Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

whats wrong


  • Please log in to reply
16 replies to this topic

#1 roxyjo

roxyjo

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:28 AM

Posted 12 November 2013 - 09:04 PM

 Results of screen317's Security Check version 0.99.77  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
 Windows Firewall Enabled!  
Avira Desktop   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 TuneUp Utilities    
 TuneUp Utilities Language Pack (en-US) 
 Java 7 Update 17  
 Java version out of Date! 
 Adobe Flash Player 11.9.900.117  
 Adobe Reader 10.1.0 Adobe Reader out of Date!  
 Mozilla Firefox 18.0 Firefox out of Date!  
 Google Chrome 29.0.1547.57  
 Google Chrome 29.0.1547.66  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Avira Antivir avgnt.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 12% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log`````````````````````` 
 

Farbar Service Scanner Version: 10-11-2013
Ran by tracy smith (administrator) on 12-11-2013 at 18:16:29
Running from "C:\Users\tracy smith\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Demand. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2013-10-10 12:10] - [2013-09-13 19:10] - 0497152 ____A (Microsoft Corporation) 314C17917AC8523EC77A710215012A65
 
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2013-10-10 12:10] - [2013-09-07 20:30] - 1903552 ____A (Microsoft Corporation) 40AF23633D197905F03AB5628C558C51
 
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****

MiniToolBox by Farbar  Version: 13-07-2013
Ran by tracy smith (administrator) on 12-11-2013 at 18:20:03
Running from "C:\Users\tracy smith\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
========================= FF Proxy Settings: ============================== 
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Realtek RTL8188CE 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
add address name="Wireless Network Connection 2" address=192.168.137.1 mask=255.255.255.0
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : RJcomputer
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 20-10-7A-26-7C-E2
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek RTL8188CE 802.11b/g/n WiFi Adapter
   Physical Address. . . . . . . . . : 20-10-7A-26-7C-E2
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::d093:451e:4b33:6e57%13(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.6(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, November 12, 2013 5:49:10 PM
   Lease Expires . . . . . . . . . . : Wednesday, November 13, 2013 5:49:13 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 320868474
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-C8-61-82-2C-41-38-5C-4D-18
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 2C-41-38-5C-4D-18
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{41C834D4-FC1E-466E-A578-55C473C23CB1}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter 6TO4 Adapter:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:4e3:3cdb:bb1c:58d3(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::4e3:3cdb:bb1c:58d3%14(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.{0C4AA897-98BC-4D8A-90AE-05F020A916CD}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{ECF7D96D-62A4-4EC5-A7F5-F157872CC5FC}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2607:f8b0:4000:800::100e
 74.125.227.197
 74.125.227.198
 74.125.227.199
 74.125.227.200
 74.125.227.201
 74.125.227.206
 74.125.227.192
 74.125.227.193
 74.125.227.194
 74.125.227.195
 74.125.227.196
 
 
Pinging google.com [74.125.227.166] with 32 bytes of data:
Reply from 74.125.227.166: bytes=32 time=111ms TTL=56
Reply from 74.125.227.166: bytes=32 time=103ms TTL=56
 
Ping statistics for 74.125.227.166:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 103ms, Maximum = 111ms, Average = 107ms
Server:  UnKnown
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  98.138.253.109
 98.139.183.24
 206.190.36.45
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=68ms TTL=53
Reply from 98.139.183.24: bytes=32 time=182ms TTL=53
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 68ms, Maximum = 182ms, Average = 125ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 16...20 10 7a 26 7c e2 ......Microsoft Virtual WiFi Miniport Adapter
 13...20 10 7a 26 7c e2 ......Realtek RTL8188CE 802.11b/g/n WiFi Adapter
 11...2c 41 38 5c 4d 18 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.6     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.6    281
      192.168.1.6  255.255.255.255         On-link       192.168.1.6    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.6    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.6    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.6    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 14     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 14     58 2001::/32                On-link
 14    306 2001:0:9d38:90d7:4e3:3cdb:bb1c:58d3/128
                                    On-link
 13    281 fe80::/64                On-link
 14    306 fe80::/64                On-link
 14    306 fe80::4e3:3cdb:bb1c:58d3/128
                                    On-link
 13    281 fe80::d093:451e:4b33:6e57/128
                                    On-link
  1    306 ff00::/8                 On-link
 14    306 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (11/12/2013 05:50:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/12/2013 05:42:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1215310
 
Error: (11/12/2013 05:42:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1215310
 
Error: (11/12/2013 05:42:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (11/12/2013 05:22:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2106
 
Error: (11/12/2013 05:22:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2106
 
Error: (11/12/2013 05:22:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (11/12/2013 05:22:26 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1092
 
Error: (11/12/2013 05:22:26 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1092
 
Error: (11/12/2013 05:22:26 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (11/12/2013 05:58:35 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.
 
Error: (11/12/2013 05:58:35 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.
 
Error: (11/12/2013 05:58:24 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.
 
Error: (11/12/2013 05:58:24 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.
 
Error: (11/12/2013 05:52:15 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.
 
Error: (11/12/2013 05:52:14 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.
 
Error: (11/12/2013 05:52:03 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.
 
Error: (11/12/2013 05:52:03 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.
 
Error: (11/12/2013 05:49:35 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
lsnfd
 
Error: (11/12/2013 05:49:35 PM) (Source: Service Control Manager) (User: )
Description: The Avira Real-Time Protection service terminated with service-specific error %%303.
 
 
Microsoft Office Sessions:
=========================
Error: (11/12/2013 05:50:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/12/2013 05:42:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1215310
 
Error: (11/12/2013 05:42:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1215310
 
Error: (11/12/2013 05:42:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (11/12/2013 05:22:27 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2106
 
Error: (11/12/2013 05:22:27 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2106
 
Error: (11/12/2013 05:22:27 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (11/12/2013 05:22:26 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1092
 
Error: (11/12/2013 05:22:26 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1092
 
Error: (11/12/2013 05:22:26 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-08-04 03:13:18.085
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Settings Alerter\Datamngr\x64\apcrtldr.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-04 03:13:17.991
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Settings Alerter\Datamngr\apcrtldr.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-04 03:13:17.336
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Settings Alerter\Datamngr\x64\apcrtldr.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-04 03:13:17.242
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Settings Alerter\Datamngr\apcrtldr.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-04 01:39:26.605
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Settings Alerter\Datamngr\x64\apcrtldr.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-04 01:39:26.508
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Settings Alerter\Datamngr\apcrtldr.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-04 01:38:02.977
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Settings Alerter\Datamngr\x64\apcrtldr.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-04 01:38:02.893
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Settings Alerter\Datamngr\apcrtldr.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-04 01:38:01.922
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Settings Alerter\Datamngr\x64\apcrtldr.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-04 01:38:01.834
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Settings Alerter\Datamngr\apcrtldr.dll because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
µTorrent (Version: 3.3.2.30260)
Adobe Acrobat 5.0 (Version: 5.0)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader X (10.1.0) MUI (Version: 10.1.0)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
Advanced System Protector (Version: 2.1.1000.12150)
Amazon Browser Bar (Version: 3.0)
AMD APP SDK Runtime (Version: 2.5.775.2)
AMD Catalyst Install Manager (Version: 3.0.847.0)
AMD Fuel (Version: 2011.0928.607.9079)
AMD Steady Video Plug-In  (Version: 1.00.0000)
AMD System Monitor (Version: 1.0.9)
AMD VISION Engine Control Center (Version: 2011.0928.607.9079)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
AuthenTec TrueAPI (Version: 1.3.0.144)
AVG SafeGuard toolbar (Version: 17.0.1.12)
Avira Free Antivirus (Version: 13.0.0.4052)
Avira SearchFree Toolbar plus Web Protection Updater (Version: 1.2.5.42066)
AVS Video Converter 8 (Version: 8.3.3.535)
Awakening The Sunhook Spire Collectors 1.00 (Version: 1.00)
awdit Desktop (Version: 0.51.0.0)
Bejeweled 3 (Version: 2.2.0.97)
Big Fish: Game Manager (Version: 3.2.0.4)
Bing Desktop (Version: 1.3.174.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Bonjour (Version: 3.0.0.10)
Canon MG2100 series MP Drivers
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2011.0928.607.9079)
Catalyst Control Center InstallProxy (Version: 2011.0928.607.9079)
Catalyst Control Center Localization All (Version: 2011.0928.607.9079)
CCC Help Chinese Standard (Version: 2011.0928.0606.9079)
CCC Help Chinese Traditional (Version: 2011.0928.0606.9079)
CCC Help Czech (Version: 2011.0928.0606.9079)
CCC Help Danish (Version: 2011.0928.0606.9079)
CCC Help Dutch (Version: 2011.0928.0606.9079)
CCC Help English (Version: 2011.0928.0606.9079)
CCC Help Finnish (Version: 2011.0928.0606.9079)
CCC Help French (Version: 2011.0928.0606.9079)
CCC Help German (Version: 2011.0928.0606.9079)
CCC Help Greek (Version: 2011.0928.0606.9079)
CCC Help Hungarian (Version: 2011.0928.0606.9079)
CCC Help Italian (Version: 2011.0928.0606.9079)
CCC Help Japanese (Version: 2011.0928.0606.9079)
CCC Help Korean (Version: 2011.0928.0606.9079)
CCC Help Norwegian (Version: 2011.0928.0606.9079)
CCC Help Polish (Version: 2011.0928.0606.9079)
CCC Help Portuguese (Version: 2011.0928.0606.9079)
CCC Help Russian (Version: 2011.0928.0606.9079)
CCC Help Spanish (Version: 2011.0928.0606.9079)
CCC Help Swedish (Version: 2011.0928.0606.9079)
CCC Help Thai (Version: 2011.0928.0606.9079)
CCC Help Turkish (Version: 2011.0928.0606.9079)
ccc-utility64 (Version: 2011.0928.607.9079)
CCleaner (Version: 4.06)
Chronicles of Mystery: The Tree of Life
Chuzzle Deluxe (Version: 2.2.0.95)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Cradle of Rome 2 (Version: 2.2.0.98)
CyberLink PowerDVD (Version: 10.0.3.3222)
D3DX10 (Version: 15.4.2368.0902)
DC-Bass Source 1.3.0
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DirectVobSub 2.40.4209 (Version: 2.40.4209)
DivX Setup (Version: 2.6.1.8)
Dora's World Adventure (Version: 2.2.0.95)
DriverNavigator 3.3.0 (Version: 3.3.0.0)
DriverTuner 3.1.0.1 (Version: 3.1.0.1)
ESU for Microsoft Windows 7 SP1 (Version: 2.1.1)
Evasi0n Packages
Farm Frenzy (Version: 2.2.0.98)
Farmscapes (Version: 2.2.0.98)
FATE (Version: 2.2.0.97)
Final Drive Fury (Version: 2.2.0.95)
Flash Player Pro V5.4
FormatFactory 2.96 (Version: 2.96)
Google Chrome (Version: 29.0.1547.66)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4209.2358)
Google Update Helper (Version: 1.3.21.165)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000)
Hoyle Card Games (Version: 2.2.0.95)
HP 3D DriveGuard (Version: 4.1.16.1)
HP Application Assistant (Version: 1.0.409.3882)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP CoolSense (Version: 2.10.51)
HP Customer Experience Enhancements (Version: 6.0.1.8)
HP Documentation (Version: 1.1.0.0)
HP DVB-T TV Tuner 8.0.64.43 (Version: 8.0.64.43)
HP Games (Version: 1.0.2.5)
HP IDF Software (Version: 11.15.1000)
HP MediaSmart DVD (Version: 4.1.4328)
HP MovieStore (Version: 2.1.091)
HP MovieStore (Version: 2.1.21091.0)
HP On Screen Display (Version: 1.3.5)
HP Power Manager (Version: 1.4.8)
HP Quick Launch (Version: 2.6.3)
HP QuickWeb (Version: 3.1.1.10197)
HP Recovery Manager (Version: 2.0.0)
HP Security Assistant (Version: 1.0.11)
HP Setup (Version: 9.0.15076.3891)
HP Setup Manager (Version: 1.2.14901.3869)
HP SimplePass 2012 (Version: 5.3.1.7)
HP Software Framework (Version: 4.5.12.1)
HP Support Assistant (Version: 7.0.39.15)
IDT Audio (Version: 1.0.6330.0)
Itibiti RTC (Version: 0.0.1)
iTunes (Version: 11.1.2.32)
Java 7 Update 17 (Version: 7.0.170)
Java Auto Updater (Version: 2.1.9.0)
Jewel Match 3 (Version: 2.2.0.98)
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (Version: 2.2.0.98)
JMicron Flash Media Controller Driver (Version: 1.0.31.3)
John Deere Drive Green (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Kozaka 1.0.0 (Version: 1.0.0)
Lagarith Lossless Codec (1.3.27)
LAME v3.99.3 (for Windows)
Letters from Nowhere 2 (Version: 2.2.0.97)
Level Quality Watcher (Version: 1.0.0.0)
Lightspark 0.5.3-git (Version: 0.5.3-git)
Luxor HD (Version: 2.2.0.98)
MagniPic (Version: 1.0)
Mah Jong Medley (Version: 2.2.0.95)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.5139.5005)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mozilla Firefox 18.0 (x86 en-US) (Version: 18.0)
Mozilla Firefox 19.0.2 (x86 en-US) (Version: 19.0.2)
Mozilla Firefox Packages
Mozilla Maintenance Service (Version: 21.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Music Manager
MyPC Backup  (Version: )
Nancy Drew: Trail of the Twister (Version: 1.0.0)
Open It! (Version: 1.1.1)
opensource (Version: 1.0.14960.3876)
OpenSource Flash Video Splitter 1.0.0.5 (Version: 1.0.0.5)
PDF Reader
PDF Reader Packages
Penguins! (Version: 2.2.0.98)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.98)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.97)
Polar Golfer (Version: 2.2.0.98)
QuickTime (Version: 7.74.80.86)
QwiklinxForChrome (Version: 1.6.0.1758)
Realtek Ethernet Controller Driver (Version: 7.41.216.2011)
Realtek PCIE Card Reader (Version: 6.1.7601.83)
REALTEK Wireless LAN Driver (Version: 1.00.11.0706)
Revo Uninstaller 1.94 (Version: 1.94)
RollerCoaster Tycoon 3: Platinum (Version: 2.2.0.98)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.14.0)
ScorpionSaver (Version: 1.0.0.0)
Should I Remove It (Version: 1.0.4)
SmartPCFix 3.09
SMPlayer 0.6.9 (Version: 0.6.9)
Strongvault Online Backup (Version: 5.0.2.34)
swMSM (Version: 12.0.0.1)
Synaptics TouchPad Driver (Version: 15.3.33.0)
The Treasures of Mystery Island: The Ghost Ship (Version: 2.2.0.98)
Torchlight (Version: 2.2.0.98)
Tube Dimmer (Version: 2.6.47)
TuneUp Utilities (Version: 9.0.6020.6)
TuneUp Utilities Language Pack (en-US) (Version: 9.0.6020.6)
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition
Updater (Version: 2.6.47)
Validity WBF DDK (Version: 4.3.205.0)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Video Downloader version 2.0 (Version: 2.0)
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.98)
VirtualCloneDrive
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VisualBee for Microsoft PowerPoint (Version: V3.9)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Phone app for desktop (Version: 1.0.1720.1)
WinZip 17.5 (Version: 17.5.10480)
WinZip Registry Optimizer (Version: 1.0)
XBMC
Xvid Video Codec (Version: 1.3.2)
Yahoo! Software Update
Yahoo! Toolbar
YouTube Video Downloader 3
Zip Extractor Packages
Zuma's Revenge (Version: 2.2.0.98)
 
========================= Devices: ================================
 
Name: lsnfd
Description: lsnfd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: lsnfd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: X5XSEx_Pr143
Description: X5XSEx_Pr143
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: X5XSEx_Pr143
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 38%
Total physical RAM: 5609.91 MB
Available physical RAM: 3452.99 MB
Total Pagefile: 14021.09 MB
Available Pagefile: 11641.65 MB
Total Virtual: 4095.88 MB
Available Virtual: 3979.04 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:570.28 GB) (Free:361.67 GB) NTFS
2 Drive d: (Recovery) (Fixed) (Total:21.72 GB) (Free:2.34 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:3.97 GB) (Free:3.92 GB) NTFS
4 Drive g: (20130124_2012) (CDROM) (Total:4.37 GB) (Free:0 GB) CDFS
 
========================= Users: ========================================
 
User accounts for \\RJCOMPUTER
 
Administrator            Guest                    tracy smith              
 
 
**** End of log ****

Rkill 2.6.2 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 11/12/2013 06:50:53 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * C:\Users\tracy smith\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (PID: 1624) [UP-HEUR]
 * C:\Users\tracy smith\Downloads\MiniToolBox.exe (PID: 6512) [UP-HEUR]
 
2 proccesses terminated!
 
Checking Registry for malware related settings:
 
 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]
 
Backup Registry file created at:
 C:\Users\tracy smith\Desktop\rkill\rkill-11-12-2013-06-51-01.reg
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Checking Windows Service Integrity: 
 
 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual
 
 * Security Center (wscsvc) is not Running.
   Startup Type set to: Manual
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 11/12/2013 06:52:14 PMMalwarebytes Anti-Rootkit BETA 1.07.0.1007
www.malwarebytes.org
 
Database version: v2013.11.12.16
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
tracy smith :: RJCOMPUTER [administrator]
 
11/12/2013 6:34:24 PM
mbar-log-2013-11-12 (18-34-24).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 240503
Time elapsed: 14 minute(s), 26 second(s)
 
Memory Processes Detected: 1
C:\ProgramData\Updater\updater.exe (Trojan.Agent) -> 368 -> Delete on reboot.
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 2
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Updater (Trojan.Agent) -> Data: C:\ProgramData\Updater\updater.exe -> Delete on reboot.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run|Updater (Trojan.Agent) -> Data: C:\ProgramData\Updater\Updater.exe -> Delete on reboot.
 
Registry Data Items Detected: 2
HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL (Hijack.StartPage) -> Bad: (http://www.qvo6.com/?utm_source=b&utm_medium=adks&from=adks&uid=ST640LM000XHM641JI_S25YJ9AC134084&ts=1376023300) Good: (http://www.google.com) -> Replace on reboot.
HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page (Hijack.StartPage) -> Bad: (http://www.qvo6.com/?utm_source=b&utm_medium=adks&from=adks&uid=ST640LM000XHM641JI_S25YJ9AC134084&ts=1376023300) Good: (http://www.google.com) -> Replace on reboot.
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 1
C:\ProgramData\Updater\updater.exe (Trojan.Agent) -> Delete on reboot.
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)
 
 
Execution time: 0 hours(s), 1 minute(s), and 20 seconds(s)
 
 
 
 


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,924 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:28 AM

Posted 12 November 2013 - 09:27 PM

Hello, I take it something was happening to make you run these tools.

You have infections, update issues and we'll see what else. First if you did not restart the machine after those scans do so now. then we'll run these.


Download the ESET ServicesRepair utility

Run it,restart the PC

Post the new FSS log




Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

Edited by boopme, 12 November 2013 - 09:32 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 roxyjo

roxyjo
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:28 AM

Posted 14 November 2013 - 01:18 PM

did you get the ost from all these tools i ran i posted them but i don't see them on here now



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,924 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:28 AM

Posted 14 November 2013 - 01:43 PM

Sorry, skip the Minitoolbox and do the others.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 roxyjo

roxyjo
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:28 AM

Posted 15 November 2013 - 03:46 AM

Log Opened: 2013-11-13 @ 15:16:29
15:16:29 - -----------------
15:16:29 - | Begin Logging |
15:16:29 - -----------------
15:16:29 - Fix started on a WIN_7 X64 computer
15:16:29 - Prep in progress.  Please Wait.
15:16:30 - Prep complete
15:16:30 - Repairing Services Now.  Please wait...
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BFE.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\SubLayer>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Provider>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE>
 
SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BITS.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Performance>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS>
 
SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\iphlpsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo\{FA88062C-9A61-4C1E-AC45-7143F8F01AAD}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap\{8AD2FB26-F91E-44F1-9B24-3C0AE56C9CE0}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\IPHTTPS>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Interfaces>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\config>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc>
 
SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\MpsSvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSOut>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSIn>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\DHCP>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc>
 
SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\SharedAccess.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch2>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess>
 
SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\WinDefend.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo\0>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend>
 
SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wscsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc>
 
SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wuauserv.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv>
 
SetACL finished successfully.
15:16:31 - Services Repair Complete.
15:16:35 - Reboot Initiated
 
