Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow computer, Search Safer Inc, and lost system repair points.


  • This topic is locked This topic is locked
18 replies to this topic

#1 jj266609

jj266609

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 28 October 2015 - 02:20 AM

My computer keeps asking me to give Search Safer Inc permission to change settings etc. I always say no, but the admin window continues to pop up. I never knowingly downloaded this program. My computer has become extremely slow whenever I try to do anything on it. I tried to do a system restore then it said the disks needed to be checked after rebooting the computer to check the disks my comp now says that there are no restore points to refer back to. I've downloaded Emisoft to rid the malware from my computer, but that has failed so far. Please help me. Thanks



BC AdBot (Login to Remove)

 


#2 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:07:57 PM

Posted 28 October 2015 - 03:39 AM

Hello,

 

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:

§  Flush DNS

§  Report IE Proxy Settings

§  Reset IE Proxy Settings

§  Report FF Proxy Settings

§  Reset FF Proxy Settings

§  List content of Hosts

§  List IP configuration

§  List Winsock Entries

§  List last 10 Event Viewer log

§  List Installed Programs

§  List Devices

§  List Users, Partitions and Memory size.

§  List Minidump Files

§  List Restore Points

Click Go and post the result (MTB.txt). A copy of MTB.txt will be saved in the same directory the tool is run.

---------------

 

Please download Rkill to your Desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe
http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/
 

§  Double-click on the Rkill desktop icon to run the tool.

§  If using Windows Vista, 7, 8 or 10 right-click on it and choose Run As Administrator.

§  black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.

§  If not, delete the file, then download and use the one provided in Link 2.

§  Do not reboot until instructed.

§  If the tool does not run from any of the links provided, please let me know.

If normal mode still doesn't work, run the tool from Safe Mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

------------

 

Kaspersky Virus Removal Tool

Please download Kaspersky Virus Removal Tool from here.

§  Right click on KVRT.exe and select Run as Administrator.

§  Read the EULA, then select Accept.

§  Wait for Kaspersky Virus Removal Tool to initialize.

§  In the main screen, select Change parameters, place a checkmark in System drive, then click OK.

§  Click Start scan.

§  Wait for Kaspersky Virus Removal Tool to complete scanning.

§  When the scan is finished, select Neutralize all for all detected objects.

§  Close Kaspersky Virus Removal Tool when done.

Informe me if something is detected.

-------

 

Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

 

§  Double-click mbam-setup-2.x.x.xxxx.exe and follow the prompts to install the program.

§  At the end, be sure a checkmark is placed next to the following:
 

o    Launch Malwarebytes Anti-Malware

o    A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

 

§  Click Finish.

§  On the Dashboard, click the 'Update Now >>' link

§  After the update completes, on Settings tab, set under Detection and Protection next options: 

1. 'Scan for rootkits'

2. Non-Malware Protection, for 'PUP detections', check, 'Threat detections as malware' option.

§  Return to Dashboard, click the 'Scan Now >>' button.

§  A Threat Scan will begin.

§  When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.

§  In most cases, a restart will be required.

§  Wait for the prompt to restart the computer to appear, than click on Yes.


If you already have MBAM 2.0 installed:
 

§  On the Dashboard, click the 'Update Now >>' link.

§  After the update completes, on Settings tab, set under Detection and Protection next options: 

1. 'Scan for rootkits'

2. Non-Malware Protection, for 'PUP detections', check, 'Threat detections as malware' option.

§  Return to Dashboard, click the Scan Now >> button.

§  A Threat Scan will begin.

§  When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.

§  In most cases, a restart will be required.

§  Wait for the prompt to restart the computer to appear, than click on Yes.

§  After the restart once you are back at your desktop, open MBAM once more.

§  Click on the History tab > Application Logs.

§  Double click on the Scan Log which shows the Date and time of the scan just performed.

§  Click 'Export'.

§  Click 'Copy to Clipboard'

 

§  Paste the contents of the clipboard into your reply.

