Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

[PLEASE HELP] Severe popups and malicious viruses on computer!.


  • Please log in to reply
29 replies to this topic

#1 NigelTowns1

NigelTowns1

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:40 AM

Posted 13 August 2015 - 08:32 AM

Hi we have extremely severe aggressive pop-ups on the computer activating system32 and preventing us from using the computer properly.

 

Can someone/ anyone help and advise on what the best procedure is to remedy this problem?

 

The laptop is HP Envy currently running windows 10.

 

If someone can get back to us ASAP that will be sincerely appreciated. We are struggling to even view this page due to pop-ups/ virus.

 

Thanks!



BC AdBot (Login to Remove)

 


#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:01:40 AM

Posted 13 August 2015 - 08:43 AM

Hello,

I will be assisting you with your problem.

Do you have another clean machine and a flash drive? It might be easier to transfer tools from the clean machine to the sick one if the popups make it too hard to see things.

MiniToolbox by Farbar

Avast users please disable your antivirus before downloading!
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (choose Errors only)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore Points
Click Go and post the result (MTB.txt). A copy of Result.txt will be saved in the same directory the tool is run.

===

AdwCleaner by Xplode

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on I agree button.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • DO NOT CLEAN ANYTHING! Removal will be done after analysis of the log.
  • After the scan has finished, click on the Logfile button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
Regards,
Alex

#3 NigelTowns1

NigelTowns1
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:40 AM

Posted 13 August 2015 - 09:08 AM

MiniToolBox by Farbar  Version: 25-07-2015 01
Ran by nigel (administrator) on 13-08-2015 at 15:07:08
Running from "C:\Users\nigel\Desktop\Antivirus software 08.15"
Microsoft Windows 10 Home  (X64)
Model: HP ENVY TS 15 Notebook PC Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
0.0.0.1 mssplus.mcafee.com
 
 
========================= IP Configuration: ================================
 
Intel® Centrino® Wireless-N 2230 Driver = WiFi (Connected)
Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="WiFi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 12" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 13" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ethernet_3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="wireless_11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : NigelLaptop
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : lan
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : A0-D3-C1-CA-0A-F9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Local Area Connection* 12:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 00-C2-C6-15-53-7A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter WiFi:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 2230
   Physical Address. . . . . . . . . : 00-C2-C6-15-53-79
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::b8d1:6adc:78f:276c%9(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.10(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 13 August 2015 14:18:22
   Lease Expires . . . . . . . . . . : 14 August 2015 14:18:21
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 201376454
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-1C-34-49-A0-D3-C1-CA-0A-F9
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 00-C2-C6-15-53-7D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:3446:37eb:d12f:aa8b(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::3446:37eb:d12f:aa8b%12(Preferred) 
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 369098752
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-1C-34-49-A0-D3-C1-CA-0A-F9
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.{7314B978-C3A8-4571-90CB-432A4168B55F}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.0.1
 
Name:    google.com
Addresses:  2a00:1450:4009:80c::200e
 216.58.208.78
 
 
Pinging google.com [216.58.208.46] with 32 bytes of data:
Reply from 216.58.208.46: bytes=32 time=447ms TTL=57
Reply from 216.58.208.46: bytes=32 time=393ms TTL=57
 
Ping statistics for 216.58.208.46:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 393ms, Maximum = 447ms, Average = 420ms
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.0.1
 
Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
 2001:4998:c:a06::2:4008
 2001:4998:44:204::a7
 206.190.36.45
 98.139.183.24
 98.138.253.109
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=663ms TTL=47
Reply from 206.190.36.45: bytes=32 time=206ms TTL=47
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 206ms, Maximum = 663ms, Average = 434ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 19...a0 d3 c1 ca 0a f9 ......Realtek PCIe GBE Family Controller
  5...00 c2 c6 15 53 7a ......Microsoft Wi-Fi Direct Virtual Adapter
  9...00 c2 c6 15 53 79 ......Intel® Centrino® Wireless-N 2230
 18...00 c2 c6 15 53 7d ......Bluetooth Device (Personal Area Network)
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
  7...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.10     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.10    281
     192.168.0.10  255.255.255.255         On-link      192.168.0.10    281
    192.168.0.255  255.255.255.255         On-link      192.168.0.10    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.10    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.10    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12    306 ::/0                     On-link
  1    306 ::1/128                  On-link
 12    306 2001::/32                On-link
 12    306 2001:0:9d38:6abd:3446:37eb:d12f:aa8b/128
                                    On-link
  9    281 fe80::/64                On-link
 12    306 fe80::/64                On-link
 12    306 fe80::3446:37eb:d12f:aa8b/128
                                    On-link
  9    281 fe80::b8d1:6adc:78f:276c/128
                                    On-link
  1    306 ff00::/8                 On-link
  9    281 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [54784] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23552] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [51200] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67072] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [79872] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [62976] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (08/13/2015 02:20:18 PM) (Source: ESENT) (User: )
Description: SettingSyncHost (7032) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
 
Error: (08/13/2015 02:20:18 PM) (Source: ESENT) (User: )
Description: SettingSyncHost (7032) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).
 
Error: (08/13/2015 02:20:07 PM) (Source: ESENT) (User: )
Description: SettingSyncHost (7032) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
 
Error: (08/13/2015 02:20:07 PM) (Source: ESENT) (User: )
Description: SettingSyncHost (7032) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).
 
Error: (08/13/2015 02:19:57 PM) (Source: ESENT) (User: )
Description: SettingSyncHost (7032) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
 
Error: (08/13/2015 02:19:57 PM) (Source: ESENT) (User: )
Description: SettingSyncHost (7032) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).
 
Error: (08/13/2015 02:19:47 PM) (Source: ESENT) (User: )
Description: SettingSyncHost (7032) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
 
Error: (08/13/2015 02:19:47 PM) (Source: ESENT) (User: )
Description: SettingSyncHost (7032) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).
 
Error: (08/13/2015 02:19:36 PM) (Source: ESENT) (User: )
Description: SettingSyncHost (7032) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
 
Error: (08/13/2015 02:19:36 PM) (Source: ESENT) (User: )
Description: SettingSyncHost (7032) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).
 
 
System errors:
=============
Error: (08/13/2015 02:33:10 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (08/13/2015 02:33:03 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (08/13/2015 02:32:56 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (08/13/2015 02:32:48 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (08/13/2015 02:22:53 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (08/13/2015 02:21:58 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (08/13/2015 02:21:52 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (08/13/2015 02:21:46 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (08/13/2015 02:20:11 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
Error: (08/13/2015 02:20:05 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
 
 
Microsoft Office Sessions:
=========================
Error: (08/13/2015 02:20:18 PM) (Source: ESENT)(User: )
Description: SettingSyncHost7032-1032
 
Error: (08/13/2015 02:20:18 PM) (Source: ESENT)(User: )
Description: SettingSyncHost7032C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.
 
Error: (08/13/2015 02:20:07 PM) (Source: ESENT)(User: )
Description: SettingSyncHost7032-1032
 
Error: (08/13/2015 02:20:07 PM) (Source: ESENT)(User: )
Description: SettingSyncHost7032C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.
 
Error: (08/13/2015 02:19:57 PM) (Source: ESENT)(User: )
Description: SettingSyncHost7032-1032
 
Error: (08/13/2015 02:19:57 PM) (Source: ESENT)(User: )
Description: SettingSyncHost7032C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.
 
Error: (08/13/2015 02:19:47 PM) (Source: ESENT)(User: )
Description: SettingSyncHost7032-1032
 
Error: (08/13/2015 02:19:47 PM) (Source: ESENT)(User: )
Description: SettingSyncHost7032C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.
 
Error: (08/13/2015 02:19:36 PM) (Source: ESENT)(User: )
Description: SettingSyncHost7032-1032
 
Error: (08/13/2015 02:19:36 PM) (Source: ESENT)(User: )
Description: SettingSyncHost7032C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.
 
 
=========================== Installed Programs ============================
 
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
Aloha TriPeaks (HKLM-x32\...\WTA-c7e19968-344b-4e98-ad23-6c248c8fb0bc) (Version: 2.2.0.98 - WildTangent) Hidden
Attachment Icons for Gmail (HKLM-x32\...\{7BCAC0EB-3993-2416-0531-848C39DF8B65}) (Version:  - )
AuthenTec TrueAPI 64-bit (HKLM\...\{EBC0CC3F-B7A1-4FC8-8014-4C7BFD3925E8}) (Version: 1.6.0.87 - AuthenTec, Inc.) Hidden
Bejeweled 3 (HKLM-x32\...\WTA-be23f4f5-8ff8-4da9-aae2-1568b25cc51e) (Version: 2.2.0.98 - WildTangent) Hidden
BEtterPriceCuHeac (HKLM-x32\...\{4E5FE462-1A84-47B4-3411-C72434AAD86C}) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot (HKLM-x32\...\WTA-fd75a43c-19c3-496d-a2ba-0320de965361) (Version: 2.2.0.98 - WildTangent) Hidden
Citrix Online Launcher (HKLM-x32\...\{1EFF9E6C-76E1-43F9-81FB-BC8C037B0902}) (Version: 1.0.258 - Citrix)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
Cradle of Rome 2 (HKLM-x32\...\WTA-d81a3771-0707-428d-b6b7-54e9d7baafd4) (Version: 2.2.0.98 - WildTangent) Hidden
Crazy Chicken Soccer (HKLM-x32\...\WTA-a3c283cc-b752-4477-b267-b936c7a55993) (Version: 2.2.0.110 - WildTangent) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2606 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.5.4628 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Farm Frenzy (HKLM-x32\...\WTA-1e1efbfc-0bc7-4964-8ec6-1a08105c2adb) (Version: 2.2.0.98 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.1 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-442f7804-d893-4c51-8653-302ac19fca42) (Version: 2.2.0.110 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{0FEE0C28-850D-4AC0-92E7-57D214134102}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\{34C821CA-6B55-44A0-8A9B-2EF471D6019E}) (Version: 6.0.100.272 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{3EDAF5B5-0CA9-4967-B103-FBFF1162C336}) (Version: 1.2.10 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{DA2600C1-6BDF-4FD1-1211-148929CC1385}) (Version: 2.6.1211.0294 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® Smart Connect Technology 4.0 x64 (HKLM\...\{5D1D65C3-E6D3-4751-AEFD-CAB4E3EB85F2}) (Version: 4.0.41.2072 - Intel)
Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® WiDi (HKLM\...\{C605440F-2748-435F-9F29-EB1C8134856F}) (Version: 4.1.17.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-85715371-b2a8-4a18-b4b9-14e12bed2134) (Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest II (HKLM-x32\...\WTA-cb3bc532-ce7f-4852-a5a3-06cf37291dc3) (Version: 2.2.0.97 - WildTangent) Hidden
Mahjongg Artifacts (HKLM-x32\...\WTA-5e369a5d-d852-4694-b1c9-402a9ce189e1) (Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 14.0.4113 - McAfee, Inc.)
McAfee SafeKey(uninstall only) (HKLM-x32\...\safekey) (Version: 2.1.10 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.149.2 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.124 - McAfee, Inc.)
MergeModule_x86 (HKLM-x32\...\{DD7721BB-CF1C-4DC9-AD87-8D5FB75413B7}) (Version: 9.3.00 - Sony Corporation) Hidden
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4737.1003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-1b90d4d4-4bfa-450f-ab79-fdbe7660e72c) (Version: 2.2.0.98 - WildTangent) Hidden
PlayMemories Home (HKLM-x32\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 4.3.01.06011 - Sony Corporation)
PMB_ModeEditor (HKLM-x32\...\{D5318740-B088-4B1A-B6A8-1F90A172CCD1}) (Version: 9.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (HKLM-x32\...\{E7FDF11C-12BB-4D6F-9B6D-F8E488C776DC}) (Version: 9.3.01 - Sony Corporation) Hidden
Polar Bowler (HKLM-x32\...\WTA-8bb264b0-a205-4867-9903-e3cbc3f04ff4) (Version: 2.2.0.97 - WildTangent) Hidden
Ranch Rush 2 - Premium Edition (HKLM-x32\...\WTA-b68b0fe6-2725-4f63-8abe-38c7572546a5) (Version: 2.2.0.98 - WildTangent) Hidden
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1507.61 - Trusteer) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21239 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
RocketTab (HKLM-x32\...\RocketTab) (Version: 1.0 - RocketTab)
Royal Envoy 2 Collector's Edition (HKLM-x32\...\WTA-1ec7b258-5fb4-40e9-8e48-c59e5ca7ed91) (Version: 3.0.2.32 - WildTangent) Hidden
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.06.60 (17/03/2015) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.79.00(26/03/2015) - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.21 (02/07/2015) - Samsung Electronics Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.3.2 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.25 - Samsung Electronics Co., Ltd.) Hidden
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.05.00 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.19.0 - Samsung Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)
Trinklit Supreme (HKLM-x32\...\WTA-98a5bc4a-f05a-44c6-abd4-091c61886a12) (Version: 2.2.0.98 - WildTangent) Hidden
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1507.61 - Trusteer)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (HKLM-x32\...\WTA-7a73d0d1-7a54-4cc9-b7db-72bebc7d7558) (Version: 3.0.2.32 - WildTangent) Hidden
Validity WBF DDK (HKLM\...\{B80C52A3-7666-4068-A371-7867F51E68EB}) (Version: 4.5.122.0 - Validity Sensors, Inc.)
Virtual Families (HKLM-x32\...\WTA-392ff77a-dc52-423c-8920-417e288d0034) (Version: 2.2.0.98 - WildTangent) Hidden
Wedding Dash (HKLM-x32\...\WTA-447ac3f8-05c9-459b-87fc-69e82e5cf00b) (Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.10.5 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Youda Jewel Shop (HKLM-x32\...\WTA-06df9891-9030-4365-baea-749a26c2a8cb) (Version: 3.0.2.32 - WildTangent) Hidden
Zuma's Revenge (HKLM-x32\...\WTA-82f99620-d6ad-4375-b9fb-c1374491ea83) (Version: 2.2.0.98 - WildTangent) Hidden
 
