410.64)
Happy Cloud Client (Version: 1.368)
Intel® Management Engine Components (Version: 7.0.0.1144)
Internet TV for Windows Media Center (Version: 4.2.2.0)
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
Junk Mail filter update (Version: 15.4.3502.0922)
Linkury Smartbar (Version: 1.6.1.942)
Linkury Smartbar Engine (Version: 1.6.1.942)
magicJack (Version: 2.0.6073.4413)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (Version: 3.5.0.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0)
Microsoft XNA Framework Redistributable 4.0 Refresh (Version: 4.0.30901.0)
Mplayer 0.6.9 (Version: 0.6.9)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
Nexon Game Manager
Norton AntiVirus (Version: 19.9.1.14)
Norton Bootable Recovery Tool Wizard (Version: 5.1.0.26)
Norton Identity Safe (Version: 2013.1.1.7)
Notepad++ (Version: 6.1.8)
NVIDIA 3D Vision Controller Driver 314.22 (Version: 314.22)
NVIDIA 3D Vision Driver 314.22 (Version: 314.22)
NVIDIA Control Panel 314.22 (Version: 314.22)
NVIDIA Graphics Driver 314.22 (Version: 314.22)
NVIDIA HD Audio Driver 1.3.23.1 (Version: 1.3.23.1)
NVIDIA Install Application (Version: 2.1002.115.743)
NVIDIA PhysX (Version: 9.12.1031)
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1422)
NVIDIA Update 1.12.12 (Version: 1.12.12)
NVIDIA Update Components (Version: 1.12.12)
Pando Media Booster (Version: 2.6.0.8)
PDFCreator (Version: 1.2.0)
Plugin 7 (Version: 7)
PowerISO (Version: 4.8)
PriceGong 2.6.4 (Version: 2.6.4)
PricePeep for Google Chrome (Version: 2.1.126.0)
Privacy SafeGuard version 1.0 (Version: 1.0)
PunkBuster Services (Version: 0.991)
Qwiklinx (Version: 1.0.0.686)
RealDownloader (Version: 1.3.1)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.0)
Realtek Ethernet Controller Driver (Version: 7.44.421.2011)
Realtek Ethernet Diagnostic Utility (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.6402)
RealUpgrade 1.1 (Version: 1.1.0)
Steam (Version: 1.0.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
uTorrentControl2 Toolbar (Version: 6.8.5.1)
VideoFileDownload (Version: 1.0)
Vid-Saver (Version: 1.14.149.149)
Windower (Version: 4.0.0.0)
Windows Driver Package - XBCD Project HID  (16/05/2008 1.1.0) (Version: 16/05/2008 1.1.0)
Windows Live (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live Family Safety (Version: 15.4.3538.0513)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (Version: 15.4.5722.2)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (Version: 15.4.5722.2)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinZip 16.5 (Version: 16.5.10096)
XBCD Uninstaller (Version: 0.2.7)
Xiph.Org Open Codecs 0.85.17777 (Version: 0.85.17777)
Yontoo 1.10.02 (Version: 1.10.02)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 59%
Total physical RAM: 8173.22 MB
Available physical RAM: 3313.11 MB
Total Pagefile: 16344.63 MB
Available Pagefile: 11289.36 MB
Total Virtual: 4095.88 MB
Available Virtual: 3976.59 MB
 
========================= Partitions: =====================================
 
1 Drive c: (WIN7) (Fixed) (Total:684.45 GB) (Free:586.07 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\ALLEN-PC
 
Administrator            Allen                    ASPNET                   
Guest                    Mcx1-ALLEN-PC            UpdatusUser              
 
 
**** End of log ****
 

 

 

 

 