16:20:39.0534 0x10b8  TDSS rootkit removing tool 3.0.0.17 Nov 12 2013 19:54:52
16:20:44.0995 0x10b8  ============================================================
16:20:44.0995 0x10b8  Current date / time: 2013/11/13 16:20:44.0995
16:20:44.0995 0x10b8  SystemInfo:
16:20:44.0995 0x10b8  
16:20:44.0995 0x10b8  OS Version: 6.1.7601 ServicePack: 1.0
16:20:44.0995 0x10b8  Product type: Workstation
16:20:44.0995 0x10b8  ComputerName: RJCOMPUTER
16:20:44.0996 0x10b8  UserName: tracy smith
16:20:44.0996 0x10b8  Windows directory: C:\Windows
16:20:44.0996 0x10b8  System windows directory: C:\Windows
16:20:44.0996 0x10b8  Running under WOW64
16:20:44.0996 0x10b8  Processor architecture: Intel x64
16:20:44.0996 0x10b8  Number of processors: 4
16:20:44.0996 0x10b8  Page size: 0x1000
16:20:44.0996 0x10b8  Boot type: Normal boot
16:20:44.0996 0x10b8  ============================================================
16:20:45.0225 0x10b8  System UUID: {125B355D-9173-C775-53ED-9CEB3C7FEE2D}
16:20:46.0149 0x10b8  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:20:46.0160 0x10b8  ============================================================
16:20:46.0160 0x10b8  \Device\Harddisk0\DR0:
16:20:46.0161 0x10b8  MBR partitions:
16:20:46.0161 0x10b8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
16:20:46.0161 0x10b8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x47491800
16:20:46.0161 0x10b8  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x474F5800, BlocksNum 0x2B72800
16:20:46.0161 0x10b8  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x4A068000, BlocksNum 0x7EF800
16:20:46.0161 0x10b8  ============================================================
16:20:46.0208 0x10b8  C: <-> \Device\Harddisk0\DR0\Partition2
16:20:46.0257 0x10b8  D: <-> \Device\Harddisk0\DR0\Partition3
16:20:46.0348 0x10b8  E: <-> \Device\Harddisk0\DR0\Partition4
16:20:46.0349 0x10b8  ============================================================
16:20:46.0349 0x10b8  Initialize success
16:20:46.0349 0x10b8  ============================================================
16:20:59.0348 0x081c  ============================================================
16:20:59.0348 0x081c  Scan started
16:20:59.0348 0x081c  Mode: Manual; 
16:20:59.0348 0x081c  ============================================================
16:20:59.0348 0x081c  KSN ping started
16:21:02.0089 0x081c  KSN ping finished: true
16:21:02.0522 0x081c  ================ Scan system memory ========================
16:21:02.0522 0x081c  System memory - ok
16:21:02.0523 0x081c  ================ Scan services =============================
16:21:02.0750 0x081c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:21:02.0760 0x081c  1394ohci - ok
16:21:02.0846 0x081c  [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
16:21:02.0849 0x081c  Accelerometer - ok
16:21:02.0913 0x081c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:21:02.0926 0x081c  ACPI - ok
16:21:02.0972 0x081c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:21:02.0973 0x081c  AcpiPmi - ok
16:21:03.0091 0x081c  [ 11A52CF7B265631DEEB24C6149309EFF, CBA25D358185FD4BE261C6C1B518AD60F5D27D5FB418098AB262B10F5A11C178 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:21:03.0094 0x081c  AdobeARMservice - ok
16:21:03.0280 0x081c  [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:21:03.0291 0x081c  AdobeFlashPlayerUpdateSvc - ok
16:21:03.0370 0x081c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:21:03.0388 0x081c  adp94xx - ok
16:21:03.0465 0x081c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:21:03.0480 0x081c  adpahci - ok
16:21:03.0512 0x081c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:21:03.0520 0x081c  adpu320 - ok
16:21:03.0578 0x081c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:21:03.0581 0x081c  AeLookupSvc - ok
16:21:03.0777 0x081c  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
16:21:03.0782 0x081c  AESTFilters - ok
16:21:03.0871 0x081c  [ 314C17917AC8523EC77A710215012A65, 725CF2D5F63C06F7704C24FE0CFA696215DADC6C0EC445D9671E82F8E23E56AD ] AFD             C:\Windows\system32\drivers\afd.sys
16:21:03.0890 0x081c  AFD - ok
16:21:03.0968 0x081c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
16:21:03.0972 0x081c  agp440 - ok
16:21:04.0020 0x081c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:21:04.0025 0x081c  ALG - ok
16:21:04.0126 0x081c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:21:04.0128 0x081c  aliide - ok
16:21:04.0190 0x081c  [ 850F0C8034225FA3F50D551A905FA503, 8FA1512A821287CFA5371F2F2D45A9120E0500B42670380739E91EAC26A82BD5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:21:04.0197 0x081c  AMD External Events Utility - ok
16:21:04.0250 0x081c  AMD FUEL Service - ok
16:21:04.0350 0x081c  [ F1A84D67A03F7536EBDA9DB426EF0E00, 616F34041CA837706B0EC566C75AB28C9426998E049CE8EE8E628880422F3ABB ] amdhub30        C:\Windows\system32\DRIVERS\amdhub30.sys
16:21:04.0355 0x081c  amdhub30 - ok
16:21:04.0387 0x081c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:21:04.0389 0x081c  amdide - ok
16:21:04.0491 0x081c  [ 0DB2DF2B692A3F70443FD14D7920F249, 2B567735CF07D2386E65A17801890C98379322DE08CA2B43CA8C33466552BE92 ] amdide64        C:\Windows\system32\DRIVERS\amdide64.sys
16:21:04.0492 0x081c  amdide64 - ok
16:21:04.0522 0x081c  [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
16:21:04.0524 0x081c  amdiox64 - ok
16:21:04.0593 0x081c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:21:04.0597 0x081c  AmdK8 - ok
16:21:05.0096 0x081c  [ 7979BF4A66EFDADF3D00A052409609B1, BF835AB9982686D50D9038BA94C1C4237B520C80177AB282B16D880D39681526 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
16:21:05.0550 0x081c  amdkmdag - ok
16:21:05.0652 0x081c  [ 7D5CDB0161E91951D3DD99E55CEA4D01, 0E10345FF1B67413A239E1FDA807D0D6CA02AD6CF010982448B4DC80111A3405 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
16:21:05.0662 0x081c  amdkmdap - ok
16:21:05.0692 0x081c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:21:05.0695 0x081c  AmdPPM - ok
16:21:05.0743 0x081c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:21:05.0749 0x081c  amdsata - ok
16:21:05.0815 0x081c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:21:05.0823 0x081c  amdsbs - ok
16:21:05.0848 0x081c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:21:05.0849 0x081c  amdxata - ok
16:21:05.0948 0x081c  [ D8C25FF90E2E8FC7CBE26E2203EC4757, D1F52DEE2A799E526818A683BCB0DA5B5A3A0B119334D5988888E319719C4943 ] amdxhc          C:\Windows\system32\DRIVERS\amdxhc.sys
16:21:05.0956 0x081c  amdxhc - ok
16:21:05.0980 0x081c  [ 928AA8B32A964041161DDADF8303AFA6, 3280256449FC864E2B3D3D8925F37A22580ECED02FFA3D1BE74F7517DAA2E2DF ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
16:21:05.0983 0x081c  amd_sata - ok
16:21:05.0991 0x081c  [ 1273B83358FAB2A5CDFA02B43E676D79, 97491E8BD33EF4EB24460E248617BB8EB393C7F31AE7EA33BB63DAA0549A8D93 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
16:21:05.0993 0x081c  amd_xata - ok
16:21:06.0156 0x081c  [ 746497D339C854053193119D119799BA, CDC9EDDC0BD0F11FEB54464CE2F6CA8862A1953F297864383E0B4FE17F90B690 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:21:06.0159 0x081c  AntiVirSchedulerService - ok
16:21:06.0221 0x081c  [ A2D4915D1CCD0338AB85F14D1C22FD0C, 87A690D2A35521EE7A8154F99A930243349BEE6AEB6DEA23D36624458EC38181 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:21:06.0225 0x081c  AntiVirService - ok
16:21:06.0307 0x081c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
16:21:06.0311 0x081c  AppID - ok
16:21:06.0337 0x081c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:21:06.0340 0x081c  AppIDSvc - ok
16:21:06.0402 0x081c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
16:21:06.0408 0x081c  Appinfo - ok
16:21:06.0531 0x081c  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:21:06.0534 0x081c  Apple Mobile Device - ok
16:21:06.0588 0x081c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
16:21:06.0592 0x081c  arc - ok
16:21:06.0614 0x081c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:21:06.0619 0x081c  arcsas - ok
16:21:06.0752 0x081c  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:21:06.0755 0x081c  aspnet_state - ok
16:21:06.0798 0x081c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:21:06.0801 0x081c  AsyncMac - ok
16:21:06.0891 0x081c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:21:06.0892 0x081c  atapi - ok
16:21:07.0027 0x081c  [ ED3A041014FBBFDC23D6C04F9C7A5D79, A039D8F4C0EA2101898A253E13DFED5FA8500C412ACC47835415E27C9BD068FF ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:21:07.0032 0x081c  AtiHDAudioService - ok
16:21:07.0066 0x081c  [ 3B9014FB7CE9E20FD726321C7DB7D8B0, 9B910D900478A81D52446C6D71C3DDC4B5FE1345674295E1101922B0F32FBCE1 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
16:21:07.0072 0x081c  AtiHdmiService - ok
16:21:07.0173 0x081c  atillk64 - ok
16:21:07.0324 0x081c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:21:07.0350 0x081c  AudioEndpointBuilder - ok
16:21:07.0382 0x081c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:21:07.0404 0x081c  AudioSrv - ok
16:21:07.0485 0x081c  [ 0D5C96FD25D6455D97A5C4D7706DFAB1, AD55CA587EA009292E1B3C37D0F374201DBC68CFE4A4751AFAAADECF8E26B04A ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
16:21:07.0489 0x081c  avgntflt - ok
16:21:07.0539 0x081c  [ A1F53D2A00E64679A1D81B61D2333D06, 41D4F252693A2382A1C1FB85A49DF5AAB5B21620DC09A0E1A7F66A437E3A0B3B ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
16:21:07.0541 0x081c  avgtp - ok
16:21:07.0617 0x081c  [ E26B3C8E9C3DDE047B32C5719955D715, F7E968FC23F167496E48BE8E3CF824821D3A074D20EA7A8C22BB722F590CADC7 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
16:21:07.0622 0x081c  avipbb - ok
16:21:07.0651 0x081c  [ 490FA25161BF3E51993EB724ECF0ACEB, C9F35F342A301E99D8E756A7422D5CD0DEFE233921207051D5146110E3F10ED9 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
16:21:07.0652 0x081c  avkmgr - ok
16:21:07.0718 0x081c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:21:07.0724 0x081c  AxInstSV - ok
16:21:07.0797 0x081c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:21:07.0815 0x081c  b06bdrv - ok
16:21:07.0880 0x081c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:21:07.0891 0x081c  b57nd60a - ok
16:21:08.0043 0x081c  [ D466BAC7B0F83F075CB3A6D9D11BA799, 9704AF0120FFD8CAAE9881015DEDB71A20B78EC806BFE93ACD122DA127ADAED1 ] BackupStack     C:\Program Files (x86)\MyPC Backup\BackupStack.exe
16:21:08.0045 0x081c  BackupStack - ok
16:21:08.0217 0x081c  [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
16:21:08.0266 0x081c  BCM43XX - ok
16:21:08.0357 0x081c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:21:08.0362 0x081c  BDESVC - ok
16:21:08.0405 0x081c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:21:08.0407 0x081c  Beep - ok
16:21:08.0490 0x081c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
16:21:08.0517 0x081c  BFE - ok
16:21:08.0605 0x081c  [ 4AF6B0CCD9974A69DF2C91301370B381, C33D7F12C9E81C4D7A5FDD642D975448DF78EC708115951078E4FDB80B13235A ] BingDesktopUpdate C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
16:21:08.0611 0x081c  BingDesktopUpdate - ok
16:21:08.0681 0x081c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
16:21:08.0713 0x081c  BITS - ok
16:21:08.0766 0x081c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
16:21:08.0769 0x081c  blbdrive - ok
16:21:08.0841 0x081c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:21:08.0856 0x081c  Bonjour Service - ok
16:21:08.0897 0x081c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:21:08.0901 0x081c  bowser - ok
16:21:08.0966 0x081c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:21:08.0968 0x081c  BrFiltLo - ok
16:21:08.0982 0x081c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:21:08.0984 0x081c  BrFiltUp - ok
16:21:09.0038 0x081c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
16:21:09.0043 0x081c  Browser - ok
16:21:09.0128 0x081c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:21:09.0140 0x081c  Brserid - ok
16:21:09.0156 0x081c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:21:09.0159 0x081c  BrSerWdm - ok
16:21:09.0176 0x081c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:21:09.0178 0x081c  BrUsbMdm - ok
16:21:09.0197 0x081c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:21:09.0199 0x081c  BrUsbSer - ok
16:21:09.0340 0x081c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:21:09.0344 0x081c  BTHMODEM - ok
16:21:09.0413 0x081c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:21:09.0418 0x081c  bthserv - ok
16:21:09.0479 0x081c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:21:09.0483 0x081c  cdfs - ok
16:21:09.0549 0x081c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:21:09.0555 0x081c  cdrom - ok
16:21:09.0606 0x081c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:21:09.0609 0x081c  CertPropSvc - ok
16:21:09.0662 0x081c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
16:21:09.0665 0x081c  circlass - ok
16:21:09.0726 0x081c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
16:21:09.0740 0x081c  CLFS - ok
16:21:09.0847 0x081c  [ 524DC3807CB1746225F9D26ADD19C319, DC23392E8C542B02860BA1F57F03AD08A58B256D155CC6B81A48691A79D3A3F6 ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
16:21:09.0856 0x081c  CLKMSVC10_38F51D56 - ok
16:21:09.0966 0x081c  [ DEDE5EC7DC09D840D5D74E06FF4DE127, 3F292B370A5D539C381712679D0A08D649C9952E0B7892CF708ADD52815E2467 ] CLKMSVC10_C6F09094 C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe
16:21:09.0975 0x081c  CLKMSVC10_C6F09094 - ok
16:21:10.0068 0x081c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:21:10.0072 0x081c  clr_optimization_v2.0.50727_32 - ok
16:21:10.0117 0x081c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:21:10.0121 0x081c  clr_optimization_v2.0.50727_64 - ok
16:21:10.0214 0x081c  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:21:10.0221 0x081c  clr_optimization_v4.0.30319_32 - ok
16:21:10.0249 0x081c  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:21:10.0254 0x081c  clr_optimization_v4.0.30319_64 - ok
16:21:10.0278 0x081c  clwvd - ok
16:21:10.0321 0x081c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
16:21:10.0323 0x081c  CmBatt - ok
16:21:10.0349 0x081c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:21:10.0351 0x081c  cmdide - ok
16:21:10.0435 0x081c  [ AAFCB52FE0037207FB6FBEA070D25EFE, 7D035BFB6DD86944CCDE6D71811891406D7FD08344EF8CF57C4D932E096F1377 ] CNG             C:\Windows\system32\Drivers\cng.sys
16:21:10.0452 0x081c  CNG - ok
16:21:10.0520 0x081c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
16:21:10.0521 0x081c  Compbatt - ok
16:21:10.0566 0x081c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
16:21:10.0569 0x081c  CompositeBus - ok
16:21:10.0595 0x081c  COMSysApp - ok
16:21:10.0622 0x081c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:21:10.0624 0x081c  crcdisk - ok
16:21:10.0664 0x081c  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:21:10.0672 0x081c  CryptSvc - ok
16:21:10.0799 0x081c  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:21:10.0826 0x081c  cvhsvc - ok
16:21:10.0910 0x081c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:21:10.0931 0x081c  DcomLaunch - ok
16:21:11.0059 0x081c  dealplylive - ok
16:21:11.0113 0x081c  dealplylivem - ok
16:21:11.0168 0x081c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:21:11.0180 0x081c  defragsvc - ok
16:21:11.0234 0x081c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:21:11.0238 0x081c  DfsC - ok
16:21:11.0305 0x081c  [ E428DFFA96FAD07D8CA3C9082563A225, F3D2E94A9FF2CF68CC99A8B42B8DEA5E57D46000D1845DC0908224493480C79F ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
16:21:11.0311 0x081c  dg_ssudbus - ok
16:21:11.0377 0x081c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:21:11.0389 0x081c  Dhcp - ok
16:21:11.0406 0x081c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:21:11.0408 0x081c  discache - ok
16:21:11.0460 0x081c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
16:21:11.0464 0x081c  Disk - ok
16:21:11.0526 0x081c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:21:11.0533 0x081c  Dnscache - ok
16:21:11.0561 0x081c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:21:11.0571 0x081c  dot3svc - ok
16:21:11.0599 0x081c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
16:21:11.0606 0x081c  DPS - ok
16:21:11.0657 0x081c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:21:11.0658 0x081c  drmkaud - ok
16:21:11.0740 0x081c  [ 53BD875C7C0808235BFB803C1A8BE009, E56CFA0BD65E09C5F6957E1BF89824A3DF53E715A5BAE5B649D85C3AFF23D2C4 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:21:11.0772 0x081c  DXGKrnl - ok
16:21:11.0804 0x081c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:21:11.0810 0x081c  EapHost - ok
16:21:11.0972 0x081c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:21:12.0093 0x081c  ebdrv - ok
16:21:12.0159 0x081c  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS             C:\Windows\System32\lsass.exe
16:21:12.0161 0x081c  EFS - ok
16:21:12.0288 0x081c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:21:12.0314 0x081c  ehRecvr - ok
16:21:12.0333 0x081c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:21:12.0339 0x081c  ehSched - ok
16:21:12.0429 0x081c  [ A05FC7ECA0966EBB70E4D17B855A853B, 16A0C8138A3BBD8BE2658261131F9777940CFB1431018A10710E5C1A88AB70EA ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
16:21:12.0431 0x081c  ElbyCDIO - ok
16:21:12.0492 0x081c  [ 627350A11295D82BF78D155B12FFD0EF, BF4A80A379803C765EF5163EE7422A30D8F35820E38690F11A27FA605DD20FFA ] ElRawDisk       C:\Windows\system32\drivers\ElRawDsk.sys
16:21:12.0494 0x081c  ElRawDisk - ok
16:21:12.0574 0x081c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:21:12.0594 0x081c  elxstor - ok
16:21:12.0614 0x081c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:21:12.0615 0x081c  ErrDev - ok
16:21:12.0693 0x081c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:21:12.0708 0x081c  EventSystem - ok
16:21:12.0761 0x081c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:21:12.0769 0x081c  exfat - ok
16:21:12.0793 0x081c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:21:12.0801 0x081c  fastfat - ok
16:21:12.0870 0x081c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
16:21:12.0897 0x081c  Fax - ok
16:21:12.0938 0x081c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
16:21:12.0941 0x081c  fdc - ok
16:21:12.0965 0x081c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:21:12.0967 0x081c  fdPHost - ok
16:21:12.0986 0x081c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:21:12.0989 0x081c  FDResPub - ok
16:21:13.0015 0x081c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:21:13.0018 0x081c  FileInfo - ok
16:21:13.0039 0x081c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:21:13.0041 0x081c  Filetrace - ok
16:21:13.0061 0x081c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:21:13.0064 0x081c  flpydisk - ok
16:21:13.0095 0x081c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:21:13.0106 0x081c  FltMgr - ok
16:21:13.0212 0x081c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
16:21:13.0256 0x081c  FontCache - ok
16:21:13.0334 0x081c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:21:13.0337 0x081c  FontCache3.0.0.0 - ok
16:21:13.0425 0x081c  [ F80BDC0D9E7B9595E74B434446AD3781, 383EC0F485D3E12D198343A0AD7BEEECFD2A569E73672345964CED38CAF34D83 ] FPLService      C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
16:21:13.0434 0x081c  FPLService - ok
16:21:13.0456 0x081c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:21:13.0459 0x081c  FsDepends - ok
16:21:13.0489 0x081c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:21:13.0490 0x081c  Fs_Rec - ok
16:21:13.0556 0x081c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:21:13.0565 0x081c  fvevol - ok
16:21:13.0612 0x081c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:21:13.0615 0x081c  gagp30kx - ok
16:21:13.0644 0x081c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:21:13.0645 0x081c  GEARAspiWDM - ok
16:21:13.0728 0x081c  [ 35C8434A4C8A689CDE4723FD61D286E1, 14F311B295DC122AC4D85737996B18992A24C826BE08192E3DA49B3B986F7F79 ] ghsdiagMDM      C:\Windows\system32\DRIVERS\ghsdiagMDM.sys
16:21:13.0734 0x081c  ghsdiagMDM - ok
16:21:13.0792 0x081c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:21:13.0822 0x081c  gpsvc - ok
16:21:13.0895 0x081c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:21:13.0900 0x081c  gupdate - ok
16:21:13.0928 0x081c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:21:13.0933 0x081c  gupdatem - ok
16:21:13.0962 0x081c  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:21:13.0970 0x081c  gusvc - ok
16:21:14.0022 0x081c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:21:14.0024 0x081c  hcw85cir - ok
16:21:14.0086 0x081c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:21:14.0100 0x081c  HdAudAddService - ok
16:21:14.0155 0x081c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:21:14.0161 0x081c  HDAudBus - ok
16:21:14.0183 0x081c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:21:14.0185 0x081c  HidBatt - ok
16:21:14.0212 0x081c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:21:14.0217 0x081c  HidBth - ok
16:21:14.0261 0x081c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:21:14.0264 0x081c  HidIr - ok
16:21:14.0297 0x081c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
16:21:14.0300 0x081c  hidserv - ok
16:21:14.0356 0x081c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:21:14.0359 0x081c  HidUsb - ok
16:21:14.0389 0x081c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:21:14.0394 0x081c  hkmsvc - ok
16:21:14.0464 0x081c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:21:14.0474 0x081c  HomeGroupListener - ok
16:21:14.0502 0x081c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:21:14.0511 0x081c  HomeGroupProvider - ok
16:21:14.0608 0x081c  [ 7E06D26FE4B8E771594D22AE7B8EE94E, 7FEA58E299B091D51D606B6A6DD118A226B3F6AAAE481CA3DE2C2F49BAFE8A79 ] HowToSimplified_8eService C:\PROGRA~2\HOWTOS~2\bar\1.bin\8ebarsvc.exe
16:21:14.0610 0x081c  HowToSimplified_8eService - ok
16:21:14.0681 0x081c  [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
16:21:14.0685 0x081c  HP Support Assistant Service - ok
16:21:14.0774 0x081c  [ 7B8C1B09C11E8DB7C4480ABD7D17E821, 0E35FD439B24CEAD623A5D7319B865A6BCE6F1F3057671F62B4F844D8EC3D206 ] HPAuto          C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
16:21:14.0796 0x081c  HPAuto - ok
16:21:14.0827 0x081c  [ 6A181452D4E240B8ECC7614B9A19BDE9, 3E458A737DA597DF007D278E9D81F2BF259AB4B97A4C188CEDAEA1F144B1074F ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
16:21:14.0838 0x081c  HPClientSvc - ok
16:21:14.0926 0x081c  [ B7382BEC806B7B00FC84B3E2061FF48E, C4054DDB7A53A709C6EA222BAD7B5E389508B180F9799D5FF4FA5B40F85ECA29 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
16:21:14.0935 0x081c  HPDrvMntSvc.exe - ok
16:21:14.0959 0x081c  [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
16:21:14.0960 0x081c  hpdskflt - ok
16:21:15.0071 0x081c  [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
16:21:15.0112 0x081c  hpqwmiex - ok
16:21:15.0175 0x081c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:21:15.0187 0x081c  HpSAMD - ok
16:21:15.0205 0x081c  [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv           C:\Windows\system32\Hpservice.exe
16:21:15.0207 0x081c  hpsrv - ok
16:21:15.0287 0x081c  [ 77C15D7E8F002A173EEBFF0B20CD697D, 72220E3AE71CDAC5E7341FF3F8294A01D3BA7B0BE14EB92B3E5D3EE22F2C65A9 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
16:21:15.0289 0x081c  HPWMISVC - ok
16:21:15.0371 0x081c  [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
16:21:15.0374 0x081c  HTCAND64 - ok
16:21:15.0441 0x081c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:21:15.0469 0x081c  HTTP - ok
16:21:15.0481 0x081c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:21:15.0482 0x081c  hwpolicy - ok
16:21:15.0531 0x081c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:21:15.0536 0x081c  i8042prt - ok
16:21:15.0620 0x081c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:21:15.0636 0x081c  iaStorV - ok
16:21:15.0839 0x081c  [ D72BF0AE484F88399E8343E821C10D6A, E8D78E61EEC80934396F233565DB5682B2475867C98F09C3CE3F906373A5C1A2 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
16:21:15.0924 0x081c  IconMan_R - ok
16:21:16.0007 0x081c  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:21:16.0039 0x081c  idsvc - ok
16:21:16.0091 0x081c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:21:16.0094 0x081c  iirsp - ok
16:21:16.0149 0x081c  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT          C:\Windows\System32\ikeext.dll
16:21:16.0181 0x081c  IKEEXT - ok
16:21:16.0218 0x081c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:21:16.0220 0x081c  intelide - ok
16:21:16.0278 0x081c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
16:21:16.0282 0x081c  intelppm - ok
16:21:16.0305 0x081c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:21:16.0310 0x081c  IPBusEnum - ok
16:21:16.0333 0x081c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:21:16.0338 0x081c  IpFilterDriver - ok
16:21:16.0423 0x081c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:21:16.0445 0x081c  iphlpsvc - ok
16:21:16.0466 0x081c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:21:16.0471 0x081c  IPMIDRV - ok
16:21:16.0496 0x081c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:21:16.0502 0x081c  IPNAT - ok
16:21:16.0670 0x081c  [ B6E8B931EFEF4112C6A401931627DC6B, 89A0745360928F7DD0A522FF5FBFEED4FC831F37D6CF88D5E66FA91FD6F0A1DF ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:21:16.0691 0x081c  iPod Service - ok
16:21:16.0754 0x081c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:21:16.0757 0x081c  IRENUM - ok
16:21:16.0798 0x081c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:21:16.0800 0x081c  isapnp - ok
16:21:16.0832 0x081c  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:21:16.0843 0x081c  iScsiPrt - ok
16:21:16.0901 0x081c  [ C8A3C909F0EFF13CAE0C17503B1F5DB2, 48B83C625AD4FFF4B8D92C70FEFDE70354C18193A8DDFE6D716776228FF691D5 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
16:21:16.0902 0x081c  iusb3hcs - ok
16:21:16.0972 0x081c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:21:16.0974 0x081c  kbdclass - ok
16:21:17.0025 0x081c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:21:17.0028 0x081c  kbdhid - ok
16:21:17.0074 0x081c  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso          C:\Windows\system32\lsass.exe
16:21:17.0076 0x081c  KeyIso - ok
16:21:17.0115 0x081c  [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:21:17.0120 0x081c  KSecDD - ok
16:21:17.0162 0x081c  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E, 94F1382291BD748BAE7EDBCB56F43B8564A1EE22E2DBEB37066559EE3D065FBA ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:21:17.0168 0x081c  KSecPkg - ok
16:21:17.0199 0x081c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:21:17.0201 0x081c  ksthunk - ok
16:21:17.0263 0x081c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:21:17.0279 0x081c  KtmRm - ok
16:21:17.0338 0x081c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:21:17.0349 0x081c  LanmanServer - ok
16:21:17.0400 0x081c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:21:17.0406 0x081c  LanmanWorkstation - ok
16:21:17.0528 0x081c  Level Quality Watcher - ok
16:21:17.0604 0x081c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:21:17.0607 0x081c  lltdio - ok
16:21:17.0637 0x081c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:21:17.0650 0x081c  lltdsvc - ok
16:21:17.0704 0x081c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:21:17.0707 0x081c  lmhosts - ok
16:21:17.0758 0x081c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:21:17.0763 0x081c  LSI_FC - ok
16:21:17.0789 0x081c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:21:17.0794 0x081c  LSI_SAS - ok
16:21:17.0817 0x081c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:21:17.0820 0x081c  LSI_SAS2 - ok
16:21:17.0845 0x081c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:21:17.0851 0x081c  LSI_SCSI - ok
16:21:17.0876 0x081c  lsnfd - ok
16:21:17.0916 0x081c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:21:17.0921 0x081c  luafv - ok
16:21:18.0047 0x081c  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
16:21:18.0049 0x081c  MBAMProtector - ok
16:21:18.0108 0x081c  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:21:18.0122 0x081c  MBAMScheduler - ok
16:21:18.0164 0x081c  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:21:18.0187 0x081c  MBAMService - ok
16:21:18.0251 0x081c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:21:18.0256 0x081c  Mcx2Svc - ok
16:21:18.0290 0x081c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:21:18.0292 0x081c  megasas - ok
16:21:18.0346 0x081c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:21:18.0358 0x081c  MegaSR - ok
16:21:18.0433 0x081c  Microsoft SharePoint Workspace Audit Service - ok
16:21:18.0469 0x081c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:21:18.0473 0x081c  MMCSS - ok
16:21:18.0493 0x081c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
16:21:18.0495 0x081c  Modem - ok
16:21:18.0518 0x081c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:21:18.0519 0x081c  monitor - ok
16:21:18.0575 0x081c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:21:18.0577 0x081c  mouclass - ok
16:21:18.0625 0x081c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:21:18.0639 0x081c  mouhid - ok
16:21:18.0682 0x081c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:21:18.0686 0x081c  mountmgr - ok
16:21:18.0769 0x081c  [ 825BF0E46B4470A463AEB641480C5FCA, 321F37EA5D2AF7E3F55399ABE94AC3788B90E254E4A6859059C6BB1C6BEF19D0 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:21:18.0774 0x081c  MozillaMaintenance - ok
16:21:18.0801 0x081c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:21:18.0808 0x081c  mpio - ok
16:21:18.0860 0x081c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:21:18.0864 0x081c  mpsdrv - ok
16:21:18.0925 0x081c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:21:18.0956 0x081c  MpsSvc - ok
16:21:18.0993 0x081c  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:21:19.0000 0x081c  MRxDAV - ok
16:21:19.0029 0x081c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:21:19.0035 0x081c  mrxsmb - ok
16:21:19.0064 0x081c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:21:19.0076 0x081c  mrxsmb10 - ok
16:21:19.0118 0x081c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:21:19.0124 0x081c  mrxsmb20 - ok
16:21:19.0150 0x081c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:21:19.0151 0x081c  msahci - ok
16:21:19.0185 0x081c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:21:19.0192 0x081c  msdsm - ok
16:21:19.0210 0x081c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:21:19.0218 0x081c  MSDTC - ok
16:21:19.0247 0x081c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:21:19.0249 0x081c  Msfs - ok
16:21:19.0290 0x081c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:21:19.0292 0x081c  mshidkmdf - ok
16:21:19.0299 0x081c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:21:19.0300 0x081c  msisadrv - ok
16:21:19.0330 0x081c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:21:19.0337 0x081c  MSiSCSI - ok
16:21:19.0344 0x081c  msiserver - ok
16:21:19.0392 0x081c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:21:19.0394 0x081c  MSKSSRV - ok