========================= Devices: ================================
 
Name: Generic PnP Monitor
Description: Generic PnP Monitor
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard monitor types)
Service: monitor
Device ID: DISPLAY\AUO32ED\4&4AC5313&0&UID265988
 
Name: Microsoft Bluetooth LE Enumerator
Description: Microsoft Bluetooth LE Enumerator
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Microsoft
Service: BthLEEnum
Device ID: BTH\MS_BTHLE\6&11F50DF7&0&0
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C02\1
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C02\2
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C02\5
 
Name: Legacy device
Description: Legacy device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: 
Device ID: ACPI\INT0800\4&34CD09F5&0
 
Name: Microsoft ACPI-Compliant Embedded Controller
Description: Microsoft ACPI-Compliant Embedded Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C09\1
 
Name: PCI-to-PCI Bridge
Description: PCI-to-PCI Bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Device ID: PCI\VEN_8086&DEV_8C1C&SUBSYS_1963103C&REV_D5\3&11583659&0&E6
 
Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt
Device ID: ACPI\PNP0C0A\1
 
Name: Intel® Centrino® Wireless-N 2230
Description: Intel® Centrino® Wireless-N 2230
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: NETwNe64
Device ID: PCI\VEN_8086&DEV_0887&SUBSYS_40628086&REV_C4\4&4CACD1A&0&00E0
 
Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C0B\0
 
Name: Root Print Queue
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Device ID: SWD\PRINTENUM\PRINTQUEUES
 
Name: PCI standard ISA bridge
Description: PCI standard ISA bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: msisadrv
Device ID: PCI\VEN_8086&DEV_8C4B&SUBSYS_1963103C&REV_05\3&11583659&0&F8
 
Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB20\4&2A453B5D&0
 
Name: Microsoft Print to PDF
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Device ID: SWD\PRINTENUM\{199C68B1-B461-4522-84C2-1345640D7597}
 
Name: PCI-to-PCI Bridge
Description: PCI-to-PCI Bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Device ID: PCI\VEN_8086&DEV_8C10&SUBSYS_1963103C&REV_D5\3&11583659&0&E2
 
Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: volmgr
Device ID: ROOT\VOLMGR\0000
 
Name: Validity Sensors (WBF) (PID=0050)
Description: Validity Sensors (WBF) (PID=0050)
Class Guid: {53d29ef7-377c-4d14-864b-eb3a85769359}
Manufacturer: Validity Sensors, Inc.
Service: WUDFRd
Device ID: USB\VID_138A&PID_0050\F31000A0FED1
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{17AC398F-795E-11E4-BE93-806E6F6E6963}#000000E309600000
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{17AC398F-795E-11E4-BE93-806E6F6E6963}#0000000000100000
 
Name: Microsoft Basic Display Driver
Description: Microsoft Basic Display Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard display types)
Service: BasicDisplay
Device ID: ROOT\BASICDISPLAY\0000
 
Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0100\4&34CD09F5&0
 
Name: HP Wireless Button Driver
Description: HP Wireless Button Driver
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Hewlett-Packard
Service: WirelessButtonDriver
Device ID: ACPI\HPQ6001\2&DABA3FF&2
 
Name: Synaptics SMBus ClickPad
Description: Synaptics SMBus ClickPad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt
Device ID: ACPI\SYN1E89\4&34CD09F5&0
 
Name: Microsoft IPv4 IPv6 Transition Adapter Bus
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service: 
Device ID: SWD\IP_TUNNEL_VBUS\IP_TUNNEL_DEVICE_ROOT
 
Name: Synaptics SMBus Driver
Description: Synaptics SMBus Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: SmbDrvI
Device ID: PCI\VEN_8086&DEV_8C22&SUBSYS_1963103C&REV_05\3&11583659&0&FB
 
Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: SWD\IP_TUNNEL_VBUS\TEREDO_TUNNEL_DEVICE
 
Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\THERMALZONE\TZ00
 
Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\THERMALZONE\TZ01
 
Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\THERMALZONE\TZ02
 
Name: Internal Microphone Array (IDT High Definition Audio CODEC)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MMDEVAPI\{0.0.1.00000000}.{D2A5DC6C-0A89-4CBF-BDFD-6848661A6471}
 
Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi
Device ID: ACPI\PNP0C14\0
 
Name: HID-compliant wireless radio controls
Description: HID-compliant wireless radio controls
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: 
Device ID: HID\HPQ6001\3&9489F59&0&0000
 
Name: Intel® HD Graphics 4600
Description: Intel® HD Graphics 4600
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Device ID: PCI\VEN_8086&DEV_0416&SUBSYS_1963103C&REV_06\3&11583659&0&10
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{17AC398F-795E-11E4-BE93-806E6F6E6963}#0000000031500000
 
Name: Bluetooth
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service: 
Device ID: SWD\RADIO\BLUETOOTH_7D5315C6C200
 
Name: HP Truevision HD
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Device ID: USB\VID_0BDA&PID_571A&MI_00\6&2174628F&0&0000
 
Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0103\0
 
Name: Intel® Xeon® processor E3-1200 v3/4th Gen Core processor DRAM Controller - 0C04
Description: Intel® Xeon® processor E3-1200 v3/4th Gen Core processor DRAM Controller - 0C04
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: 
Device ID: PCI\VEN_8086&DEV_0C04&SUBSYS_1963103C&REV_06\3&11583659&0&00
 
Name: Composite Bus Enumerator
Description: Composite Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: CompositeBus
Device ID: ROOT\COMPOSITEBUS\0000
 
Name: Microsoft Virtual Drive Enumerator
Description: Microsoft Virtual Drive Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vdrvroot
Device ID: ROOT\VDRVROOT\0000
 
Name: Speakers / HP (IDT High Definition Audio CODEC)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MMDEVAPI\{0.0.0.00000000}.{5B986F80-A2A1-4B98-B747-94B75AD39367}
 
Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: SWD\IP_TUNNEL_VBUS\ISATAP_1
 
Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt
Device ID: ACPI\ACPI0003\2&DABA3FF&2
 
Name: Microsoft Storage Spaces Controller
Description: Microsoft Storage Spaces Controller
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: spaceport
Device ID: ROOT\SPACEPORT\0000
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{17AC398F-795E-11E4-BE93-806E6F6E6963}#0000000029500000
 
Name: UoIP Hub
Description: UoIP Hub
Class Guid: {624e2be2-3c4c-4303-8cc7-8c318f348d03}
Manufacturer: Intel Corporation
Service: usb3Hub
Device ID: ROOT\INTEL_UOIP_BUS_DRIVER\0000
 
Name: HP Mobile Data Protection Sensor
Description: HP Mobile Data Protection Sensor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service: Accelerometer
Device ID: ACPI\HPQ6007\3&11583659&0
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{17AC398F-795E-11E4-BE93-806E6F6E6963}#0000000019100000
 
Name: Microsoft Kernel Debug Network Adapter
Description: Microsoft Kernel Debug Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kdnic
Device ID: ROOT\KDNIC\0000
 
Name: Microsoft XPS Document Writer
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Device ID: SWD\PRINTENUM\{D943D8D8-F7EB-4400-8EEE-A8CFF8C894B5}
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT1
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT2
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT3
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT4
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT5
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT6
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT7
 
Name: Microsoft Bluetooth Enumerator
Description: Microsoft Bluetooth Enumerator
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Microsoft
Service: BthEnum
Device ID: BTH\MS_BTHBRB\6&11F50DF7&0&1
 
Name: Intel® Wireless Bluetooth®
Description: Intel® Wireless Bluetooth®
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Intel Corporation
Service: BTHUSB
Device ID: USB\VID_8087&PID_07DA\5&29426F09&0&5
 
Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C0D\2&DABA3FF&2
 
Name: Intel® Xeon® processor E3-1200 v3/4th Gen Core processor PCI Express x16 Controller - 0C01
Description: Intel® Xeon® processor E3-1200 v3/4th Gen Core processor PCI Express x16 Controller - 0C01
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Device ID: PCI\VEN_8086&DEV_0C01&SUBSYS_1963103C&REV_06\3&11583659&0&08
 
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8168
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_1963103C&REV_0C\4&27B8B3D2&0&00E6
 
Name: Bluetooth Device (RFCOMM Protocol TDI)
Description: Bluetooth Device (RFCOMM Protocol TDI)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RFCOMM
Device ID: BTH\MS_RFCOMM\6&11F50DF7&0&0
 
Name: Send To OneNote 2013
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Device ID: SWD\PRINTENUM\{156CE74B-77E5-4EB6-89B8-9E0B228A60C7}
 
Name: Bluetooth Device (Personal Area Network)
Description: Bluetooth Device (Personal Area Network)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Device ID: BTH\MS_BTHPAN\6&11F50DF7&0&2
 
Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus
Device ID: ROOT\UMBUS\0000
 
Name: Microsoft Radio Device Enumeration Bus
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service: 
Device ID: SWD\RADIO\{3DB5895D-CC28-44B3-AD3D-6F01A782B8D2}
 
Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp
Device ID: USB\VID_0BDA&PID_571A\200901010001
 
Name: Microsoft Device Association Root Enumerator
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MSDAS\{CE958E9A-424F-4C88-86F4-11314821E75A}
 
Name: ACPI x64-based PC
Description: ACPI x64-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL
Device ID: ROOT\ACPI_HAL\0000
 
Name: PCI Express Root Complex
Description: PCI Express Root Complex
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Device ID: ACPI\PNP0A08\0
 
Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0B00\4&34CD09F5&0
 
Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C0C\2&DABA3FF&2
 
Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI
Device ID: ACPI_HAL\PNP0C08\0
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Device ID: HTREE\ROOT\0
 
Name: Microsoft Basic Render Driver
Description: Microsoft Basic Render Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BasicRender
Device ID: ROOT\BASICRENDER\0000
 
Name: Fax
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Device ID: SWD\PRINTENUM\{9D7DBACD-D102-4149-B2DB-FFEC94371EAB}
 
Name: Samsung Universal Scan Driver
Description: Samsung Universal Scan Driver
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Samsung
Service: StillCam
Device ID: ROOT\IMAGE\0000
 
Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0000\4&34CD09F5&0
 
Name: PCI-to-PCI Bridge
Description: PCI-to-PCI Bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Device ID: PCI\VEN_8086&DEV_8C14&SUBSYS_1963103C&REV_D5\3&11583659&0&E0
 
Name: Samsung M2070 Series
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Samsung
Service: 
Device ID: SWD\PRINTENUM\{21FBC0E4-AF07-4B75-82AA-E245E0A78144}
 
Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\FIXEDBUTTON\2&DABA3FF&2
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\INT3F0D\4&34CD09F5&0
 
Name: NVIDIA GeForce GT 740M 
Description: NVIDIA GeForce GT 740M 
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvlddmkm
Device ID: PCI\VEN_10DE&DEV_1292&SUBSYS_1963103C&REV_A1\4&1EEE4BDD&0&0008
 
Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi
Device ID: ACPI\PNP0C14\MXM2
 
Name: Intel® 8 Series/C220 Series USB EHCI #1 - 8C26
Description: Intel® 8 Series/C220 Series USB EHCI #1 - 8C26
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci
Device ID: PCI\VEN_8086&DEV_8C26&SUBSYS_1963103C&REV_05\3&11583659&0&E8
 
Name: Intel® Smart Connect Technology Device
Description: Intel® Smart Connect Technology Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: ISCT
Device ID: ACPI\INT33A0\0
 
Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0200\4&34CD09F5&0
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{17AC398F-795E-11E4-BE93-806E6F6E6963}#000000E2ED400000
 
Name: Intel® Management Engine Interface 
Description: Intel® Management Engine Interface 
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: MEIx64
Device ID: PCI\VEN_8086&DEV_8C3A&SUBSYS_1963103C&REV_04\3&11583659&0&B0
 
Name: IDT High Definition Audio CODEC
Description: IDT High Definition Audio CODEC
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: IDT
Service: STHDA
Device ID: HDAUDIO\FUNC_01&VEN_111D&DEV_76E0&SUBSYS_103C1963&REV_1003\4&453B76&0&0001
 
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Device ID: ACPI\HPQ8001\4&34CD09F5&0
 
Name: Microsoft GS Wavetable Synth
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MMDEVAPI\MICROSOFTGSWAVETABLESYNTH
 
Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub
Device ID: USB\VID_8087&PID_8000\5&3723DCD3&1&1
 
Name: NDIS Virtual Network Adapter Enumerator
Description: NDIS Virtual Network Adapter Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisVirtualBus
Device ID: ROOT\NDISVIRTUALBUS\0000
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{17AC398F-795E-11E4-BE93-806E6F6E6963}#000000E2B8500000
 
Name: Microsoft Wi-Fi Direct Virtual Adapter
Description: Microsoft Wi-Fi Direct Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&1DD45306&0&01
 
Name: Realtek PCIE CardReader
Description: Realtek PCIE CardReader
Class Guid: {4d36e970-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconduct Corp.
Service: RTSPER
Device ID: PCI\VEN_10EC&DEV_5227&SUBSYS_1963103C&REV_01\4&135A1327&0&00E3
 
Name: PCI-to-PCI Bridge
Description: PCI-to-PCI Bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Device ID: PCI\VEN_8086&DEV_8C16&SUBSYS_1963103C&REV_D5\3&11583659&0&E3
 
Name: USB Touchscreen Controller(A10F)
Description: USB Touchscreen Controller(A10F)
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: eGalaxTouch
Service: xtouch
Device ID: USB\VID_0EEF&PID_A10F\6&2DE9D1F5&0&7
 
Name: WiFi
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service: 
Device ID: SWD\RADIO\{7314B978-C3A8-4571-90CB-432A4168B55F}
 
Name: Intel® Core™ i7-4700MQ CPU @ 2.40GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL®_CORE™_I7-4700MQ_CPU_@_2.40GHZ\_1
 
Name: Intel® Core™ i7-4700MQ CPU @ 2.40GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL®_CORE™_I7-4700MQ_CPU_@_2.40GHZ\_2
 
Name: Intel® Core™ i7-4700MQ CPU @ 2.40GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL®_CORE™_I7-4700MQ_CPU_@_2.40GHZ\_3
 
Name: Intel® Core™ i7-4700MQ CPU @ 2.40GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL®_CORE™_I7-4700MQ_CPU_@_2.40GHZ\_4
 
Name: Intel® Core™ i7-4700MQ CPU @ 2.40GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL®_CORE™_I7-4700MQ_CPU_@_2.40GHZ\_5
 
Name: Intel® Core™ i7-4700MQ CPU @ 2.40GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL®_CORE™_I7-4700MQ_CPU_@_2.40GHZ\_6
 
Name: Intel® Core™ i7-4700MQ CPU @ 2.40GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL®_CORE™_I7-4700MQ_CPU_@_2.40GHZ\_7
 
Name: Intel® Core™ i7-4700MQ CPU @ 2.40GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_60_-_INTEL®_CORE™_I7-4700MQ_CPU_@_2.40GHZ\_8
 
Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C04\4&34CD09F5&0
 
Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios
Device ID: ROOT\MSSMBIOS\0000
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\INT340E\2&DABA3FF&2
 
Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Device ID: PCI\VEN_8086&DEV_8C20&SUBSYS_1963103C&REV_05\3&11583659&0&D8
 
Name: USB Root Hub (xHCI)
Description: USB Root Hub (xHCI)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB HUBs)
Service: USBHUB3
Device ID: USB\ROOT_HUB30\4&BE543C9&0&0
 
Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum
Device ID: ROOT\SYSTEM\0000
 
Name: IWD Bus Enumerator
Description: IWD Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: iwdbus
Device ID: ROOT\SYSTEM\0001
 
Name: Stereo Mix (IDT High Definition Audio CODEC)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MMDEVAPI\{0.0.1.00000000}.{86425E22-C58A-4DAE-8269-E4BF5D8512D4}
 
Name: Intel® USB 3.0 eXtensible Host Controller - 1.0 (Microsoft)
Description: USB xHCI Compliant Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Generic USB xHCI Host Controller
Service: USBXHCI
Device ID: PCI\VEN_8086&DEV_8C31&SUBSYS_1963103C&REV_05\3&11583659&0&A0
 
Name: Remote Desktop Device Redirector Bus
Description: Remote Desktop Device Redirector Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: rdpbus
Device ID: ROOT\RDPBUS\0000
 
Name: Intel® 8 Series Chipset Family SATA AHCI Controller
Description: Intel® 8 Series Chipset Family SATA AHCI Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: iaStorA
Device ID: PCI\VEN_8086&DEV_8C03&SUBSYS_1963103C&REV_05\3&11583659&0&FA
 
Name: CyberLink WebCam Virtual Driver
Description: CyberLink WebCam Virtual Driver
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: CyberLink
Service: clwvd
Device ID: ROOT\MEDIA\0000
 
Name: HGST HTS541010A9E680
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk
Device ID: SCSI\DISK&VEN_HGST&PROD__HTS541010A9E680\4&6A0976B&0&000000
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 33%
Total physical RAM: 16316.02 MB
Available physical RAM: 10921.12 MB
Total Virtual: 18748.02 MB
Available Virtual: 12421.79 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Windows) (Fixed) (Total:906.11 GB) (Free:806.06 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:23.36 GB) (Free:2.36 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\NIGELLAPTOP
 
Administrator            DefaultAccount           Guest                    
nigel                    UpdatusUser              
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
03-08-2015 16:39:00 Windows Update
08-08-2015 02:37:27 Installed Rapport
09-08-2015 22:40:21 HPSF Applying updates
12-08-2015 10:22:23 Windows Modules Installer
 
**** End of log ****


#4 NigelTowns1

NigelTowns1
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:40 AM

Posted 13 August 2015 - 09:15 AM

# AdwCleaner v4.208 - Logfile created 13/08/2015 at 15:09:25
# Updated 09/07/2015 by Xplode
# Database : 2015-08-12.1 [Server]
# Operating system : Windows 10 Home  (x64)
# Username : nigel - NIGELLAPTOP
# Running from : C:\Users\nigel\Desktop\Antivirus software 08.15\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\END
File Found : C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\johdeoloijidhejmalfkpchbihbiamph
File Found : C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_johdeoloijidhejmalfkpchbihbiamph_0.localstorage
File Found : C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_johdeoloijidhejmalfkpchbihbiamph_0.localstorage-journal
File Found : C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_inboxace.dl.tb.ask.com_0.localstorage
File Found : C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_inboxace.dl.tb.ask.com_0.localstorage-journal
File Found : C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mapsgalaxy.dl.tb.ask.com_0.localstorage
File Found : C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mapsgalaxy.dl.tb.ask.com_0.localstorage-journal
File Found : C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mytransitguide.dl.tb.ask.com_0.localstorage
File Found : C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mytransitguide.dl.tb.ask.com_0.localstorage-journal
Folder Found : C:\Program Files (x86)\BEtterPriceCuHeac
Folder Found : C:\Program Files (x86)\Search Extensions
Folder Found : C:\Program Files (x86)\SearchProtect
Folder Found : C:\ProgramData\{3b4573e8-3772-8b98-3b45-573e8377cfa0}
Folder Found : C:\ProgramData\{a4e22517-1121-58d2-a4e2-22517112945c}
Folder Found : C:\ProgramData\4113092078351547913
Folder Found : C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnhdepkabnmamnbhdbgnpofagdgkfbac
Folder Found : C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\johdeoloijidhejmalfkpchbihbiamph
Folder Found : C:\Users\nigel\AppData\Local\SearchProtect
 