TDSSkiller


11:01:31.0384 6044  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

11:01:31.0712 6044  ============================================================
11:01:31.0712 6044  Current date / time: 2013/05/15 11:01:31.0712
11:01:31.0712 6044  SystemInfo:
11:01:31.0712 6044  
11:01:31.0712 6044  OS Version: 6.1.7601 ServicePack: 1.0
11:01:31.0712 6044  Product type: Workstation
11:01:31.0712 6044  ComputerName: ALLEN-PC
11:01:31.0712 6044  UserName: Allen
11:01:31.0712 6044  Windows directory: C:\Windows
11:01:31.0712 6044  System windows directory: C:\Windows
11:01:31.0712 6044  Running under WOW64
11:01:31.0712 6044  Processor architecture: Intel x64
11:01:31.0712 6044  Number of processors: 8
11:01:31.0712 6044  Page size: 0x1000
11:01:31.0712 6044  Boot type: Normal boot
11:01:31.0712 6044  ============================================================
11:01:44.0405 6044  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:01:44.0420 6044  ============================================================
11:01:44.0420 6044  \Device\Harddisk0\DR0:
11:01:44.0420 6044  MBR partitions:
11:01:44.0420 6044  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C5E800, BlocksNum 0x558E7000
11:01:44.0420 6044  ============================================================
11:01:44.0460 6044  C: <-> \Device\Harddisk0\DR0\Partition1
11:01:44.0461 6044  ============================================================
11:01:44.0461 6044  Initialize success
11:01:44.0461 6044  ============================================================
11:02:21.0067 5480  ============================================================
11:02:21.0067 5480  Scan started
11:02:21.0067 5480  Mode: Manual; TDLFS; 
11:02:21.0067 5480  ============================================================
11:02:21.0505 5480  ================ Scan system memory ========================
11:02:21.0505 5480  System memory - ok
11:02:21.0505 5480  ================ Scan services =============================
11:02:21.0696 5480  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:02:21.0698 5480  1394ohci - ok
11:02:21.0749 5480  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:02:21.0752 5480  ACPI - ok
11:02:21.0801 5480  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:02:21.0811 5480  AcpiPmi - ok
11:02:21.0966 5480  [ ED6D98E58406F2779C844943076EB4EE ] ADBlockerSrv    C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerSrv.exe
11:02:21.0967 5480  ADBlockerSrv - ok
11:02:22.0067 5480  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:02:22.0067 5480  AdobeARMservice - ok
11:02:22.0236 5480  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:02:22.0237 5480  AdobeFlashPlayerUpdateSvc - ok
11:02:22.0295 5480  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:02:22.0322 5480  adp94xx - ok
11:02:22.0388 5480  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:02:22.0391 5480  adpahci - ok
11:02:22.0401 5480  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:02:22.0420 5480  adpu320 - ok
11:02:22.0450 5480  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:02:22.0451 5480  AeLookupSvc - ok
11:02:22.0504 5480  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
11:02:22.0508 5480  AFD - ok
11:02:22.0547 5480  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
11:02:22.0548 5480  agp440 - ok
11:02:22.0638 5480  [ 8B6625D53C18774F0102F690E285B5E8 ] AiChargerPlus   C:\Windows\system32\DRIVERS\AiChargerPlus.sys
11:02:22.0638 5480  AiChargerPlus - ok
11:02:22.0652 5480  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
11:02:22.0653 5480  ALG - ok
11:02:22.0690 5480  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:02:22.0691 5480  aliide - ok
11:02:22.0695 5480  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
11:02:22.0696 5480  amdide - ok
11:02:22.0735 5480  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
11:02:22.0736 5480  AmdK8 - ok
11:02:22.0738 5480  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
11:02:22.0740 5480  AmdPPM - ok
11:02:22.0781 5480  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:02:22.0782 5480  amdsata - ok
11:02:22.0806 5480  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:02:22.0809 5480  amdsbs - ok
11:02:22.0818 5480  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:02:22.0818 5480  amdxata - ok
11:02:22.0872 5480  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
11:02:22.0881 5480  AppID - ok
11:02:22.0907 5480  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:02:22.0908 5480  AppIDSvc - ok
11:02:22.0945 5480  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
11:02:22.0945 5480  Appinfo - ok
11:02:22.0979 5480  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
11:02:22.0981 5480  arc - ok
11:02:22.0998 5480  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:02:22.0999 5480  arcsas - ok
11:02:23.0101 5480  [ 6E3F4538B33BC19259E99BE1826286A3 ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
11:02:23.0104 5480  asComSvc - ok
11:02:23.0182 5480  [ 7F906B6F61531F3CB0B07622FE6FD70A ] asdnet          C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\sys\amd64\asdnet.sys
11:02:23.0183 5480  asdnet - ok
11:02:23.0253 5480  [ 44837F1CB5BD166A7BD8869F9E86E907 ] asdrm           C:\Windows\system32\DRIVERS\asdrm.sys
11:02:23.0261 5480  asdrm - ok
11:02:23.0306 5480  [ 88390FE440DCC3F10556AE41F4EDFCA1 ] asdrs           C:\Windows\system32\DRIVERS\asdrs.sys
11:02:23.0307 5480  asdrs - ok
11:02:23.0400 5480  [ 568B0D8B88DACCF1F4D48E362C69BD62 ] asdsrv          C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe
11:02:23.0403 5480  asdsrv - ok
11:02:23.0479 5480  [ 2D6D1BCBE6B7D0688681CE71C4A4C828 ] asdws           C:\Windows\system32\DRIVERS\asdws.sys
11:02:23.0479 5480  asdws - ok
11:02:23.0521 5480  [ A63173897EA1A73A75D0E65036DE5B15 ] asHmComSvc      C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
11:02:23.0524 5480  asHmComSvc - ok
11:02:23.0566 5480  [ EDAA17CE771C696655B6585F7CAD2100 ] ASInsHelp       C:\Windows\SysWow64\drivers\AsInsHelp64.sys
11:02:23.0567 5480  ASInsHelp - ok
11:02:23.0576 5480  [ FEF9DD9EA587F8886ADE43C1BEFBDAFE ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
11:02:23.0576 5480  AsIO - ok
11:02:23.0616 5480  [ 6D9C024AA8F24065A6DBEAB1F431D854 ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
11:02:23.0617 5480  asmthub3 - ok
11:02:23.0678 5480  [ ECAD22F15D8F17CC04F24E9A6FB00F2F ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
11:02:23.0680 5480  asmtxhci - ok
11:02:23.0797 5480  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:02:23.0797 5480  aspnet_state - ok
11:02:23.0845 5480  [ 5C31DFB196CB3A488A041881634D86D2 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
11:02:23.0847 5480  AsSysCtrlService - ok
11:02:23.0883 5480  [ 1392B92179B07B672720763D9B1028A5 ] AsUpIO          C:\Windows\syswow64\drivers\AsUpIO.sys
11:02:23.0883 5480  AsUpIO - ok
11:02:23.0921 5480  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:02:23.0922 5480  AsyncMac - ok
11:02:23.0953 5480  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
11:02:23.0953 5480  atapi - ok
11:02:24.0008 5480  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:02:24.0012 5480  AudioEndpointBuilder - ok
11:02:24.0019 5480  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:02:24.0021 5480  AudioSrv - ok
11:02:24.0090 5480  [ 4C05242DC361A217223E9B8EC2B3A76B ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
11:02:24.0090 5480  avgtp - ok
11:02:24.0127 5480  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:02:24.0128 5480  AxInstSV - ok
11:02:24.0179 5480  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:02:24.0184 5480  b06bdrv - ok
11:02:24.0228 5480  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:02:24.0231 5480  b57nd60a - ok
11:02:24.0293 5480  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:02:24.0294 5480  BDESVC - ok
11:02:24.0308 5480  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:02:24.0308 5480  Beep - ok
11:02:24.0374 5480  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
11:02:24.0380 5480  BFE - ok
11:02:24.0605 5480  [ 7B56A40EAAACF1867FF178501D3EA185 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20130502.001\BHDrvx64.sys
11:02:24.0610 5480  BHDrvx64 - ok
11:02:24.0646 5480  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
11:02:24.0653 5480  BITS - ok
11:02:24.0697 5480  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
11:02:24.0698 5480  blbdrive - ok
11:02:24.0731 5480  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:02:24.0732 5480  bowser - ok
11:02:24.0785 5480  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
11:02:24.0797 5480  BrFiltLo - ok
11:02:24.0814 5480  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
11:02:24.0825 5480  BrFiltUp - ok
11:02:24.0884 5480  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
11:02:24.0885 5480  Browser - ok
11:02:24.0903 5480  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:02:24.0906 5480  Brserid - ok
11:02:24.0920 5480  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:02:24.0921 5480  BrSerWdm - ok
11:02:24.0960 5480  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:02:24.0973 5480  BrUsbMdm - ok
11:02:25.0006 5480  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:02:25.0007 5480  BrUsbSer - ok
11:02:25.0021 5480  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
11:02:25.0022 5480  BTHMODEM - ok
11:02:25.0077 5480  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
11:02:25.0078 5480  bthserv - ok
11:02:25.0172 5480  [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_NAV       C:\Windows\system32\drivers\NAVx64\1309010.00E\ccSetx64.sys
11:02:25.0181 5480  ccSet_NAV - ok
11:02:25.0251 5480  [ A5C13600F63EB92F8D15123D64BA9895 ] ccSet_NST       C:\Windows\system32\drivers\NSTx64\7DD01010.007\ccSetx64.sys
11:02:25.0252 5480  ccSet_NST - ok
11:02:25.0299 5480  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:02:25.0300 5480  cdfs - ok
11:02:25.0355 5480  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:02:25.0357 5480  cdrom - ok
11:02:25.0411 5480  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
11:02:25.0411 5480  CertPropSvc - ok
11:02:25.0459 5480  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
11:02:25.0460 5480  circlass - ok
11:02:25.0499 5480  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
11:02:25.0502 5480  CLFS - ok
11:02:25.0597 5480  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:02:25.0598 5480  clr_optimization_v2.0.50727_32 - ok
11:02:25.0634 5480  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:02:25.0635 5480  clr_optimization_v2.0.50727_64 - ok
11:02:25.0717 5480  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:02:25.0718 5480  clr_optimization_v4.0.30319_32 - ok
11:02:25.0750 5480  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:02:25.0751 5480  clr_optimization_v4.0.30319_64 - ok
11:02:25.0801 5480  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
11:02:25.0802 5480  CmBatt - ok
11:02:25.0809 5480  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:02:25.0810 5480  cmdide - ok
11:02:25.0863 5480  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
11:02:25.0867 5480  CNG - ok
11:02:25.0882 5480  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
11:02:25.0883 5480  Compbatt - ok
11:02:25.0934 5480  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
11:02:25.0934 5480  CompositeBus - ok
11:02:25.0956 5480  COMSysApp - ok
11:02:25.0982 5480  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
11:02:25.0983 5480  crcdisk - ok
11:02:26.0047 5480  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:02:26.0049 5480  CryptSvc - ok
11:02:26.0071 5480  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:02:26.0075 5480  DcomLaunch - ok
11:02:26.0180 5480  [ 34AE0DFA3EE3B5B9975042D87332D0B7 ] DefaultTabUpdate C:\Users\Allen\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
11:02:26.0180 5480  DefaultTabUpdate - ok
11:02:26.0200 5480  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
11:02:26.0203 5480  defragsvc - ok
11:02:26.0291 5480  [ 0A403702CB00432AC818523CD416BF67 ] Device Handle Service C:\Windows\SysWOW64\AsHookDevice.exe
11:02:26.0292 5480  Device Handle Service - ok
11:02:26.0343 5480  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:02:26.0344 5480  DfsC - ok
11:02:26.0378 5480  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:02:26.0380 5480  Dhcp - ok
11:02:26.0407 5480  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
11:02:26.0408 5480  discache - ok
11:02:26.0464 5480  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
11:02:26.0465 5480  Disk - ok
11:02:26.0486 5480  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:02:26.0488 5480  Dnscache - ok
11:02:26.0495 5480  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:02:26.0498 5480  dot3svc - ok
11:02:26.0509 5480  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
11:02:26.0510 5480  DPS - ok
11:02:26.0555 5480  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:02:26.0555 5480  drmkaud - ok
11:02:26.0605 5480  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:02:26.0608 5480  DXGKrnl - ok
11:02:26.0647 5480  EagleX64 - ok
11:02:26.0683 5480  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