16:21:19.0401 0x081c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:21:19.0402 0x081c  MSPCLOCK - ok
16:21:19.0419 0x081c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:21:19.0420 0x081c  MSPQM - ok
16:21:19.0455 0x081c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:21:19.0469 0x081c  MsRPC - ok
16:21:19.0492 0x081c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
16:21:19.0493 0x081c  mssmbios - ok
16:21:19.0511 0x081c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:21:19.0513 0x081c  MSTEE - ok
16:21:19.0533 0x081c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:21:19.0547 0x081c  MTConfig - ok
16:21:19.0564 0x081c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:21:19.0566 0x081c  Mup - ok
16:21:19.0607 0x081c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
16:21:19.0627 0x081c  napagent - ok
16:21:19.0685 0x081c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:21:19.0697 0x081c  NativeWifiP - ok
16:21:19.0768 0x081c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:21:19.0803 0x081c  NDIS - ok
16:21:19.0821 0x081c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:21:19.0824 0x081c  NdisCap - ok
16:21:19.0886 0x081c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:21:19.0888 0x081c  NdisTapi - ok
16:21:19.0938 0x081c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:21:19.0942 0x081c  Ndisuio - ok
16:21:19.0954 0x081c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:21:19.0961 0x081c  NdisWan - ok
16:21:19.0982 0x081c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:21:19.0985 0x081c  NDProxy - ok
16:21:20.0042 0x081c  [ 6F4607E2333FE21E9E3FF8133A88B35B, F7B7B262D85D03552A8D0F3F91E795B31E3D09020DDA1E3D62A4A3209D916BB6 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
16:21:20.0045 0x081c  Netaapl - ok
16:21:20.0090 0x081c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:21:20.0093 0x081c  NetBIOS - ok
16:21:20.0121 0x081c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:21:20.0132 0x081c  NetBT - ok
16:21:20.0146 0x081c  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon        C:\Windows\system32\lsass.exe
16:21:20.0148 0x081c  Netlogon - ok
16:21:20.0223 0x081c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:21:20.0239 0x081c  Netman - ok
16:21:20.0297 0x081c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:21:20.0304 0x081c  NetMsmqActivator - ok
16:21:20.0313 0x081c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:21:20.0318 0x081c  NetPipeActivator - ok
16:21:20.0352 0x081c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:21:20.0369 0x081c  netprofm - ok
16:21:20.0380 0x081c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:21:20.0385 0x081c  NetTcpActivator - ok
16:21:20.0394 0x081c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:21:20.0399 0x081c  NetTcpPortSharing - ok
16:21:20.0459 0x081c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:21:20.0481 0x081c  nfrd960 - ok
16:21:20.0537 0x081c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:21:20.0550 0x081c  NlaSvc - ok
16:21:20.0568 0x081c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:21:20.0570 0x081c  Npfs - ok
16:21:20.0600 0x081c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:21:20.0602 0x081c  nsi - ok
16:21:20.0611 0x081c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:21:20.0613 0x081c  nsiproxy - ok
16:21:20.0711 0x081c  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:21:20.0772 0x081c  Ntfs - ok
16:21:20.0796 0x081c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:21:20.0797 0x081c  Null - ok
16:21:20.0829 0x081c  [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
16:21:20.0845 0x081c  NVENETFD - ok
16:21:20.0903 0x081c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:21:20.0910 0x081c  nvraid - ok
16:21:20.0965 0x081c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:21:20.0972 0x081c  nvstor - ok
16:21:21.0038 0x081c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:21:21.0043 0x081c  nv_agp - ok
16:21:21.0065 0x081c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:21:21.0069 0x081c  ohci1394 - ok
16:21:21.0145 0x081c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:21:21.0151 0x081c  ose - ok
16:21:21.0465 0x081c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:21:21.0698 0x081c  osppsvc - ok
16:21:21.0772 0x081c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:21:21.0786 0x081c  p2pimsvc - ok
16:21:21.0830 0x081c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:21:21.0848 0x081c  p2psvc - ok
16:21:21.0880 0x081c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
16:21:21.0885 0x081c  Parport - ok
16:21:21.0916 0x081c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:21:21.0920 0x081c  partmgr - ok
16:21:21.0946 0x081c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:21:21.0955 0x081c  PcaSvc - ok
16:21:21.0968 0x081c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
16:21:21.0976 0x081c  pci - ok
16:21:21.0999 0x081c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:21:22.0000 0x081c  pciide - ok
16:21:22.0025 0x081c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:21:22.0034 0x081c  pcmcia - ok
16:21:22.0042 0x081c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:21:22.0045 0x081c  pcw - ok
16:21:22.0086 0x081c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:21:22.0112 0x081c  PEAUTH - ok
16:21:22.0187 0x081c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:21:22.0190 0x081c  PerfHost - ok
16:21:22.0285 0x081c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
16:21:22.0338 0x081c  pla - ok
16:21:22.0424 0x081c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:21:22.0441 0x081c  PlugPlay - ok
16:21:22.0461 0x081c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:21:22.0464 0x081c  PNRPAutoReg - ok
16:21:22.0493 0x081c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:21:22.0505 0x081c  PNRPsvc - ok
16:21:22.0578 0x081c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:21:22.0598 0x081c  PolicyAgent - ok
16:21:22.0636 0x081c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
16:21:22.0644 0x081c  Power - ok
16:21:22.0676 0x081c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:21:22.0681 0x081c  PptpMiniport - ok
16:21:22.0718 0x081c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
16:21:22.0721 0x081c  Processor - ok
16:21:22.0763 0x081c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:21:22.0772 0x081c  ProfSvc - ok
16:21:22.0786 0x081c  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
16:21:22.0788 0x081c  ProtectedStorage - ok
16:21:22.0843 0x081c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:21:22.0848 0x081c  Psched - ok
16:21:22.0957 0x081c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:21:23.0014 0x081c  ql2300 - ok
16:21:23.0044 0x081c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:21:23.0050 0x081c  ql40xx - ok
16:21:23.0096 0x081c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:21:23.0107 0x081c  QWAVE - ok
16:21:23.0147 0x081c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:21:23.0150 0x081c  QWAVEdrv - ok
16:21:23.0179 0x081c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:21:23.0181 0x081c  RasAcd - ok
16:21:23.0235 0x081c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:21:23.0238 0x081c  RasAgileVpn - ok
16:21:23.0254 0x081c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:21:23.0260 0x081c  RasAuto - ok
16:21:23.0271 0x081c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:21:23.0277 0x081c  Rasl2tp - ok
16:21:23.0346 0x081c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
16:21:23.0360 0x081c  RasMan - ok
16:21:23.0370 0x081c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:21:23.0375 0x081c  RasPppoe - ok
16:21:23.0397 0x081c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:21:23.0401 0x081c  RasSstp - ok
16:21:23.0428 0x081c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:21:23.0440 0x081c  rdbss - ok
16:21:23.0459 0x081c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
16:21:23.0462 0x081c  rdpbus - ok
16:21:23.0515 0x081c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:21:23.0517 0x081c  RDPCDD - ok
16:21:23.0528 0x081c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:21:23.0529 0x081c  RDPENCDD - ok
16:21:23.0541 0x081c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:21:23.0543 0x081c  RDPREFMP - ok
16:21:23.0600 0x081c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:21:23.0602 0x081c  RdpVideoMiniport - ok
16:21:23.0641 0x081c  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:21:23.0650 0x081c  RDPWD - ok
16:21:23.0702 0x081c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:21:23.0710 0x081c  rdyboost - ok
16:21:23.0743 0x081c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:21:23.0749 0x081c  RemoteAccess - ok
16:21:23.0776 0x081c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:21:23.0784 0x081c  RemoteRegistry - ok
16:21:23.0802 0x081c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:21:23.0807 0x081c  RpcEptMapper - ok
16:21:23.0817 0x081c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:21:23.0819 0x081c  RpcLocator - ok
16:21:23.0855 0x081c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
16:21:23.0873 0x081c  RpcSs - ok
16:21:23.0940 0x081c  [ 1F5E7AF59B390261A85F5BEDB1BB88B3, 8A0B23EED74475E6790EF03E54B53BB964A0EC08ADF28BD6AAFA9CF6BE6F20DA ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
16:21:23.0952 0x081c  RSPCIESTOR - ok
16:21:24.0010 0x081c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:21:24.0014 0x081c  rspndr - ok
16:21:24.0080 0x081c  [ F15623B73768C35A666BB5CDCEEF497F, 80C3C5A98A740D537C8634741FEA3A128108CE82A9D5CDE80FB57D6800DC7C3C ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
16:21:24.0108 0x081c  RTL8167 - ok
16:21:24.0188 0x081c  [ F33E70E48A54A7A1BFBEEB4F3B273E4A, 8723F26DC414A4D11F9B3032E8D366BBD2D510E6F247AB67A2ACB3C209C1F8DB ] RTL8192Ce       C:\Windows\system32\DRIVERS\rtl8192Ce.sys
16:21:24.0231 0x081c  RTL8192Ce - ok
16:21:24.0325 0x081c  [ 7D3C603B75A7186C89843092610A0E66, 2383AA2F2FC21DAE69DAA0A7DE909DB1792EE708E6FA00843EA55031979B5476 ] RTWlanE         C:\Windows\system32\DRIVERS\rtwlane.sys
16:21:24.0374 0x081c  RTWlanE - ok
16:21:24.0394 0x081c  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs           C:\Windows\system32\lsass.exe
16:21:24.0397 0x081c  SamSs - ok
16:21:24.0417 0x081c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:21:24.0422 0x081c  sbp2port - ok
16:21:24.0476 0x081c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:21:24.0485 0x081c  SCardSvr - ok
16:21:24.0505 0x081c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:21:24.0507 0x081c  scfilter - ok
16:21:24.0570 0x081c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
16:21:24.0613 0x081c  Schedule - ok
16:21:24.0636 0x081c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:21:24.0639 0x081c  SCPolicySvc - ok
16:21:24.0687 0x081c  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
16:21:24.0693 0x081c  sdbus - ok
16:21:24.0713 0x081c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:21:24.0721 0x081c  SDRSVC - ok
16:21:24.0768 0x081c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:21:24.0770 0x081c  secdrv - ok
16:21:24.0786 0x081c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
16:21:24.0790 0x081c  seclogon - ok
16:21:24.0852 0x081c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
16:21:24.0857 0x081c  SENS - ok
16:21:24.0915 0x081c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:21:24.0919 0x081c  SensrSvc - ok
16:21:24.0973 0x081c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
16:21:24.0975 0x081c  Serenum - ok
16:21:25.0020 0x081c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
16:21:25.0025 0x081c  Serial - ok
16:21:25.0069 0x081c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:21:25.0072 0x081c  sermouse - ok
16:21:25.0102 0x081c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
16:21:25.0109 0x081c  SessionEnv - ok
16:21:25.0127 0x081c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:21:25.0129 0x081c  sffdisk - ok
16:21:25.0146 0x081c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:21:25.0148 0x081c  sffp_mmc - ok
16:21:25.0164 0x081c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:21:25.0166 0x081c  sffp_sd - ok
16:21:25.0184 0x081c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:21:25.0186 0x081c  sfloppy - ok
16:21:25.0285 0x081c  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
16:21:25.0311 0x081c  Sftfs - ok
16:21:25.0418 0x081c  [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:21:25.0435 0x081c  sftlist - ok
16:21:25.0462 0x081c  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:21:25.0471 0x081c  Sftplay - ok
16:21:25.0494 0x081c  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:21:25.0496 0x081c  Sftredir - ok
16:21:25.0517 0x081c  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
16:21:25.0518 0x081c  Sftvol - ok
16:21:25.0541 0x081c  [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:21:25.0548 0x081c  sftvsa - ok
16:21:25.0600 0x081c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:21:25.0614 0x081c  SharedAccess - ok
16:21:25.0653 0x081c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:21:25.0669 0x081c  ShellHWDetection - ok
16:21:25.0719 0x081c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:21:25.0722 0x081c  SiSRaid2 - ok
16:21:25.0750 0x081c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:21:25.0754 0x081c  SiSRaid4 - ok
16:21:25.0802 0x081c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:21:25.0807 0x081c  Smb - ok
16:21:25.0864 0x081c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:21:25.0867 0x081c  SNMPTRAP - ok
16:21:25.0881 0x081c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:21:25.0882 0x081c  spldr - ok
16:21:25.0929 0x081c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
16:21:25.0952 0x081c  Spooler - ok
16:21:26.0136 0x081c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:21:26.0267 0x081c  sppsvc - ok
16:21:26.0323 0x081c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:21:26.0328 0x081c  sppuinotify - ok
16:21:26.0364 0x081c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:21:26.0382 0x081c  srv - ok
16:21:26.0411 0x081c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:21:26.0427 0x081c  srv2 - ok
16:21:26.0500 0x081c  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
16:21:26.0512 0x081c  SrvHsfHDA - ok
16:21:26.0598 0x081c  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
16:21:26.0653 0x081c  SrvHsfV92 - ok
16:21:26.0710 0x081c  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
16:21:26.0738 0x081c  SrvHsfWinac - ok
16:21:26.0771 0x081c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:21:26.0777 0x081c  srvnet - ok
16:21:26.0844 0x081c  [ ED161B91FDF7EAA39469D72D463D5F4E, FC793E378FB709313D0AC44F59BF5C9488D73235AA2B1A21C50C3DED91C6BE62 ] sscdbus         C:\Windows\system32\DRIVERS\sscdbus.sys
16:21:26.0850 0x081c  sscdbus - ok
16:21:26.0912 0x081c  [ 4CB09E77593DBD8D7AF33B37375CA715, 7B14851A8EDAA996D28335FD4DA812C6114DD5012E1E929F4813797CDC77E5BC ] sscdmdfl        C:\Windows\system32\DRIVERS\sscdmdfl.sys
16:21:26.0914 0x081c  sscdmdfl - ok
16:21:26.0937 0x081c  [ C7B4CF53497A6E5363F3439427663882, 993278ADAAC18F12FE00CCF76681461451DA335F67BB581FC7326045048EC085 ] sscdmdm         C:\Windows\system32\DRIVERS\sscdmdm.sys
16:21:26.0945 0x081c  sscdmdm - ok
16:21:26.0987 0x081c  [ 05FFA552F578E27AB2D41B6828DB477F, F3292A431D656C039F4300AA584FA13F26A69B351C2F903B3E47CEF464A6233A ] sscdserd        C:\Windows\system32\DRIVERS\sscdserd.sys
16:21:26.0994 0x081c  sscdserd - ok
16:21:27.0058 0x081c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:21:27.0068 0x081c  SSDPSRV - ok
16:21:27.0086 0x081c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:21:27.0091 0x081c  SstpSvc - ok
16:21:27.0166 0x081c  [ AAF6F247F1DC370C593B4430974EAD9C, 232D0D62EC83A5537ADB28B5DC01074BA812FE6C70C54F70CD7A5EF1BC19D3E1 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
16:21:27.0175 0x081c  ssudmdm - ok
16:21:27.0269 0x081c  [ D30FE3ECF1D6D521365FAE307B500BC0, 108C64964BE77994F0B8252759648BF87D1C4E6BC9678DE1D61008C99FD21049 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
16:21:27.0280 0x081c  STacSV - ok
16:21:27.0328 0x081c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:21:27.0330 0x081c  stexstor - ok
16:21:27.0413 0x081c  [ 6F69D75F50E8FAF1003AA6CFB18B91EC, CADA1FE0B21830C45A4527BBF77B45DA8EA51350B6D7CAB9B880496D949FC6FF ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
16:21:27.0433 0x081c  STHDA - ok
16:21:27.0509 0x081c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
16:21:27.0533 0x081c  stisvc - ok
16:21:27.0556 0x081c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
16:21:27.0557 0x081c  swenum - ok
16:21:27.0617 0x081c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:21:27.0639 0x081c  swprv - ok
16:21:27.0726 0x081c  [ 2F494CF2EC5DF71465A052CF9A494C06, E2018B28693699291AD384BB4DED666D0B3BE8F35880A945A39EF74DF56A44B0 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
16:21:27.0739 0x081c  SynTP - ok
16:21:27.0825 0x081c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
16:21:27.0891 0x081c  SysMain - ok
16:21:27.0928 0x081c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:21:27.0934 0x081c  TabletInputService - ok
16:21:27.0967 0x081c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:21:27.0980 0x081c  TapiSrv - ok
16:21:28.0003 0x081c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
16:21:28.0008 0x081c  TBS - ok
16:21:28.0157 0x081c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:21:28.0228 0x081c  Tcpip - ok
16:21:28.0325 0x081c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:21:28.0386 0x081c  TCPIP6 - ok
16:21:28.0432 0x081c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:21:28.0434 0x081c  tcpipreg - ok
16:21:28.0469 0x081c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:21:28.0471 0x081c  TDPIPE - ok
16:21:28.0499 0x081c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:21:28.0502 0x081c  TDTCP - ok
16:21:28.0522 0x081c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:21:28.0528 0x081c  tdx - ok
16:21:28.0577 0x081c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
16:21:28.0580 0x081c  TermDD - ok
16:21:28.0642 0x081c  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
16:21:28.0669 0x081c  TermService - ok
16:21:28.0683 0x081c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
16:21:28.0688 0x081c  Themes - ok
16:21:28.0718 0x081c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:21:28.0722 0x081c  THREADORDER - ok
16:21:28.0746 0x081c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:21:28.0753 0x081c  TrkWks - ok
16:21:28.0809 0x081c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:21:28.0817 0x081c  TrustedInstaller - ok
16:21:28.0846 0x081c  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:21:28.0849 0x081c  tssecsrv - ok
16:21:28.0908 0x081c  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:21:28.0912 0x081c  TsUsbFlt - ok
16:21:28.0937 0x081c  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:21:28.0939 0x081c  TsUsbGD - ok
16:21:29.0071 0x081c  [ A86356B5586F0179954A6F27981ABE94, 966CD0203BFC8D5A2D550202C9D29A5D1E69F84428396F6B9C82DB235794D69D ] TuneUp.Defrag   C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
16:21:29.0095 0x081c  TuneUp.Defrag - ok
16:21:29.0205 0x081c  [ 9ABFCB8E8701235BE26B4DF578D75EDA, 590B23C26E75475E6A733D363C1927EC536DCD01F852C440499306B8E68D3FD9 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
16:21:29.0255 0x081c  TuneUp.UtilitiesSvc - ok
16:21:29.0313 0x081c  [ DCC94C51D27C7EC0DADECA8F64C94FCF, 90C978C2284C9BDE3EFA1124616D824E0C361C388293FA22DBC8C3B70C920574 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys
16:21:29.0314 0x081c  TuneUpUtilitiesDrv - ok
16:21:29.0348 0x081c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:21:29.0353 0x081c  tunnel - ok
16:21:29.0370 0x081c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:21:29.0374 0x081c  uagp35 - ok
16:21:29.0409 0x081c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:21:29.0421 0x081c  udfs - ok
16:21:29.0455 0x081c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:21:29.0459 0x081c  UI0Detect - ok
16:21:29.0499 0x081c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:21:29.0503 0x081c  uliagpkx - ok
16:21:29.0552 0x081c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:21:29.0554 0x081c  umbus - ok
16:21:29.0600 0x081c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
16:21:29.0601 0x081c  UmPass - ok
16:21:29.0699 0x081c  [ 8E204CFA278CA67BFBCB8BEBA1C4C146, 0634830AB4172F0134B90D0A4650C63427E080AFF95B3B11C5DC9B55185F08F2 ] Update Kozaka   C:\Program Files (x86)\Kozaka\updateKozaka.exe
16:21:29.0701 0x081c  Update Kozaka - ok
16:21:29.0812 0x081c  [ 6E30C47050124B12D55ECF7F516F28E2, 77BD6446A9E487A1A0F43C38A9736EA33C8F96C8E88197984E6CA8922FF09169 ] Updater Service for AMZN C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
16:21:29.0819 0x081c  Updater Service for AMZN - ok
16:21:29.0853 0x081c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:21:29.0868 0x081c  upnphost - ok
16:21:29.0922 0x081c  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
16:21:29.0926 0x081c  USBAAPL64 - ok
16:21:29.0955 0x081c  [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:21:29.0959 0x081c  usbccgp - ok
16:21:30.0019 0x081c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:21:30.0024 0x081c  usbcir - ok
16:21:30.0059 0x081c  [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:21:30.0062 0x081c  usbehci - ok
16:21:30.0094 0x081c  [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:21:30.0107 0x081c  usbhub - ok
16:21:30.0122 0x081c  [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
16:21:30.0124 0x081c  usbohci - ok
16:21:30.0171 0x081c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:21:30.0173 0x081c  usbprint - ok
16:21:30.0229 0x081c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
16:21:30.0232 0x081c  usbscan - ok
16:21:30.0258 0x081c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:21:30.0263 0x081c  USBSTOR - ok
16:21:30.0284 0x081c  [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:21:30.0287 0x081c  usbuhci - ok
16:21:30.0323 0x081c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
16:21:30.0330 0x081c  usbvideo - ok
16:21:30.0379 0x081c  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
16:21:30.0381 0x081c  usb_rndisx - ok
16:21:30.0454 0x081c  [ 8E204CFA278CA67BFBCB8BEBA1C4C146, 0634830AB4172F0134B90D0A4650C63427E080AFF95B3B11C5DC9B55185F08F2 ] Util Kozaka     C:\Program Files (x86)\Kozaka\bin\utilKozaka.exe
16:21:30.0457 0x081c  Util Kozaka - ok
16:21:30.0493 0x081c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:21:30.0497 0x081c  UxSms - ok
16:21:30.0579 0x081c  [ C02493F369490024A7D3F159ABDC4B1F, 935860C891CF9CB080E285219C9507078BB99967A8B493BBD30064C8D207AFEB ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
16:21:30.0583 0x081c  UxTuneUp - ok
16:21:30.0594 0x081c  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc        C:\Windows\system32\lsass.exe
16:21:30.0597 0x081c  VaultSvc - ok
16:21:30.0617 0x081c  [ FD911873C0BB6945FA38C16E9A2B58F9, EF8C833321449A6E8B671890F2EBC82ABC276B890D274AADDB626D763EE98964 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
16:21:30.0619 0x081c  VClone - ok
16:21:30.0649 0x081c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:21:30.0651 0x081c  vdrvroot - ok
16:21:30.0685 0x081c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
16:21:30.0707 0x081c  vds - ok
16:21:30.0738 0x081c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:21:30.0740 0x081c  vga - ok
16:21:30.0758 0x081c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:21:30.0760 0x081c  VgaSave - ok
16:21:30.0785 0x081c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:21:30.0795 0x081c  vhdmp - ok
16:21:30.0827 0x081c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:21:30.0829 0x081c  viaide - ok
16:21:30.0857 0x081c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:21:30.0860 0x081c  volmgr - ok
16:21:30.0880 0x081c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:21:30.0893 0x081c  volmgrx - ok
16:21:30.0954 0x081c  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:21:30.0965 0x081c  volsnap - ok
16:21:31.0018 0x081c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:21:31.0026 0x081c  vsmraid - ok
16:21:31.0123 0x081c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
16:21:31.0184 0x081c  VSS - ok
16:21:31.0405 0x081c  [ 87DF7E6F9C07843DBA84F5F3859DD44C, 29959C0F4B747F126A1EB27FF26FC7585F57B1CA06AEB2508B9D38FCF2C61AE3 ] vToolbarUpdater17.0.12 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
16:21:31.0466 0x081c  vToolbarUpdater17.0.12 - ok
16:21:31.0512 0x081c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:21:31.0514 0x081c  vwifibus - ok
16:21:31.0525 0x081c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:21:31.0529 0x081c  vwififlt - ok
16:21:31.0573 0x081c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
16:21:31.0575 0x081c  vwifimp - ok
16:21:31.0609 0x081c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:21:31.0625 0x081c  W32Time - ok
16:21:31.0650 0x081c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:21:31.0653 0x081c  WacomPen - ok
16:21:31.0686 0x081c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:21:31.0690 0x081c  WANARP - ok
16:21:31.0698 0x081c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:21:31.0702 0x081c  Wanarpv6 - ok
16:21:31.0801 0x081c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:21:31.0848 0x081c  WatAdminSvc - ok
16:21:31.0944 0x081c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
16:21:32.0001 0x081c  wbengine - ok
16:21:32.0059 0x081c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:21:32.0069 0x081c  WbioSrvc - ok
16:21:32.0103 0x081c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:21:32.0118 0x081c  wcncsvc - ok
16:21:32.0139 0x081c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:21:32.0143 0x081c  WcsPlugInService - ok
16:21:32.0172 0x081c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
16:21:32.0174 0x081c  Wd - ok
16:21:32.0246 0x081c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:21:32.0276 0x081c  Wdf01000 - ok
16:21:32.0334 0x081c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:21:32.0340 0x081c  WdiServiceHost - ok
16:21:32.0349 0x081c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:21:32.0354 0x081c  WdiSystemHost - ok
16:21:32.0393 0x081c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
16:21:32.0406 0x081c  WebClient - ok
16:21:32.0455 0x081c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:21:32.0467 0x081c  Wecsvc - ok
16:21:32.0486 0x081c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:21:32.0492 0x081c  wercplsupport - ok
16:21:32.0547 0x081c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:21:32.0553 0x081c  WerSvc - ok
16:21:32.0599 0x081c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:21:32.0601 0x081c  WfpLwf - ok
16:21:32.0627 0x081c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:21:32.0629 0x081c  WIMMount - ok
16:21:32.0665 0x081c  WinDefend - ok
16:21:32.0678 0x081c  WinHttpAutoProxySvc - ok
16:21:32.0733 0x081c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:21:32.0743 0x081c  Winmgmt - ok
16:21:32.0857 0x081c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:21:32.0933 0x081c  WinRM - ok
16:21:33.0000 0x081c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.sys
16:21:33.0003 0x081c  WinUsb - ok
16:21:33.0056 0x081c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:21:33.0091 0x081c  Wlansvc - ok
16:21:33.0179 0x081c  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:21:33.0182 0x081c  wlcrasvc - ok
16:21:33.0352 0x081c  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:21:33.0434 0x081c  wlidsvc - ok
16:21:33.0461 0x081c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:21:33.0462 0x081c  WmiAcpi - ok
16:21:33.0548 0x081c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:21:33.0556 0x081c  wmiApSrv - ok
16:21:33.0618 0x081c  WMPNetworkSvc - ok
16:21:33.0672 0x081c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:21:33.0675 0x081c  WPCSvc - ok
16:21:33.0694 0x081c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:21:33.0700 0x081c  WPDBusEnum - ok
16:21:33.0726 0x081c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:21:33.0728 0x081c  ws2ifsl - ok
16:21:33.0743 0x081c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
16:21:33.0749 0x081c  wscsvc - ok
16:21:33.0755 0x081c  WSearch - ok
16:21:33.0888 0x081c  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:21:33.0978 0x081c  wuauserv - ok
16:21:34.0014 0x081c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:21:34.0018 0x081c  WudfPf - ok
16:21:34.0049 0x081c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:21:34.0057 0x081c  WUDFRd - ok
16:21:34.0081 0x081c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:21:34.0087 0x081c  wudfsvc - ok
16:21:34.0118 0x081c  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:21:34.0129 0x081c  WwanSvc - ok
16:21:34.0159 0x081c  X5XSEx_Pr143 - ok
16:21:34.0233 0x081c  [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
16:21:34.0253 0x081c  YahooAUService - ok
16:21:34.0312 0x081c  ================ Scan global ===============================
16:21:34.0345 0x081c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:21:34.0389 0x081c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:21:34.0410 0x081c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:21:34.0453 0x081c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:21:34.0494 0x081c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:21:34.0506 0x081c  [ Global ] - ok
16:21:34.0506 0x081c  ================ Scan MBR ==================================
16:21:34.0524 0x081c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:21:34.0747 0x081c  \Device\Harddisk0\DR0 - ok
16:21:34.0747 0x081c  ================ Scan VBR ==================================
16:21:34.0751 0x081c  [ 5C8BC8F4319831F1E35A277F91C9D112 ] \Device\Harddisk0\DR0\Partition1
16:21:34.0753 0x081c  \Device\Harddisk0\DR0\Partition1 - ok
16:21:34.0770 0x081c  [ 5B149B701AA15230E17F747F0A5D3779 ] \Device\Harddisk0\DR0\Partition2
16:21:34.0772 0x081c  \Device\Harddisk0\DR0\Partition2 - ok
16:21:34.0807 0x081c  [ 5759E6323409838171B2EDC7EC341A58 ] \Device\Harddisk0\DR0\Partition3
16:21:34.0809 0x081c  \Device\Harddisk0\DR0\Partition3 - ok
16:21:34.0831 0x081c  [ B9919B44F6BDB52D5E314FD8553701A9 ] \Device\Harddisk0\DR0\Partition4
16:21:34.0833 0x081c  \Device\Harddisk0\DR0\Partition4 - ok
16:21:34.0834 0x081c  Waiting for KSN requests completion. In queue: 103
16:21:35.0834 0x081c  Waiting for KSN requests completion. In queue: 103
16:21:36.0834 0x081c  Waiting for KSN requests completion. In queue: 103
16:21:37.0834 0x081c  Waiting for KSN requests completion. In queue: 84
16:21:38.0891 0x081c  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 13.6.20.2100 ), 0x40000 ( disabled : updated )
16:21:38.0903 0x081c  Win FW state via NFP2: enabled
16:21:41.0748 0x081c  ============================================================
16:21:41.0748 0x081c  Scan finished
16:21:41.0748 0x081c  ============================================================
16:21:41.0762 0x0ec4  Detected object count: 0
16:21:41.0762 0x0ec4  Actual detected object count: 0
16:24:32.0892 0x0484  Deinitialize success
 