---------


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#3 jj266609

jj266609
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 28 October 2015 - 03:09 PM

MiniToolBox by Farbar  Version: 25-07-2015 01
Ran by Jude (administrator) on 28-10-2015 at 12:17:52
Running from "C:\Users\Jude\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: Satellite L555 Manufacturer: TOSHIBA
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


0.0.0.1    mssplus.mcafee.com

127.0.0.1       localhost

========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection (Connected)
Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Hardware not present)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Jude-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Mixed
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 00-26-22-FA-99-08
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2605:e000:621b:8200:b1a0:6b0f:e55d:327f(Preferred)
   Temporary IPv6 Address. . . . . . : 2605:e000:621b:8200:550d:be0e:b0d4:70a8(Preferred)
   Link-local IPv6 Address . . . . . : fe80::b1a0:6b0f:e55d:327f%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.16(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, October 28, 2015 12:05:40 PM
   Lease Expires . . . . . . . . . . : Wednesday, October 28, 2015 1:05:40 PM
   Default Gateway . . . . . . . . . : fe80::92c7:92ff:fed5:82e7%10
                                       192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 234890786
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-F1-23-D2-00-26-22-FA-99-08
   DNS Servers . . . . . . . . . . . : 209.18.47.61
                                       209.18.47.62
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{CB58A216-D4C3-4814-930A-3E950839333B}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    google.com
Addresses:  2607:f8b0:4007:806::200e
      216.58.217.206


Pinging google.com [2607:f8b0:4007:809::200e] with 32 bytes of data:
Reply from 2607:f8b0:4007:809::200e: time=16ms
Reply from 2607:f8b0:4007:809::200e: time=13ms

Ping statistics for 2607:f8b0:4007:809::200e:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 13ms, Maximum = 16ms, Average = 14ms
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    yahoo.com
Addresses:  2001:4998:c:a06::2:4008
      2001:4998:44:204::a7
      2001:4998:58:c02::a9
      206.190.36.45
      98.139.183.24
      98.138.253.109


Pinging yahoo.com [2001:4998:58:c02::a9] with 32 bytes of data:
Reply from 2001:4998:58:c02::a9: time=99ms
Reply from 2001:4998:58:c02::a9: time=94ms

Ping statistics for 2001:4998:58:c02::a9:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 94ms, Maximum = 99ms, Average = 96ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...00 26 22 fa 99 08 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.16     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.16    276
     192.168.0.16  255.255.255.255         On-link      192.168.0.16    276
    192.168.0.255  255.255.255.255         On-link      192.168.0.16    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.16    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.16    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 10    276 ::/0                     fe80::92c7:92ff:fed5:82e7
  1    306 ::1/128                  On-link
 10     28 2605:e000:621b:8200::/64 On-link
 10    276 2605:e000:621b:8200:550d:be0e:b0d4:70a8/128
                                    On-link
 10    276 2605:e000:621b:8200:b1a0:6b0f:e55d:327f/128
                                    On-link
 10    276 fe80::/64                On-link
 10    276 fe80::b1a0:6b0f:e55d:327f/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\windows\system32\plsapp.dll [354592] (Sendori)
Catalog9 02 C:\windows\system32\plsapp.dll [354592] (Sendori)
Catalog9 03 C:\windows\system32\plsapp.dll [354592] (Sendori)
Catalog9 04 C:\windows\system32\plsapp.dll [354592] (Sendori)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\windows\system32\plsapp.dll [354592] (Sendori)
x64-Catalog5 01 mswsock.dll [File Not found] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\windows\System32\plsapp64.dll [439296] (Sendori)
x64-Catalog9 02 C:\windows\System32\plsapp64.dll [439296] (Sendori)
x64-Catalog9 03 C:\windows\System32\plsapp64.dll [439296] (Sendori)
x64-Catalog9 04 C:\windows\System32\plsapp64.dll [439296] (Sendori)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 14 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 15 C:\windows\System32\plsapp64.dll [439296] (Sendori)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/28/2015 12:12:02 PM) (Source: PlsvcV2) (User: )
Description: In the enable methodCould not load file or assembly 'System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' or one of its dependencies. The system cannot find the file specified.

Error: (10/28/2015 01:09:31 AM) (Source: Sendori) (User: )
Description: TV ERRORThe remote name could not be resolved: 'pureleadstv.searchtreat.com'

Error: (10/28/2015 12:48:13 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "45.0.2454.85,language="&#x2a;",type="win32",version="45.0.2454.85"1".
Dependent Assembly 45.0.2454.85,language="&#x2a;",type="win32",version="45.0.2454.85" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/28/2015 12:36:48 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "45.0.2454.85,language="&#x2a;",type="win32",version="45.0.2454.85"1".
Dependent Assembly 45.0.2454.85,language="&#x2a;",type="win32",version="45.0.2454.85" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/28/2015 12:29:11 AM) (Source: PlsvcV2) (User: )
Description: In the enable methodCould not load file or assembly 'System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' or one of its dependencies. The system cannot find the file specified.