11:02:26.0684 5480  EapHost - ok
11:02:26.0753 5480  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:02:26.0780 5480  ebdrv - ok
11:02:26.0901 5480  [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
11:02:26.0903 5480  eeCtrl - ok
11:02:26.0917 5480  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
11:02:26.0918 5480  EFS - ok
11:02:26.0992 5480  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:02:26.0994 5480  ehRecvr - ok
11:02:27.0036 5480  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
11:02:27.0037 5480  ehSched - ok
11:02:27.0086 5480  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
11:02:27.0091 5480  elxstor - ok
11:02:27.0154 5480  [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:02:27.0155 5480  EraserUtilRebootDrv - ok
11:02:27.0171 5480  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:02:27.0171 5480  ErrDev - ok
11:02:27.0231 5480  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
11:02:27.0234 5480  EventSystem - ok
11:02:27.0289 5480  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
11:02:27.0291 5480  exfat - ok
11:02:27.0299 5480  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:02:27.0301 5480  fastfat - ok
11:02:27.0385 5480  [ 83158CA47591AF55A9759B5C648B0462 ] FastFreeConverterUpdt C:\Program Files (x86)\Fast Free Converter\FastFreeConverterUpdt.exe
11:02:27.0387 5480  FastFreeConverterUpdt - ok
11:02:27.0441 5480  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
11:02:27.0444 5480  Fax - ok
11:02:27.0471 5480  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
11:02:27.0472 5480  fdc - ok
11:02:27.0483 5480  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
11:02:27.0483 5480  fdPHost - ok
11:02:27.0492 5480  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:02:27.0493 5480  FDResPub - ok
11:02:27.0535 5480  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:02:27.0536 5480  FileInfo - ok
11:02:27.0543 5480  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:02:27.0544 5480  Filetrace - ok
11:02:27.0553 5480  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
11:02:27.0554 5480  flpydisk - ok
11:02:27.0577 5480  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:02:27.0579 5480  FltMgr - ok
11:02:27.0670 5480  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
11:02:27.0679 5480  FontCache - ok
11:02:27.0741 5480  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:02:27.0741 5480  FontCache3.0.0.0 - ok
11:02:27.0770 5480  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:02:27.0771 5480  FsDepends - ok
11:02:27.0813 5480  [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
11:02:27.0822 5480  fssfltr - ok
11:02:27.0887 5480  [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
11:02:27.0892 5480  fsssvc - ok
11:02:27.0920 5480  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:02:27.0921 5480  Fs_Rec - ok
11:02:27.0973 5480  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:02:27.0975 5480  fvevol - ok
11:02:28.0032 5480  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:02:28.0033 5480  gagp30kx - ok
11:02:28.0099 5480  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:02:28.0099 5480  GEARAspiWDM - ok
11:02:28.0136 5480  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
11:02:28.0142 5480  gpsvc - ok
11:02:28.0156 5480  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:02:28.0168 5480  hcw85cir - ok
11:02:28.0221 5480  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:02:28.0224 5480  HdAudAddService - ok
11:02:28.0268 5480  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
11:02:28.0269 5480  HDAudBus - ok
11:02:28.0287 5480  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
11:02:28.0288 5480  HidBatt - ok
11:02:28.0302 5480  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
11:02:28.0303 5480  HidBth - ok
11:02:28.0347 5480  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
11:02:28.0348 5480  HidIr - ok
11:02:28.0367 5480  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
11:02:28.0368 5480  hidserv - ok
11:02:28.0420 5480  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:02:28.0421 5480  HidUsb - ok
11:02:28.0455 5480  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:02:28.0457 5480  hkmsvc - ok
11:02:28.0498 5480  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:02:28.0500 5480  HomeGroupListener - ok
11:02:28.0520 5480  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:02:28.0522 5480  HomeGroupProvider - ok
11:02:28.0584 5480  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:02:28.0585 5480  HpSAMD - ok
11:02:28.0658 5480  Htsysm - ok
11:02:28.0692 5480  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:02:28.0699 5480  HTTP - ok
11:02:28.0713 5480  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:02:28.0714 5480  hwpolicy - ok
11:02:28.0753 5480  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:02:28.0755 5480  i8042prt - ok
11:02:28.0810 5480  [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor          C:\Windows\system32\drivers\iaStor.sys
11:02:28.0814 5480  iaStor - ok
11:02:28.0854 5480  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:02:28.0858 5480  iaStorV - ok
11:02:28.0912 5480  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:02:28.0915 5480  idsvc - ok
11:02:29.0089 5480  [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20130514.001\IDSvia64.sys
11:02:29.0091 5480  IDSVia64 - ok
11:02:29.0131 5480  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:02:29.0132 5480  iirsp - ok
11:02:29.0167 5480  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
11:02:29.0174 5480  IKEEXT - ok
11:02:29.0238 5480  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\Windows\system32\drivers\Impcd.sys
11:02:29.0240 5480  Impcd - ok
11:02:29.0342 5480  [ EB5FA493A4B6EA290200AE39EBA2FBC6 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:02:29.0352 5480  IntcAzAudAddService - ok
11:02:29.0386 5480  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
11:02:29.0402 5480  intelide - ok
11:02:29.0448 5480  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:02:29.0448 5480  intelppm - ok
11:02:29.0502 5480  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:02:29.0503 5480  IPBusEnum - ok
11:02:29.0518 5480  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:02:29.0531 5480  IpFilterDriver - ok
11:02:29.0558 5480  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:02:29.0567 5480  iphlpsvc - ok
11:02:29.0612 5480  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:02:29.0613 5480  IPMIDRV - ok
11:02:29.0625 5480  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:02:29.0626 5480  IPNAT - ok
11:02:29.0677 5480  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:02:29.0677 5480  IRENUM - ok
11:02:29.0707 5480  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:02:29.0708 5480  isapnp - ok
11:02:29.0734 5480  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:02:29.0737 5480  iScsiPrt - ok
11:02:29.0754 5480  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:02:29.0755 5480  kbdclass - ok
11:02:29.0790 5480  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:02:29.0791 5480  kbdhid - ok
11:02:29.0828 5480  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
11:02:29.0829 5480  KeyIso - ok
11:02:29.0856 5480  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:02:29.0857 5480  KSecDD - ok
11:02:29.0886 5480  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:02:29.0887 5480  KSecPkg - ok
11:02:29.0910 5480  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:02:29.0911 5480  ksthunk - ok
11:02:29.0933 5480  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:02:29.0947 5480  KtmRm - ok
11:02:30.0010 5480  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:02:30.0012 5480  LanmanServer - ok
11:02:30.0060 5480  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:02:30.0061 5480  LanmanWorkstation - ok
11:02:30.0114 5480  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:02:30.0115 5480  lltdio - ok
11:02:30.0147 5480  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:02:30.0151 5480  lltdsvc - ok
11:02:30.0168 5480  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:02:30.0169 5480  lmhosts - ok
11:02:30.0232 5480  [ 98B16E756243BEA9410E32025B19C06F ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:02:30.0234 5480  LMS - ok
11:02:30.0283 5480  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
11:02:30.0285 5480  LSI_FC - ok
11:02:30.0332 5480  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:02:30.0334 5480  LSI_SAS - ok
11:02:30.0345 5480  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:02:30.0346 5480  LSI_SAS2 - ok
11:02:30.0375 5480  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:02:30.0406 5480  LSI_SCSI - ok
11:02:30.0417 5480  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
11:02:30.0418 5480  luafv - ok
11:02:30.0463 5480  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
11:02:30.0463 5480  MBAMProtector - ok
11:02:30.0543 5480  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:02:30.0545 5480  MBAMScheduler - ok
11:02:30.0600 5480  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:02:30.0603 5480  MBAMService - ok
11:02:30.0677 5480  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:02:30.0678 5480  Mcx2Svc - ok
11:02:30.0691 5480  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
11:02:30.0692 5480  megasas - ok
11:02:30.0739 5480  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:02:30.0742 5480  MegaSR - ok
11:02:30.0785 5480  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\drivers\HECIx64.sys
11:02:30.0785 5480  MEIx64 - ok
11:02:30.0792 5480  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
11:02:30.0793 5480  MMCSS - ok
11:02:30.0816 5480  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
11:02:30.0817 5480  Modem - ok
11:02:30.0853 5480  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:02:30.0853 5480  monitor - ok
11:02:30.0911 5480  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:02:30.0912 5480  mouclass - ok
11:02:30.0948 5480  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:02:30.0948 5480  mouhid - ok
11:02:30.0984 5480  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:02:30.0985 5480  mountmgr - ok
11:02:31.0005 5480  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:02:31.0007 5480  mpio - ok
11:02:31.0023 5480  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:02:31.0024 5480  mpsdrv - ok
11:02:31.0054 5480  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:02:31.0061 5480  MpsSvc - ok
11:02:31.0069 5480  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:02:31.0070 5480  MRxDAV - ok
11:02:31.0082 5480  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:02:31.0084 5480  mrxsmb - ok
11:02:31.0104 5480  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:02:31.0107 5480  mrxsmb10 - ok
11:02:31.0127 5480  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:02:31.0128 5480  mrxsmb20 - ok
11:02:31.0139 5480  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:02:31.0140 5480  msahci - ok
11:02:31.0153 5480  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:02:31.0154 5480  msdsm - ok
11:02:31.0174 5480  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
11:02:31.0176 5480  MSDTC - ok
11:02:31.0186 5480  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:02:31.0187 5480  Msfs - ok
11:02:31.0195 5480  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:02:31.0196 5480  mshidkmdf - ok
11:02:31.0211 5480  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:02:31.0211 5480  msisadrv - ok
11:02:31.0260 5480  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:02:31.0269 5480  MSiSCSI - ok
11:02:31.0271 5480  msiserver - ok
11:02:31.0287 5480  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:02:31.0288 5480  MSKSSRV - ok
11:02:31.0303 5480  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:02:31.0304 5480  MSPCLOCK - ok
11:02:31.0317 5480  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:02:31.0328 5480  MSPQM - ok
11:02:31.0342 5480  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:02:31.0345 5480  MsRPC - ok
11:02:31.0360 5480  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
11:02:31.0361 5480  mssmbios - ok
11:02:31.0369 5480  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:02:31.0369 5480  MSTEE - ok
11:02:31.0381 5480  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
11:02:31.0381 5480  MTConfig - ok
11:02:31.0398 5480  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
11:02:31.0398 5480  Mup - ok
11:02:31.0457 5480  [ B54B122DCEA87B66C6DC4A364FB1453F ] mv91cons        C:\Windows\system32\drivers\mv91cons.sys
11:02:31.0458 5480  mv91cons - ok
11:02:31.0488 5480  [ 34D08C9C64F657D194961E96C47E9C69 ] mv91xx          C:\Windows\system32\drivers\mv91xx.sys
11:02:31.0505 5480  mv91xx - ok
11:02:31.0532 5480  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
11:02:31.0536 5480  napagent - ok
11:02:31.0581 5480  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:02:31.0610 5480  NativeWifiP - ok
11:02:31.0720 5480  [ F2840DBFE9322F35557219AE82CC4597 ] NAV             C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.1.14\ccSvcHst.exe
11:02:31.0721 5480  NAV - ok