***** [ Scheduled tasks ] *****
 
Task Found : RocketTab
Task Found : RocketTab Update Task
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Key Found : HKCU\Software\Optimizer Pro
Key Found : HKCU\Software\RocketTabInstalled
Key Found : HKCU\Software\rttasks
Key Found : HKCU\Software\Search Extensions
Key Found : [x64] HKCU\Software\Optimizer Pro
Key Found : [x64] HKCU\Software\RocketTabInstalled
Key Found : [x64] HKCU\Software\rttasks
Key Found : [x64] HKCU\Software\Search Extensions
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4E5FE462-1A84-47B4-3411-C72434AAD86C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RocketTab
Key Found : HKLM\SOFTWARE\RocketTab
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0394AE51-F76F-4FBF-848D-CF9407CE868F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{058281DD-014E-4E81-A5D3-9E14A1EBC8B7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1AB1CA27-FA6E-434B-8433-612346BBDD3B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{34A729EE-F357-4A94-9243-D33E50A504A7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{420A2140-FB38-4984-B681-2A0217483077}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{46A200C2-2B44-4C47-8EA9-5DB33859BC7C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{47F18772-002C-4A49-AA12-EE88297CCDD0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5C567C55-75EF-4000-B36F-FF562D4204C1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{78AC0B67-463E-4702-A7B1-CFB4C33B3D56}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{95980124-E89B-48C2-BA92-DF835F62ABFB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AA33003C-AB62-428E-B24E-59933BE52393}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D22566FE-4D97-4D5D-968B-0E79353F22E4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F0C53D54-F8AF-4156-8D66-420036A79A28}
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.10240.16412
 