#6 roxyjo

roxyjo
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:28 AM

Posted 15 November 2013 - 03:56 AM

# AdwCleaner v3.012 - Report created 13/11/2013 at 16:27:55
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : tracy smith - RJCOMPUTER
# Running from : C:\Users\tracy smith\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : BackupStack
Service Found : dealplylive
Service Found : dealplylivem
Service Found : Updater Service for AMZN
Service Found : vToolbarUpdater17.0.12
 
***** [ Files / Folders ] *****
 
File Found : C:\END
File Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\WebSearch.xml
File Found : C:\Users\Public\Desktop\eBay.lnk
File Found : C:\Users\tracy smith\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
File Found : C:\Users\tracy smith\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www1.delta-search.com_0.localstorage
File Found : C:\Users\tracy smith\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www1.delta-search.com_0.localstorage-journal
File Found : C:\Users\tracy smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
File Found : C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\invalidprefs.js
File Found : C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\searchplugins\Askcom.xml
File Found : C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\searchplugins\Babylon.xml
File Found : C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\searchplugins\bingp.xml
File Found : C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\searchplugins\BrowserProtect.xml
File Found : C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\searchplugins\delta.xml
File Found : C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\searchplugins\WebSearch.xml
File Found : C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\user.js
File Found : C:\Users\tracy smith\Desktop\MyPC Backup.lnk
File Found : C:\Users\TRACYS~1\AppData\Local\Temp\Uninstall.exe
File Found : C:\Windows\System32\roboot64.exe
File Found : C:\Windows\System32\Tasks\DealPlyUpdate
File Found : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser
File Found : C:\Windows\System32\Tasks\DSite
File Found : C:\Windows\System32\Tasks\EPUpdater
File Found : C:\Windows\System32\Tasks\Escolade
File Found : C:\Windows\System32\Tasks\GoforFilesUpdate
File Found : C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
File Found : C:\Windows\Tasks\DSite.job
File Found : C:\Windows\Tasks\GoforFilesUpdate.job
Folder Found : C:\Users\tracy smith\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Found : C:\Users\tracy smith\AppData\Local\Google\Chrome\User Data\Default\Extensions\nemfjadlboooiffmcelkafilagddogim
Folder Found : C:\Users\tracy smith\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Folder Found : C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\Extensions\{01e86e69-a2f8-48a0-b068-83869bdba3d0}
Folder Found : C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\Extensions\{07cbf788-1359-421b-a4e3-5a8d041b90a3}
Folder Found : C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\Extensions\{334293c8-082d-47f8-9f7d-b388d7eb3586}
Folder Found : C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\Extensions\{73507124-6acd-43aa-b749-c3bcfefbea97}
Folder Found : C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\Extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}
Folder Found : C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\Extensions\{906000A4-88D9-4D52-B209-7A772970D91F}
Folder Found : C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\Extensions\anttoolbar@ant.com
Folder Found C:\Program Files (x86)\Advanced System Protector
Folder Found C:\Program Files (x86)\Amazon Browser Bar
Folder Found C:\Program Files (x86)\Ask.com
Folder Found C:\Program Files (x86)\Betcat
Folder Found C:\Program Files (x86)\Common Files\337
Folder Found C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\DealPly
Folder Found C:\Program Files (x86)\DealPlyLive
Folder Found C:\Program Files (x86)\IminentToolbar
Folder Found C:\Program Files (x86)\MyPC Backup
Folder Found C:\Program Files (x86)\OApps
Folder Found C:\Program Files (x86)\openit
Folder Found C:\Program Files (x86)\registry mechanic
Folder Found C:\Program Files (x86)\WinZip Registry Optimizer
Folder Found C:\Program Files\DomaIQ Uninstaller
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\clsoft ltd
Folder Found C:\ProgramData\DealPlyLive
Folder Found C:\ProgramData\eSafe
Folder Found C:\ProgramData\Free Ride Games
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagniPic
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\open it!
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Registry Optimizer
Folder Found C:\ProgramData\Premium
Folder Found C:\ProgramData\StarApp
Folder Found C:\ProgramData\Systweak
Folder Found C:\ProgramData\Tarma Installer
Folder Found C:\ProgramData\Trymedia
Folder Found C:\ProgramData\VisualBee
Folder Found C:\Users\tracy smith\AppData\Local\Conduit
Folder Found C:\Users\tracy smith\AppData\Local\DealPlyLive
Folder Found C:\Users\tracy smith\AppData\Local\DefineExt
Folder Found C:\Users\tracy smith\AppData\Local\DownloadTerms
Folder Found C:\Users\tracy smith\AppData\Local\Shopping Sidekick Plugin
Folder Found C:\Users\tracy smith\AppData\Local\torch
Folder Found C:\Users\tracy smith\AppData\Local\visualbeeexe
Folder Found C:\Users\tracy smith\AppData\LocalLow\BabylonToolbar
Folder Found C:\Users\tracy smith\AppData\LocalLow\boost_interprocess
Folder Found C:\Users\tracy smith\AppData\LocalLow\Conduit
Folder Found C:\Users\tracy smith\AppData\LocalLow\Delta
Folder Found C:\Users\tracy smith\AppData\LocalLow\PriceGong
Folder Found C:\Users\tracy smith\AppData\LocalLow\Toolbar4
Folder Found C:\Users\tracy smith\AppData\Roaming\BabSolution
Folder Found C:\Users\tracy smith\AppData\Roaming\Betcat
Folder Found C:\Users\tracy smith\AppData\Roaming\Conduit
Folder Found C:\Users\tracy smith\AppData\Roaming\DealPly
Folder Found C:\Users\tracy smith\AppData\Roaming\DefaultTab
Folder Found C:\Users\tracy smith\AppData\Roaming\Desk 365
Folder Found C:\Users\tracy smith\AppData\Roaming\digitalsite
Folder Found C:\Users\tracy smith\AppData\Roaming\DSite
Folder Found C:\Users\tracy smith\AppData\Roaming\eIntaller
Folder Found C:\Users\tracy smith\AppData\Roaming\file scout
Folder Found C:\Users\tracy smith\AppData\Roaming\goforfiles
Folder Found C:\Users\tracy smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Ride Games
Folder Found C:\Users\tracy smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Folder Found C:\Users\tracy smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Found C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\CT3287808
Folder Found C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\CT3289663
Folder Found C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\CT3289847
Folder Found C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\CT3291679
Folder Found C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\CT3293216
Folder Found C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\Smartbar
Folder Found C:\Users\tracy smith\AppData\Roaming\OpenCandy
Folder Found C:\Users\tracy smith\AppData\Roaming\registry mechanic
Folder Found C:\Users\tracy smith\AppData\Roaming\strongvault
Folder Found C:\Users\tracy smith\AppData\Roaming\Systweak
Folder Found C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
 
***** [ Shortcuts ] *****
 
Shortcut Found : C:\Users\Public\Desktop\Google Chrome.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=adks&from=adks&uid=ST640LM000XHM641JI_S25YJ9AC134084&ts=1376023300 )
Shortcut Found : C:\Users\Public\Desktop\Mozilla Firefox.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=adks&from=adks&uid=ST640LM000XHM641JI_S25YJ9AC134084&ts=1376023300 )
Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=adks&from=adks&uid=ST640LM000XHM641JI_S25YJ9AC134084&ts=1376023300 )
Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=adks&from=adks&uid=ST640LM000XHM641JI_S25YJ9AC134084&ts=1376023300 )
Shortcut Found : C:\Users\tracy smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=adks&from=adks&uid=ST640LM000XHM641JI_S25YJ9AC134084&ts=1376023300 )
Shortcut Found : C:\Users\tracy smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=adks&from=adks&uid=ST640LM000XHM641JI_S25YJ9AC134084&ts=1376023300 )
Shortcut Found : C:\Users\tracy smith\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=adks&from=adks&uid=ST640LM000XHM641JI_S25YJ9AC134084&ts=1376023300 )
Shortcut Found : C:\Users\tracy smith\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=adks&from=adks&uid=ST640LM000XHM641JI_S25YJ9AC134084&ts=1376023300 )
Shortcut Found : C:\Users\tracy smith\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=adks&from=adks&uid=ST640LM000XHM641JI_S25YJ9AC134084&ts=1376023300 )
Shortcut Found : C:\Users\tracy smith\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=adks&from=adks&uid=ST640LM000XHM641JI_S25YJ9AC134084&ts=1376023300 )
 
***** [ Registry ] *****
 
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command [(Default)] - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=adks&from=adks&uid=ST640LM000XHM641JI_S25YJ9AC134084&ts=1376023300
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=adks&from=adks&uid=ST640LM000XHM641JI_S25YJ9AC134084&ts=1376023300
Key Found : HKCU\Software\5e2dad1bc3de513
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\DynConIE
Key Found : HKCU\Software\AppDataLow\Software\LyricsFinder
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\smartbar
Key Found : HKCU\Software\AppDataLow\SProtector
Key Found : HKCU\Software\BabSolution
Key Found : HKCU\Software\BabylonToolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\DealPlyLive
Key Found : HKCU\Software\delta LTD
Key Found : HKCU\Software\distromatic
Key Found : HKCU\Software\dsiteproducts
Key Found : HKCU\Software\filescout
Key Found : HKCU\Software\Google\Chrome\Extensions\fdkednngfjmpnljkolbapdednncafhen
Key Found : HKCU\Software\Google\Chrome\Extensions\nemfjadlboooiffmcelkafilagddogim
Key Found : HKCU\Software\Google\Chrome\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7736C7FA-512D-11E2-B871-DEC36088709B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\PrivitizeVPNInstallDates
Key Found : HKCU\Software\Qwiklinx
Key Found : HKCU\Software\smartbar
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\StartSearch
Key Found : HKCU\Software\systweak
Key Found : HKCU\Software\torch
Key Found : HKCU\Software\V9
Key Found : HKCU\Software\visualbee
Key Found : HKCU\Software\WEDLMNGR
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\BabSolution
Key Found : [x64] HKCU\Software\BabylonToolbar
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\DealPlyLive
Key Found : [x64] HKCU\Software\delta LTD
Key Found : [x64] HKCU\Software\distromatic
Key Found : [x64] HKCU\Software\dsiteproducts
Key Found : [x64] HKCU\Software\filescout
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : [x64] HKCU\Software\PrivitizeVPNInstallDates
Key Found : [x64] HKCU\Software\Qwiklinx
Key Found : [x64] HKCU\Software\smartbar
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\StartSearch
Key Found : [x64] HKCU\Software\systweak
Key Found : [x64] HKCU\Software\torch
Key Found : [x64] HKCU\Software\V9
Key Found : [x64] HKCU\Software\visualbee
Key Found : [x64] HKCU\Software\WEDLMNGR
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\Software\Babylon
Key Found : HKLM\Software\BabylonToolbar
Key Found : HKLM\SOFTWARE\Classes\AmiBs.Installer
Key Found : HKLM\SOFTWARE\Classes\AmiBs.Installer.1
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
Key Found : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Found : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Key Found : HKLM\SOFTWARE\Classes\AppID\dealplylive.exe
Key Found : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A6FEED89-3BCD-4D19-9DC2-3E613A80A2A4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}
Key Found : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickCtrl.9
Key Found : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine
Key Found : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\DealPlyLive.Update3WebControl.3
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync.1.0
Key Found : HKLM\SOFTWARE\Classes\dealplyliveupdate.coreclass
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass.1
Key Found : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine
Key Found : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine.1.0
Key Found : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachine
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback
Key Found : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback.1.0
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc
Key Found : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclasssvc.1.0
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher.1.0
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0
Key Found : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine
Key Found : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine.1.0
Key Found : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback
Key Found : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback.1.0
Key Found : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc
Key Found : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc.1.0
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1C1356DA-1E98-4810-A9F6-18D89BD1C0C0}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\Software\CompeteInc
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\DealPlyLive
Key Found : HKLM\Software\Desksvc
Key Found : HKLM\Software\eSafeSecControl
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\fdkednngfjmpnljkolbapdednncafhen
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\nemfjadlboooiffmcelkafilagddogim
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Found : HKLM\Software\hdcode
Key Found : HKLM\Software\InstallIQ
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Amazon Browser Bar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OpenIt Open It!
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
Key Found : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\qvo6Software
Key Found : HKLM\Software\SProtector
Key Found : HKLM\Software\systweak
Key Found : HKLM\Software\torch
Key Found : HKLM\Software\Uniblue
Key Found : HKLM\Software\V9
Key Found : HKLM\Software\visualbee
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Found : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Found : [x64] HKLM\SOFTWARE\DomaIQ
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NTRedirect]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Advanced System Protector_Startup]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [lesstabs@lesstabs.com]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16720
 
 
-\\ Mozilla Firefox v18.0 (en-US)
 
[ File : C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\prefs.js ]
 