11:02:31.0806 5480  [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20130514.023\ENG64.SYS
11:02:31.0807 5480  NAVENG - ok
11:02:31.0866 5480  [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20130514.023\EX64.SYS
11:02:31.0873 5480  NAVEX15 - ok
11:02:31.0964 5480  [ 8D11DA92F83D8C8281689739BEF05FD5 ] NCO             C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.1.7\ccSvcHst.exe
11:02:31.0965 5480  NCO - ok
11:02:32.0018 5480  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:02:32.0025 5480  NDIS - ok
11:02:32.0079 5480  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:02:32.0092 5480  NdisCap - ok
11:02:32.0124 5480  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:02:32.0125 5480  NdisTapi - ok
11:02:32.0137 5480  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:02:32.0138 5480  Ndisuio - ok
11:02:32.0148 5480  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:02:32.0150 5480  NdisWan - ok
11:02:32.0155 5480  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:02:32.0155 5480  NDProxy - ok
11:02:32.0210 5480  [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
11:02:32.0211 5480  Net Driver HPZ12 - ok
11:02:32.0291 5480  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:02:32.0291 5480  NetBIOS - ok
11:02:32.0348 5480  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:02:32.0396 5480  NetBT - ok
11:02:32.0495 5480  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
11:02:32.0496 5480  Netlogon - ok
11:02:32.0592 5480  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
11:02:32.0594 5480  Netman - ok
11:02:32.0695 5480  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:02:32.0695 5480  NetMsmqActivator - ok
11:02:32.0698 5480  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:02:32.0698 5480  NetPipeActivator - ok
11:02:32.0723 5480  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
11:02:32.0726 5480  netprofm - ok
11:02:32.0746 5480  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:02:32.0746 5480  NetTcpActivator - ok
11:02:32.0749 5480  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:02:32.0749 5480  NetTcpPortSharing - ok
11:02:32.0794 5480  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:02:32.0805 5480  nfrd960 - ok
11:02:32.0895 5480  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:02:32.0935 5480  NlaSvc - ok
11:02:32.0962 5480  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:02:32.0977 5480  Npfs - ok
11:02:32.0997 5480  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
11:02:32.0998 5480  nsi - ok
11:02:33.0040 5480  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:02:33.0066 5480  nsiproxy - ok
11:02:33.0253 5480  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:02:33.0342 5480  Ntfs - ok
11:02:33.0377 5480  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
11:02:33.0377 5480  Null - ok
11:02:33.0414 5480  [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub        C:\Windows\system32\drivers\nusb3hub.sys
11:02:33.0415 5480  nusb3hub - ok
11:02:33.0426 5480  [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc        C:\Windows\system32\drivers\nusb3xhc.sys
11:02:33.0428 5480  nusb3xhc - ok
11:02:33.0518 5480  [ B4F53BCA4C688FF47F04FA90098F896E ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
11:02:33.0519 5480  NVHDA - ok
11:02:33.0902 5480  [ 4EE399576F76D38C04745DB739BBC8C7 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:02:33.0939 5480  nvlddmkm - ok
11:02:33.0993 5480  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:02:33.0995 5480  nvraid - ok
11:02:34.0010 5480  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:02:34.0012 5480  nvstor - ok
11:02:34.0053 5480  [ 7335C3D78A7746D76D37F6722CC4A466 ] nvsvc           C:\Windows\system32\nvvsvc.exe
11:02:34.0057 5480  nvsvc - ok
11:02:34.0184 5480  [ B7C53DA1C73FF39F4A6248643EFD979A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:02:34.0188 5480  nvUpdatusService - ok
11:02:34.0233 5480  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:02:34.0234 5480  nv_agp - ok
11:02:34.0251 5480  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:02:34.0252 5480  ohci1394 - ok
11:02:34.0287 5480  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:02:34.0290 5480  p2pimsvc - ok
11:02:34.0314 5480  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:02:34.0318 5480  p2psvc - ok
11:02:34.0345 5480  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
11:02:34.0346 5480  Parport - ok
11:02:34.0364 5480  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:02:34.0365 5480  partmgr - ok
11:02:34.0376 5480  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:02:34.0378 5480  PcaSvc - ok
11:02:34.0391 5480  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
11:02:34.0393 5480  pci - ok
11:02:34.0401 5480  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
11:02:34.0401 5480  pciide - ok
11:02:34.0415 5480  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:02:34.0417 5480  pcmcia - ok
11:02:34.0425 5480  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:02:34.0425 5480  pcw - ok
11:02:34.0455 5480  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:02:34.0460 5480  PEAUTH - ok
11:02:34.0523 5480  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:02:34.0524 5480  PerfHost - ok
11:02:34.0603 5480  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
11:02:34.0615 5480  pla - ok
11:02:34.0697 5480  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:02:34.0701 5480  PlugPlay - ok
11:02:34.0742 5480  [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:02:34.0743 5480  Pml Driver HPZ12 - ok
11:02:34.0797 5480  PnkBstrA - ok
11:02:34.0838 5480  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:02:34.0839 5480  PNRPAutoReg - ok
11:02:34.0854 5480  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:02:34.0856 5480  PNRPsvc - ok
11:02:34.0882 5480  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:02:34.0886 5480  PolicyAgent - ok
11:02:34.0913 5480  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
11:02:34.0915 5480  Power - ok
11:02:34.0968 5480  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:02:34.0976 5480  PptpMiniport - ok
11:02:34.0984 5480  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
11:02:34.0987 5480  Processor - ok
11:02:35.0020 5480  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:02:35.0033 5480  ProfSvc - ok
11:02:35.0062 5480  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:02:35.0062 5480  ProtectedStorage - ok
11:02:35.0131 5480  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:02:35.0145 5480  Psched - ok
11:02:35.0379 5480  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
11:02:35.0424 5480  ql2300 - ok
11:02:35.0484 5480  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
11:02:35.0510 5480  ql40xx - ok
11:02:35.0563 5480  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
11:02:35.0578 5480  QWAVE - ok
11:02:35.0598 5480  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:02:35.0604 5480  QWAVEdrv - ok
11:02:35.0631 5480  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:02:35.0646 5480  RasAcd - ok
11:02:35.0720 5480  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:02:35.0726 5480  RasAgileVpn - ok
11:02:35.0741 5480  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
11:02:35.0743 5480  RasAuto - ok
11:02:35.0796 5480  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:02:35.0797 5480  Rasl2tp - ok
11:02:35.0841 5480  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
11:02:35.0845 5480  RasMan - ok
11:02:35.0867 5480  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:02:35.0868 5480  RasPppoe - ok
11:02:35.0888 5480  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:02:35.0889 5480  RasSstp - ok
11:02:35.0911 5480  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:02:35.0914 5480  rdbss - ok
11:02:35.0933 5480  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
11:02:35.0934 5480  rdpbus - ok
11:02:35.0969 5480  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:02:35.0969 5480  RDPCDD - ok
11:02:36.0003 5480  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:02:36.0004 5480  RDPENCDD - ok
11:02:36.0012 5480  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:02:36.0013 5480  RDPREFMP - ok
11:02:36.0081 5480  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:02:36.0082 5480  RdpVideoMiniport - ok
11:02:36.0104 5480  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:02:36.0106 5480  RDPWD - ok
11:02:36.0147 5480  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:02:36.0149 5480  rdyboost - ok
11:02:36.0231 5480  [ 89525CC2DBAD44F7199B9CC188B3F9C5 ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
11:02:36.0231 5480  RealNetworks Downloader Resolver Service - ok
11:02:36.0253 5480  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:02:36.0255 5480  RemoteAccess - ok
11:02:36.0282 5480  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:02:36.0284 5480  RemoteRegistry - ok
11:02:36.0307 5480  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:02:36.0308 5480  RpcEptMapper - ok
11:02:36.0337 5480  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
11:02:36.0338 5480  RpcLocator - ok
11:02:36.0349 5480  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
11:02:36.0352 5480  RpcSs - ok
11:02:36.0413 5480  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:02:36.0414 5480  rspndr - ok
11:02:36.0449 5480  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
11:02:36.0451 5480  RTL8167 - ok
11:02:36.0509 5480  [ E16B7C030A05EF649B18FAB0A93D871F ] RtNdPt60        C:\Windows\system32\DRIVERS\RtNdPt60.sys
11:02:36.0510 5480  RtNdPt60 - ok
11:02:36.0524 5480  [ 1DE78F5008120CD79B34C12394DCD493 ] RTTEAMPT        C:\Windows\system32\DRIVERS\RtTeam60.sys
11:02:36.0525 5480  RTTEAMPT - ok
11:02:36.0539 5480  [ B1018AA1B5735F5FA89FD4DADF4BEA7A ] RTVLANPT        C:\Windows\system32\DRIVERS\RtVlan60.sys
11:02:36.0552 5480  RTVLANPT - ok
11:02:36.0562 5480  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
11:02:36.0562 5480  SamSs - ok
11:02:36.0614 5480  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:02:36.0616 5480  sbp2port - ok
11:02:36.0633 5480  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:02:36.0635 5480  SCardSvr - ok
11:02:36.0689 5480  [ B2F50286DC82B93C013E3FC57BA1A956 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
11:02:36.0690 5480  SCDEmu - ok
11:02:36.0698 5480  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:02:36.0699 5480  scfilter - ok
11:02:36.0719 5480  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
11:02:36.0726 5480  Schedule - ok
11:02:36.0755 5480  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:02:36.0756 5480  SCPolicySvc - ok
11:02:36.0780 5480  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:02:36.0783 5480  SDRSVC - ok
11:02:36.0840 5480  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:02:36.0840 5480  secdrv - ok
11:02:36.0848 5480  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
11:02:36.0850 5480  seclogon - ok
11:02:36.0887 5480  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
11:02:36.0888 5480  SENS - ok
11:02:36.0919 5480  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:02:36.0921 5480  SensrSvc - ok
11:02:36.0933 5480  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
11:02:36.0934 5480  Serenum - ok
11:02:36.0984 5480  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
11:02:36.0998 5480  Serial - ok
11:02:37.0047 5480  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
11:02:37.0048 5480  sermouse - ok
11:02:37.0072 5480  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:02:37.0074 5480  SessionEnv - ok
11:02:37.0083 5480  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:02:37.0095 5480  sffdisk - ok
11:02:37.0111 5480  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:02:37.0112 5480  sffp_mmc - ok
11:02:37.0114 5480  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:02:37.0115 5480  sffp_sd - ok
11:02:37.0121 5480  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
11:02:37.0122 5480  sfloppy - ok
11:02:37.0183 5480  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:02:37.0187 5480  SharedAccess - ok
11:02:37.0206 5480  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:02:37.0210 5480  ShellHWDetection - ok
11:02:37.0252 5480  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:02:37.0253 5480  SiSRaid2 - ok
11:02:37.0276 5480  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:02:37.0277 5480  SiSRaid4 - ok
11:02:37.0341 5480  sj - ok
11:02:37.0363 5480  slb - ok
11:02:37.0396 5480  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:02:37.0398 5480  Smb - ok
11:02:37.0453 5480  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:02:37.0454 5480  SNMPTRAP - ok
11:02:37.0471 5480  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:02:37.0471 5480  spldr - ok
11:02:37.0514 5480  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
11:02:37.0516 5480  Spooler - ok
11:02:37.0626 5480  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
11:02:37.0639 5480  sppsvc - ok
11:02:37.0714 5480  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:02:37.0716 5480  sppuinotify - ok