Error: (10/28/2015 12:23:34 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "45.0.2454.85,language="&#x2a;",type="win32",version="45.0.2454.85"1".
Dependent Assembly 45.0.2454.85,language="&#x2a;",type="win32",version="45.0.2454.85" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/28/2015 12:22:44 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "45.0.2454.85,language="&#x2a;",type="win32",version="45.0.2454.85"1".
Dependent Assembly 45.0.2454.85,language="&#x2a;",type="win32",version="45.0.2454.85" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/28/2015 12:22:44 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "45.0.2454.85,language="&#x2a;",type="win32",version="45.0.2454.85"1".
Dependent Assembly 45.0.2454.85,language="&#x2a;",type="win32",version="45.0.2454.85" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/27/2015 11:46:54 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "45.0.2454.85,language="&#x2a;",type="win32",version="45.0.2454.85"1".
Dependent Assembly 45.0.2454.85,language="&#x2a;",type="win32",version="45.0.2454.85" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/27/2015 11:46:54 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "45.0.2454.85,language="&#x2a;",type="win32",version="45.0.2454.85"1".
Dependent Assembly 45.0.2454.85,language="&#x2a;",type="win32",version="45.0.2454.85" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (10/28/2015 12:09:44 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070005

Error: (10/28/2015 12:09:43 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070005

Error: (10/28/2015 12:09:17 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147467259

Error: (10/28/2015 12:09:17 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147467259

Error: (10/28/2015 12:09:10 PM) (Source: Service Control Manager) (User: )
Description: The plsapp service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/28/2015 12:09:09 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SASDIFSV
SASKUTIL

Error: (10/28/2015 12:08:07 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the PACE License Services service to connect.

Error: (10/28/2015 12:07:29 PM) (Source: Service Control Manager) (User: )
Description: The Freemake Improver service failed to start due to the following error:
%%1053

Error: (10/28/2015 12:07:29 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Freemake Improver service to connect.

Error: (10/28/2015 12:06:58 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)


Microsoft Office Sessions:
=========================
Error: (10/28/2015 12:12:02 PM) (Source: PlsvcV2)(User: )
Description: In the enable methodCould not load file or assembly 'System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' or one of its dependencies. The system cannot find the file specified.

Error: (10/28/2015 01:09:31 AM) (Source: Sendori)(User: )
Description: TV ERRORThe remote name could not be resolved: 'pureleadstv.searchtreat.com'

Error: (10/28/2015 12:48:13 AM) (Source: SideBySide)(User: )
Description: 45.0.2454.85,language="&#x2a;",type="win32",version="45.0.2454.85"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Error: (10/28/2015 12:36:48 AM) (Source: SideBySide)(User: )
Description: 45.0.2454.85,language="&#x2a;",type="win32",version="45.0.2454.85"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Error: (10/28/2015 12:29:11 AM) (Source: PlsvcV2)(User: )
Description: In the enable methodCould not load file or assembly 'System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' or one of its dependencies. The system cannot find the file specified.

Error: (10/28/2015 12:23:34 AM) (Source: SideBySide)(User: )
Description: 45.0.2454.85,language="&#x2a;",type="win32",version="45.0.2454.85"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Error: (10/28/2015 12:22:44 AM) (Source: SideBySide)(User: )
Description: 45.0.2454.85,language="&#x2a;",type="win32",version="45.0.2454.85"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Error: (10/28/2015 12:22:44 AM) (Source: SideBySide)(User: )
Description: 45.0.2454.85,language="&#x2a;",type="win32",version="45.0.2454.85"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Error: (10/27/2015 11:46:54 PM) (Source: SideBySide)(User: )
Description: 45.0.2454.85,language="&#x2a;",type="win32",version="45.0.2454.85"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Error: (10/27/2015 11:46:54 PM) (Source: SideBySide)(User: )
Description: 45.0.2454.85,language="&#x2a;",type="win32",version="45.0.2454.85"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