Line Found : user_pref("CT3287808.1000082.isPlayDisplay", "true");
Line Found : user_pref("CT3287808.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock - Rock\",\"url\":\"hxxp://www.feedlive.net/california.asx\"}");
Line Found : user_pref("CT3287808.1000234.TWC_TMP_city", "OMAHA");
Line Found : user_pref("CT3287808.1000234.TWC_TMP_country", "US");
Line Found : user_pref("CT3287808.1000234.TWC_country", "UNITED STATES");
Line Found : user_pref("CT3287808.1000234.TWC_locId", "USNE0363");
Line Found : user_pref("CT3287808.1000234.TWC_location", "Omaha, NE");
Line Found : user_pref("CT3287808.1000234.TWC_region", "US");
Line Found : user_pref("CT3287808.1000234.TWC_temp_dis", "f");
Line Found : user_pref("CT3287808.1000234.TWC_wind_dis", "mph");
Line Found : user_pref("CT3287808.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3287808.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3287808.FirstTime", "true");
Line Found : user_pref("CT3287808.FirstTimeFF3", "true");
Line Found : user_pref("CT3287808.LAST_CLIENT_STATS_SUBMIT_2.enc", "MTM3NjA5NjcwOQ==");
Line Found : user_pref("CT3287808.LOCAL_COOKIE_STATS_LAST_SUBMIT_6.enc", "MTM3NjA5NjcxOA==");
Line Found : user_pref("CT3287808.LOCAL_COOKIE_STATS_STATS_SITE_IRRELEVANT.enc", "MQ==");
Line Found : user_pref("CT3287808.LOCAL_COOKIE_THROTTLE_BASEadd_stats|0|LOCAL_COOKIE_STATS_STATS_SITE_IRRELEVANT.enc", "MTM3NjA5NjcxOA==");
Line Found : user_pref("CT3287808.PG_ENABLE", "dHJ1ZQ==");
Line Found : user_pref("CT3287808.SF_JUST_INSTALLED.enc", "RkFMU0U=");
Line Found : user_pref("CT3287808.SF_STATUS.enc", "RU5BQkxFRA==");
Line Found : user_pref("CT3287808.SF_USER_ID.enc", "Y2lkXzk4MjAxMzIwNTk3Njg0OTEw");
Line Found : user_pref("CT3287808.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3287808&SearchSource=2&CUI=UN39034790731605933&UM=2&q=");
Line Found : user_pref("CT3287808.UserID", "UN39034790731605933");
Line Found : user_pref("CT3287808.acp_personal.appstate.enc", "ZW5hYmxl");
Line Found : user_pref("CT3287808.addressBarTakeOverEnabledInHidden", "true");
Line Found : user_pref("CT3287808.browser.search.defaultthis.engineName", true);
Line Found : user_pref("CT3287808.cbfirsttime.enc", "RnJpIEF1ZyAwOSAyMDEzIDIwOjA1OjA3IEdNVC0wNTAwIChDZW50cmFsIFN0YW5kYXJkIFRpbWUp");
Line Found : user_pref("CT3287808.countryCode", "US");
Line Found : user_pref("CT3287808.discover-experiments-photopop.enc", "eyJuYW1lIjoicGhvdG9wb3AyIiwidmVyc2lvbiI6MTB9");
Line Found : user_pref("CT3287808.discover-periodic-reports.enc", "eyJwaW5nXzAiOlsxMzc2MDk2NzY5OTIxLDE0NDAwMDAwXX0=");
Line Found : user_pref("CT3287808.discover-user-id.enc", "ImI1YjA3ZDMxLWIzZTgtNDJlMi04YTRlLTk2YTY1ZjMzNWVmOCI=");
Line Found : user_pref("CT3287808.firstTimeDialogOpened", "true");
Line Found : user_pref("CT3287808.fixPageNotFoundErrorByUser", "TRUE");
Line Found : user_pref("CT3287808.fixPageNotFoundErrorInHidden", "true");
Line Found : user_pref("CT3287808.fixUrls", true);
Line Found : user_pref("CT3287808.fullUserID", "UN39034790731605933.IN.2013070832540");
Line Found : user_pref("CT3287808.ground-country-code.enc", "IlVTIg==");
Line Found : user_pref("CT3287808.homepageuserchanged", true);
Line Found : user_pref("CT3287808.hover_counter.enc", "MQ==");
Line Found : user_pref("CT3287808.impression_counter.enc", "NA==");
Line Found : user_pref("CT3287808.impression_session_counter.enc", "MA==");
Line Found : user_pref("CT3287808.impression_session_id.enc", "IjNkYTMxY2YyLWQ2M2YtNGMyNi04MjU4LTI5YTQ3YmEwNDkzYSI=");
Line Found : user_pref("CT3287808.impression_session_last_active.enc", "MTM3NjA5ODE2MTczMg==");
Line Found : user_pref("CT3287808.installType", "Unknown");
Line Found : user_pref("CT3287808.isCheckedStartAsHidden", true);
Line Found : user_pref("CT3287808.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3287808.isFirstTimeToolbarLoading", "false");
Line Found : user_pref("CT3287808.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Found : user_pref("CT3287808.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Found : user_pref("CT3287808.keyword", true);
Line Found : user_pref("CT3287808.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3287808&octid=CT3287808&SearchSource=15&CUI=UN39034790731605933&SSPV=&Lay=1&UM=2\"}");
Line Found : user_pref("CT3287808.lastVersion", "10.21.1.507");
Line Found : user_pref("CT3287808.mam_gk_appStateReportTime.enc", "MTM3NjA5NjY5MzkyMQ==");
Line Found : user_pref("CT3287808.mam_gk_appState_ACplus.enc", "b24=");
Line Found : user_pref("CT3287808.mam_gk_appState_CouponBuddy.enc", "b24=");
Line Found : user_pref("CT3287808.mam_gk_appState_Discover.enc", "b24=");
Line Found : user_pref("CT3287808.mam_gk_appState_Easytobook.enc", "b24=");
Line Found : user_pref("CT3287808.mam_gk_appState_Easytobook_targeted.enc", "b24=");
Line Found : user_pref("CT3287808.mam_gk_appState_Find-a-Pro.enc", "b24=");
Line Found : user_pref("CT3287808.mam_gk_appState_PiclickV2-WebSearch.enc", "b24=");
Line Found : user_pref("CT3287808.mam_gk_appState_PriceGong.enc", "b24=");
Line Found : user_pref("CT3287808.mam_gk_appState_WindowShopper.enc", "b24=");
Line Found : user_pref("CT3287808.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsInNjcmlwdFVybCI6bnVsbCwib3B0aW9uc0Rp[...]
Line Found : user_pref("CT3287808.mam_gk_appsDefaultEnabled.enc", "dHJ1ZQ==");
Line Found : user_pref("CT3287808.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlBpY2xpY2tWMi1XZWJTZWFyY2giLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiJmODYyYjc5Yy0wNWRhLTRlZWItOTNiYi0zZDE4ZmY1YzMzZjIiLCJ[...]
Line Found : user_pref("CT3287808.mam_gk_currentVersion.enc", "MS45LjAuNA==");
Line Found : user_pref("CT3287808.mam_gk_first_time.enc", "MQ==");
Line Found : user_pref("CT3287808.mam_gk_installer_preapproved.enc", "VFJVRQ==");
Line Found : user_pref("CT3287808.mam_gk_lastLoginTime.enc", "MTM3NjA5NjY5NDgyOQ==");
Line Found : user_pref("CT3287808.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHMgZW5yaWNoZXMgeW91ciB3ZWIg[...]
Line Found : user_pref("CT3287808.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Line Found : user_pref("CT3287808.mam_gk_settings1.9.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMzVfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjoiVVMiLCJpc1dlbGNvbWVFeHBlc[...]
Line Found : user_pref("CT3287808.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Line Found : user_pref("CT3287808.mam_gk_userId.enc", "NGQyYWQ2YTAtYjJlNC00ZGVmLWI5NDktZThhYTk3ZjBjYmU4");
Line Found : user_pref("CT3287808.migrateAppsAndComponents", true);
Line Found : user_pref("CT3287808.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.yahoo.com%2F\",\"EB_MAIN_FRAME_TITLE\":\"Yahoo\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://Visu[...]
Line Found : user_pref("CT3287808.originalHomepage", "hxxp://search.conduit.com/?UM=2&ctid=CT3289663&SearchSource=13&CUI=UN19421934961494917&UP=SP12E6913C-B187-4F44-A36F-8FEFAB4340EC");
Line Found : user_pref("CT3287808.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289663&SearchSource=2&CUI=UN19421934961494917&UM=2&q=");
Line Found : user_pref("CT3287808.originalSearchEngine", "InternetHelper3.1 Customized Web Search");
Line Found : user_pref("CT3287808.originalSearchEngineName", "InternetHelper3.1 Customized Web Search");
Line Found : user_pref("CT3287808.personalApps", "{\"dataType\":\"object\",\"data\":\"[\\\"WEATHER\\\"]\"}");
Line Found : user_pref("CT3287808.revertSettingsEnabled", "false");
Line Found : user_pref("CT3287808.search.searchAppId", "130058504841118135");
Line Found : user_pref("CT3287808.search.searchCount", "0");
Line Found : user_pref("CT3287808.searchFromAddressBarEnabledByUser", "true");
Line Found : user_pref("CT3287808.searchInNewTabEnabledByUser", "true");
Line Found : user_pref("CT3287808.searchInNewTabEnabledInHidden", "true");
Line Found : user_pref("CT3287808.searchSuggestEnabledByUser", "TRUE");
Line Found : user_pref("CT3287808.searchUserMode", "2");
Line Found : user_pref("CT3287808.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3287808.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Found : user_pref("CT3287808.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Found : user_pref("CT3287808.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3287808\"}");
Line Found : user_pref("CT3287808.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://VisualBeeV9.OurToolbar.com//xpi\"}");
Line Found : user_pref("CT3287808.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"VisualBee V.9 \"}");
Line Found : user_pref("CT3287808.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3287808.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Found : user_pref("CT3287808.serviceLayer_services_Configuration_lastUpdate", "1383916645841");
Line Found : user_pref("CT3287808.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1376096802146");
Line Found : user_pref("CT3287808.serviceLayer_services_appsMetadata_lastUpdate", "1376096802135");
Line Found : user_pref("CT3287808.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1376096802190");
Line Found : user_pref("CT3287808.serviceLayer_services_login_10.16.70.505_lastUpdate", "1377798037252");
Line Found : user_pref("CT3287808.serviceLayer_services_login_10.19.2.505_lastUpdate", "1378871342012");
Line Found : user_pref("CT3287808.serviceLayer_services_login_10.20.1.508_lastUpdate", "1381919770219");
Line Found : user_pref("CT3287808.serviceLayer_services_login_10.21.1.507_lastUpdate", "1383916644277");
Line Found : user_pref("CT3287808.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1376096802288");
Line Found : user_pref("CT3287808.serviceLayer_services_searchAPI_lastUpdate", "1383916645785");
Line Found : user_pref("CT3287808.serviceLayer_services_serviceMap_lastUpdate", "1383916644655");
Line Found : user_pref("CT3287808.serviceLayer_services_setupAPI_lastUpdate", "1376096801738");
Line Found : user_pref("CT3287808.serviceLayer_services_toolbarContextMenu_lastUpdate", "1376096802079");
Line Found : user_pref("CT3287808.serviceLayer_services_toolbarSettings_lastUpdate", "1383916644661");
Line Found : user_pref("CT3287808.serviceLayer_services_translation_lastUpdate", "1383916645821");
Line Found : user_pref("CT3287808.settingsINI", true);
Line Found : user_pref("CT3287808.showToolbarPermission", "false");
Line Found : user_pref("CT3287808.smartbar.CTID", "CT3287808");
Line Found : user_pref("CT3287808.smartbar.Uninstall", "0");
Line Found : user_pref("CT3287808.smartbar.homepage", true);
Line Found : user_pref("CT3287808.smartbar.isHidden", true);
Line Found : user_pref("CT3287808.smartbar.toolbarName", "VisualBee V.9 ");
Line Found : user_pref("CT3287808.toolbarBornServerTime", "9-8-2013");
Line Found : user_pref("CT3287808.toolbarCurrentServerTime", "8-11-2013");
Line Found : user_pref("CT3287808.toolbarLoginClientTime", "Fri Aug 09 2013 20:04:41 GMT-0500 (Central Standard Time)");
Line Found : user_pref("CT3287808.twitter_v1.8.0_twitter_app_open_t_f.enc", "ZmFsc2U=");
Line Found : user_pref("CT3287808_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1383916630470,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Found : user_pref("CT3289663.1000082.isPlayDisplay", "true");
Line Found : user_pref("CT3289663.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock - Rock\",\"url\":\"hxxp://www.feedlive.net/california.asx\"}");
Line Found : user_pref("CT3289663.1000234.TWC_TMP_city", "OMAHA");
Line Found : user_pref("CT3289663.1000234.TWC_TMP_country", "US");
Line Found : user_pref("CT3289663.1000234.TWC_country", "UNITED STATES");
Line Found : user_pref("CT3289663.1000234.TWC_locId", "USNE0363");
Line Found : user_pref("CT3289663.1000234.TWC_location", "Omaha, NE");
Line Found : user_pref("CT3289663.1000234.TWC_region", "US");
Line Found : user_pref("CT3289663.1000234.TWC_temp_dis", "f");
Line Found : user_pref("CT3289663.1000234.TWC_wind_dis", "mph");
Line Found : user_pref("CT3289663.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3289663.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3289663.FF19Solved", "true");
Line Found : user_pref("CT3289663.FirstTime", "true");
Line Found : user_pref("CT3289663.FirstTimeFF3", "true");
Line Found : user_pref("CT3289663.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289663&SearchSource=2&CUI=UN19421934961494917&UM=2&q=");
Line Found : user_pref("CT3289663.UserID", "UN19421934961494917");
Line Found : user_pref("CT3289663.addressBarTakeOverEnabledInHidden", "true");
Line Found : user_pref("CT3289663.addressUrlXPETakeover", "true");
Line Found : user_pref("CT3289663.browser.search.defaultthis.engineName", "true");
Line Found : user_pref("CT3289663.countryCode", "US");
Line Found : user_pref("CT3289663.defaultSearchXPETakeover", "true");
Line Found : user_pref("CT3289663.firstTimeDialogOpened", "true");
Line Found : user_pref("CT3289663.fixPageNotFoundErrorByUser", "TRUE");
Line Found : user_pref("CT3289663.fixPageNotFoundErrorInHidden", "true");
Line Found : user_pref("CT3289663.fixUrls", true);
Line Found : user_pref("CT3289663.fullUserID", "UN19421934961494917.IN.20130624220147");
Line Found : user_pref("CT3289663.homepageuserchanged", true);
Line Found : user_pref("CT3289663.installSessionId", "{E93AF377-CC10-42C1-A76E-4B1331A0FFCC}");
Line Found : user_pref("CT3289663.installSp", "TRUE");
Line Found : user_pref("CT3289663.installType", "Unknown");
Line Found : user_pref("CT3289663.installerVersion", "1.6.0.22");
Line Found : user_pref("CT3289663.isCheckedStartAsHidden", true);
Line Found : user_pref("CT3289663.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3289663.isFirstTimeToolbarLoading", "false");
Line Found : user_pref("CT3289663.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Found : user_pref("CT3289663.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Found : user_pref("CT3289663.keyword", "true");
Line Found : user_pref("CT3289663.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3289663&octid=CT3289663&SearchSource=15&CUI=UN19421934961494917&SSPV=&Lay=1&UM=2\"}");
Line Found : user_pref("CT3289663.lastVersion", "10.21.1.507");
Line Found : user_pref("CT3289663.mam_gk_installer_preapproved.enc", "VFJVRQ==");
Line Found : user_pref("CT3289663.migrateAppsAndComponents", true);
Line Found : user_pref("CT3289663.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.yahoo.com%2F\",\"EB_MAIN_FRAME_TITLE\":\"Yahoo\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://Inte[...]
Line Found : user_pref("CT3289663.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3289847&CUI=UN26206012242268127&UM=2&SearchSource=13&UP=SP12E6913C-B187-4F44-A36F-8FEFAB4340EC");
Line Found : user_pref("CT3289663.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&SearchSource=2&CUI=UN26206012242268127&UM=2&q=");
Line Found : user_pref("CT3289663.originalSearchEngine", "WhiteSmoke New Customized Web Search");
Line Found : user_pref("CT3289663.originalSearchEngineName", "WhiteSmoke New Customized Web Search");
Line Found : user_pref("CT3289663.revertSettingsEnabled", "false");
Line Found : user_pref("CT3289663.search.searchAppId", "130067724014616498");
Line Found : user_pref("CT3289663.search.searchCount", "0");
Line Found : user_pref("CT3289663.searchFromAddressBarEnabledByUser", "true");
Line Found : user_pref("CT3289663.searchInNewTabEnabledByUser", "true");
Line Found : user_pref("CT3289663.searchInNewTabEnabledInHidden", "true");
Line Found : user_pref("CT3289663.searchRevert", "false");
Line Found : user_pref("CT3289663.searchSuggestEnabledByUser", "TRUE");
Line Found : user_pref("CT3289663.searchUserMode", "2");
Line Found : user_pref("CT3289663.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3289663.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Found : user_pref("CT3289663.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Found : user_pref("CT3289663.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3289663\"}");
Line Found : user_pref("CT3289663.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://InternetHelper31.OurToolbar.com//xpi\"}");
Line Found : user_pref("CT3289663.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"InternetHelper3.1 \"}");
Line Found : user_pref("CT3289663.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3289663.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Found : user_pref("CT3289663.serviceLayer_services_Configuration_lastUpdate", "1383916645642");
Line Found : user_pref("CT3289663.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1376096804176");
Line Found : user_pref("CT3289663.serviceLayer_services_appsMetadata_lastUpdate", "1376096804083");
Line Found : user_pref("CT3289663.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1376096804404");
Line Found : user_pref("CT3289663.serviceLayer_services_login_10.16.70.505_lastUpdate", "1377591562772");
Line Found : user_pref("CT3289663.serviceLayer_services_login_10.19.2.505_lastUpdate", "1378871342917");
Line Found : user_pref("CT3289663.serviceLayer_services_login_10.20.1.508_lastUpdate", "1381919770087");
Line Found : user_pref("CT3289663.serviceLayer_services_login_10.21.1.507_lastUpdate", "1383916643967");
Line Found : user_pref("CT3289663.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1376096804582");
Line Found : user_pref("CT3289663.serviceLayer_services_searchAPI_lastUpdate", "1383916645558");
Line Found : user_pref("CT3289663.serviceLayer_services_serviceMap_lastUpdate", "1383916644359");
Line Found : user_pref("CT3289663.serviceLayer_services_setupAPI_lastUpdate", "1376096803789");
Line Found : user_pref("CT3289663.serviceLayer_services_toolbarContextMenu_lastUpdate", "1376096804098");
Line Found : user_pref("CT3289663.serviceLayer_services_toolbarSettings_lastUpdate", "1383916644385");
Line Found : user_pref("CT3289663.serviceLayer_services_translation_lastUpdate", "1383916644347");
Line Found : user_pref("CT3289663.settingsINI", true);
Line Found : user_pref("CT3289663.showToolbarPermission", "false");
Line Found : user_pref("CT3289663.smartbar.CTID", "CT3289663");
Line Found : user_pref("CT3289663.smartbar.Uninstall", "0");
Line Found : user_pref("CT3289663.smartbar.homepage", "true");
Line Found : user_pref("CT3289663.smartbar.isHidden", true);
Line Found : user_pref("CT3289663.smartbar.toolbarName", "InternetHelper3.1 ");
Line Found : user_pref("CT3289663.startPageXPETakeover", "true");
Line Found : user_pref("CT3289663.toolbarBornServerTime", "9-8-2013");
Line Found : user_pref("CT3289663.toolbarCurrentServerTime", "8-11-2013");
Line Found : user_pref("CT3289663.toolbarLoginClientTime", "Fri Aug 09 2013 20:04:43 GMT-0500 (Central Standard Time)");
Line Found : user_pref("CT3289663.versionFromInstaller", "10.16.9.6");
Line Found : user_pref("CT3289663.xpeMode", "3");
Line Found : user_pref("CT3289663_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1383916630059,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Found : user_pref("CT3289847.1000082.isPlayDisplay", "true");
Line Found : user_pref("CT3289847.1000082.state", "{\"state\":\"stopped\",\"text\":\"WFMU\",\"description\":\"WFMU\",\"url\":\"hxxp://www.wfmu.org/wfmu.asx\"}");
Line Found : user_pref("CT3289847.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3289847.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3289847.FirstTime", "true");
Line Found : user_pref("CT3289847.FirstTimeFF3", "true");
Line Found : user_pref("CT3289847.LAST_CLIENT_STATS_SUBMIT_2.enc", "MTM3NjA5Njc2MQ==");
Line Found : user_pref("CT3289847.LOCAL_COOKIE_STATS_LAST_SUBMIT_6.enc", "MTM3NjA5Njc3NQ==");
Line Found : user_pref("CT3289847.LOCAL_COOKIE_STATS_STATS_SITE_IRRELEVANT.enc", "Ng==");
Line Found : user_pref("CT3289847.LOCAL_COOKIE_THROTTLE_BASEadd_stats|0|LOCAL_COOKIE_STATS_STATS_SITE_IRRELEVANT.enc", "MTM3NjA5ODI0MQ==");
Line Found : user_pref("CT3289847.LOCAL_COOKIE_THROTTLE_BASEloopback|hxxp://up.autocompleteplus.com/up?q=you%20tube&l=www.youtube.com&t=2&v=0.4&d=conduit2.enc", "MTM3NjA5Njc2OQ==");
Line Found : user_pref("CT3289847.PG_ENABLE", "dHJ1ZQ==");
Line Found : user_pref("CT3289847.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&SearchSource=2&CUI=UN26206012242268127&UM=2&q=");
Line Found : user_pref("CT3289847.UserID", "UN26206012242268127");
Line Found : user_pref("CT3289847.User_UniqueID.enc", "NGNkOWUyY2ItM2JmMC0xNGI4LWM2OWUtNjYxNmQyMWMwZWM2");
Line Found : user_pref("CT3289847.acp_personal.appstate.enc", "ZW5hYmxl");
Line Found : user_pref("CT3289847.addressBarTakeOverEnabledInHidden", "true");
Line Found : user_pref("CT3289847.browser.search.defaultthis.engineName", true);
Line Found : user_pref("CT3289847.cbfirsttime.enc", "RnJpIEF1ZyAwOSAyMDEzIDIwOjA1OjE4IEdNVC0wNTAwIChDZW50cmFsIFN0YW5kYXJkIFRpbWUp");
Line Found : user_pref("CT3289847.countryCode", "US");
Line Found : user_pref("CT3289847.defaultSearch", "true");
Line Found : user_pref("CT3289847.discover-experiments-photopop.enc", "eyJuYW1lIjoicGhvdG9wb3BfbmEiLCJ2ZXJzaW9uIjoxMH0=");
Line Found : user_pref("CT3289847.discover-periodic-reports.enc", "eyJwaW5nXzAiOlsxMzc2MDk2NzY5NjA5LDE0NDAwMDAwXX0=");
Line Found : user_pref("CT3289847.discover-user-id.enc", "IjJiMGUwNmZkLWIzYjAtNGY3OC1hOGY0LWVjYTdhMTM5MWViMiI=");
Line Found : user_pref("CT3289847.enableAlerts", "true");
Line Found : user_pref("CT3289847.enableSearchFromAddressBar", "true");
Line Found : user_pref("CT3289847.enlargeSearchBox", "{\"enabled\":true,\"maxWidth\":1000,\"minWidth\":250,\"width\":500}");
Line Found : user_pref("CT3289847.firstTimeDialogOpened", "true");
Line Found : user_pref("CT3289847.fixPageNotFoundError", "true");
Line Found : user_pref("CT3289847.fixPageNotFoundErrorByUser", "true");
Line Found : user_pref("CT3289847.fixPageNotFoundErrorInHidden", "true");
Line Found : user_pref("CT3289847.fixUrls", true);
Line Found : user_pref("CT3289847.fullUserID", "UN26206012242268127.IN.20130809162948");
Line Found : user_pref("CT3289847.ground-country-code.enc", "IlVTIg==");
Line Found : user_pref("CT3289847.homepageuserchanged", true);
Line Found : user_pref("CT3289847.hxxp___api31_starwebnet_com.pid2.enc", "YTI5Y2JhYzUtMjcwZS1lODA0LTdlYmYtOGExMzM4ODgxOWQ4");
Line Found : user_pref("CT3289847.hxxp___toolbar_jollywallet_com_tlb_2.Affiliate_defaultGui.enc", "eyJndWkiOltdLCJhY3Rpb25zIjpbXX0=");
Line Found : user_pref("CT3289847.hxxp___toolbar_jollywallet_com_tlb_2.Affiliate_settings.enc", "eyJpbml0VXJsIjoiYXBpLmpvbGx5d2FsbGV0LmNvbS9hZmZpbGlhdGUvaW5pdCIsInF1ZXJ5VXJsIjoiYXBpLmpvbGx5d2FsbGV0LmNvbS9hZmZpbGlh[...]
Line Found : user_pref("CT3289847.hxxp___toolbar_jollywallet_com_tlb_2.jw_token.enc", "MTU3ZTIxNTEtMDE5Mi1jYmJhLWIyN2QtZjcwM2ZjNGRmMjhh");
Line Found : user_pref("CT3289847.hxxp___toolbar_jollywallet_com_tlb_2.key_list_id.enc", "MjAxMjA4MDItMDAw");
Line Found : user_pref("CT3289847.impression_session_counter.enc", "MA==");
Line Found : user_pref("CT3289847.impression_session_id.enc", "ImE5NWU4NTgwLWVlYTEtNDBjNC1hMmMwLWMyNDgyODM1ZDc0MiI=");
Line Found : user_pref("CT3289847.impression_session_last_active.enc", "MTM3NjA5Njc3Mjc4MQ==");
Line Found : user_pref("CT3289847.installId", "9818");
Line Found : user_pref("CT3289847.installType", "conduitnsisintegration");
Line Found : user_pref("CT3289847.isCheckedStartAsHidden", true);
Line Found : user_pref("CT3289847.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3289847.isFirstTimeToolbarLoading", "false");
Line Found : user_pref("CT3289847.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Found : user_pref("CT3289847.key_user_agree_ia12.enc", "MQ==");
Line Found : user_pref("CT3289847.keyword", true);
Line Found : user_pref("CT3289847.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3289847&octid=CT3289847&SearchSource=15&CUI=UN26206012242268127&SSPV=&Lay=1&UM=2\"}");
Line Found : user_pref("CT3289847.lastVersion", "10.20.1.508");
Line Found : user_pref("CT3289847.mam_gk_appStateReportTime.enc", "MTM3NjA5NjcxNTc5Ng==");
Line Found : user_pref("CT3289847.mam_gk_appState_ACplus.enc", "b24=");
Line Found : user_pref("CT3289847.mam_gk_appState_CouponBuddy.enc", "b24=");
Line Found : user_pref("CT3289847.mam_gk_appState_Discover.enc", "b24=");
Line Found : user_pref("CT3289847.mam_gk_appState_Easytobook.enc", "b24=");
Line Found : user_pref("CT3289847.mam_gk_appState_Easytobook_targeted.enc", "b24=");
Line Found : user_pref("CT3289847.mam_gk_appState_Find-a-Pro.enc", "b24=");
Line Found : user_pref("CT3289847.mam_gk_appState_JobsMiner.enc", "b24=");
Line Found : user_pref("CT3289847.mam_gk_appState_PiclickV2-WebSearch.enc", "b24=");
Line Found : user_pref("CT3289847.mam_gk_appState_PriceGong.enc", "b24=");
Line Found : user_pref("CT3289847.mam_gk_appState_WindowShopper.enc", "b24=");
Line Found : user_pref("CT3289847.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsInNjcmlwdFVybCI6bnVsbCwib3B0aW9uc0Rp[...]
Line Found : user_pref("CT3289847.mam_gk_appsDefaultEnabled.enc", "dHJ1ZQ==");
Line Found : user_pref("CT3289847.mam_gk_calledSetupService.enc", "MQ==");
Line Found : user_pref("CT3289847.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkpvYnNNaW5lciIsImNyaXRlcmlhcyI6W3siY3JpdGVyaWFJZCI6IjkzMDBjMzcwLWUwNjEtNDllMi1iMWI0LWFjZDgzMWRkYWRiZSIsImRvbWFpbnMiOls[...]
Line Found : user_pref("CT3289847.mam_gk_currentVersion.enc", "MS45LjAuNA==");
Line Found : user_pref("CT3289847.mam_gk_first_time.enc", "MQ==");
Line Found : user_pref("CT3289847.mam_gk_lastLoginTime.enc", "MTM3NjA5NjcxMTc0NQ==");
Line Found : user_pref("CT3289847.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHMgZW5yaWNoZXMgeW91ciB3ZWIg[...]
Line Found : user_pref("CT3289847.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Line Found : user_pref("CT3289847.mam_gk_settings1.9.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMTMxXzAiLCJpc1Rlc3QiOnRydWUsIlVzZXJDb3VudHJ5Q29kZSI6IlVTIiwiaXNXZWxjb21lRXhwZ[...]
Line Found : user_pref("CT3289847.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Line Found : user_pref("CT3289847.mam_gk_userId.enc", "MTliZjc3ZWYtNDZlYy00NWY4LWFjNTktNTAwMmMwMWE2NThi");
Line Found : user_pref("CT3289847.migrateAppsAndComponents", true);
Line Found : user_pref("CT3289847.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.qvo6.com%2F%3Futm_source%3Db%26utm_medium%3Dadks%26from%3Dadks%26uid%3DST640LM000XHM641JI_S25YJ9AC134084%26ts%3D[...]
Line Found : user_pref("CT3289847.openThankYouPage", "false");
Line Found : user_pref("CT3289847.openUninstallPage", "true");
Line Found : user_pref("CT3289847.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Line Found : user_pref("CT3289847.originalSearchAddressUrl", false);
Line Found : user_pref("CT3289847.originalSearchEngine", "Google");
Line Found : user_pref("CT3289847.originalSearchEngineName", "Google");
Line Found : user_pref("CT3289847.revertSettingsEnabled", "true");
Line Found : user_pref("CT3289847.search.searchAppId", "130068661007799818");
Line Found : user_pref("CT3289847.search.searchCount", "0");
Line Found : user_pref("CT3289847.searchFromAddressBarEnabledByUser", "true");
Line Found : user_pref("CT3289847.searchInNewTabEnabledByUser", "true");
Line Found : user_pref("CT3289847.searchInNewTabEnabledInHidden", "true");
Line Found : user_pref("CT3289847.searchSuggestEnabledByUser", "true");
Line Found : user_pref("CT3289847.searchUserMode", "2");
Line Found : user_pref("CT3289847.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3289847.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Found : user_pref("CT3289847.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Found : user_pref("CT3289847.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3289847\"}");
Line Found : user_pref("CT3289847.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://WhiteSmokeNew.OurToolbar.com//xpi\"}");
Line Found : user_pref("CT3289847.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"WhiteSmoke New \"}");
Line Found : user_pref("CT3289847.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3289847.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Found : user_pref("CT3289847.serviceLayer_services_Configuration_lastUpdate", "1380910190919");
Line Found : user_pref("CT3289847.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1376096698972");
Line Found : user_pref("CT3289847.serviceLayer_services_appsMetadata_lastUpdate", "1376096698921");
Line Found : user_pref("CT3289847.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1376096698848");
Line Found : user_pref("CT3289847.serviceLayer_services_login_10.16.9.506_lastUpdate", "1377358294337");
Line Found : user_pref("CT3289847.serviceLayer_services_login_10.16.9.6_lastUpdate", "1376098280269");
Line Found : user_pref("CT3289847.serviceLayer_services_login_10.19.2.505_lastUpdate", "1378871346174");
Line Found : user_pref("CT3289847.serviceLayer_services_login_10.20.1.508_lastUpdate", "1380910188539");
Line Found : user_pref("CT3289847.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1376096698779");
Line Found : user_pref("CT3289847.serviceLayer_services_searchAPI_lastUpdate", "1380910190653");
Line Found : user_pref("CT3289847.serviceLayer_services_serviceMap_lastUpdate", "1380910189236");
Line Found : user_pref("CT3289847.serviceLayer_services_setupAPI_lastUpdate", "1376096692609");
Line Found : user_pref("CT3289847.serviceLayer_services_toolbarContextMenu_lastUpdate", "1376096698707");
Line Found : user_pref("CT3289847.serviceLayer_services_toolbarSettings_lastUpdate", "1380910189138");
Line Found : user_pref("CT3289847.serviceLayer_services_translation_lastUpdate", "1380910191260");
Line Found : user_pref("CT3289847.settingsINI", true);
Line Found : user_pref("CT3289847.shouldFirstTimeDialog", "false");
Line Found : user_pref("CT3289847.showToolbarPermission", "false");
Line Found : user_pref("CT3289847.smartbar.CTID", "CT3289847");
Line Found : user_pref("CT3289847.smartbar.Uninstall", "0");
Line Found : user_pref("CT3289847.smartbar.homepage", true);
Line Found : user_pref("CT3289847.smartbar.isHidden", true);
Line Found : user_pref("CT3289847.smartbar.toolbarName", "WhiteSmoke New ");
Line Found : user_pref("CT3289847.startPage", "true");
Line Found : user_pref("CT3289847.toolbarBornServerTime", "10-8-2013");
Line Found : user_pref("CT3289847.toolbarCurrentServerTime", "4-10-2013");
Line Found : user_pref("CT3289847.toolbarLoginClientTime", "Fri Aug 09 2013 20:04:59 GMT-0500 (Central Standard Time)");
Line Found : user_pref("CT3289847_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1381858730310,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Found : user_pref("CT3291679.1000234.TWC_TMP_city", "OMAHA");
Line Found : user_pref("CT3291679.1000234.TWC_TMP_country", "US");
Line Found : user_pref("CT3291679.1000234.TWC_country", "UNITED STATES");
Line Found : user_pref("CT3291679.1000234.TWC_locId", "USNE0363");
Line Found : user_pref("CT3291679.1000234.TWC_location", "Omaha, NE");
Line Found : user_pref("CT3291679.1000234.TWC_region", "US");
Line Found : user_pref("CT3291679.1000234.TWC_temp_dis", "f");
Line Found : user_pref("CT3291679.1000234.TWC_wind_dis", "mph");