11:02:37.0896 5480  [ 891793E00432FA055CF040605C260E49 ] SRTSP           C:\Windows\System32\Drivers\NAVx64\1309010.00E\SRTSP64.SYS
11:02:37.0898 5480  SRTSP - ok
11:02:37.0909 5480  [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX          C:\Windows\system32\drivers\NAVx64\1309010.00E\SRTSPX64.SYS
11:02:37.0924 5480  SRTSPX - ok
11:02:37.0960 5480  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:02:37.0971 5480  srv - ok
11:02:37.0990 5480  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:02:37.0994 5480  srv2 - ok
11:02:38.0007 5480  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:02:38.0009 5480  srvnet - ok
11:02:38.0060 5480  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:02:38.0062 5480  SSDPSRV - ok
11:02:38.0073 5480  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:02:38.0075 5480  SstpSvc - ok
11:02:38.0133 5480  Steam Client Service - ok
11:02:38.0204 5480  [ 81F177C1954453AF407604160BD149CB ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:02:38.0206 5480  Stereo Service - ok
11:02:38.0229 5480  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:02:38.0230 5480  stexstor - ok
11:02:38.0289 5480  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
11:02:38.0295 5480  stisvc - ok
11:02:38.0314 5480  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
11:02:38.0314 5480  swenum - ok
11:02:38.0341 5480  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
11:02:38.0346 5480  swprv - ok
11:02:38.0396 5480  [ 8B2430762099598DA40686F754632EFD ] SymDS           C:\Windows\system32\drivers\NAVx64\1309010.00E\SYMDS64.SYS
11:02:38.0399 5480  SymDS - ok
11:02:38.0511 5480  [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA          C:\Windows\system32\drivers\NAVx64\1309010.00E\SYMEFA64.SYS
11:02:38.0519 5480  SymEFA - ok
11:02:38.0545 5480  [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
11:02:38.0546 5480  SymEvent - ok
11:02:38.0555 5480  [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON         C:\Windows\system32\drivers\NAVx64\1309010.00E\Ironx64.SYS
11:02:38.0556 5480  SymIRON - ok
11:02:38.0626 5480  [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS         C:\Windows\System32\Drivers\NAVx64\1309010.00E\SYMNETS.SYS
11:02:38.0628 5480  SymNetS - ok
11:02:38.0673 5480  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
11:02:38.0687 5480  SysMain - ok
11:02:38.0722 5480  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:02:38.0724 5480  TabletInputService - ok
11:02:38.0739 5480  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:02:38.0743 5480  TapiSrv - ok
11:02:38.0755 5480  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
11:02:38.0756 5480  TBS - ok
11:02:38.0802 5480  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:02:38.0817 5480  Tcpip - ok
11:02:38.0855 5480  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:02:38.0862 5480  TCPIP6 - ok
11:02:38.0907 5480  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:02:38.0908 5480  tcpipreg - ok
11:02:38.0930 5480  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:02:38.0931 5480  TDPIPE - ok
11:02:38.0950 5480  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:02:38.0950 5480  TDTCP - ok
11:02:38.0964 5480  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:02:38.0965 5480  tdx - ok
11:02:39.0014 5480  [ 1DE78F5008120CD79B34C12394DCD493 ] TEAM            C:\Windows\system32\DRIVERS\RtTeam60.sys
11:02:39.0014 5480  TEAM - ok
11:02:39.0062 5480  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
11:02:39.0063 5480  TermDD - ok
11:02:39.0094 5480  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
11:02:39.0099 5480  TermService - ok
11:02:39.0114 5480  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
11:02:39.0115 5480  Themes - ok
11:02:39.0138 5480  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
11:02:39.0139 5480  THREADORDER - ok
11:02:39.0154 5480  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
11:02:39.0155 5480  TrkWks - ok
11:02:39.0207 5480  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:02:39.0208 5480  TrustedInstaller - ok
11:02:39.0215 5480  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:02:39.0216 5480  tssecsrv - ok
11:02:39.0268 5480  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:02:39.0270 5480  TsUsbFlt - ok
11:02:39.0323 5480  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
11:02:39.0333 5480  TsUsbGD - ok
11:02:39.0397 5480  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:02:39.0398 5480  tunnel - ok
11:02:39.0408 5480  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:02:39.0409 5480  uagp35 - ok
11:02:39.0426 5480  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:02:39.0429 5480  udfs - ok
11:02:39.0451 5480  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:02:39.0452 5480  UI0Detect - ok
11:02:39.0491 5480  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:02:39.0500 5480  uliagpkx - ok
11:02:39.0549 5480  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:02:39.0549 5480  umbus - ok
11:02:39.0596 5480  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
11:02:39.0614 5480  UmPass - ok
11:02:39.0716 5480  [ 7A78ED1088890114DFDE2C4AB038D6B6 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:02:39.0725 5480  UNS - ok
11:02:39.0752 5480  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
11:02:39.0756 5480  upnphost - ok
11:02:39.0803 5480  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
11:02:39.0804 5480  usbaudio - ok
11:02:39.0852 5480  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:02:39.0854 5480  usbccgp - ok
11:02:39.0900 5480  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:02:39.0901 5480  usbcir - ok
11:02:39.0910 5480  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
11:02:39.0911 5480  usbehci - ok
11:02:39.0964 5480  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:02:39.0967 5480  usbhub - ok
11:02:39.0977 5480  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:02:39.0978 5480  usbohci - ok
11:02:39.0981 5480  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
11:02:39.0982 5480  usbprint - ok
11:02:40.0012 5480  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:02:40.0013 5480  USBSTOR - ok
11:02:40.0035 5480  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:02:40.0035 5480  usbuhci - ok
11:02:40.0042 5480  usj - ok
11:02:40.0072 5480  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
11:02:40.0074 5480  UxSms - ok
11:02:40.0085 5480  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
11:02:40.0086 5480  VaultSvc - ok
11:02:40.0128 5480  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:02:40.0129 5480  vdrvroot - ok
11:02:40.0150 5480  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
11:02:40.0153 5480  vds - ok
11:02:40.0193 5480  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:02:40.0194 5480  vga - ok
11:02:40.0212 5480  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:02:40.0212 5480  VgaSave - ok
11:02:40.0230 5480  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:02:40.0232 5480  vhdmp - ok
11:02:40.0246 5480  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:02:40.0247 5480  viaide - ok
11:02:40.0263 5480  [ B1018AA1B5735F5FA89FD4DADF4BEA7A ] VLAN            C:\Windows\system32\DRIVERS\RtVLAN60.sys
11:02:40.0263 5480  VLAN - ok
11:02:40.0299 5480  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:02:40.0300 5480  volmgr - ok
11:02:40.0312 5480  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:02:40.0315 5480  volmgrx - ok
11:02:40.0330 5480  [ DF8126BD41180351A093A3AD2FC8903B ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:02:40.0332 5480  volsnap - ok
11:02:40.0364 5480  vpropmo - ok
11:02:40.0401 5480  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:02:40.0403 5480  vsmraid - ok
11:02:40.0442 5480  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
11:02:40.0449 5480  VSS - ok
11:02:40.0476 5480  vToolbarUpdater14.2.0 - ok
11:02:40.0500 5480  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
11:02:40.0501 5480  vwifibus - ok
11:02:40.0521 5480  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
11:02:40.0525 5480  W32Time - ok
11:02:40.0551 5480  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
11:02:40.0552 5480  WacomPen - ok
11:02:40.0590 5480  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:02:40.0591 5480  WANARP - ok
11:02:40.0612 5480  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:02:40.0612 5480  Wanarpv6 - ok
11:02:40.0693 5480  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
11:02:40.0703 5480  WatAdminSvc - ok
11:02:40.0880 5480  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
11:02:40.0886 5480  wbengine - ok
11:02:40.0894 5480  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:02:40.0897 5480  WbioSrvc - ok
11:02:40.0928 5480  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:02:40.0932 5480  wcncsvc - ok
11:02:40.0946 5480  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:02:40.0948 5480  WcsPlugInService - ok
11:02:40.0972 5480  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
11:02:40.0973 5480  Wd - ok
11:02:41.0019 5480  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:02:41.0025 5480  Wdf01000 - ok
11:02:41.0033 5480  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:02:41.0034 5480  WdiServiceHost - ok
11:02:41.0036 5480  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:02:41.0038 5480  WdiSystemHost - ok
11:02:41.0071 5480  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
11:02:41.0074 5480  WebClient - ok
11:02:41.0087 5480  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:02:41.0091 5480  Wecsvc - ok
11:02:41.0112 5480  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:02:41.0113 5480  wercplsupport - ok
11:02:41.0124 5480  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:02:41.0125 5480  WerSvc - ok
11:02:41.0170 5480  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:02:41.0170 5480  WfpLwf - ok
11:02:41.0177 5480  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:02:41.0178 5480  WIMMount - ok
11:02:41.0204 5480  WinDefend - ok
11:02:41.0207 5480  WinHttpAutoProxySvc - ok
11:02:41.0254 5480  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:02:41.0256 5480  Winmgmt - ok
11:02:41.0308 5480  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
11:02:41.0325 5480  WinRM - ok
11:02:41.0387 5480  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:02:41.0395 5480  Wlansvc - ok
11:02:41.0470 5480  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:02:41.0471 5480  wlcrasvc - ok
11:02:41.0581 5480  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:02:41.0589 5480  wlidsvc - ok
11:02:41.0630 5480  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:02:41.0631 5480  WmiAcpi - ok
11:02:41.0661 5480  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:02:41.0662 5480  wmiApSrv - ok
11:02:41.0724 5480  WMPNetworkSvc - ok
11:02:41.0741 5480  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:02:41.0742 5480  WPCSvc - ok
11:02:41.0749 5480  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:02:41.0751 5480  WPDBusEnum - ok
11:02:41.0770 5480  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:02:41.0770 5480  ws2ifsl - ok
11:02:41.0781 5480  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
11:02:41.0783 5480  wscsvc - ok
11:02:41.0784 5480  WSearch - ok
11:02:41.0844 5480  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:02:41.0863 5480  wuauserv - ok
11:02:41.0891 5480  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:02:41.0892 5480  WudfPf - ok
11:02:41.0934 5480  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:02:41.0936 5480  WUDFRd - ok
11:02:41.0963 5480  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:02:41.0965 5480  wudfsvc - ok
11:02:41.0993 5480  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:02:41.0996 5480  WwanSvc - ok
11:02:42.0042 5480  [ 4E34E8B3EAA336BD04BA4C2BC55A8BCE ] XBCD            C:\Windows\system32\DRIVERS\XBCD.sys
11:02:42.0043 5480  XBCD - ok
11:02:42.0094 5480  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
11:02:42.0106 5480  xusb21 - ok
11:02:42.0128 5480  ================ Scan global ===============================
11:02:42.0158 5480  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:02:42.0194 5480  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:02:42.0200 5480  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:02:42.0233 5480  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:02:42.0269 5480  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:02:42.0271 5480  [Global] - ok
11:02:42.0271 5480  ================ Scan MBR ==================================
11:02:42.0288 5480  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:02:42.0620 5480  \Device\Harddisk0\DR0 - ok
11:02:42.0621 5480  ================ Scan VBR ==================================
11:02:42.0622 5480  [ E0B1143962BB3C568DAB357B7F400C28 ] \Device\Harddisk0\DR0\Partition1
11:02:42.0623 5480  \Device\Harddisk0\DR0\Partition1 - ok
11:02:42.0623 5480  ============================================================
11:02:42.0623 5480  Scan finished
11:02:42.0623 5480  ============================================================
11:02:42.0627 1868  Detected object count: 0
11:02:42.0628 1868  Actual detected object count: 0
 