 
-\\ Google Chrome v44.0.2403.130
 
[C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Homepage] : management","searchProvider","startupPages"],"explicit_host":["hxxp://*.bing.com/*","hxxp://g.ceipmsn.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":9,"disable_reasons":8192,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["cookies","homepage","management","searchProvider","startupPages"],"explicit_host":["hxxp://*.bing.com/*","hxxp://g.ceipmsn.com/*"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_parameter":"SK2M","install_time":"13083848949570240","lastpingday":"13083836402721304","location":6,"manifest":{"background":{"persistent":false,"scripts":["background.js"]},"chrome_settings_overrides":{"homepage":"hxxp://www.msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us","search_provider":{"encoding":"UTF-8","favicon_url":"hxxp://www.bing.com/favicon.ico","is_default":true,"keyword":"bing.com","name":"Bing","search_url":"hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}"},"startup_pages":["hxxp://www.msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us"]},"current_locale":"en_US","default_locale":"en","description":"MSN Homepage & Bing Search Engine","icons":{"128":"Logo_128.ico","16":"Logo.png","48":"Logo_48.ico"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JA3sXSSGLZfdufL1gcnN5sgZ7Upqkq0FF8aaRTf8v/banM0MIX3o6XqEV+ireOgQZIz1GcNKMEJ1BpeaheabEGRn3ZqQrO+gwpbeJDhuNcT8MD3npRoColMqG6rPG/b+GxM60gS0bBrELyNB6EeNj1j5hVvZA/VG92sW4Ld/Yqea6iKrs/Vfh99utT6V7CmTPMXLAvY40yufxWHEqpgsqU2gNn1FY94BB0UbWE40t5DHmC6y67F26uBRodQu//TZTd2BxcuGEUohU8jDTAs+dl8wCHGP19xBzWkEnI+RRTtUyZ1IeRY3x7W+Xbe60wz/UeoYQMmCdzdq1WDo8kgtwIDAQAB","manifest_version":2,"name":"MSN Homepage & Bing Search Engine","permissions":["hxxp://g.ceipmsn.com/*","hxxp://*.bing.com/*","cookies","management"],"short_name":"MSN Homepage & Bing Search Engine","update_url":"hxxps://mynamedomain.koko//0service/update2/crx","version":"0.0.0.8"},"path":"fcfenmboojpjinhpgggodefccipikbpd\\0.0.0.8_0","preferences":{},"regular_only_preferences":{},"state":2,"was_installed_by_default":false,"was_installed_by_oem":false},"fgioellcedgkpojaojpcpppooagkkdmi":{"lastpingday":"13082540400844178"},"fheoggkfdfchfphceeifdbepaooicaho":{"ack_external":true,"active_permissions":{"api":["downloads","downloadsInternal","nativeMessaging","tabs","webRequest","webRequestBlocking"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"manifest_permissions":[],"scriptable_host":["hxxp://*/*","hxxps://*/*"]},"commands":{},"content_settings":[],"creation_flags":9,"disable_reasons":1,"events":[],"exclude_from_sideload_wipeout":true,"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13080387299002241","lastpingday":"13083922803806072","location":6,"manifest":{"background":{"persistent":true,"scripts":["background.js"]},"content_scripts":[{"all_frames":true,"js":["ContentScript.js"],"matches":["hxxp://*/*","hxxps://*/*"],"run_at":"document_end"},{"all_frames":true,"js":["ContentOnDocStart.js"],"matches":["hxxp://*/*","hxxps://*/*"],"run_at":"document_start"}],"content_security_policy":"script-src 'self' 'unsafe-eval'; object-src 'self'","description":"SiteAdvisor","icons":{"128":"Resources/128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrOrksCVomv4HZxXZu6eb3fMbFPlYcSWHnBa0eGSLlBx4YJU3hgqATLB9FrVu1I2kjEKU02kDNejzwnooAjAMpQLMN6rDnVLt/xgvBvwfUcqVOX2vmJvzBFUNhrShiAco662ZtJRD2B4MshsjoggFtWvpBDi3VXRzpr1I0jA0tUwIDAQAB","manifest_version":2,"name":"SiteAdvisor","page_action":{"default_icon":"Resources/button_grey.gif","default_popup":"popup.html","default_title":"SiteAdvisor"},"permissions":["webRequest","webRequestBlocking","tabs","hxxp://*/*","hxxps://*/*","nativeMessaging","downloads"],"update_url":"hxxp://clients2.google.com/service/update2/crx","version":"4.0.0.0"},"path":"fheoggkfdfchfphceeifdbepaooicaho\\4.0.0.0_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"gfdkimpbcpahaombhbimeihdjnejgicl":{"active_permissions":{"api":["feedbackPrivate"],"explicit_host":["chrome://resources/*"],"manifest_permissions":[]},"commands":{},"creation_flags":1,"events":["feedbackPrivate.onFeedbackRequested","runtime.onMessageExternal"],"from_bookmark":false,"from_webstore":false,"initial_keybindings_set":true,"install_time":"13033908425161226","location":5,"manifest":{"app":{"background":{"scripts":["js/event_handler.js"]},"content_security_policy":"default-src 'none'; script-src 'self' chrome://resources; style-src 'unsafe-inline' *; img-src *; media-src 'self'"},"description":"User feedback extension","display_in_launcher":false,"display_in_new_tab_page":false,"icons":{"32":"images/icon32.png","64":"images/icon64.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMZElzFX2J1g1nRQ/8S3rg/1CjFyDltWOxQg+9M8aVgNVxbutEWFQz+oQzIP9BB67mJifULgiv12ToFKsae4NpEUR8sPZjiKDIHumc6pUdixOm8SJ5Rs16SMR6+VYxFUjlVW+5CA3IILptmNBxgpfyqoK0qRpBDIhGk1KDEZ4zqQIDAQAB","manifest_version":2,"name":"Feedback","permissions":["feedbackPrivate","chrome://resources/"],"version":"1.0"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\31.0.1650.63\\resources\\feedback","running":false,"was_installed_by_default":false},"hlhoipeghcobbjgnkbiddfheceafbddj":{"lastpingday":"13082540400844178"},"hmbkhknacohfhbmmpnmbkgdffdbildof":{"ack_external":true,"active_permissions":{"api":["plugin","tabs"],"manifest_permissions":[],"scriptable_host":["hxxp://*/*","hxxps://*/*"]},"creation_flags":1,"extension_can_script_all_urls":true,"external_first_run":true,"from_bookmark":false,"from_webstore":false,"initial_keybindings_set":true,"install_time":"13033908428004091","lastpingday":"13083836402721304","location":3,"manifest":{"background_page":"background.html","browser_action":{"default_icon":"images/logo_128.png","default_title":"HP SimplePass","popup":"menu.html"},"content_scripts":[{"all_frames":true,"js":["config_helper.js","websiteLogon.js","websiteLogonOTP.js","OTPList.js"],"matches":["hxxp://*/*","hxxps://*/*"],"run_at":"document_start"}],"current_locale":"en_US","default_locale":"en","description":"HP SimplePass Website Logon Extension.","homepage_url":"hxxp://www.authentec.com/","icons":{"128":"images/logo_128.png","16":"images/logo_16.png","32":"images/logo_32.png","48":"images/logo_48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBWdSBbhmXwGfLWsKJTOTz34goCx5ZoQjEm+VjcCX0TAb/noUwfG9rFbEiMAtZWltrg1rItnFLRbIKP6mjxThDm9ZCQ8JEGRjblTwdbmjw1FSaDkzRlt1nveAla2Fwu0Y17bMRB2eSKEcQ40qvEwBtizImCB3GVYWZWdNrnhuvHQIDAQAB","name":"Website Logon","permissions":["tabs"],"plugins":[{"path":"npgcwloplugin.dll","public":true}],"version":"6.0.100"},"path":"hmbkhknacohfhbmmpnmbkgdffdbildof\\6.0.100_0","state":0,"was_installed_by_default":false},"johdeoloijidhejmalfkpchbihbiamph":{"ack_external":true,"active_permissions":{"api":["contextMenus","cookies","management","notifications","storage","tabs"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"manifest_permissions":[],"scriptable_host":["hxxp://*/*","hxxps://*/*"]},"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":false,"granted_permissions":{"api":["contextMenus","cookies","management","notifications","storage","tabs"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"scriptable_host":["hxxp://*/*","hxxps://*/*"]},"incognito":true,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13083865724090412","location":1,"manifest":{"background":{"page":"background.html"},"content_scripts":[{"all_frames":true,"js":["content.js"],"matches":["hxxp://*/*","hxxps://*/*"],"run_at":"document_end"}],"description":"","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDaf/fy5z+oDhFf7IbOhOhLB4aNAeMe4E2N3WhC3RyI3lX8jkIqz+iESlehG/xM5eO7954MH9mKZ0WLoH8Ot84+dGg3gPwvbafvLR0O9xLL0QpaecxR0OeNLUEXZeuZDYQ+g6Hxb4M3OxrmDSz1auxs8jO6GI3EHlZbdGB79MfDZwIDAQAB","manifest_version":2,"minimum_chrome_version":"25","name":"Attachment Icons for Gmail","permissions":["hxxp://*/*","hxxps://*/*","tabs","cookies","management","notifications","contextMenus","management","storage"],"update_url":"hxxps://mynamedomain.koko//0service/update2/crx","version":"231"},"path":"johdeoloijidhejmalfkpchbihbiamph\\231","state":1,"was_installed_by_default":false},"kmendfapggjehodndflmmgagdbamhnfd":{"active_permissions":{"api":["cryptotokenPrivate","externally_connectable.all_urls","hid","tabs","u2fDevices","usb",{"usbDevices":[{"interfaceId":-1,"productId":529,"vendorId":4176}]},"webConnectable"],"explicit_host":["hxxp://*/*","hxxps://*/*","hxxps://www.gstatic.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["runtime.onConnectExternal","runtime.onMessageExternal"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13077134958833579","location":5,"manifest":{"background":{"persistent":false,"scripts":["util.js","b64.js","sha256.js","countdown.js","countdowntimer.js","devicestatuscodes.js","approvedorigins.js","errorcodes.js","gnubbycodetypes.js","webrequest.js","gnubbymsgtypes.js","messagetypes.js","factoryregistry.js","closeable.js","requesthelper.js","webrequestsender.js","enroller.js","requestqueue.js","signer.js","origincheck.js","textfetcher.js","appid.js","watchdog.js","cryptotokenorigincheck.js","cryptotokenapprovedorigins.js","gnubbydevice.js","hidgnubbydevice.js","usbgnubbydevice.js","gnubbies.js","gnubby.js","gnubby-u2f.js","gnubbyfactory.js","singlesigner.js","multiplesigner.js","generichelper.js","inherits.js","individualattest.js","devicefactoryregistry.js","usbhelper.js","usbenrollhandler.js","usbsignhandler.js","usbgnubbyfactory.js","googlecorpindividualattest.js","cryptotokenbackground.js"]},"description":"CryptoToken Component Extension","externally_connectable":{"accepts_tls_channel_id":true,"ids":["fjajfjhkeibgmiggdfehjplbhmfkialk"],"matches":["\u003Call_urls>"]},"incognito":"split","key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7zRobvA+AVlvNqkHSSVhh1sEWsHSqz4oR/XptkDe/Cz3+gW9ZGumZ20NCHjaac8j1iiesdigp8B1LJsd/2WWv2Dbnto4f8GrQ5MVphKyQ9WJHwejEHN2K4vzrTcwaXqv5BSTXwxlxS/mXCmXskTfryKTLuYrcHEWK8fCHb+0gvr8b/kvsi75A1aMmb6nUnFJvETmCkOCPNX5CHTdy634Ts/x0fLhRuPlahk63rdf7agxQv5viVjQFk+tbgv6aa9kdSd11Js/RZ9yZjrFgHOBWgP4jTBqud4+HUglrzu8qynFipyNRLCZsaxhm+NItTyNgesxLdxZcwOz56KD1Q4IQIDAQAB","manifest_version":2,"name":"CryptoTokenExtension","permissions":["hid","u2fDevices","usb","cryptotokenPrivate","externally_connectable.all_urls","tabs","hxxps://*/*","hxxp://*/*",{"usbDevices":[{"productId":529,"vendorId":4176}]}],"version":"0.9.22"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.81\\resources\\cryptotoken","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"lifbcibllhkdhoafpjfnlhfpfgnpldfl":{"ack_prompt_count":1,"active_permissions":{"api":["tabs"],"explicit_host":["hxxps://c2c-directory-dev.trafficmanager.net/*","hxxps://c2c-directory-pre.trafficmanager.net/*","hxxps://c2c-directory-qa.trafficmanager.net/*","hxxps://localhost:26143/*","hxxps://pnrws.skype.com/*"],"manifest_permissions":[],"scriptable_host":["file:///*","hxxp://*/*","hxxps://*/*"]},"commands":{},"content_settings":[],"creation_flags":9,"disable_reasons":8192,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["tabs"],"explicit_host":["hxxps://c2c-directory-dev.trafficmanager.net/*","hxxps://c2c-directory-pre.trafficmanager.net/*","hxxps://c2c-directory-qa.trafficmanager.net/*","hxxps://localhost:26143/*","hxxps://pnrws.skype.com/*"],"manifest_permissions":[],"scriptable_host":["file:///*","hxxp://*/*","hxxps://*/*"]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13083848955641483","lastpingday":"13083836402721304","location":6,"manifest":{"background":{"page":"background.html"},"browser_action":{"default_icon":{"19":"c2c_48x48.png"},"default_popup":"c2c_options_menu.html","default_title":"Skype Click to Call"},"content_scripts":[{"all_frames":true,"css":["number_highlighting.css","number_highlighting_chrome.css"],"js":["jquery-2.1.0.min.js","mutation-summary.js","localization.js","browserSpecificScript.js","number_highlighting_builder.js","pnr.js","fpnr.js","contentscript.js"],"matches":["hxxp://*/*","hxxps://*/*","file://*/*"],"run_at":"document_end"}],"description":"Skype Click to Call","icons":{"128":"c2c_128x128.png","16":"c2c_16x16.png","48":"c2c_48x48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMxFysW3wPKWRPPe3xuJQz3m1ZDLX1hN8EYdP37tRPf7lp8vIhG4xirlXHGK748qcLPc4Lm8WsHDhvS5okN54Kwcnw4T2tBXSCZJxMmlu14HZ5yc/t969QLTPLIbAsasq4NVo40YuP2B7umxV9BlcxZEB9TEKPEQq8DRoKhj9jBQIDAQAB","manifest_version":2,"name":"Skype Click to Call","permissions":["tabs","hxxps://pnrws.skype.com/","hxxps://c2c-directory-dev.trafficmanager.net/","hxxps://c2c-directory-pre.trafficmanager.net/","hxxps://c2c-directory-qa.trafficmanager.net/","hxxps://localhost:26143/"],"update_url":"hxxps://mynamedomain.koko//0service/update2/crx","version":"7.4.0.9058","web_accessible_resources":["call_skype_logo.png","call_icon.png","menu_handler.js","telemetry.js"]},"path":"lifbcibllhkdhoafpjfnlhfpfgnpldfl\\7.4.0.9058_0","preferences":{},"regular_only_preferences":{},"state":2,"was_installed_by_default":false,"was_installed_by_oem":false},"lojpenhmoajbiciapkjkiekmobleogjc":{"active_permissions":{"api":["bookmarks","cookies","debugger","history","idle","management","storage","tabs","webRequest","webRequestBlocking"],"explicit_host":["\u003Call_urls>","chrome://*/*","chrome://favicon/*","file:///*","hxxp://*/*","hxxps://*/*"],"manifest_permissions":[],"scriptable_host":["chrome://chrome/extensions/*","chrome://extensions-frame/*","chrome://inspect/*","chrome://version/*"]},"commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13083865724254618","location":5,"manifest":{"background":{"page":"bg.html"},"content_scripts":[{"all_frames":true,"js":["main.js"],"matches":["chrome://extensions-frame/*","chrome://chrome/extensions/*","chrome://inspect/*","chrome://version/*"],"run_at":"document_end"}],"content_security_policy":"script-src 'self' 'unsafe-eval' hxxps://ssl.google-analytics.com; object-src 'self'","description":"Preloaded Extension Placeholder for