CodeIntegrity Errors:
===================================
  Date: 2012-07-19 21:19:16.538
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-07-19 21:19:16.523
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-11-28 22:31:53.521
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (HKLM\...\{3138F992-045B-4F55-825C-53B231E647CA}) (Version: 13.2.1 - Hewlett-Packard) Hidden
Ableton Live 9 Suite (HKLM\...\{A7C273D4-3F82-4A08-94DC-7492FC151F15}) (Version: 9.0.0.0 - Ableton)
ACE30 Plug-in 32 bit DLL (HKLM-x32\...\{B468F653-3AF5-4724-9A63-3DE888B5F6A8}) (Version: 0.0.60209.0 - MOTU) Hidden
ACE30 Plug-in 64 bit DLL (HKLM\...\{19DBCB48-D9EB-414F-9474-3122695D9D1D}) (Version: 0.0.60209.0 - MOTU) Hidden
ACE30 Plug-in Data (HKLM-x32\...\{D245C7F6-E39B-4D3C-844B-3F8C054FC54D}) (Version: 0.0.60209.0 - MOTU) Hidden
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
AIR Creative Collection (HKLM\...\{D3AE0FF1-6A78-4099-8779-B05E313B7828}) (Version: 11.1.0 - AIR Music Technology)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
AnalogChorus Plug-in 32 bit DLL (HKLM-x32\...\{7B2587A8-50D3-405B-A738-75DA0C602E01}) (Version: 0.0.60209.0 - MOTU) Hidden
AnalogChorus Plug-in 64 bit DLL (HKLM\...\{3E99EC1C-EBF5-4135-9F03-7E45AD06A78A}) (Version: 0.0.60209.0 - MOTU) Hidden
AnalogChorus Plug-in Data (HKLM-x32\...\{C2439621-A6AC-4205-B82D-38F2E434A489}) (Version: 0.0.60209.0 - MOTU) Hidden
AnalogDelay Plug-in 32 bit DLL (HKLM-x32\...\{543A2848-D12F-4FB2-9265-7F5D7E971CE3}) (Version: 0.0.60209.0 - MOTU) Hidden
AnalogDelay Plug-in 64 bit DLL (HKLM\...\{95D71B8F-E975-40AF-B41F-6F1453198001}) (Version: 0.0.60209.0 - MOTU) Hidden
AnalogDelay Plug-in Data (HKLM-x32\...\{B9E53273-3E8D-4CA6-89EE-91078911C349}) (Version: 0.0.60209.0 - MOTU) Hidden
AnalogFlanger Plug-in 32 bit DLL (HKLM-x32\...\{4D83BDBE-C901-4E3B-B256-BDDE063C1929}) (Version: 0.0.60209.0 - MOTU) Hidden
AnalogFlanger Plug-in 64 bit DLL (HKLM\...\{D1AF347B-87C7-4AF9-BC78-E95AE0DB48F0}) (Version: 0.0.60209.0 - MOTU) Hidden
AnalogFlanger Plug-in Data (HKLM-x32\...\{5A2694FD-2CAB-47FA-9E3B-6BE39283A798}) (Version: 0.0.60209.0 - MOTU) Hidden
AnalogPhaser Plug-in 32 bit DLL (HKLM-x32\...\{62D55DD3-F444-4F9D-B575-904B8774F5E4}) (Version: 0.0.60209.0 - MOTU) Hidden
AnalogPhaser Plug-in 64 bit DLL (HKLM\...\{C309BC24-4444-4DAF-A342-AA086EFD972E}) (Version: 0.0.60209.0 - MOTU) Hidden
AnalogPhaser Plug-in Data (HKLM-x32\...\{1613CB4D-774F-4BF8-90C3-40F949B62BB4}) (Version: 0.0.60209.0 - MOTU) Hidden
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Arc Panner Plug-in 32 bit DLL (HKLM-x32\...\{48CE6EF7-EC26-407B-90BF-A906FF3D69B0}) (Version: 0.0.60209.0 - MOTU) Hidden
Arc Panner Plug-in 64 bit DLL (HKLM\...\{D89C626B-3024-436E-AD0C-BA875C6CAA41}) (Version: 0.0.60209.0 - MOTU) Hidden