 

 

 

 

AdwCleaner


# AdwCleaner v2.300 - Logfile created 05/15/2013 at 11:05:52

# Updated 28/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Allen - ALLEN-PC
# Boot Mode : Normal
# Running from : C:\Users\Allen\Downloads\AdwCleaner.exe
# Option [Delete]
 
 
***** [Services] *****
 
Stopped & Deleted : DefaultTabUpdate
Stopped & Deleted : vToolbarUpdater14.2.0
 
***** [Files / Folders] *****
 
Deleted on reboot : C:\Users\Allen\AppData\Roaming\Mozilla\Firefox\Profiles\2giejjhm.default\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml
File Deleted : C:\Users\Allen\AppData\Roaming\Mozilla\Firefox\Profiles\2giejjhm.default\searchplugins\Search_Results.xml
File Deleted : C:\Users\Allen\AppData\Roaming\Mozilla\Firefox\Profiles\2giejjhm.default\searchplugins\SweetIm.xml
File Disinfected : C:\Users\Allen\Desktop\Search.lnk
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Deleted : C:\Program Files (x86)\DealPly
Folder Deleted : C:\Program Files (x86)\DefaultTab
Folder Deleted : C:\Program Files (x86)\fbphotozoom
Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com
Folder Deleted : C:\Program Files (x86)\Moozy
Folder Deleted : C:\Program Files (x86)\OApps
Folder Deleted : C:\Program Files (x86)\Playbryte
Folder Deleted : C:\Program Files (x86)\PriceGong
Folder Deleted : C:\Program Files (x86)\PricePeep
Folder Deleted : C:\Program Files (x86)\Qwiklinx
Folder Deleted : C:\Program Files (x86)\Red Sky
Folder Deleted : C:\Program Files (x86)\SaveValet
Folder Deleted : C:\Program Files (x86)\uTorrentControl2
Folder Deleted : C:\Program Files (x86)\Vid-Saver
Folder Deleted : C:\Program Files (x86)\Yontoo Layers Runtime
Folder Deleted : C:\ProgramData\Anti-phishing Domain Advisor
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TheBflix
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\Users\Allen\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Folder Deleted : C:\Users\Allen\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Allen\AppData\Local\PackageAware
Folder Deleted : C:\Users\Allen\AppData\Local\Smartbar
Folder Deleted : C:\Users\Allen\AppData\Local\Supreme Savings
Folder Deleted : C:\Users\Allen\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Allen\AppData\Local\Updater19962
Folder Deleted : C:\Users\Allen\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Allen\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Allen\AppData\LocalLow\Playbryte
Folder Deleted : C:\Users\Allen\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Allen\AppData\LocalLow\Smartbar
Folder Deleted : C:\Users\Allen\AppData\LocalLow\TheBflix
Folder Deleted : C:\Users\Allen\AppData\LocalLow\uTorrentControl2
Folder Deleted : C:\Users\Allen\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\Allen\AppData\Roaming\Mozilla\Firefox\Profiles\2giejjhm.default\blekkotb
Folder Deleted : C:\Users\Allen\AppData\Roaming\Mozilla\Firefox\Profiles\2giejjhm.default\ConduitCommon
Folder Deleted : C:\Users\Allen\AppData\Roaming\Mozilla\Firefox\Profiles\2giejjhm.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
Folder Deleted : C:\Users\Allen\AppData\Roaming\Mozilla\Firefox\Profiles\2giejjhm.default\extensions\{a018b213-6b46-4791-9298-519020db5737}
Folder Deleted : C:\Users\Allen\AppData\Roaming\Mozilla\Firefox\Profiles\2giejjhm.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
Folder Deleted : C:\Users\Allen\AppData\Roaming\Mozilla\Firefox\Profiles\2giejjhm.default\extensions\crossriderapp19962@crossrider.com
Folder Deleted : C:\Users\Allen\AppData\Roaming\Mozilla\Firefox\Profiles\2giejjhm.default\extensions\crossriderapp2258@crossrider.com
Folder Deleted : C:\Users\Allen\AppData\Roaming\Mozilla\Firefox\Profiles\2giejjhm.default\extensions\crossriderapp3491@crossrider.com
Folder Deleted : C:\Users\Allen\AppData\Roaming\Mozilla\Firefox\Profiles\2giejjhm.default\extensions\ffxtlbr@funmoods.com
Folder Deleted : C:\Users\Allen\AppData\Roaming\Mozilla\Firefox\Profiles\2giejjhm.default\extensions\playbryte@playbryte.com
Folder Deleted : C:\Users\Allen\AppData\Roaming\Mozilla\Firefox\Profiles\2giejjhm.default\extensions\plugin@yontoo.com
Folder Deleted : C:\Users\Allen\AppData\Roaming\Mozilla\Firefox\Profiles\2giejjhm.default\FCTB
Folder Deleted : C:\Users\Allen\AppData\Roaming\Mozilla\Firefox\Profiles\2giejjhm.default\SweetIMToolbarData
Folder Deleted : C:\Users\Allen\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Allen\AppData\Roaming\Qwiklinx
Folder Deleted : C:\Users\Allen\AppData\Roaming\yourfiledownloader
Folder Deleted : C:\Users\Allen\Documents\ShopToWin
 
***** [Registry] *****
 
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl2
Key Deleted : HKCU\Software\AppDataLow\Software\Vid-Saver
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\BFlix
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DealPly
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Key Deleted : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0C9F4179-6CE2-4C6A-A3E5-67FF3592A12E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0C9F4179-6CE2-4C6A-A3E5-67FF3592A12E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{26C9E18C-3717-4BE1-A225-04E4471F5B6E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0C9F4179-6CE2-4C6A-A3E5-67FF3592A12E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{26C9E18C-3717-4BE1-A225-04E4471F5B6E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Key Deleted : HKCU\Software\Qwiklinx
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\SmartbarBackup
Key Deleted : HKCU\Software\SmartbarLog
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BFlix
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C2178B36-2955-479B-818C-A2AE8E500454}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho
Key Deleted : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho.1.0
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0003491.FBApi
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0003491.FBApi.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0003491.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0003491.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.BandObjectAttribute
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.BHO
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.DockingPanel
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBar
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarMenuForm
Key Deleted : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO
Key Deleted : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl
Key Deleted : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\QwiklinxBHO
Key Deleted : HKLM\SOFTWARE\Classes\QwiklinxBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2233703
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2548838
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{204C0025-C26A-43E2-853C-D8A8EB1BCE51}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\Software\DealPly
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F9E44926-2497-46F3-8A25-928136AC079E}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\Software\Playbryte
Key Deleted : HKLM\Software\uTorrentControl2
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0C9F4179-6CE2-4C6A-A3E5-67FF3592A12E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{26C9E18C-3717-4BE1-A225-04E4471F5B6E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E2C1A522-B8E1-45D1-B316-F5625004A28C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\licjnkifamhpbaefhdpacpmihicfbomb
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{86EDA5C7-A4EB-4CAA-AFB0-1756EC52F66D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F275DFC2-68E2-4CA5-BD4A-A6D4DD4BEF94}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0C9F4179-6CE2-4C6A-A3E5-67FF3592A12E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{20E7BC40-33F6-4A81-9D52-B58349326206}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2E497885-E60B-420A-832D-0148B392E058}_is1
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Anti-phishing Domain Advisor
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BFlix
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Chrome
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\facemoods
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Vid-Saver
Key Deleted : HKLM\Software\YourFileDownloader
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E2C1A522-B8E1-45D1-B316-F5625004A28C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\facemoods
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Anti-phishing Domain Advisor]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v10.0.9200.16576
 