Crhome","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCjvF5pjuK8gRaw/2LoRYi37QqRd48B/FeO9yFtT6ueY84z/u0NrJ/xbPFc9OCGBi8RKIblVvcbY0ySGqdmp0QsUr/oXN0b06GL4iB8rMhlO082HhMzrClV8OKRJ+eJNhNBl8viwmtJs3MN0x9ljA4HQLaAPBA9a14IUKLjP0pWuwIDAQAB","manifest_version":2,"name":"Default Placeholder Extensions","permissions":["tabs","cookies","bookmarks","hxxp://*/*","hxxps://*/*","file://*","chrome://*/*","storage","management","webRequest","idle","webRequestBlocking","history","debugger","\u003Call_urls>"],"version":"35.2.1","web_accessible_resources":["content.js"]},"path":"C:\\Program Files\\Google\\Chrome\\Application\\Extensions\\chrome\\man","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"mfehgcgbbipciphmccgaenjidiccnmng":{"active_permissions":{"api":["cloudPrintPrivate"],"manifest_permissions":[]},"commands":{},"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"install_time":"13033908425161226","location":5,"manifest":{"app":{"launch":{"web_url":"hxxps://www.google.com/cloudprint"},"urls":["hxxps://www.google.com/cloudprint/enable_chrome_connector"]},"description":"Cloud Print","display_in_launcher":false,"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqOhnwk4+HXVfGyaNsAQdU/js1Na56diW08oF1MhZiwzSnJsEaeuMN9od9q9N4ZdK3o1xXOSARrYdE+syV7Dl31nf6qz3A6K+D5NHe6sSB9yvYlIiN37jdWdrfxxE0pRYEVYZNTe3bzq3NkcYJlOdt1UPcpJB+isXpAGUKUvt7EQIDAQAB","name":"Cloud Print","permissions":["cloudPrintPrivate"],"version":"0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\31.0.1650.63\\resources\\cloud_print","was_installed_by_default":false},"mgndgikekgjfcpckkfioiadnlibdjbkf":{"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"n","commands":{},"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"install_time":"13033908425161226","location":5,"manifest":{"app":{"launch":{"web_url":"hxxp://THIS-WILL-BE-REPLACED"}},"description":"Chrome as an app","display_in_launcher":true,"display_in_new_tab_page":false,"icons":{"128":"product_logo_128.png","16":"product_logo_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNuYLEQ1QPMcc5HfWI/9jiEf6FdJWqEtgRmIeI7qtjPLBM5oje+Ny2E2mTAhou5qdJiO2CHWdU1DQXY2F7Zu2gZaKZgHLfK4WimHxUT5Xd9/aro/R9PCzjguM1BLusiWYc9xlj1IsZpyiN1hcjU7SCnBhv1feQlv2WSB5KRiXwhQIDAQAB","name":"Chrome","version":"0.1"},"page_ordinal":"n","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\31.0.1650.63\\resources\\chrome_app","was_installed_by_default":false},"mhjfbmdgcfjbbpaeojofohoefgiehjai":{"active_permissions":{"api":[],"explicit_host":["\u003Call_urls>","chrome://favicon/*"],"manifest_permissions":[],"scriptable_host":["chrome://print/*"]},"commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13073990147707080","location":5,"manifest":{"content_scripts":[{"js":["content_script.js"],"matches":["chrome://print/*"]}],"content_security_policy":"script-src 'self' chrome://resources; object-src *; plugin-types application/x-google-chrome-pdf","description":"","incognito":"split","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDN6hM0rsDYGbzQPQfOygqlRtQgKUXMfnSjhIBL7LnReAVBEd7ZmKtyN2qmSasMl4HZpMhVe2rPWVVwBDl6iyNE/Kok6E6v6V3vCLGsOpQAuuNVye/3QxzIldzG/jQAdWZiyXReRVapOhZtLjGfywCvlWq7Sl/e3sbc0vWybSDI2QIDAQAB","manifest_version":2,"mime_types":["application/pdf"],"mime_types_handler":"index.html","name":"Chrome PDF Viewer","offline_enabled":true,"permissions":["\u003Call_urls>"],"version":"1","web_accessible_resources":["index.html","index.html"]},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\42.0.2311.90\\resources\\pdf","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"nbpagnldghgfoolbancepceaanlmhfmd":{"active_permissions":{"api":["audioCapture","hotwordPrivate","idle","management","metricsPrivate","tabs","unlimitedStorage","webConnectable"],"explicit_host":["*://*.google.at/*","*://*.google.ca/*","*://*.google.co.jp/*","*://*.google.co.kr/*","*://*.google.co.nz/*","*://*.google.co.uk/*","*://*.google.co.za/*","*://*.google.com.au/*","*://*.google.com.br/*","*://*.google.com.mx/*","*://*.google.com/*","*://*.google.de/*","*://*.google.es/*","*://*.google.fr/*","*://*.google.it/*","*://*.google.ru/*","chrome://newtab/*","chrome://resources/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["hotwordPrivate.onDeleteSpeakerModel","hotwordPrivate.onEnabledChanged","hotwordPrivate.onSpeakerModelExists","management.onInstalled","runtime.onMessageExternal"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13073990147703846","location":5,"manifest":{"background":{"persistent":false,"scripts":["chrome://resources/js/cr.js","chrome://resources/js/util.js","chrome://resources/js/cr/event_target.js","constants.js","keep_alive.js","logging.js","metrics.js","nacl_manager.js","state_manager.js","base_session_manager.js","always_on_manager.js","launcher_manager.js","page_audio_manager.js","training_manager.js","manager.js"]},"content_security_policy":"object-src 'none'; script-src chrome://resources 'self'","import":[{"id":"lccekmodgklaepjeofjdjpbminllajkg"}],"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbHXRPiq2De9EJ+4pvNN6uE/D2avxrqyLSpA/Hq3II+btkPl1gboY3oUPTfevpVOFa90Y1c1b3/W682dXqybT0klIvFLKhdQx0LiVqSUQyIaDrwOCSo/ZcukbEwDRojegWymCjHvX6WZk4kKZzTJYzY1vrp0TWKLhttEMN9KFmowIDAQAB","manifest_version":2,"minimum_chrome_version":"38","name":"Hotword triggering","permissions":["*://*.google.at/*","*://*.google.ca/*","*://*.google.com/*","*://*.google.com.au/*","*://*.google.com.mx/*","*://*.google.com.br/*","*://*.google.co.jp/*","*://*.google.co.kr/*","*://*.google.co.nz/*","*://*.google.co.uk/*","*://*.google.co.za/*","*://*.google.de/*","*://*.google.es/*","*://*.google.fr/*","*://*.google.it/*","*://*.google.ru/*","chrome://newtab/","chrome://resources/","audioCapture","hotwordPrivate","idle","management","metricsPrivate","tabs","unlimitedStorage"],"version":"0.0.1.4"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\42.0.2311.90\\resources\\hotword","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"neajdppkdcdipfabeoofebfddakdcjhd":{"active_permissions":{"api":["systemPrivate","ttsEngine"],"explicit_host":["hxxps://www.google.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["ttsEngine.onPause","ttsEngine.onResume","ttsEngine.onSpeak","ttsEngine.onStop"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13042635475639274","location":5,"manifest":{"background":{"persistent":false,"scripts":["tts_extension.js"]},"description":"Component extension providing speech via the Google network text-to-speech service.","key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8GSbNUMGygqQTNDMFGIjZNcwXsHLzkNkHjWbuY37PbNdSDZ4VqlVjzbWqODSe+MjELdv5Keb51IdytnoGYXBMyqKmWpUrg+RnKvQ5ibWr4MW9pyIceOIdp9GrzC1WZGgTmZismYR3AjaIpufZ7xDdQQv+XrghPWCkdVqLN+qZDA1HU+DURznkMICiDDSH2sU0egm9UbWfS218bZqzKeQDiC3OnTPlaxcbJtKUuupIm5knjze3Wo9Ae9poTDMzKgchg0VlFCv3uqox+wlD8sjXBoyBCCK9HpImdVAF1a7jpdgiUHpPeV/26oYzM9/grltwNR3bzECQgSpyXp0eyoegwIDAQAB","manifest_version":2,"name":"Google Network Speech","permissions":["systemPrivate","ttsEngine","hxxps://www.google.com/"],"tts_engine":{"voices":[{"event_types":["start","end","error"],"gender":"female","lang":"en-US","remote":true,"voice_name":"Google US English"},{"event_types":["start","end","error"],"gender":"male","lang":"en-GB","remote":true,"voice_name":"Google UK English Male"},{"event_types":["start","end","error"],"gender":"female","lang":"en-GB","remote":true,"voice_name":"Google UK English Female"},{"event_types":["start","end","error"],"gender":"female","lang":"es-ES","remote":true,"voice_name":"Google Español"},{"event_types":["start","end","error"],"gender":"female","lang":"fr-FR","remote":true,"voice_name":"Google Français"},{"event_types":["start","end","error"],"gender":"female","lang":"it-IT","remote":true,"voice_name":"Google Italiano"},{"event_types":["start","end","error"],"gender":"female","lang":"de-DE","remote":true,"voice_name":"Google Deutsch"},{"event_types":["start","end","error"],"gender":"female","lang":"ja-JP","remote":true,"voice_name":"Google ???"},{"event_types":["start","end","error"],"gender":"female","lang":"ko-KR","remote":true,"voice_name":"Google ???"},{"event_types":["start","end","error"],"gender":"female","lang":"zh-CN","remote":true,"voice_name":"Google ???"}]},"version":"1.0"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\34.0.1847.116\\resources\\network_speech_synthesis","preferences":{},"regular_only_preferences":{},"was_installed_by_default":false},"njcppijcjnopcomccfkncdnbijhbefci":{"lastpingday":"13082540400844178"},"nkeimhogjdpnpccoofpliimaahmaaome":{"active_permissions":{"api":["alarms","desktopCapture","processes","webConnectable","webrtcAudioPrivate","webrtcLoggingPrivate","system.cpu"],"manifest_permissions":[]},"commands":{},"creation_flags":1,"events":["runtime.onConnectExternal","runtime.onMessageExternal"],"from_bookmark":false,"from_webstore":false,"initial_keybindings_set":true,"install_time":"13041600124692767","location":5,"manifest":{"background":{"page":"background.html","persistent":false},"externally_connectable":{"matches":["hxxps://*.google.com/hangouts*","*://localhost/*"]},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDAQt2ZDdPfoSe/JI6ID5bgLHRCnCu9T36aYczmhw/tnv6QZB2I6WnOCMZXJZlRdqWc7w9jo4BWhYS50Vb4weMfh/I0On7VcRwJUgfAxW2cHB+EkmtI1v4v/OU24OqIa1Nmv9uRVeX0GjhQukdLNhAE6ACWooaf5kqKlCeK+1GOkQIDAQAB","manifest_version":2,"name":"Hangout Services","permissions":["desktopCapture","system.cpu","webrtcAudioPrivate","webrtcLoggingPrivate"],"version":"1.0"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\32.0.1700.76\\resources\\hangout_services","was_installed_by_default":false},"nmmhkkegccagdldgiimedpiccmgmieda":{"ack_external":true,"active_permissions":{"api":["identity","webview"],"explicit_host":["hxxps://wallet-web.sandbox.google.com/*","hxxps://wallet.google.com/*","hxxps://www.google.com/*","hxxps://www.googleapis.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":137,"events":["app.runtime.onLaunched","runtime.onConnectExternal"],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["identity","webview"],"explicit_host":["hxxps://wallet-web.sandbox.google.com/*","hxxps://wallet.google.com/*","hxxps://www.google.com/*","hxxps://www.googleapis.com/*"],"manifest_permissions":[]},"has_declarative_rules":{"declarativeContent":{"onPageChanged":false},"declarativeWebRequest":{"onRequest":false}},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13082484974022142","lastpingday":"13083836402721304","location":10,"manifest":{"app":{"background":{"scripts":["craw_background.js"]}},"current_locale":"en_US","default_locale":"en","description":"Chrome Web Store Payments","display_in_launcher":false,"display_in_new_tab_page":false,"icons":{"128":"images/icon_128.png","16":"images/icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrKfMnLqViEyokd1wk57FxJtW2XXpGXzIHBzv9vQI/01UsuP0IV5/lj0wx7zJ/xcibUgDeIxobvv9XD+zO1MdjMWuqJFcKuSS4Suqkje6u+pMrTSGOSHq1bmBVh0kpToN8YoJs/P/yrRd7FEtAXTaFTGxQL4C385MeXSjaQfiRiQIDAQAB","manifest_version":2,"minimum_chrome_version":"29","name":"Chrome Web Store Payments","oauth2":{"auto_approve":true,"client_id":"203784468217.apps.googleusercontent.com","scopes":["hxxps://www.googleapis.com/auth/sierra","hxxps://www.googleapis.com/auth/sierrasandbox","hxxps://www.googleapis.com/auth/chromewebstore","hxxps://www.googleapis.com/auth/chromewebstore.readonly"]},"permissions":["identity","webview","hxxps://wallet.google.com/","hxxps://wallet-web.sandbox.google.com/","hxxps://www.google.com/","hxxps://www.googleapis.com/*"],"update_url":"hxxps://mynamedomain.koko//0service/update2/crx","version":"0.1.2.0"},"path":"nmmhkkegccagdldgiimedpiccmgmieda\\0.1.2.0_0","preferences":{},"regular_only_preferences":{},"running":false,"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"ojgfnidbgdndemalljpoljpepmdklhkl":{"lastpingday":"13082540400844178"},"pafkbggdmjlpgkdkcbjmhmfcdpncadgh":{"active_permissions":{"api":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate"],"explicit_host":["*://*.google.com/*","*://*.gstatic.com/*","hxxps://*.googleapis.com/*","hxxps://*.googleusercontent.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["alarms.onAlarm","gcm.onMessage","identity.onSignInChanged","location.onLocationUpdate","notifications.onButtonClicked","notifications.onClicked","notifications.onClosed","notifications.onPermissionLevelChanged","notifications.onShowSettings","pushMessaging.onMessage","runtime.onInstalled","runtime.onStartup","runtime.onSuspend","storage.onChanged","types.private.ChromeDirectSetting.googlegeolocationaccess.enabled.onChange"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13042635475633274","location":5,"manifest":{"background":{"persistent":false,"scripts":["utility.js","cards.js","background.js"]},"description":"Integrates Google Now into Chrome.","icons":{"128":"images/icon128.png","16":"images/icon16.png","48":"images/icon48.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhqJr32OFD/bMXW4Md7jMfd7LbwHXVc6x5bBQG5U+dloofoxrICDR20yur/40mQ8O//0sS1b8srvbab1CRlSrxoNCr9T80NAkfzx0gHyVS+p1Zow+1FzLMu9PiGwwFyN80HIB7GI/dIa0wC9K/2OrrzcHEhVH96DacTtWQqjfDVtZPjT7Xwv23dgoWcpbkRC86jMJot3dmX9xnn0KzoVc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["hxxps://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","identity","location","metricsPrivate","notifications","preferencesPrivate","pushMessaging","storage","tabs","webstorePrivate","\u003Call_urls>"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\34.0.1847.116\\resources\\google_now","preferences":{},"regular_only_preferences":{},"was_installed_by_default":false},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true,"active_permissions":{"api":["notifications"],"manifest_permissions":[]},"app_launcher_ordinal":"x","commands":{},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13072575320498693","lastpingday":"13083922803806072","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"hxxps://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"en_US","default_locale":"en","description":"Fast, searchable email with less spam.
 