Line Found : user_pref("CT3291679.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3291679.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3291679.FF19Solved", "true");
Line Found : user_pref("CT3291679.FirstTime", "true");
Line Found : user_pref("CT3291679.FirstTimeFF3", "true");
Line Found : user_pref("CT3291679.LAST_CLIENT_STATS_SUBMIT_2.enc", "MTM3OTQ0MDAxNA==");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_STATS_LAST_SUBMIT_6", "%B7%B9%BE%B9%BB%BD%BB%B8%BF%BF");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_STATS_LAST_SUBMIT_6.enc", "MTM4MzU3NTI5OQ==");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_STATS_STATS_SITE_IRRELEVANT", "%B6");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_STATS_STATS_SITE_IRRELEVANT.enc", "MA==");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_STATS_STATS_SITE_NEW", "%B6");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_STATS_STATS_SITE_NEW.enc", "MA==");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_STATS_STATS_SITE_NOT_SUPPORTED", "%B6");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_STATS_STATS_SITE_NOT_SUPPORTED.enc", "MA==");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_STATS_STATS_SITE_SUPPORTED", "%B6");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_STATS_STATS_SITE_SUPPORTED.enc", "MA==");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_STATS_STATS_USE_HISTORY", "%B6");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_STATS_STATS_USE_HISTORY.enc", "MA==");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_STATS_STATS_USE_POP", "%B6");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_STATS_STATS_USE_POP.enc", "MA==");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_STATS_STATS_USE_RELATED", "%B6");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_STATS_STATS_USE_RELATED.enc", "MA==");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_STATS_STATS_USE_TYPED", "%B6");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_STATS_STATS_USE_TYPED.enc", "MA==");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_THROTTLE_BASEadd_stats|0|LOCAL_COOKIE_STATS_STATS_SITE_IRRELEVANT", "%B7%B9%BE%B9%BB%BD%BB%B8%BF%BF");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_THROTTLE_BASEadd_stats|0|LOCAL_COOKIE_STATS_STATS_SITE_IRRELEVANT.enc", "MTM4MzU3NTI5OQ==");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_THROTTLE_BASEadd_stats|0|LOCAL_COOKIE_STATS_STATS_SITE_SUPPORTED.enc", "MTM4MzE5OTI3Ng==");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_THROTTLE_BASEadd_stats|LOCAL_COOKIE_STATS_STATS_USE_POP.enc", "MTM4MDkwODcwOQ==");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_THROTTLE_BASEadd_stats|LOCAL_COOKIE_STATS_STATS_USE_RELATED.enc", "MTM4MDkwODcxNA==");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_THROTTLE_BASEadd_stats|LOCAL_COOKIE_STATS_STATS_USE_TYPED.enc", "MTM4MzE5ODg2Mw==");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_THROTTLE_BASEloopback|hxxp://up.autocompleteplus.com/up?q=1964%2Bnickel&l=search.yahoo.com&t=2&v=0.5&d=conduit2.enc", "MTM4MTg1OTQ2Mg==");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_THROTTLE_BASEloopback|hxxp://up.autocompleteplus.com/up?q=1979%2Bl50&l=search.yahoo.com&t=2&v=0.5&d=conduit2.enc", "MTM4MTg2NjkzNw==");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_THROTTLE_BASEloopback|hxxp://up.autocompleteplus.com/up?q=1981%2Bcanada&l=search.yahoo.com&t=2&v=0.5&d=conduit2.enc", "MTM4MTg2Njk3Ng==");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_THROTTLE_BASEloopback|hxxp://up.autocompleteplus.com/up?q=frank%20zappa&l=kickasstorrents.ee&t=0&v=0.5&d=conduit2.enc", "MTM4MzE5ODg2OA==");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_THROTTLE_BASEloopback|hxxp://up.autocompleteplus.com/up?q=kickass%2Btorrents&l=kickasstorrents.ee&t=2&v=0.5&d=conduit2.enc", "MTM4MzE5ODcyNg==");
Line Found : user_pref("CT3291679.LOCAL_COOKIE_THROTTLE_BASEloopback|hxxp://up.autocompleteplus.com/up?q=sph-l710&l=www.samsung.com&t=1&v=0.4&d=conduit2.enc", "MTM4MDkwODcxMA==");
Line Found : user_pref("CT3291679.PG_ENABLE", "dHJ1ZQ==");
Line Found : user_pref("CT3291679.SF_JUST_INSTALLED.enc", "RkFMU0U=");
Line Found : user_pref("CT3291679.SF_STATUS.enc", "RU5BQkxFRA==");
Line Found : user_pref("CT3291679.SF_USER_ID.enc", "Y2lkXzE3OTIwMTMxMjQ2NTMxMjgxMTk4");
Line Found : user_pref("CT3291679.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3291679&SearchSource=2&CUI=UN34476165251274322&UM=2&q=");
Line Found : user_pref("CT3291679.UserID", "UN34476165251274322");
Line Found : user_pref("CT3291679._key_cl_active", "%BF%E7%B9%B8%E8%E8%B9%E9%B3%EC%E8%E7%EB%B3%BA%EB%B9%BC%B3%BE%E7%B7%B9%B3%EA%B8%BD%B9%B8%E8%B9%B7%BA%B8%B6%BC");
Line Found : user_pref("CT3291679._key_cl_active.enc", "OWEzMmJiM2MtZmJhZS00ZTM2LThhMTMtZDI3MzJiMzE0MjA2");
Line Found : user_pref("CT3291679.acp_personal.appstate.enc", "ZW5hYmxl");
Line Found : user_pref("CT3291679.addressBarTakeOverEnabledInHidden", "true");
Line Found : user_pref("CT3291679.autoDisableScopes", -1);
Line Found : user_pref("CT3291679.browser.search.defaultthis.engineName", "true");
Line Found : user_pref("CT3291679.cb_experience_000.enc", "NDY=");
Line Found : user_pref("CT3291679.cb_firstuse0100.enc", "MQ==");
Line Found : user_pref("CT3291679.cb_user_id_000.enc", "Q0IzNDQ1ODc5NDc5MzhfMTM4MDkwODU5NjgxMF9GaXJlZm94");
Line Found : user_pref("CT3291679.cbfirsttime.enc", "V2VkIEF1ZyAyMSAyMDEzIDE1OjM3OjMzIEdNVC0wNTAwIChDZW50cmFsIFN0YW5kYXJkIFRpbWUp");
Line Found : user_pref("CT3291679.countryCode", "US");
Line Found : user_pref("CT3291679.defaultSearch", "true");
Line Found : user_pref("CT3291679.discover-experiments-photopop.enc", "eyJuYW1lIjoicGhvdG9wb3BfbmEiLCJ2ZXJzaW9uIjoxMH0=");
Line Found : user_pref("CT3291679.discover-periodic-reports", "ā%A8%F6%EF%F4%ED%E5%B6%A8%C0%E1%B7%B9%BE%B9%BF%B7%BC%BD%B8%B8%BD%B7%BF%B2%B7%BA%BA%B6%B6%B6%B6%B6%E3ă");
Line Found : user_pref("CT3291679.discover-periodic-reports.enc", "eyJwaW5nXzAiOlsxMzgzOTE2NzIyNzE5LDE0NDAwMDAwXX0=");
Line Found : user_pref("CT3291679.discover-user-id.enc", "IjAwNjBiNTlmLWNjZWUtNGVkMy04N2U2LWFmMDQxYzE5YzFmMyI=");
Line Found : user_pref("CT3291679.embeddedsData", "[{\"appId\":\"130077389423028499\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Found : user_pref("CT3291679.enableAlerts", "true");
Line Found : user_pref("CT3291679.enableSearchFromAddressBar", "true");
Line Found : user_pref("CT3291679.firstTimeDialogOpened", "true");
Line Found : user_pref("CT3291679.fixPageNotFoundError", "true");
Line Found : user_pref("CT3291679.fixPageNotFoundErrorByUser", "true");
Line Found : user_pref("CT3291679.fixPageNotFoundErrorInHidden", "true");
Line Found : user_pref("CT3291679.fixUrls", true);
Line Found : user_pref("CT3291679.fullUserID", "UN34476165251274322.IN.20130820021940");
Line Found : user_pref("CT3291679.ground-country-code.enc", "IlVTIg==");
Line Found : user_pref("CT3291679.hover_counter.enc", "Mg==");
Line Found : user_pref("CT3291679.impression_counter", "%BD");
Line Found : user_pref("CT3291679.impression_counter.enc", "Nw==");
Line Found : user_pref("CT3291679.impression_session_counter", "%BB");
Line Found : user_pref("CT3291679.impression_session_counter.enc", "NQ==");
Line Found : user_pref("CT3291679.impression_session_id", "%A8%B6%E7%E9%BF%E8%E7%BC%E8%B3%BF%B6%BE%EC%B3%BA%B8%B6%B7%B3%E7%EA%E7%BE%B3%BA%EC%B8%EB%B7%B9%BC%E8%EA%BD%B8%B9%A8");
Line Found : user_pref("CT3291679.impression_session_id.enc", "IjBhYzliYTZiLTkwOGYtNDIwMS1hZGE4LTRmMmUxMzZiZDcyMyI=");
Line Found : user_pref("CT3291679.impression_session_last_active", "%B7%B9%BE%B9%BF%B7%BC%BF%BE%B9%BE%BE%BD");
Line Found : user_pref("CT3291679.impression_session_last_active.enc", "MTM4MzkxNjk4Mzg4Nw==");
Line Found : user_pref("CT3291679.installDate", "20/08/2013 02:19:38");
Line Found : user_pref("CT3291679.installId", "conduitinstaller.exe");
Line Found : user_pref("CT3291679.installSessionId", "{FAF5E3B7-0C6A-462D-8C45-C5517E8A2545}");
Line Found : user_pref("CT3291679.installSp", "TRUE");
Line Found : user_pref("CT3291679.installType", "conduitnsisintegration");
Line Found : user_pref("CT3291679.installUsage", "2013-08-21T23:32:55.4582836+03:00");
Line Found : user_pref("CT3291679.installUsageEarly", "2013-08-21T23:32:42.1658908+03:00");
Line Found : user_pref("CT3291679.installerVersion", "1.5.4.5");
Line Found : user_pref("CT3291679.isCheckedStartAsHidden", true);
Line Found : user_pref("CT3291679.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3291679.isFirstTimeToolbarLoading", "false");
Line Found : user_pref("CT3291679.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Found : user_pref("CT3291679.keyword", "true");
Line Found : user_pref("CT3291679.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3291679&octid=CT3291679&SearchSource=15&CUI=UN34476165251274322&SSPV=&Lay=1&UM=2\"}");
Line Found : user_pref("CT3291679.lastVersion", "10.21.1.507");
Line Found : user_pref("CT3291679.mam_gk_appStateReportTime", "%B7%B9%BE%B9%BF%B7%BC%BC%BD%BC%BF%BF%B7");
Line Found : user_pref("CT3291679.mam_gk_appStateReportTime.enc", "MTM4MzkxNjY3Njk5MQ==");
Line Found : user_pref("CT3291679.mam_gk_appState_ACplus.enc", "b24=");
Line Found : user_pref("CT3291679.mam_gk_appState_CouponBuddy.enc", "b24=");
Line Found : user_pref("CT3291679.mam_gk_appState_Discover.enc", "b24=");
Line Found : user_pref("CT3291679.mam_gk_appState_Easytobook.enc", "b24=");
Line Found : user_pref("CT3291679.mam_gk_appState_Easytobook_targeted.enc", "b24=");
Line Found : user_pref("CT3291679.mam_gk_appState_Find-a-Pro.enc", "b24=");
Line Found : user_pref("CT3291679.mam_gk_appState_PiclickV2-WebSearch.enc", "b24=");
Line Found : user_pref("CT3291679.mam_gk_appState_PriceGong.enc", "b24=");
Line Found : user_pref("CT3291679.mam_gk_appState_WindowShopper.enc", "b24=");
Line Found : user_pref("CT3291679.mam_gk_appsConfig.enc", "eyJBcHBzQ29uZmlndXJhdGlvbiI6W3siaWQiOiJDbGFyaXR5X0FjdGl2ZSIsInVybCI6Imh0dHA6Ly9zdG9yYWdlLmNvbmR1aXQuY29tL21hbS8zcmRwYXJ0eWFwcHMvY2xhcml0eVJheS9jcl9hY3Rpdm[...]
Line Found : user_pref("CT3291679.mam_gk_appsDefaultEnabled", "%F4%FB%F2%F2");
Line Found : user_pref("CT3291679.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
Line Found : user_pref("CT3291679.mam_gk_calledSetupService.enc", "MQ==");
Line Found : user_pref("CT3291679.mam_gk_currentBadgeValue", "%B7");
Line Found : user_pref("CT3291679.mam_gk_currentBadgeValue.enc", "MQ==");
Line Found : user_pref("CT3291679.mam_gk_currentVersion", "%B7%B4%B7%B7%B4%BA%B4%B8");
Line Found : user_pref("CT3291679.mam_gk_currentVersion.enc", "MS4xMS40LjI=");
Line Found : user_pref("CT3291679.mam_gk_existingUsersRecoveryDone.enc", "MQ==");
Line Found : user_pref("CT3291679.mam_gk_first_time", "%B7");
Line Found : user_pref("CT3291679.mam_gk_first_time.enc", "MQ==");
Line Found : user_pref("CT3291679.mam_gk_globalKeysMigratedToLocalStorage", "%B7");
Line Found : user_pref("CT3291679.mam_gk_globalKeysMigratedToLocalStorage.enc", "MQ==");
Line Found : user_pref("CT3291679.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Line Found : user_pref("CT3291679.mam_gk_lastLoginTime", "%B7%B9%BE%B9%BF%B7%BC%BC%BD%BE%BB%BE%BA");
Line Found : user_pref("CT3291679.mam_gk_lastLoginTime.enc", "MTM4MzkxNjY3ODU4NA==");
Line Found : user_pref("CT3291679.mam_gk_localization", "ā%A8%ED%E7%EA%ED%EB%FA%C9%F5%F4%FA%EB%F4%FA%D6%F5%F2%EF%E9%FF%A8%C0ā%A8%DA%EB%FE%FA%A8%C0%A8%C9%F5%F4%FA%EB%F4%FA%A6%D6%F5%F2%EF%E9%FF%A8ă%B2[...]
Line Found : user_pref("CT3291679.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHMgZW5yaWNoZXMgeW91ciB3ZWIg[...]
Line Found : user_pref("CT3291679.mam_gk_mamEnabled.enc", "dHJ1ZQ==");
Line Found : user_pref("CT3291679.mam_gk_newApps", "%E1ā%A8%EF%EA%A8%C0%A8%C9%F2%E7%F8%EF%FA%FF%E5%C7%E9%FA%EF%FC%EB%A8%B2%A8%F4%E7%F3%EB%A8%C0%A8%C9%F2%E7%F8%EF%FA%FF%A8%B2%A8%EA%EB%F9%E9%F8%EF%F6%FA%EF%F5%F[...]
Line Found : user_pref("CT3291679.mam_gk_newApps.enc", "W3siaWQiOiJDbGFyaXR5X0FjdGl2ZSIsIm5hbWUiOiJDbGFyaXR5IiwiZGVzY3JpcHRpb24iOm51bGwsImFkZGVkQXQiOiIxMzgzOTE2Njc1ODk5In1d");
Line Found : user_pref("CT3291679.mam_gk_new_welcome_experience.enc", "MQ==");
Line Found : user_pref("CT3291679.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Line Found : user_pref("CT3291679.mam_gk_settings1.10.4.0.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxMzEwMzEiLCJpbnRlcnZhbCI6MjQwLCJzdGFtcCI6IjM1XzAiLCJpc1Rlc3QiOnRydWUsIlVzZXJDb3VudHJ5[...]
Line Found : user_pref("CT3291679.mam_gk_settings1.11.4.2", "ā%A8%D9%FA%E7%FA%FB%F9%A8%C0%A8%F9%FB%E9%E9%EB%EB%EA%EB%EA%A8%B2%A8%CA%E7%FA%E7%A8%C0ā%A8%E9%FB%F8%F8%EB%F4%FA%CA%E7%FA%EB%A8%C0%A8%B8%B6%B7%B[...]
Line Found : user_pref("CT3291679.mam_gk_settings1.11.4.2.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxMzExMDgiLCJpbnRlcnZhbCI6MjQwLCJzdGFtcCI6IjEwNDNfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50[...]
Line Found : user_pref("CT3291679.mam_gk_showWelcomeGadget", "%EC%E7%F2%F9%EB");
Line Found : user_pref("CT3291679.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Line Found : user_pref("CT3291679.mam_gk_stamp", "%B7%B6%BA%B9%E5%B6");
Line Found : user_pref("CT3291679.mam_gk_stamp.enc", "MTA0M18w");
Line Found : user_pref("CT3291679.mam_gk_userId", "%B7%B8%B9%BF%BC%E8%E9%BE%B3%B7%BA%BA%BA%B3%BA%BE%BC%B7%B3%E8%BD%B8%BB%B3%BD%E8%BA%B9%BF%B7%BC%E7%BF%E8%E7%BA");
Line Found : user_pref("CT3291679.mam_gk_userId.enc", "MTIzOTZiYzgtMTQ0NC00ODYxLWI3MjUtN2I0MzkxNmE5YmE0");
Line Found : user_pref("CT3291679.mam_gk_user_approval_interacted", "%B7");
Line Found : user_pref("CT3291679.mam_gk_user_approval_interacted.enc", "MQ==");
Line Found : user_pref("CT3291679.mam_gk_welcomeDialogMode", "%B7");
Line Found : user_pref("CT3291679.mam_gk_welcomeDialogMode.enc", "MQ==");
Line Found : user_pref("CT3291679.migrateAppsAndComponents", true);
Line Found : user_pref("CT3291679.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.yahoo.com%2F\",\"EB_MAIN_FRAME_TITLE\":\"Yahoo\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://Sear[...]
Line Found : user_pref("CT3291679.openThankYouPage", "false");
Line Found : user_pref("CT3291679.openUninstallPage", "true");
Line Found : user_pref("CT3291679.originalHomepage", "hxxp://isearch.babylon.com/?babsrc=HP_ssbtis1&mntrId=544820107A267CE2&affID=119351&tsp=4970");
Line Found : user_pref("CT3291679.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3287808&SearchSource=2&CUI=UN39034790731605933&UM=2&q=");
Line Found : user_pref("CT3291679.originalSearchEngine", "");
Line Found : user_pref("CT3291679.originalSearchEngineName", "");
Line Found : user_pref("CT3291679.price-gong.isManagedApp", "true");
Line Found : user_pref("CT3291679.response_cache.enc", "eyJjaGFubmVsIjp7ImxpbmsiOiJodHRwOi8vd3d3LnlhaG9vLmNvbS8iLCJkZXNjcmlwdGlvbiI6IlRydWZmbGVzIEJ5IENvbmR1aXQiLCJzb3VyY2UiOnsidXJsIjoiaHR0cDovL3d3dy55YWhvby5jb20vI[...]
Line Found : user_pref("CT3291679.revertSettingsEnabled", "false");
Line Found : user_pref("CT3291679.search.searchAppId", "130077389423028499");
Line Found : user_pref("CT3291679.search.searchCount", "1");
Line Found : user_pref("CT3291679.searchFromAddressBarEnabledByUser", "true");
Line Found : user_pref("CT3291679.searchInNewTabEnabledByUser", "true");
Line Found : user_pref("CT3291679.searchInNewTabEnabledInHidden", "true");
Line Found : user_pref("CT3291679.searchRevert", "false");
Line Found : user_pref("CT3291679.searchSuggestEnabledByUser", "true");
Line Found : user_pref("CT3291679.searchUserMode", "2");
Line Found : user_pref("CT3291679.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3291679.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Found : user_pref("CT3291679.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Found : user_pref("CT3291679.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3291679\"}");
Line Found : user_pref("CT3291679.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://SearchSpinV7.OurToolbar.com//xpi\"}");
Line Found : user_pref("CT3291679.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Search Spin V7 \"}");
Line Found : user_pref("CT3291679.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3291679.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Found : user_pref("CT3291679.serviceLayer_services_Configuration_lastUpdate", "1383916645985");
Line Found : user_pref("CT3291679.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1383916644765");
Line Found : user_pref("CT3291679.serviceLayer_services_appsMetadata_lastUpdate", "1383916644711");
Line Found : user_pref("CT3291679.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1382825842049");
Line Found : user_pref("CT3291679.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1377117165409");
Line Found : user_pref("CT3291679.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1377117178462");
Line Found : user_pref("CT3291679.serviceLayer_services_login_10.16.9.506_lastUpdate", "1377358293400");
Line Found : user_pref("CT3291679.serviceLayer_services_login_10.16.9.6_lastUpdate", "1377117178293");
Line Found : user_pref("CT3291679.serviceLayer_services_login_10.19.2.505_lastUpdate", "1378871344545");
Line Found : user_pref("CT3291679.serviceLayer_services_login_10.20.0.513_lastUpdate", "1379439962489");
Line Found : user_pref("CT3291679.serviceLayer_services_login_10.20.1.508_lastUpdate", "1382825842129");
Line Found : user_pref("CT3291679.serviceLayer_services_login_10.21.1.507_lastUpdate", "1383916644427");
Line Found : user_pref("CT3291679.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1382825842097");
Line Found : user_pref("CT3291679.serviceLayer_services_searchAPI_lastUpdate", "1383916645799");
Line Found : user_pref("CT3291679.serviceLayer_services_serviceMap_lastUpdate", "1383916644715");
Line Found : user_pref("CT3291679.serviceLayer_services_toolbarContextMenu_lastUpdate", "1383916644724");
Line Found : user_pref("CT3291679.serviceLayer_services_toolbarSettings_lastUpdate", "1383916645503");
Line Found : user_pref("CT3291679.serviceLayer_services_translation_lastUpdate", "1383916645831");
Line Found : user_pref("CT3291679.settingsINI", true);
Line Found : user_pref("CT3291679.shouldFirstTimeDialog", "false");
Line Found : user_pref("CT3291679.showToolbarPermission", "false");
Line Found : user_pref("CT3291679.smartbar.CTID", "CT3291679");
Line Found : user_pref("CT3291679.smartbar.Uninstall", "0");
Line Found : user_pref("CT3291679.smartbar.homepage", "true");
Line Found : user_pref("CT3291679.smartbar.toolbarName", "Search Spin V7 ");
Line Found : user_pref("CT3291679.startPage", "true");
Line Found : user_pref("CT3291679.toolbarBornServerTime", "21-8-2013");
Line Found : user_pref("CT3291679.toolbarCurrentServerTime", "8-11-2013");
Line Found : user_pref("CT3291679.toolbarLoginClientTime", "Wed Aug 21 2013 15:32:58 GMT-0500 (Central Standard Time)");
Line Found : user_pref("CT3291679.url_history0001.enc", "aHR0cDovL2xvZ2luLnlhaG9vLmNvbS9jb25maWcvbG9naW47X3lsdD1Bb05ON0hoNlJ6YURuaTJORjk2RlMxbS51bEk2P2xvZ291dD0xJi5kaXJlY3Q9MiYuZG9uZT1odHRwOi8vd3d3LnlhaG9vLmNvbSYu[...]
Line Found : user_pref("CT3291679.versionFromInstaller", "10.16.9.6");
Line Found : user_pref("CT3291679.xpeMode", "3");
Line Found : user_pref("CT3291679_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1383916631417,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Found : user_pref("CT3293216.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3293216.FirstTime", "true");
Line Found : user_pref("CT3293216.FirstTimeFF3", "true");
Line Found : user_pref("CT3293216.UserID", "UN54841732037751600");
Line Found : user_pref("CT3293216.countryCode", "US");
Line Found : user_pref("CT3293216.enlargeSearchBox", "{\"enabled\":true,\"maxWidth\":1000,\"minWidth\":250,\"width\":500}");
Line Found : user_pref("CT3293216.fixPageNotFoundErrorByUser", "TRUE");
Line Found : user_pref("CT3293216.fixUrls", true);
Line Found : user_pref("CT3293216.fullUserID", "UN54841732037751600.IN.20130703233956");
Line Found : user_pref("CT3293216.homepageuserchanged", true);
Line Found : user_pref("CT3293216.isCheckedStartAsHidden", true);
Line Found : user_pref("CT3293216.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3293216.isFirstTimeToolbarLoading", "false");
Line Found : user_pref("CT3293216.lastVersion", "10.21.1.507");
Line Found : user_pref("CT3293216.mam_gk_installer_preapproved.enc", "VFJVRQ==");
Line Found : user_pref("CT3293216.migrateAppsAndComponents", true);
Line Found : user_pref("CT3293216.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.yahoo.com%2F\",\"EB_MAIN_FRAME_TITLE\":\"Yahoo\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://Vgra[...]
Line Found : user_pref("CT3293216.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Found : user_pref("CT3293216.searchInNewTabEnabledByUser", "true");
Line Found : user_pref("CT3293216.searchSuggestEnabledByUser", "TRUE");
Line Found : user_pref("CT3293216.searchUserMode", "2");
Line Found : user_pref("CT3293216.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3293216.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Found : user_pref("CT3293216.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Found : user_pref("CT3293216.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3293216\"}");
Line Found : user_pref("CT3293216.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://Vgrabberv15.OurToolbar.com//xpi\"}");
Line Found : user_pref("CT3293216.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Vgrabber v1.5 \"}");
Line Found : user_pref("CT3293216.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3293216.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Found : user_pref("CT3293216.serviceLayer_services_Configuration_lastUpdate", "1383916645790");
Line Found : user_pref("CT3293216.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1376096795171");
Line Found : user_pref("CT3293216.serviceLayer_services_appsMetadata_lastUpdate", "1376096795225");
Line Found : user_pref("CT3293216.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1376096795295");
Line Found : user_pref("CT3293216.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1376096795402");
Line Found : user_pref("CT3293216.serviceLayer_services_searchAPI_lastUpdate", "1383916645685");
Line Found : user_pref("CT3293216.serviceLayer_services_serviceMap_lastUpdate", "1383916644528");
Line Found : user_pref("CT3293216.serviceLayer_services_setupAPI_lastUpdate", "1376096794906");
Line Found : user_pref("CT3293216.serviceLayer_services_toolbarContextMenu_lastUpdate", "1376096795234");
Line Found : user_pref("CT3293216.serviceLayer_services_toolbarSettings_lastUpdate", "1383916644534");
Line Found : user_pref("CT3293216.serviceLayer_services_translation_lastUpdate", "1383916645563");
Line Found : user_pref("CT3293216.settingsINI", true);
Line Found : user_pref("CT3293216.showToolbarPermission", "false");
Line Found : user_pref("CT3293216.smartbar.CTID", "CT3293216");
Line Found : user_pref("CT3293216.smartbar.Uninstall", "0");
Line Found : user_pref("CT3293216.smartbar.isHidden", true);
Line Found : user_pref("CT3293216.smartbar.toolbarName", "Vgrabber v1.5 ");
Line Found : user_pref("CT3293216.toolbarBornServerTime", "4-8-2013");
Line Found : user_pref("CT3293216.toolbarCurrentServerTime", "4-8-2013");
Line Found : user_pref("CT3293216.toolbarLoginClientTime", "Fri Aug 09 2013 20:04:34 GMT-0500 (Central Standard Time)");
Line Found : user_pref("CT3293216_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1383916629737,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Found : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3291679&octid=CT3291679&SearchSource=61&CUI=UN34476165251274322&UM=2&UP=SP56FB8A62-0BEC-4E54-9207-DF95F24F2813");
Line Found : user_pref("Smartbar.ConduitSearchEngineList", "");
Line Found : user_pref("Smartbar.ConduitSearchUrlList", "");
Line Found : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&SearchSource=2&CUI=UN26206012242268127&UM=2&q=");
Line Found : user_pref("Smartbar.keywordURLSelectedCTID", "CT3291679");
Line Found : user_pref("browser.search.defaultthis.engineName", "InternetHelper3.1 Customized Web Search");
Line Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289663&CUI=UN19421934961494917&UM=2&SearchSource=3&q={searchTerms}");
Line Found : user_pref("extensions.defaulttab.config", "{\"status\": \"ok\", \"config\": {\"dns_error_handling\": \"Scenario_1,Scenario_2,Scenario_8:0:0:Search Results:Search Results\", \"set_default_search\": \"S[...]
Line Found : user_pref("extensions.delta.admin", false);
Line Found : user_pref("extensions.delta.aflt", "babsst");
Line Found : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Found : user_pref("extensions.delta.autoRvrt", "false");
Line Found : user_pref("extensions.delta.bbDpng", "16");
Line Found : user_pref("extensions.delta.cntry", "US");
Line Found : user_pref("extensions.delta.dfltLng", "en");
Line Found : user_pref("extensions.delta.excTlbr", false);
Line Found : user_pref("extensions.delta.ffxUnstlRst", true);
Line Found : user_pref("extensions.delta.hdrMd5", "BA44166CCE4FF440F781B37FCE3503AA");
Line Found : user_pref("extensions.delta.id", "5448819b00000000000020107a267ce2");
Line Found : user_pref("extensions.delta.instlDay", "15927");
Line Found : user_pref("extensions.delta.instlRef", "sst");
Line Found : user_pref("extensions.delta.lastVrsnTs", "1.8.22.09:21:58");
Line Found : user_pref("extensions.delta.newTab", false);
Line Found : user_pref("extensions.delta.prdct", "delta");
Line Found : user_pref("extensions.delta.prtnrId", "delta");
Line Found : user_pref("extensions.delta.rvrt", "false");
Line Found : user_pref("extensions.delta.sg", "azb");
Line Found : user_pref("extensions.delta.smplGrp", "none");
Line Found : user_pref("extensions.delta.tlbrId", "base");
Line Found : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Found : user_pref("extensions.delta.vrsn", "1.8.22.0");
Line Found : user_pref("extensions.delta.vrsnTs", "1.8.22.09:21:58");
Line Found : user_pref("extensions.delta.vrsni", "1.8.22.0");
Line Found : user_pref("extensions.delta_i.babExt", "");
Line Found : user_pref("extensions.delta_i.babTrack", "affID=119351&tsp=4970");
Line Found : user_pref("extensions.delta_i.srcExt", "ss");
Line Found : user_pref("extensions.toolbar.mindspark._8eMembers_.BUTTON_STRUCTURE", "[{\"b\":212182773,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":212182774,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
Line Found : user_pref("extensions.toolbar.mindspark._8eMembers_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=A4B35075-3C89-4980-BB51-BF4BE7074D48&n=77fd7dcb&p2=^AW6^xdm046^YYA^us&si=445074");
Line Found : user_pref("extensions.toolbar.mindspark._8eMembers_.initialized", true);
Line Found : user_pref("extensions.toolbar.mindspark._8eMembers_.installation.contextKey", "");
Line Found : user_pref("extensions.toolbar.mindspark._8eMembers_.installation.installDate", "2013101515");
Line Found : user_pref("extensions.toolbar.mindspark._8eMembers_.installation.partnerId", "^AW6^xdm046^YYA^us");
Line Found : user_pref("extensions.toolbar.mindspark._8eMembers_.installation.partnerSubId", "445074");
Line Found : user_pref("extensions.toolbar.mindspark._8eMembers_.installation.success", true);
Line Found : user_pref("extensions.toolbar.mindspark._8eMembers_.installation.toolbarId", "A4B35075-3C89-4980-BB51-BF4BE7074D48");
Line Found : user_pref("extensions.toolbar.mindspark._8eMembers_.lastActivePing", "1381867703987");
Line Found : user_pref("extensions.toolbar.mindspark._8eMembers_.lastKnownVersion", "5.40.2.29251");
Line Found : user_pref("extensions.toolbar.mindspark._8eMembers_.options.defaultSearch", false);
Line Found : user_pref("extensions.toolbar.mindspark._8eMembers_.options.homePageEnabled", false);
Line Found : user_pref("extensions.toolbar.mindspark._8eMembers_.options.keywordEnabled", false);
Line Found : user_pref("extensions.toolbar.mindspark._8eMembers_.options.tabEnabled", false);
Line Found : user_pref("extensions.toolbar.mindspark._8eMembers_.toolbarCollapsed", false);
Line Found : user_pref("extensions.toolbar.mindspark._8eMembers_.weather.location", "68101");
Line Found : user_pref("extensions.toolbar.mindspark.lastInstalled", "howtosimplified@mindspark.com");
Line Found : user_pref("extensions.wajam.affiliate_id", "6447");
Line Found : user_pref("extensions.wajam.firstrun", "false");
Line Found : user_pref("extensions.wajam.log_send_info", "false");
Line Found : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21087\",\"supported_sites\":{\"google\":{\"patterns\":[\"^hxxp\\\\:\\/\\/www\\\\.google\\\\..{2,3}(|\\\\\\/ig|\\\\\\/firefox)\",\"[...]
Line Found : user_pref("extensions.wajam.no_trace", "false");
Line Found : user_pref("extensions.wajam.server_current_mapping_version", "0.21087");
Line Found : user_pref("extensions.wajam.supported_sites.bing.wajam_yahoo_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';win[...]
Line Found : user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';[...]
Line Found : user_pref("extensions.wajam.supported_sites.myshopping.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';win[...]
Line Found : user_pref("extensions.wajam.supported_sites.yahoo.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';window['[...]
Line Found : user_pref("extensions.wajam.supported_sites.youtubesearch.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';[...]
Line Found : user_pref("extensions.wajam.trace_log", "1376096670036 - processInstallationUpgrade - version set to : 1.26\n1376096670037 - processBrowserLoad - Bad mappingListJsonString: null\n1376096671553 - onFla[...]
Line Found : user_pref("extensions.wajam.unique_id", "858D7E2DFE1ACDD8A90E800D1537B068");
Line Found : user_pref("extensions.wajam.user_current_mapping_version", "0");
Line Found : user_pref("extensions.wajam.version", "1.26");
Line Found : user_pref("extensions.wajam.website_version", "1.00274.12712");
Line Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?SSPV=&ctid=CT3291679&SearchSource=2&CUI=UN34476165251274322&UM=2&q=");
Line Found : user_pref("plugin.state.npconduitfirefoxplugin", 2);
Line Found : user_pref("smartbar.addressBarOwnerCTID", "CT3291679");
Line Found : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3289847&CUI=UN26206012242268127&UM=2&SearchSource=13&UP=SP12E6913C-B187-4F44-A36F-8FEFAB4340EC,hxxp://search.conduit.com/?c[...]
Line Found : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&SearchSource=2&CUI=UN26206012242268127&UM=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?cti[...]
Line Found : user_pref("smartbar.defaultSearchOwnerCTID", "CT3289663");
Line Found : user_pref("smartbar.homePageOwnerCTID", "CT3289663");
Line Found : user_pref("smartbar.machineId", "Y+ZAECU5TDMWA5HSGRUAGMLRI8WKW5FNN+CCWSDWJSSW5IUK3BXMZAVFM3UFYLKVD8371GIFHHMWF2ZV4GOBAW");
Line Found : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3291679&CUI=UN34476165251274322&UM=2&SearchSource=13");
 