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=US&userid=14012403-32bb-420a-ab52-3e6fbfdc7336&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}&installDate={installDate} --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=US&userid=14012403-32bb-420a-ab52-3e6fbfdc7336&affid=111583&searchtype=hp&babsrc=lnkry_nt&installDate={installDate} --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=US&userid=14012403-32bb-420a-ab52-3e6fbfdc7336&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}&installDate={installDate} --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=US&userid=14012403-32bb-420a-ab52-3e6fbfdc7336&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}&installDate={installDate} --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=US&userid=14012403-32bb-420a-ab52-3e6fbfdc7336&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}&installDate={installDate} --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=US&userid=14012403-32bb-420a-ab52-3e6fbfdc7336&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}&installDate={installDate} --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=US&userid=14012403-32bb-420a-ab52-3e6fbfdc7336&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms} --> hxxp://www.google.com
 
-\\ Mozilla Firefox v [Unable to get version]
 
File : C:\Users\Allen\AppData\Roaming\Mozilla\Firefox\Profiles\2giejjhm.default\prefs.js
 
C:\Users\Allen\AppData\Roaming\Mozilla\Firefox\Profiles\2giejjhm.default\user.js ... Deleted !
 
Deleted : user_pref("CT2233703.HasUserGlobalKeys", true);
Deleted : user_pref("CT2233703.IsMulticommunity", false);
Deleted : user_pref("CT2233703.ServiceMapLastCheckTime", "Sun Apr 22 2012 21:28:29 GMT-0400 (Eastern Daylight [...]
Deleted : user_pref("CT2233703.autoDisableScopes", 14);
Deleted : user_pref("CT2233703.testingCtid", "");
Deleted : user_pref("CT2548838.HasUserGlobalKeys", true);
Deleted : user_pref("CT2548838.IsMulticommunity", false);
Deleted : user_pref("CT2548838.ServiceMapLastCheckTime", "Sun Apr 22 2012 21:28:29 GMT-0400 (Eastern Daylight [...]
Deleted : user_pref("CT2548838.testingCtid", "");
Deleted : user_pref("CT3072253.HasUserGlobalKeys", true);
Deleted : user_pref("CT3072253.IsMulticommunity", false);
Deleted : user_pref("CT3072253.ServiceMapLastCheckTime", "Sun Apr 22 2012 21:28:29 GMT-0400 (Eastern Daylight [...]
Deleted : user_pref("CT3072253.autoDisableScopes", 0);
Deleted : user_pref("CT3072253.testingCtid", "");
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Allen\\AppData\\Roaming\\Mozilla\\F[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.10.0.1");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.notifications.locale", "");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 0);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Apr 22 2012 21:28:25 GMT-0400 (E[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "");
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.userId", "3071d16e-0c02-47e7-a817-0c8ec54f5d6c");
Deleted : user_pref("extensions.4f85d7d26e7c8.scode", "\n(function(){var bdomains={\"premiumreports.info\":1,\[...]
Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "tt=090212_noffx");
Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "70c751420000000000005404a6dbdeee");
Deleted : user_pref("extensions.BabylonToolbar_i.id", "70c751420000000000005404a6dbdeee");
Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15389");
Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1720:25:38");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Deleted : user_pref("extensions.crossriderapp2258.2258.InstallationThankYouPage", true);
Deleted : user_pref("extensions.crossriderapp2258.2258.InstallationTime", 1329614736);
Deleted : user_pref("extensions.crossriderapp2258.2258.InstallationUserSettings.searchUserConifrmation", false[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.InstallationUserSettings.setHomepage", false);
Deleted : user_pref("extensions.crossriderapp2258.2258.InstallationUserSettings.setNewTab", false);
Deleted : user_pref("extensions.crossriderapp2258.2258.InstallationUserSettings.setSearch", false);
Deleted : user_pref("extensions.crossriderapp2258.2258.active", true);
Deleted : user_pref("extensions.crossriderapp2258.2258.addressbar", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.affid", "0");
Deleted : user_pref("extensions.crossriderapp2258.2258.backgroundjs", "\n\n_GPL_PID = 21;\nfunction parse_url([...]
Deleted : user_pref("extensions.crossriderapp2258.2258.backgroundver", 8);
Deleted : user_pref("extensions.crossriderapp2258.2258.certdomaininstaller", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.changeprevious", false);
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie.InstallationTime.value", "1329614736");
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie.InstallerParams.value", "%7B%22source_id%22%3A%2[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_aoi.value", "1329614736");
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_hotfix20111102645.value", "%221%22");
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_parent_zoneid.value", "%2214353%22");
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_zoneid.value", "%2219908%22");
Deleted : user_pref("extensions.crossriderapp2258.2258.description", "I Want This!");
Deleted : user_pref("extensions.crossriderapp2258.2258.domain", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.emailsig", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.enablesearch", false);
Deleted : user_pref("extensions.crossriderapp2258.2258.exposesites", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.fbremoteurl", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.group", 0);
Deleted : user_pref("extensions.crossriderapp2258.2258.homepage", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.iframe", false);
Deleted : user_pref("extensions.crossriderapp2258.2258.js", "\n\nvar _GPL_PID = 21;\n\n(function($) {   \n\n  [...]
Deleted : user_pref("extensions.crossriderapp2258.2258.manifesturl", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.name", "I Want This");
Deleted : user_pref("extensions.crossriderapp2258.2258.newtab", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.opensearch", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_13.code", "(function( B){b.selectedText=f[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_13.name", "CrossriderAppUtils");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_13.ver", 1);
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_14.code", "(function(a){a.later=function[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_14.name", "CrossriderUtils");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_14.ver", 1);
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_15.code", "(function(f){function t(b,d){[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_15.name", "FacebookFFIE");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_15.ver", 1);
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_16.code", "(function(b,a){function i(c,a[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_16.name", "FFAppAPIWrapper");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_16.ver", 1);
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_17.code", "var $$jquery;\n(function(l,n)[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_17.name", "jQuery");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_17.ver", 1);
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins_lists.plugins_0", "17,14,16");
Deleted : user_pref("extensions.crossriderapp2258.2258.plugins_lists.plugins_1", "17,14,13,16,15");
Deleted : user_pref("extensions.crossriderapp2258.2258.pluginsurl", "hxxps://crossrider.cotssl.net/plugin/apps[...]
Deleted : user_pref("extensions.crossriderapp2258.2258.pluginsversion", 1);
Deleted : user_pref("extensions.crossriderapp2258.2258.premium", true);
Deleted : user_pref("extensions.crossriderapp2258.2258.publisher", "215 Apps");
Deleted : user_pref("extensions.crossriderapp2258.2258.searchstatus", 0);
Deleted : user_pref("extensions.crossriderapp2258.2258.setnewtab", false);
Deleted : user_pref("extensions.crossriderapp2258.2258.settingsurl", "");
Deleted : user_pref("extensions.crossriderapp2258.2258.thankyou", "hxxp://iw.antthis.com/thankyou.html");
Deleted : user_pref("extensions.crossriderapp2258.2258.updateinterval", 360);
Deleted : user_pref("extensions.crossriderapp2258.2258.ver", 27);
Deleted : user_pref("extensions.crossriderapp2258.adsOldValue", -1);
Deleted : user_pref("extensions.crossriderapp2258.apps", "2258");
Deleted : user_pref("extensions.crossriderapp2258.bic", "135934301540eee377975b56c4d532d5");
Deleted : user_pref("extensions.crossriderapp2258.cid", 2258);
Deleted : user_pref("extensions.crossriderapp2258.firstrun", false);
Deleted : user_pref("extensions.crossriderapp2258.hadappinstalled", true);
Deleted : user_pref("extensions.crossriderapp2258.installationdate", 1329615536);
Deleted : user_pref("extensions.crossriderapp2258.jsver", 3);
Deleted : user_pref("extensions.crossriderapp2258.lastcheck", 22252408);
Deleted : user_pref("extensions.crossriderapp2258.lastcheckitem", 22252408);
Deleted : user_pref("extensions.crossriderapp2258.misc.lastBgWorkerTimer", "1330489229387");
Deleted : user_pref("extensions.crossriderapp2258.misc.lastDomWorkerTimer", "1330489229379");
Deleted : user_pref("extensions.efwbjkbewre83sfr3.scode", "\n(function(){var bdomains={\"premiumreports.info\"[...]
Deleted : user_pref("extensions.enabledAddons", "fdm_ffext@freedownloadmanager.org:1.5.5,{EEE6C361-6118-11DC-9[...]
Deleted : user_pref("extensions.funmoods.admin", false);
Deleted : user_pref("extensions.funmoods.aflt", "nv1");
Deleted : user_pref("extensions.funmoods.brwsrsrc", "ietlbr");
Deleted : user_pref("extensions.funmoods.cntry", "US");
Deleted : user_pref("extensions.funmoods.dfltLng", "EN");
Deleted : user_pref("extensions.funmoods.dfltSrch", true);
Deleted : user_pref("extensions.funmoods.dfltlng", "en");
Deleted : user_pref("extensions.funmoods.dfltsrch", true);
Deleted : user_pref("extensions.funmoods.excTlbr", false);
Deleted : user_pref("extensions.funmoods.hdrMd5", "B9C4E53ED5C4B090A3F64D0AFB24FB91");
Deleted : user_pref("extensions.funmoods.hmpg", true);
Deleted : user_pref("extensions.funmoods.hrdid", "0");
Deleted : user_pref("extensions.funmoods.id", "70c751420000000000005404a6dbdeee");
Deleted : user_pref("extensions.funmoods.instlDay", "15389");
Deleted : user_pref("extensions.funmoods.instlRef", "");
Deleted : user_pref("extensions.funmoods.instlday", "15389");
Deleted : user_pref("extensions.funmoods.instlref", "");
Deleted : user_pref("extensions.funmoods.isDcmntCmplt", true);
Deleted : user_pref("extensions.funmoods.isdcmntcmplt", false);
Deleted : user_pref("extensions.funmoods.keywordurl", "");
Deleted : user_pref("extensions.funmoods.lastVrsnTs", "1.5.11.169:44:52");
Deleted : user_pref("extensions.funmoods.newTab", true);
Deleted : user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=nv1");
Deleted : user_pref("extensions.funmoods.newtab", true);
Deleted : user_pref("extensions.funmoods.newtaburl", "hxxp://start.funmoods.com/?f=2&a=nv1");
Deleted : user_pref("extensions.funmoods.noFFXTlbr", false);
Deleted : user_pref("extensions.funmoods.prdct", "funmoods");
Deleted : user_pref("extensions.funmoods.propectorlck", 68601604);
Deleted : user_pref("extensions.funmoods.prtnrId", "funmoods");
Deleted : user_pref("extensions.funmoods.prtnrid", "funmoods");
Deleted : user_pref("extensions.funmoods.sg", "none");
Deleted : user_pref("extensions.funmoods.smplGrp", "none");
Deleted : user_pref("extensions.funmoods.smplgrp", "none");
Deleted : user_pref("extensions.funmoods.srch", "");
Deleted : user_pref("extensions.funmoods.srchPrvdr", "Search");
Deleted : user_pref("extensions.funmoods.srchprvdr", "Search");
Deleted : user_pref("extensions.funmoods.stAdmnPrms", true);
Deleted : user_pref("extensions.funmoods.tlbrId", "base");
Deleted : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=nv1&q=");
Deleted : user_pref("extensions.funmoods.tlbrid", "base");
Deleted : user_pref("extensions.funmoods.tlbrsrchurl", "hxxp://start.funmoods.com/results.php?f=3&a=nv1&q=");
Deleted : user_pref("extensions.funmoods.vrsn", "1.5.11.16");
Deleted : user_pref("extensions.funmoods.vrsnTs", "1.5.11.169:44:52");
Deleted : user_pref("extensions.funmoods.vrsni", "1.5.11.16");
Deleted : user_pref("extensions.funmoods.vrsnts", "1.5.11.169:44:52");
Deleted : user_pref("extensions.funmoods_i.aflt", "nv1");
Deleted : user_pref("extensions.funmoods_i.dfltLng", "");
Deleted : user_pref("extensions.funmoods_i.dfltSrch", true);
Deleted : user_pref("extensions.funmoods_i.dnsErr", true);
Deleted : user_pref("extensions.funmoods_i.excTlbr", false);
Deleted : user_pref("extensions.funmoods_i.hmpg", true);
Deleted : user_pref("extensions.funmoods_i.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=nv1");
Deleted : user_pref("extensions.funmoods_i.id", "70c751420000000000005404a6dbdeee");
Deleted : user_pref("extensions.funmoods_i.instlDay", "15389");
Deleted : user_pref("extensions.funmoods_i.instlRef", "");
Deleted : user_pref("extensions.funmoods_i.newTab", true);
Deleted : user_pref("extensions.funmoods_i.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=nv1");
Deleted : user_pref("extensions.funmoods_i.prdct", "funmoods");
Deleted : user_pref("extensions.funmoods_i.prtnrId", "funmoods");
Deleted : user_pref("extensions.funmoods_i.smplGrp", "none");
Deleted : user_pref("extensions.funmoods_i.srchPrvdr", "Search");
Deleted : user_pref("extensions.funmoods_i.tlbrId", "base");
Deleted : user_pref("extensions.funmoods_i.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=nv1&q=")[...]
Deleted : user_pref("extensions.funmoods_i.vrsn", "1.5.11.16");
Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.11.169:44:52");
Deleted : user_pref("extensions.funmoods_i.vrsni", "1.5.11.16");
Deleted : user_pref("extentions.y2layers.defaultEnableAppsList", "TwitTube,Buzzdock,toprelatedtopics,dropdownd[...]
Deleted : user_pref("extentions.y2layers.installId", "4273d23b-be22-4723-9f19-38776723f453");
Deleted : user_pref("extentions.y2layers.lastDnsTest", 370319);
Deleted : user_pref("freecausea018b2136b4647919298519020db5737.DNSCatch", false);
Deleted : user_pref("freecausea018b2136b4647919298519020db5737.FirstLaunchShown", true);
Deleted : user_pref("freecausea018b2136b4647919298519020db5737.LastDate", 22);
Deleted : user_pref("freecausea018b2136b4647919298519020db5737.customNewTab", false);
Deleted : user_pref("freecausea018b2136b4647919298519020db5737.processAddrBar", false);
Deleted : user_pref("freecausea018b2136b4647919298519020db5737.tb_lang", "en");
Deleted : user_pref("freecausea018b2136b4647919298519020db5737.user_id", "65920943");
Deleted : user_pref("freecausea018b2136b4647919298519020db5737.vars.disablecuidinject", "1");
Deleted : user_pref("freecausea018b2136b4647919298519020db5737.vars.lastcheck", "Sun%20Apr%2022%202012%2021%3A[...]
Deleted : user_pref("freecausea018b2136b4647919298519020db5737.yahooSearch", false);
Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Deleted : user_pref("sweetim.toolbar.mode.debug", "false");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Blekko");
Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10");
Deleted : user_pref("sweetim.toolbar.searchguard.enable", "true");
Deleted : user_pref("sweetim.toolbar.simapp_id", "{4FFB23B2-5A9A-11E1-AEB9-5404A6DBDEEE}");
Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");
Deleted : user_pref("sweetim.toolbar.version", "1.3.0.1");
Deleted : user_pref("extensions.crossriderapp3491.adsOldValue", 14);
Deleted : user_pref("CT3115642.autoDisableScopes",  0);
Deleted : user_pref("extensions.crossriderapp19962.adsOldValue", 10);
Deleted : user_pref("browser.search.selectedEngine", "Search The Web (privitize)");
 