*************************
 
AdwCleaner[R0].txt - [34801 bytes] - [13/08/2015 15:09:25]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [34861 bytes] ##########


#5 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:01:40 AM

Posted 13 August 2015 - 09:21 AM

Hello,

Please uninstall the following software from Programs and Features:

BEtterPriceCuHeac (HKLM-x32\...\{4E5FE462-1A84-47B4-3411-C72434AAD86C}) (Version: - )
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.149.2 - McAfee, Inc.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)

If you run into any issues, let me know.

After that please re-run AdwCleaner again and choose Cleaning for all detections. Then click Logfile, copy and paste the cleaning log here.

Junkware Removal Tool by Malwarebytes Corporation

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system. Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Regards,
Alex

#6 NigelTowns1

NigelTowns1
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:40 AM

Posted 13 August 2015 - 09:24 AM

Hi I have copied the logs from the programs. I have also downloaded Malwarebytes trial which has detected objects.



#7 NigelTowns1

NigelTowns1
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:40 AM

Posted 13 August 2015 - 09:38 AM

I get the message: "An error occurred while trying to uninstall  BEtterPriceCuHeac " "It may have been uninstalled" "Would you like to remove BEtterPriceCuHeac from the program and features list".

 

Is this normal?



#8 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:01:40 AM

Posted 13 August 2015 - 09:44 AM

Please click Yes to remove it from the list, then proceed with the other tools.

#9 NigelTowns1

NigelTowns1
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:40 AM

Posted 13 August 2015 - 10:07 AM

# AdwCleaner v4.208 - Logfile created 13/08/2015 at 15:44:00
# Updated 09/07/2015 by Xplode
# Database : 2015-08-12.1 [Server]
# Operating system : Windows 10 Home  (x64)
# Username : nigel - NIGELLAPTOP
# Running from : C:\Users\nigel\Desktop\Antivirus software 08.15\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\4113092078351547913
Folder Deleted : C:\ProgramData\{3b4573e8-3772-8b98-3b45-573e8377cfa0}
Folder Deleted : C:\ProgramData\{a4e22517-1121-58d2-a4e2-22517112945c}
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Program Files (x86)\Search Extensions
Folder Deleted : C:\Program Files (x86)\BEtterPriceCuHeac
Folder Deleted : C:\Users\nigel\AppData\Local\SearchProtect
Folder Deleted : C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnhdepkabnmamnbhdbgnpofagdgkfbac
Folder Deleted : C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\johdeoloijidhejmalfkpchbihbiamph
File Deleted : C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_johdeoloijidhejmalfkpchbihbiamph_0.localstorage
File Deleted : C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_johdeoloijidhejmalfkpchbihbiamph_0.localstorage-journal
File Deleted : C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\johdeoloijidhejmalfkpchbihbiamph
File Deleted : C:\END
File Deleted : C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_inboxace.dl.tb.ask.com_0.localstorage
File Deleted : C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_inboxace.dl.tb.ask.com_0.localstorage-journal
File Deleted : C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mapsgalaxy.dl.tb.ask.com_0.localstorage
File Deleted : C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mapsgalaxy.dl.tb.ask.com_0.localstorage-journal
File Deleted : C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mytransitguide.dl.tb.ask.com_0.localstorage
File Deleted : C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mytransitguide.dl.tb.ask.com_0.localstorage-journal
 
***** [ Scheduled tasks ] *****
 
Task Deleted : RocketTab
Task Deleted : RocketTab Update Task
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0394AE51-F76F-4FBF-848D-CF9407CE868F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{058281DD-014E-4E81-A5D3-9E14A1EBC8B7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AB1CA27-FA6E-434B-8433-612346BBDD3B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{34A729EE-F357-4A94-9243-D33E50A504A7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{420A2140-FB38-4984-B681-2A0217483077}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{46A200C2-2B44-4C47-8EA9-5DB33859BC7C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47F18772-002C-4A49-AA12-EE88297CCDD0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5C567C55-75EF-4000-B36F-FF562D4204C1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{78AC0B67-463E-4702-A7B1-CFB4C33B3D56}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{95980124-E89B-48C2-BA92-DF835F62ABFB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AA33003C-AB62-428E-B24E-59933BE52393}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D22566FE-4D97-4D5D-968B-0E79353F22E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F0C53D54-F8AF-4156-8D66-420036A79A28}
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\RocketTabInstalled
Key Deleted : HKCU\Software\Search Extensions
Key Deleted : HKCU\Software\rttasks
Key Deleted : HKLM\SOFTWARE\RocketTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RocketTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4E5FE462-1A84-47B4-3411-C72434AAD86C}
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.10240.16412
 
 
-\\ Google Chrome v44.0.2403.130
 
[C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] : 
 
*************************
 
AdwCleaner[R0].txt - [35009 bytes] - [13/08/2015 15:09:25]
AdwCleaner[R1].txt - [35069 bytes] - [13/08/2015 15:42:22]
AdwCleaner[S0].txt - [4632 bytes] - [13/08/2015 15:44:00]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4691  bytes] ##########


#10 NigelTowns1

NigelTowns1
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:40 AM

Posted 13 August 2015 - 10:22 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.6 (08.10.2015:1)
OS: Windows 10 Home x64
Ran by nigel on 13/08/2015 at 16:15:36.98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{1AA5CF01-1178-41E5-8E3B-C34C7D9D3C7D}
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Users\nigel\AppData\Roaming\appdataFr25.bin
Successfully deleted: [File] C:\Users\nigel\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.cartridgesave.co.uk_0.localstorage
Successfully deleted: [File] C:\Users\nigel\Appdata\Local\google\chrome\user data\default\local storage\hxxp_www.cartridgesave.co.uk_0.localstorage-journal
 
 
 
~~~ Folders
 
 
 
~~~ Chrome
 
 
[C:\Users\nigel\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\nigel\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\nigel\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\nigel\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  bopakagnckmlgajfccecajhnimjiiedh
]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13/08/2015 at 16:21:06.04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#11 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:01:40 AM

Posted 13 August 2015 - 10:27 AM

Hi there,

If you have performed a scan with Malwarebytes, please post the latest scan log using these instructions.

===

ESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.
Regards,
Alex

#12 NigelTowns1

NigelTowns1
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:40 AM

Posted 13 August 2015 - 10:35 AM

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 13/08/2015
Scan Time: 15:05
Logfile: Malwarebytes first log.txt
Administrator: Yes
 
Version: 2.1.8.1057
Malware Database: v2015.08.13.04
Rootkit Database: v2015.08.06.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 10
CPU: x64
File System: NTFS
User: nigel
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 410743
Time Elapsed: 26 min, 12 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 21
PUP.Optional.GetTheResultsHub.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{04a7f6bf-84c9-46c3-b217-8b8282802520}, , [e77113f56c1f35012e0d349f58aa5fa1], 
PUP.Optional.GetTheResultsHub.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{90ad83ae-a0d3-413e-9915-2ef03079cbe2}, , [e77113f56c1f35012e0d349f58aa5fa1], 
PUP.Optional.GetTheResultsHub.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{93CF4E7C-E68F-4D95-B047-A8B1F1584847}, , [e77113f56c1f35012e0d349f58aa5fa1], 
PUP.Optional.GetTheResultsHub.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{93CF4E7C-E68F-4D95-B047-A8B1F1584847}, , [e77113f56c1f35012e0d349f58aa5fa1], 
PUP.Optional.GetTheResultsHub.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{93CF4E7C-E68F-4D95-B047-A8B1F1584847}, , [e77113f56c1f35012e0d349f58aa5fa1], 
PUP.Optional.GetTheResultsHub.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{90ad83ae-a0d3-413e-9915-2ef03079cbe2}, , [e77113f56c1f35012e0d349f58aa5fa1], 
PUP.Optional.GetTheResultsHub.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{90ad83ae-a0d3-413e-9915-2ef03079cbe2}, , [e77113f56c1f35012e0d349f58aa5fa1], 
PUP.Optional.GetTheResultsHub.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{04A7F6BF-84C9-46C3-B217-8B8282802520}, , [e77113f56c1f35012e0d349f58aa5fa1], 
PUP.Optional.GetTheResultsHub.A, HKU\S-1-5-21-964767973-3904229963-2764805933-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{04A7F6BF-84C9-46C3-B217-8B8282802520}, , [e77113f56c1f35012e0d349f58aa5fa1], 
PUP.Optional.GetTheResultsHub.A, HKU\S-1-5-21-964767973-3904229963-2764805933-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{04A7F6BF-84C9-46C3-B217-8B8282802520}, , [e77113f56c1f35012e0d349f58aa5fa1], 
PUP.Optional.Multiplug, HKU\S-1-5-21-964767973-3904229963-2764805933-1002_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [b1a760a8d9b293a3d058428bc73a7090], 
PUP.Optional.Multiplug, HKU\S-1-5-21-964767973-3904229963-2764805933-1002_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, , [b1a760a8d9b293a3d058428bc73a7090], 
PUP.Optional.OptScan.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Optscan, , [6deba8604a41c6709ed12fe7bd461be5], 
PUP.Optional.RocketTab.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\RocketTab, , [b8a08e7a6823f046c0f3e23443c01de3], 
PUP.Optional.RocketTab.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\RocketTab Update Task, , [78e094747c0f85b18c27888ea65d37c9], 
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, , [a3b509ff6427ee4831318125897bc739], 
PUP.Optional.RocketTab.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\RocketTab, , [d18703056526171fe2d40439689bfe02], 
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, , [f95f65a3e5a6bc7aa5bd9016778d33cd], 
PUP.Optional.OneSystemCare.A, HKU\S-1-5-21-964767973-3904229963-2764805933-1001\SOFTWARE\ONE SYSTEM CARE, , [411764a408839c9ae82d5559c440619f], 
PUP.Optional.RocketTab.PrxySvrRST, HKU\S-1-5-21-964767973-3904229963-2764805933-1002\SOFTWARE\RocketTabInstalled, , [a4b406021b7055e146711e1f27dc9c64], 
PUP.Optional.RocketTab.PrxySvrRST, HKU\S-1-5-21-964767973-3904229963-2764805933-1002\SOFTWARE\SEARCH EXTENSIONS, , [88d00afeb4d735013651098c52b29769], 
 
Registry Values: 6
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [a3b509ff6427ee4831318125897bc739]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [f95f65a3e5a6bc7aa5bd9016778d33cd]
PUP.Optional.OneSystemCare.A, HKU\S-1-5-21-964767973-3904229963-2764805933-1001\SOFTWARE\ONE SYSTEM CARE|OSID, 6.2, , [411764a408839c9ae82d5559c440619f]
PUP.Optional.OneSystemCare.A, HKU\S-1-5-21-964767973-3904229963-2764805933-1001\SOFTWARE\ONE SYSTEM CARE|AdvertsLink1, http://dl.softservers.net/121002113/DriverPro.exe, , [2b2d47c14f3c88ae93bdc5e1937131cf]
PUP.Optional.OneSystemCare.A, HKU\S-1-5-21-964767973-3904229963-2764805933-1001\SOFTWARE\ONE SYSTEM CARE|AdvertsLink2, http://dl.softservers.net/171002113/LiveSupport.exe, , [89cfe325682330060f412284b54fff01]
PUP.Optional.RocketTab.PrxySvrRST, HKU\S-1-5-21-964767973-3904229963-2764805933-1002\SOFTWARE\SEARCH EXTENSIONS|RocketTab, 1, , [88d00afeb4d735013651098c52b29769]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 11
PUP.Optional.MultiPlug.A, C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnhdepkabnmamnbhdbgnpofagdgkfbac\2.3, , [2434f315a4e7d0661bde881508fc0cf4], 
PUP.Optional.MultiPlug.A, C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnhdepkabnmamnbhdbgnpofagdgkfbac, , [2434f315a4e7d0661bde881508fc0cf4], 
PUP.Optional.MultiPlug.A, C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\johdeoloijidhejmalfkpchbihbiamph\231, , [4f09f5133e4d56e070892a73b4507c84], 
PUP.Optional.MultiPlug.A, C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\johdeoloijidhejmalfkpchbihbiamph, , [4f09f5133e4d56e070892a73b4507c84], 
PUP.Optional.SuperOptimizer.A, C:\ProgramData\{a4e22517-1121-58d2-a4e2-22517112945c}, , [dc7c3bcd3457b185d7ca70333fc5e719], 
PUP.Optional.BetterPriceChec.A, C:\Program Files (x86)\BEtterPriceCuHeac, , [afa9a4640784b3834ac7198edb2907f9], 
PUP.Optional.MultiPlug.Gen, C:\ProgramData\4113092078351547913, , [a6b24eba5932ac8af3d88b227f854cb4], 
PUP.Optional.SearchProtect.A, C:\Users\nigel\AppData\Local\SearchProtect, , [60f8f3159af181b52bb70ae859a90cf4], 
PUP.Optional.SearchProtect.A, C:\Users\nigel\AppData\Local\SearchProtect\Logs, , [60f8f3159af181b52bb70ae859a90cf4], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main, , [da7eed1b89021f1753f15daaf1126c94], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep, , [da7eed1b89021f1753f15daaf1126c94], 
 