-\\ Google Chrome v29.0.1547.66
 
[ File : C:\Users\tracy smith\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [108616 octets] - [13/11/2013 16:27:55]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [108678 octets] ##########

 



#7 roxyjo

roxyjo
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:28 AM

Posted 15 November 2013 - 03:59 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by tracy smith on Wed 11/13/2013 at 17:01:04.70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\dynconie.dynconieobject
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\dynconie.dynconieobject.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2830488C-079B-45C2-88B6-AFE4EAA2DF85}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{781CA792-9B6E-400B-B36F-15C097D2CA54}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1943075849-1627994162-2935686341-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1943075849-1627994162-2935686341-1001\Software\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dealplylive
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\firstsearch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\solid savings
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updatewhilokii_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updatewhilokii_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181102}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181102}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{35F6B1B0-42F4-4007-8C46-94F063CD4B61}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4C71E8DC-19A0-4F01-A098-2C7D7C0E0DE9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6BE4711D-7788-44EC-ACCC-29902FBA1A3E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2465}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B5214479-BB31-4207-83F1-92F87DBC3C3B}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2465}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B5214479-BB31-4207-83F1-92F87DBC3C3B}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\big fish"
Successfully deleted: [Folder] "C:\ProgramData\big fish games"
Successfully deleted: [Folder] "C:\ProgramData\strongvault online backup"
Successfully deleted: [Folder] "C:\Users\tracy smith\AppData\Roaming\big fish games"
Successfully deleted: [Folder] "C:\Users\tracy smith\appdata\local\apn"
Successfully deleted: [Folder] "C:\Users\tracy smith\appdata\local\big fish"
Successfully deleted: [Folder] "C:\Users\tracy smith\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\tracy smith\appdata\local\stronghold_llc"
Successfully deleted: [Folder] "C:\Users\tracy smith\appdata\local\strongvault online backup"
Successfully deleted: [Folder] "C:\Users\tracy smith\appdata\local\visualbeeclient"
Successfully deleted: [Folder] "C:\Users\tracy smith\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Program Files (x86)\qualitink"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uniblue"
Successfully deleted: [Folder] "C:\bigfishcache"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Folder] "C:\Windows\buzzsocialpointschecker"
Successfully deleted: [Empty Folder] C:\Users\tracy smith\appdata\local\{336E8B55-3AC2-4B00-AD17-75047D3E0580}
Successfully deleted: [Empty Folder] C:\Users\tracy smith\appdata\local\{A106A0A5-9BDC-4435-98F7-81826BB6C0BC}
Successfully deleted: [Empty Folder] C:\Users\tracy smith\appdata\local\{BC2C03B6-52EF-4021-951F-7E26FE740F50}
Successfully deleted: [Empty Folder] C:\Users\tracy smith\appdata\local\{CC46FBA5-B2AE-4B3D-B58B-25628B2C4D2D}
Successfully deleted: [Empty Folder] C:\Users\tracy smith\appdata\local\{FACE3663-6A4E-458E-AA1B-793678244972}
 
 
 
~~~ FireFox
 
Successfully deleted: [Folder] C:\Users\tracy smith\AppData\Roaming\mozilla\firefox\profiles\glgg7ugy.default\extensions\staged
Successfully deleted the following from C:\Users\tracy smith\AppData\Roaming\mozilla\firefox\profiles\glgg7ugy.default\prefs.js
 
user_pref("extensions.defaulttab.active.affiliate", 2201);
user_pref("extensions.defaulttab.active.overridechromesearch", false);
user_pref("extensions.defaulttab.active.overridekeywordsearch", false);
user_pref("extensions.defaulttab.browserID", "C308A54C606A12D48CF689B7FB43986C");
user_pref("extensions.defaulttab.firstrun", false);
user_pref("extensions.defaulttab.installedVersion", "2.0");
Emptied folder: C:\Users\tracy smith\AppData\Roaming\mozilla\firefox\profiles\glgg7ugy.default\minidumps [5 files]
 
 
 