-\\ Google Chrome v26.0.1410.64
 
File : C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[S1].txt - [45956 octets] - [15/05/2013 11:05:52]
 
########## EOF - C:\AdwCleaner[S1].txt - [46017 octets] ##########
 

 

 

 

 

ESET OnlineScan


C:\Users\All Users\Bcool\uninstall.exe Win32/Adware.MultiPlug.A application

C:\ProgramData\Bcool\uninstall.exe Win32/Adware.MultiPlug.A application cleaned by deleting - quarantined
C:\Windows\Installer\2f231ab.msi a variant of Win32/Toolbar.Linkury.A application deleted - quarantined
 

 

 

Since I goofed and Norton came back on for a short period of time(because I did not set a long enough time frame) I am running another ESET scan with Norton off for 5 hours to make sure. Will update if it found anything new.

 

EDIT: no threats on the new ESET onlinescan so guess this first one was fine.


Edited by AsusOops, 15 May 2013 - 01:43 PM.


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:33 PM

Posted 15 May 2013 - 01:47 PM

Ok I think you are good to go.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 AsusOops

AsusOops
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:33 PM

Posted 15 May 2013 - 01:51 PM

I just tried to search something with google and lo and behold hotstartsearch still came up in another tab. :(

 

EDIT: I can see were adwcleaner got rid of a bunch of junk I thought I got rid of ages ago: funmoods, dealply, that price thing and babylon so at least they got rid of those I think.

 

I wonder why hotstartsearch is so hard to destroy. ><


Edited by AsusOops, 15 May 2013 - 01:55 PM.


#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:33 PM

Posted 15 May 2013 - 03:01 PM

Ok we'll find it but we need to start a new topic and get a deeper look. Please do steps 6,7 and 8... Preparation Guide


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 AsusOops

AsusOops
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:33 PM

Posted 15 May 2013 - 03:26 PM

 

Alright, I've made my new thread in the "Virus, Trojans, Spyware, and Malware Removal Logs" thank you for all the help.   :D

 

I know that some folks have already resolved this hotstartsearch issue, but it doesn't want to go down without a fight.



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:33 PM

Posted 15 May 2013 - 03:59 PM

Yes sometimes malware gets protected behind a Service or a Driver and we need to find that.

 

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

The current wait time is 1 - 2 days and ALL logs are answered.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users