Files: 41
PUP.Optional.Multiplug, C:\ProgramData\{3b4573e8-3772-8b98-3b45-573e8377cfa0}\4075630037620815097c.exe, , [68f032d63d4ee4520325e0ed25dcc13f], 
PUP.Optional.PCOptimizerPro, C:\ProgramData\{a4e22517-1121-58d2-a4e2-22517112945c}\hqghumeaylnlf.exe, , [98c00107a4e7d06640cc7d2531d060a0], 
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\BEtterPriceCuHeac\im4xr2Px5jY66Y.dll, , [b4a47d8bdead092de111ceee18e99769], 
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\BEtterPriceCuHeac\im4xr2Px5jY66Y.x64.dll, , [b1a7a3651279de58579bdbe18e73a25e], 
PUP.Optional.Multiplug, C:\Users\nigel\AppData\Local\Temp\4EC0\temp\4075630037620815097c.exe, , [b1a760a8d9b293a3d058428bc73a7090], 
PUP.Optional.RocketTab.PrxySvrRST, C:\Windows\System32\Tasks\RocketTab, , [f266a16764271323348591acc53ebf41], 
PUP.Optional.RocketTab.PrxySvrRST, C:\Windows\System32\Tasks\RocketTab Update Task, , [3523a068b8d30d29cced0e2f0af920e0], 
PUP.Optional.MultiPlug.A, C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnhdepkabnmamnbhdbgnpofagdgkfbac\2.3\lsdb.js, , [2434f315a4e7d0661bde881508fc0cf4], 
PUP.Optional.MultiPlug.A, C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnhdepkabnmamnbhdbgnpofagdgkfbac\2.3\background.html, , [2434f315a4e7d0661bde881508fc0cf4], 
PUP.Optional.MultiPlug.A, C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnhdepkabnmamnbhdbgnpofagdgkfbac\2.3\content.js, , [2434f315a4e7d0661bde881508fc0cf4], 
PUP.Optional.MultiPlug.A, C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnhdepkabnmamnbhdbgnpofagdgkfbac\2.3\manifest.json, , [2434f315a4e7d0661bde881508fc0cf4], 
PUP.Optional.MultiPlug.A, C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnhdepkabnmamnbhdbgnpofagdgkfbac\2.3\WC6MhHB.js, , [2434f315a4e7d0661bde881508fc0cf4], 
PUP.Optional.MultiPlug.A, C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\johdeoloijidhejmalfkpchbihbiamph\231\lsdb.js, , [4f09f5133e4d56e070892a73b4507c84], 
PUP.Optional.MultiPlug.A, C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\johdeoloijidhejmalfkpchbihbiamph\231\background.html, , [4f09f5133e4d56e070892a73b4507c84], 
PUP.Optional.MultiPlug.A, C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\johdeoloijidhejmalfkpchbihbiamph\231\content.js, , [4f09f5133e4d56e070892a73b4507c84], 
PUP.Optional.MultiPlug.A, C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\johdeoloijidhejmalfkpchbihbiamph\231\manifest.json, , [4f09f5133e4d56e070892a73b4507c84], 
PUP.Optional.MultiPlug.A, C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\johdeoloijidhejmalfkpchbihbiamph\231\nu.js, , [4f09f5133e4d56e070892a73b4507c84], 
PUP.Optional.Mindspark.A, C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_inboxace.dl.tb.ask.com_0.localstorage, , [5ff9eb1d7219a29475b02b73788ced13], 
PUP.Optional.Mindspark.A, C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_inboxace.dl.tb.ask.com_0.localstorage-journal, , [1f3924e425662115d055aaf4e71dc13f], 
PUP.Optional.Mindspark.A, C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mapsgalaxy.dl.tb.ask.com_0.localstorage, , [59fff513701bbf77988d7c22758f2cd4], 
PUP.Optional.Mindspark.A, C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mapsgalaxy.dl.tb.ask.com_0.localstorage-journal, , [c19735d34843db5bc461ff9f28dc718f], 
PUP.Optional.Mindspark.A, C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mytransitguide.dl.tb.ask.com_0.localstorage, , [8ace40c885063ff79293cdd1659f8d73], 
PUP.Optional.Mindspark.A, C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mytransitguide.dl.tb.ask.com_0.localstorage-journal, , [d187e523e2a94beb7ea79e00877d2cd4], 
PUP.Optional.MindSpark.A, C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_inboxace.dl.myway.com_0.localstorage, , [ff5956b294f770c6ab62039f877d7d83], 
PUP.Optional.MindSpark.A, C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_inboxace.dl.myway.com_0.localstorage-journal, , [04540503eba0979f25e88d154fb511ef], 
PUP.Optional.MindSpark.A, C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mapsgalaxy.dl.myway.com_0.localstorage, , [0c4cbd4b523946f08a83069c48bc8977], 
PUP.Optional.MindSpark.A, C:\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mapsgalaxy.dl.myway.com_0.localstorage-journal, , [62f60206365561d556b7bce626de9c64], 
PUP.Optional.SuperOptimizer.A, C:\ProgramData\{a4e22517-1121-58d2-a4e2-22517112945c}\hqghumeaylnlf.dat, , [dc7c3bcd3457b185d7ca70333fc5e719], 
PUP.Optional.SuperOptimizer.A, C:\ProgramData\{a4e22517-1121-58d2-a4e2-22517112945c}\4127e4709d24b964, , [dc7c3bcd3457b185d7ca70333fc5e719], 
PUP.Optional.SuperOptimizer.A, C:\ProgramData\{a4e22517-1121-58d2-a4e2-22517112945c}\768732896454b234, , [dc7c3bcd3457b185d7ca70333fc5e719], 
PUP.Optional.BetterPriceChec.A, C:\Program Files (x86)\BEtterPriceCuHeac\im4xr2Px5jY66Y.tlb, , [afa9a4640784b3834ac7198edb2907f9], 
PUP.Optional.BetterPriceChec.A, C:\Program Files (x86)\BEtterPriceCuHeac\im4xr2Px5jY66Y.dat, , [afa9a4640784b3834ac7198edb2907f9], 
PUP.Optional.MultiPlug.Gen, C:\ProgramData\4113092078351547913\1cf85ce28e078d8282cf2196eae5258c.ini, , [a6b24eba5932ac8af3d88b227f854cb4], 
PUP.Optional.MultiPlug.Gen, C:\ProgramData\4113092078351547913\464c59fc4179414e82cf2196eae5258c.ini, , [a6b24eba5932ac8af3d88b227f854cb4], 
PUP.Optional.MultiPlug.Gen, C:\ProgramData\4113092078351547913\871724a5e33d3cdb82cf2196eae5258c.ini, , [a6b24eba5932ac8af3d88b227f854cb4], 
PUP.Optional.MultiPlug.Gen, C:\ProgramData\4113092078351547913\ff0ab8fc2fee9e7382cf2196eae5258c.ini, , [a6b24eba5932ac8af3d88b227f854cb4], 
PUP.Optional.OptScan.A, C:\Windows\System32\Tasks\Optscan, , [9eba07014249a98d8184802ed72d8e72], 
PUP.Optional.OptScan.A, C:\Windows\Tasks\Optscan.job, , [4f09798f157689ad14f200ae42c208f8], 
PUP.Optional.SearchProtect.A, C:\Users\nigel\AppData\Local\SearchProtect\Logs\sp_nsq89F.log, , [60f8f3159af181b52bb70ae859a90cf4], 
PUP.Optional.SearchProtect.A, C:\Users\nigel\AppData\Local\SearchProtect\Logs\sp_nsqB5E7.log, , [60f8f3159af181b52bb70ae859a90cf4], 
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat, , [da7eed1b89021f1753f15daaf1126c94], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#13 NigelTowns1

NigelTowns1
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:40 AM

Posted 13 August 2015 - 01:35 PM

C:\AdwCleaner\Quarantine\C\Program Files (x86)\BEtterPriceCuHeac\im4xr2Px5jY66Y.dll.vir a variant of Win32/Adware.MultiPlug.ND application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BEtterPriceCuHeac\im4xr2Px5jY66Y.x64.dll.vir a variant of Win64/Adware.MultiPlug.K application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\{3b4573e8-3772-8b98-3b45-573e8377cfa0}\4075630037620815097c.exe.vir a variant of Win32/Adware.MultiPlug.NU application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\{a4e22517-1121-58d2-a4e2-22517112945c}\hqghumeaylnlf.exe.vir a variant of Win32/Adware.SpeedingUpMyPC.AP application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnhdepkabnmamnbhdbgnpofagdgkfbac\2.3\WC6MhHB.js.vir JS/Adware.MultiPlug.G application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\johdeoloijidhejmalfkpchbihbiamph\231\nu.js.vir JS/Adware.MultiPlug.G application cleaned by deleting - quarantined
C:\Program Files (x86)\Google\Chrome\Application\GoogleUpdateHelper.dll a variant of Win32/ExtenBro.BK trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\nigel\Downloads\Setup.zip a variant of Win32/SoftPulse.AF potentially unwanted application deleted - quarantined
C:\Windows.old\Users\nigel\AppData\Local\Microsoft\Windows\INetCache\IE\DLX0VA85\vlcmediaplayer-setup.exe a variant of Win32/DownloadAdmin.M potentially unwanted application cleaned by deleting - quarantined
C:\Windows.old\Users\nigel\AppData\Local\Microsoft\Windows\INetCache\IE\MUCAO93K\vlcmediaplayer-setup.exe a variant of Win32/DownloadAdmin.M potentially unwanted application cleaned by deleting - quarantined
C:\Windows.old\Users\nigel\AppData\Local\Microsoft\Windows\INetCache\IE\OBMOXBT9\spidentifierimpl[1].exe a variant of Win32/ClientConnect.A potentially unwanted application cleaned by deleting - quarantined
C:\Windows.old\Users\nigel\AppData\Local\Temp\nsqB5E7.exe a variant of Win32/ClientConnect.A potentially unwanted application cleaned by deleting - quarantined
C:\Windows.old\Users\nigel\AppData\Local\Temp\optprosetup.exe multiple threats cleaned by deleting - quarantined
Operating memory a variant of Win32/ExtenBro.BK trojan contained infected files


#14 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:01:40 AM

Posted 13 August 2015 - 01:40 PM

Hi there,

Did you restart the computer to let ESET complete cleaning the active malware?

#15 NigelTowns1

NigelTowns1
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:40 AM

Posted 13 August 2015 - 02:51 PM

Hi yes, the computer has been reset. Are there any additional procedures to check for virus on the computer?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users