~~~ Chrome
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 11/13/2013 at 17:10:22.82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

C:\AdwCleaner\Quarantine\C\Program Files\DomaIQ Uninstaller\DomaIQUninstall.exe.vir probably a variant of MSIL/DomaIQ.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe.vir a variant of MSIL/AdvancedSystemProtector.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\AspManager.exe.vir a variant of MSIL/AdvancedSystemProtector.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\filetypehelper.exe.vir a variant of MSIL/AdvancedSystemProtector.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\scandll.dll.vir a variant of MSIL/AdvancedSystemProtector.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Betcat\WBDesktop.Updater.exe.vir MSIL/WebCake.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPly.crx.vir Win32/DealPly.J application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPly.xpi.vir Win32/DealPly.J application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyIE.dll.vir a variant of Win32/DealPly.G application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyUpdateVer.exe.vir a variant of Win32/DealPly.F application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\tracy smith\AppData\Local\torch\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh\1.0.3_0\back.js.vir JS/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\tracy smith\AppData\Local\torch\User Data\Default\Extensions\gnbcopcndefcccgdofjadnafjljgofam\1.110_0\contentscript.js.vir Win32/Adware.AddLyrics.F application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\tracy smith\AppData\Roaming\Betcat\dat\Desktop.OS.dll.vir a variant of MSIL/WebCake.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\tracy smith\AppData\Roaming\Betcat\dat\Dora.dat.vir a variant of MSIL/WebCake.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\tracy smith\AppData\Roaming\Betcat\dat\Maintain.dat.vir a variant of MSIL/WebCake.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\tracy smith\AppData\Roaming\Betcat\dat\Paladin.dat.vir a variant of MSIL/WebCake.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\tracy smith\AppData\Roaming\Betcat\dat\Phoenix.dat.vir a variant of MSIL/WebCake.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\tracy smith\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll.vir a variant of Win32/Toolbar.DefaultTab.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\Extensions\{906000A4-88D9-4D52-B209-7A772970D91F}\chrome\content\dealplyshopping.xul.vir Win32/DealPly.J application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\tracy smith\AppData\Roaming\OpenCandy\78DE97901439423D83D81EFAF15D652E\AVG_Toolbar_CB_ALL_p3v4.exe.vir a variant of Win32/OpenCandy.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\tracy smith\AppData\Roaming\OpenCandy\78DE97901439423D83D81EFAF15D652E\OCBrowserHelper_1.0.6.128.exe.vir a variant of Win32/OpenCandy.A application cleaned by deleting - quarantined
C:\Program Files\Uninstaller\Uninstall.exe MSIL/DomaIQ.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Avira\AntiVir Desktop\apnic.dll a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Program Files (x86)\Avira\AntiVir Desktop\apntoolbarinstaller.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Program Files (x86)\Avira\AntiVir Desktop\Offercast_AVIRAV7_.exe a variant of Win32/Bundled.Toolbar.Ask.D application cleaned by deleting - quarantined
C:\Program Files (x86)\HowToSimplified_8e\bar\1.bin\8ebar.dll a variant of Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
C:\Program Files (x86)\HowToSimplified_8e\bar\1.bin\8edatact.dll a variant of Win32/Toolbar.MyWebSearch.A application cleaned by deleting - quarantined
C:\Program Files (x86)\HowToSimplified_8e\bar\1.bin\8ehtmlmu.dll probably a variant of Win32/Toolbar.MyWebSearch.B application cleaned by deleting - quarantined
C:\Program Files (x86)\HowToSimplified_8e\bar\1.bin\8eimpipe.exe Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
C:\Program Files (x86)\HowToSimplified_8e\bar\1.bin\8ePlugin.dll probably a variant of Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\Program Files (x86)\HowToSimplified_8e\bar\1.bin\8ereghk.dll Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
C:\Program Files (x86)\HowToSimplified_8e\bar\1.bin\8eskin.dll a variant of Win32/Toolbar.MyWebSearch.P application cleaned by deleting - quarantined
C:\Program Files (x86)\HowToSimplified_8e\bar\1.bin\8eskplay.exe Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
C:\Program Files (x86)\HowToSimplified_8e\bar\1.bin\8eSrchMn.exe Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
C:\Program Files (x86)\HowToSimplified_8e\bar\1.bin\AppIntegrator64.exe Win64/Toolbar.MyWebSearch.A application cleaned by deleting - quarantined
C:\Program Files (x86)\HowToSimplified_8e\bar\1.bin\AppIntegratorStub64.dll Win64/Toolbar.MyWebSearch.A application cleaned by deleting - quarantined
C:\Program Files (x86)\HowToSimplified_8e\bar\1.bin\CREXT.DLL a variant of Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
C:\Program Files (x86)\HowToSimplified_8e\bar\1.bin\Hpg64.dll Win64/Toolbar.MyWebSearch.A application cleaned by deleting - quarantined
C:\Program Files (x86)\HowToSimplified_8e\bar\1.bin\NP8eStub.dll Win32/Toolbar.MyWebSearch.T application cleaned by deleting - quarantined
C:\Program Files (x86)\HowToSimplified_8e\bar\1.bin\T8HTML.DLL probably a variant of Win32/Toolbar.MyWebSearch.F application cleaned by deleting - quarantined
C:\Program Files (x86)\Kozaka\KozakaBHO.dll a variant of Win32/BrowseFox.F application cleaned by deleting - quarantined
C:\Program Files (x86)\Kozaka\KozakaUninstall.exe Win32/BrowseFox.C application cleaned by deleting - quarantined
C:\Program Files (x86)\Kozaka\mciekghplkkgcmofonmkmlomhkamochd.crx Win32/BrowseFox.B application deleted - quarantined
C:\Program Files (x86)\Kozaka\updateKozaka.exe a variant of Win32/BrowseFox.G application cleaned by deleting (after the next restart) - quarantined
C:\Program Files (x86)\Kozaka\bin\utilKozaka.exe a variant of Win32/BrowseFox.G application cleaned by deleting (after the next restart) - quarantined
C:\Program Files (x86)\SmartPCFix\SmartPCFix.exe a variant of Win32/Adware.SmartPCFix.A application cleaned by deleting - quarantined
C:\Program Files (x86)\VideoConverter\VideoConverter.exe a variant of Win32/InstallCore.A application cleaned by deleting - quarantined
C:\ProgramData\TubeDimmer\IE\common.dll a variant of Win32/ExFriendAlert.B application cleaned by deleting - quarantined
C:\ProgramData\Updater\Uninstall.exe a variant of Win32/ExFriendAlert.B application cleaned by deleting - quarantined
C:\Users\tracy smith\AppData\Local\Google\Chrome\User Data\Default\Extensions\mciekghplkkgcmofonmkmlomhkamochd\1.0.0_1\background.js Win32/BrowseFox.B application cleaned by deleting - quarantined
C:\Users\tracy smith\AppData\Local\Google\Chrome\User Data\Default\Extensions\mciekghplkkgcmofonmkmlomhkamochd\1.0.0_1\content.js Win32/BrowseFox.B application cleaned by deleting - quarantined
C:\Users\tracy smith\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000 Win32/AdWare.1ClickDownload.AP application cleaned by deleting - quarantined
C:\Users\tracy smith\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3O1NOIY5\callagent[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Users\tracy smith\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3O1NOIY5\index[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\tracy smith\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3O1NOIY5\Setup[1].exe multiple threats cleaned by deleting - quarantined
C:\Users\tracy smith\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3O1NOIY5\Setup_20131030[1].exe a variant of Win32/ExFriendAlert.B application cleaned by deleting - quarantined
C:\Users\tracy smith\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JLYK67R3\Setup[1].exe multiple threats cleaned by deleting - quarantined
C:\Users\tracy smith\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YT0IV1CR\IMinentToolbar[1].exe multiple threats cleaned by deleting - quarantined
C:\Users\tracy smith\AppData\Local\Temp\tmp7174.exe a variant of Win32/Amonetize.B application cleaned by deleting - quarantined
C:\Users\tracy smith\AppData\Local\Temp\tmp8AD0.exe a variant of Win32/Amonetize.H application cleaned by deleting - quarantined
C:\Users\tracy smith\AppData\Local\Temp\toolbar133893411.exe Win32/BrowseFox.C application cleaned by deleting - quarantined
C:\Users\tracy smith\AppData\Local\Temp\toolbar133894971.exe a variant of Win32/Amonetize.W application cleaned by deleting - quarantined
C:\Users\tracy smith\AppData\Local\Temp\uninstall1345477.exe a variant of Win32/ExpressDownloader.H application cleaned by deleting - quarantined
C:\Users\tracy smith\AppData\Local\Temp\is1615585457\134869903_stp\rcpsetup_adppi4_adppi4.exe Win32/MyPCBackup.A application cleaned by deleting - quarantined
C:\Users\tracy smith\AppData\Local\Temp\is1615585457\134870039_stp\DefaultTabSetup.exe a variant of Win32/Toolbar.DefaultTab.B application cleaned by deleting - quarantined
C:\Users\tracy smith\AppData\Local\Temp\is1615585457\134870120_stp\uninstaller.exe Win32/InstallCore.AZ application cleaned by deleting - quarantined
C:\Users\tracy smith\AppData\Roaming\0D0S1L2Z1P1B\Zip Extractor Packages\uninstaller.exe Win32/InstallCore.AZ application cleaned by deleting - quarantined
C:\Users\tracy smith\AppData\Roaming\0S1F1O2Z0S2Y1H1T\Evasi0n Packages\uninstaller.exe Win32/InstallCore.AZ application cleaned by deleting - quarantined
C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\extensions\firefox@kozaka.net.xpi Win32/BrowseFox.B application deleted - quarantined
C:\Users\tracy smith\Documents\Avira\AntiVir Desktop\apnic.dll a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Users\tracy smith\Documents\Avira\AntiVir Desktop\apntoolbarinstaller.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Users\tracy smith\Downloads\ArcadeFrontierGames (2).exe Win32/OpenCandy application deleted - quarantined
C:\Users\tracy smith\Downloads\ArcadeFrontierGames.exe Win32/OpenCandy application deleted - quarantined
C:\Users\tracy smith\Downloads\avc-free.exe Win32/OpenCandy application cleaned by deleting - quarantined
C:\Users\tracy smith\Downloads\Chrome.exe a variant of Win32/AirAdInstaller.A application cleaned by deleting - quarantined
C:\Users\tracy smith\Downloads\Chrome_Setup (1).exe a variant of Win32/AdWare.iBryte.I.gen application cleaned by deleting - quarantined
C:\Users\tracy smith\Downloads\Chrome_Setup (2).exe a variant of Win32/AdWare.iBryte.I.gen application cleaned by deleting - quarantined
C:\Users\tracy smith\Downloads\Chrome_Setup (3).exe a variant of Win32/AdWare.iBryte.I.gen application cleaned by deleting - quarantined
C:\Users\tracy smith\Downloads\Chrome_Setup (4).exe a variant of Win32/AdWare.iBryte.I.gen application cleaned by deleting - quarantined
C:\Users\tracy smith\Downloads\Chrome_Setup (5).exe a variant of Win32/AdWare.iBryte.I.gen application cleaned by deleting - quarantined
C:\Users\tracy smith\Downloads\Chrome_Setup (6).exe a variant of Win32/AdWare.iBryte.I.gen application cleaned by deleting - quarantined
C:\Users\tracy smith\Downloads\Chrome_Setup (7).exe a variant of Win32/AdWare.iBryte.I.gen application cleaned by deleting - quarantined
C:\Users\tracy smith\Downloads\Chrome_Setup.exe a variant of Win32/AdWare.iBryte.I.gen application cleaned by deleting - quarantined
C:\Users\tracy smith\Downloads\Chrome_Update (1).exe a variant of Win32/AirAdInstaller.A application cleaned by deleting - quarantined
C:\Users\tracy smith\Downloads\Chrome_Update.exe a variant of Win32/AirAdInstaller.A application cleaned by deleting - quarantined
C:\Users\tracy smith\Downloads\CodecPackage.exe Win32/InstallCore.BN application cleaned by deleting - quarantined
C:\Users\tracy smith\Downloads\dmtempdownloadCE6AA4E552C31C478F21AE4633030E1E.tmp Win32/TrojanClicker.Autoit.NBR trojan cleaned by deleting - quarantined
C:\Users\tracy smith\Downloads\Evasi0n_Setup (3).exe a variant of Win32/InstallCore.ES application cleaned by deleting - quarantined
C:\Users\tracy smith\Downloads\FFSetup296.exe multiple threats cleaned by deleting - quarantined
C:\Users\tracy smith\Downloads\monkeymoneyslots-setup.exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined
C:\Users\tracy smith\Downloads\overcast_7_downloader_us_99370.exe a variant of Win32/ExpressDownloader.H application cleaned by deleting - quarantined
C:\Users\tracy smith\Downloads\snowbreeze setup.exe a variant of Win32/Soft32Downloader.D application cleaned by deleting - quarantined
C:\Users\tracy smith\Downloads\Snowbreeze4.3.exe Win32/TrojanClicker.Autoit.NBR trojan cleaned by deleting - quarantined
C:\Users\tracy smith\Downloads\uplayermediaplayer-setup.exe Win32/DownloadAdmin.G application cleaned by deleting - quarantined
C:\Users\tracy smith\Downloads\Windows_8_pro_32_and_64_bit_Serial_[With_Wmc_.exe multiple threats cleaned by deleting - quarantined
C:\Users\tracy smith\Downloads\Wiz_Khalifa_-_Prince_of_the_City_2.exe Win32/AdWare.1ClickDownload.AP application cleaned by deleting - quarantined


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,924 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:28 AM

Posted 15 November 2013 - 04:37 PM

Thanks.....

Double click on AdwCleaner.exe to run the tool again.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .
    .
  • Please download Farbar Service Scanner and run it on the computer with the issue.
    • Make sure the following options are checked:
      • Internet Services
      • Windows Firewall
      • System Restore
      • Security Center/Action Center
      • Windows Update
      • Windows Defender
    • Press "Scan".
    • It will create a log (FSS.txt) in the same directory the tool is run.
    • Please copy and paste the log to your reply.

Edited by boopme, 15 November 2013 - 04:39 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 roxyjo

roxyjo
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:28 AM

Posted 15 November 2013 - 11:21 PM

# AdwCleaner v3.012 - Report created 15/11/2013 at 20:54:46
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : tracy smith - RJCOMPUTER
# Running from : C:\Users\tracy smith\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : CltMngSvc
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Program Files (x86)\Searchprotect
Folder Deleted : C:\Program Files (x86)\weDownload Manager Pro
Folder Deleted : C:\Users\tracy smith\AppData\Local\Searchprotect
Folder Deleted : C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\Extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com
Folder Deleted : C:\Users\tracy smith\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb
File Deleted : C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\searchplugins\conduit-search.xml
File Deleted : C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\user.js
File Deleted : C:\Windows\Tasks\weDownload Manager Pro-chromeinstaller.job
File Deleted : C:\Windows\Tasks\weDownload Manager Pro-codedownloader.job
File Deleted : C:\Windows\Tasks\weDownload Manager Pro-enabler.job
File Deleted : C:\Windows\Tasks\weDownload Manager Pro-firefoxinstaller.job
File Deleted : C:\Windows\Tasks\weDownload Manager Pro-updater.job
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0043628.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0043628.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0043628.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0043628.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411361128}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422362228}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455365528}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466366628}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444364428}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411361128}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411361128}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{041d2f18-03bb-49df-b14c-ea5b4e94c15c}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35430b06-871a-4590-bc61-16fb1dd8d60f}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6d47c279-ec08-460b-9229-07b348b6fea8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8b95d0c0-8e8b-4b71-ba31-417b00453fbe}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8f12f2d9-de65-4a21-8db7-6008f51ac540}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411361128}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422362228}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455365528}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466366628}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411361128}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{041d2f18-03bb-49df-b14c-ea5b4e94c15c}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35430b06-871a-4590-bc61-16fb1dd8d60f}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6d47c279-ec08-460b-9229-07b348b6fea8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8b95d0c0-8e8b-4b71-ba31-417b00453fbe}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8f12f2d9-de65-4a21-8db7-6008f51ac540}
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\weDownload Manager Pro
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\weDownload Manager Pro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\weDownload Manager Pro
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16736
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
 
-\\ Mozilla Firefox v18.0 (en-US)
 
[ File : C:\Users\tracy smith\AppData\Roaming\Mozilla\Firefox\Profiles\glgg7ugy.default\prefs.js ]
 
Line Deleted : user_pref("browser.newtab.url", "hxxp://search.conduit.com/?ctid=CT3317458&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=sspvC_sp_ff&Lay=1&UM=2&UP=SP3B74AADE-6EA6-47F9-B25E-F8E689F2C559");
Line Deleted : user_pref("browser.search.selectedEngine", "Conduit Search");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3317458&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP3B74AADE-6EA6-47F9-B25E-F8E689F2C559&SSPV=sspvC_sp_ff");
 
-\\ Google Chrome v29.0.1547.66
 
[ File : C:\Users\tracy smith\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [109164 octets] - [13/11/2013 16:27:55]
AdwCleaner[R1].txt - [8924 octets] - [15/11/2013 20:52:17]
AdwCleaner[S0].txt - [108454 octets] - [13/11/2013 16:35:58]
AdwCleaner[S1].txt - [6011 octets] - [15/11/2013 20:54:46]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [6071 octets] ##########


#10 roxyjo

roxyjo
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:28 AM

Posted 15 November 2013 - 11:25 PM

Farbar Service Scanner Version: 10-11-2013
Ran by tracy smith (administrator) on 15-11-2013 at 21:23:52
Running from "C:\Users\tracy smith\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2013-11-13 22:00] - [2013-09-27 19:09] - 0497152 ____A (Microsoft Corporation) 79059559E89D06E8B80CE2944BE20228
 
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2013-10-10 12:10] - [2013-09-07 20:30] - 1903552 ____A (Microsoft Corporation) 40AF23633D197905F03AB5628C558C51
 
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****


#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,924 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:28 AM

Posted 18 November 2013 - 10:27 AM

It's looking pretty good here, how is running?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 roxyjo

roxyjo
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:28 AM

Posted 18 November 2013 - 01:50 PM

it's running pretty good but when i start it i have to hit esc twice right away and it says hard disk error and then it goes to another screen i hit f9 then enter enter and then windows starts if i don't hit the esc esc right away it won't go to the f9 screen and i have to restart it do you know why that is



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,924 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:28 AM

Posted 18 November 2013 - 07:31 PM

OK,we'll do this to check the system files and such.
 
Download Windows Repair (All in One) from [url=" site
Install the program then run it.
NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.

Go to Step 2 and allow it to run CheckDisk by clicking on Do It button:
p22002979.gif
 
Once that is done then go to Step 3 and allow it to run System File Check by clicking on Do It button:
p22002980.gif

Go to Step 4 and under "System Restore" click on Create button:
p22002982.gif

Go to Start Repairs tab and click Start button.
Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.
Click on Start button.
p22003030.gif
Post Windows Repair log (_windows_repair_log.txt) which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 roxyjo

roxyjo
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:28 AM

Posted 19 November 2013 - 01:36 AM

Starting Repairs...
   Start (11/18/2013 9:58:14 PM)
 
01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (11/18/2013 9:58:14 PM)
   Running Repair Under Current User Account
   Done (11/18/2013 9:58:21 PM)
 
01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (11/18/2013 9:58:21 PM)
   Running Repair Under System Account
   Done (11/18/2013 10:01:42 PM)
 
01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (11/18/2013 10:01:42 PM)
   Running Repair Under System Account
   Done (11/18/2013 10:02:54 PM)
 
03 - Register System Files
   Start (11/18/2013 10:02:55 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/18/2013 10:03:23 PM)
 
04 - Repair WMI
   Start (11/18/2013 10:03:23 PM)
   Running Repair Under Current User Account
   Done (11/18/2013 10:07:21 PM)
 
05 - Repair Windows Firewall
   Start (11/18/2013 10:07:21 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/18/2013 10:07:59 PM)
 
06 - Repair Internet Explorer
   Start (11/18/2013 10:07:59 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/18/2013 10:08:26 PM)
 
07 - Repair MDAC/MS Jet
   Start (11/18/2013 10:08:26 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/18/2013 10:08:39 PM)
 
08 - Repair Hosts File
   Start (11/18/2013 10:08:39 PM)
   Running Repair Under System Account
   Done (11/18/2013 10:08:42 PM)
 
09 - Remove Policies Set By Infections
   Start (11/18/2013 10:08:42 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/18/2013 10:08:46 PM)
 
11 - Repair Icons
   Start (11/18/2013 10:08:46 PM)
   Running Repair Under System Account
   Done (11/18/2013 10:08:49 PM)
 
12 - Repair Winsock & DNS Cache
   Start (11/18/2013 10:08:49 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/18/2013 10:09:02 PM)
 
14 - Repair Proxy Settings
   Start (11/18/2013 10:09:02 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/18/2013 10:09:07 PM)
 
16 - Repair Windows Updates
   Start (11/18/2013 10:09:07 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/18/2013 10:09:36 PM)
 
17 - Repair CD/DVD Missing/Not Working
   Start (11/18/2013 10:09:36 PM)
   Done (11/18/2013 10:09:36 PM)
 
18 - Repair Volume Shadow Copy Service
   Start (11/18/2013 10:09:36 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/18/2013 10:09:45 PM)
 
20 - Repair MSI (Windows Installer)
   Start (11/18/2013 10:09:45 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/18/2013 10:09:58 PM)
 
22.01 - Repair bat Association
   Start (11/18/2013 10:09:58 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/18/2013 10:10:03 PM)
 
22.02 - Repair cmd Association
   Start (11/18/2013 10:10:03 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/18/2013 10:10:08 PM)
 
22.03 - Repair com Association
   Start (11/18/2013 10:10:08 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/18/2013 10:10:12 PM)
 
22.04 - Repair Directory Association
   Start (11/18/2013 10:10:12 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/18/2013 10:10:17 PM)
 
22.05 - Repair Drive Association
   Start (11/18/2013 10:10:17 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/18/2013 10:10:22 PM)
 
22.06 - Repair exe Association
   Start (11/18/2013 10:10:22 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/18/2013 10:10:27 PM)
 
22.07 - Repair Folder Association
   Start (11/18/2013 10:10:27 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/18/2013 10:10:31 PM)
 
22.08 - Repair inf Association
   Start (11/18/2013 10:10:31 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/18/2013 10:10:36 PM)
 
22.09 - Repair lnk (Shortcuts) Association
   Start (11/18/2013 10:10:36 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/18/2013 10:10:41 PM)
 
22.10 - Repair msc Association
   Start (11/18/2013 10:10:41 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/18/2013 10:10:46 PM)
 
22.11 - Repair reg Association
   Start (11/18/2013 10:10:46 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/18/2013 10:10:50 PM)
 
22.12 - Repair scr Association
   Start (11/18/2013 10:10:50 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/18/2013 10:10:55 PM)
 
23 - Repair Windows Safe Mode
   Start (11/18/2013 10:10:55 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/18/2013 10:11:00 PM)
 
24 - Repair Print Spooler
   Start (11/18/2013 10:11:00 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/18/2013 10:11:11 PM)
 
25 - Restore Important Windows Services
   Start (11/18/2013 10:11:11 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/18/2013 10:11:16 PM)
 
26 - Set Windows Services To Default Startup
   Start (11/18/2013 10:11:16 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/18/2013 10:11:25 PM)
 
Cleaning up empty logs...
 
All Selected Repairs Done.
   Done (11/18/2013 10:11:25 PM)
   Total Repair Time: 00:13:11
 
 
...YOU MUST RESTART YOUR SYSTEM...
   Running Repair Under Current User Account


#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,924 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:28 AM

Posted 19 November 2013 - 10:10 AM

So , how is it running?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users