Arc Panner Plug-in Data (HKLM-x32\...\{59367663-E473-41FD-8E3B-0E7723DBEE53}) (Version: 0.0.60209.0 - MOTU) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 - Michael Tippach)
Auralizer Plug-in 32 bit DLL (HKLM-x32\...\{3D6ACFE7-47A3-432F-8EC7-710771F96218}) (Version: 0.0.60209.0 - MOTU) Hidden
Auralizer Plug-in 64 bit DLL (HKLM\...\{CC676DC9-F8B0-4EA2-BB93-66561FCC78FC}) (Version: 0.0.60209.0 - MOTU) Hidden
Auralizer Plug-in Data (HKLM-x32\...\{ECEE01CE-89B0-41C7-B9D2-79C27B26691C}) (Version: 0.0.60209.0 - MOTU) Hidden
AutoPan Plug-in 32 bit DLL (HKLM-x32\...\{751F8836-6B6C-4D4A-8E5A-D3B65D1AA142}) (Version: 0.0.60209.0 - MOTU) Hidden
AutoPan Plug-in 64 bit DLL (HKLM\...\{02E2759A-84CD-4576-8D82-AA997792C846}) (Version: 0.0.60209.0 - MOTU) Hidden
AutoPan Plug-in Data (HKLM-x32\...\{DEAE9DCA-E62B-49FB-AEFC-AA1A867FA0A2}) (Version: 0.0.60209.0 - MOTU) Hidden
AVG 2012 (HKLM\...\{6D830209-41C2-4D6B-BA25-4EF98807D9FB}) (Version: 12.0.2109 - AVG Technologies) Hidden
Avid Effects (HKLM\...\{0faad20d-ad8d-4249-ad93-7f006f2aa54b}) (Version: 11.2.0 - Avid Technology, Inc.)
Avid Fast Track Duo Driver 1.0.4 (x64) (HKLM\...\{3D0CC0E7-C291-42D4-A707-07B7FD69F209}) (Version: 1.0.4 - Avid)
Avid HD Driver (x64) (HKLM\...\{658E112A-8776-4430-A275-D9248732DFB9}) (Version: 11.2.0 - Avid Technology, Inc.)
Avid Mbox Mini 1.1.7 (x64) (HKLM\...\{DE754FE6-E391-4FB3-A888-6ACC3FB44DAB}) (Version: 1.1.7 - Avid)
Avid Pro Tools (HKLM\...\{4D24A12F-11DE-4CA0-9CB7-0418C86A8244}) (Version: 11.2.0 - Avid Technology, Inc.)
Bass Manager Plug-in 32 bit DLL (HKLM-x32\...\{B4BE693F-6C92-4F88-913A-D2213538DCA2}) (Version: 0.0.60209.0 - MOTU) Hidden
Bass Manager Plug-in 64 bit DLL (HKLM\...\{1EB2DF3A-25B4-4652-8244-992C3C3DF9E7}) (Version: 0.0.60209.0 - MOTU) Hidden
Bass Manager Plug-in Data (HKLM-x32\...\{050C19DB-EEEE-4E2E-B1F2-8766CA24B93F}) (Version: 0.0.60209.0 - MOTU) Hidden
BassLine Plug-in 32 bit DLL (HKLM-x32\...\{E496C84A-E27B-40F9-A38E-70F6EDB82CE6}) (Version: 0.0.60209.0 - MOTU) Hidden
BassLine Plug-in 64 bit DLL (HKLM\...\{46CB8620-291F-47DD-943C-E941036CCA00}) (Version: 0.0.60209.0 - MOTU) Hidden
BassLine Plug-in Data (HKLM-x32\...\{3387D5BB-6395-4787-9203-062304E4FC95}) (Version: 0.0.60209.0 - MOTU) Hidden
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.5.41203 - BitTorrent Inc.)
BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.8.0.29626 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Buffy Plug-in 32 bit DLL (HKLM-x32\...\{E1745AD5-B117-4525-B271-1DCCE86CD6BE}) (Version: 0.0.60209.0 - MOTU) Hidden
Buffy Plug-in 64 bit DLL (HKLM\...\{F12B47ED-C5A6-463C-B7BD-C0F64788B66F}) (Version: 0.0.60209.0 - MOTU) Hidden
Buffy Plug-in Data (HKLM-x32\...\{91E5BF61-C1D0-462B-9D52-C702261A5923}) (Version: 0.0.60209.0 - MOTU) Hidden
Calibration Plug-in 32 bit DLL (HKLM-x32\...\{C24FFE9B-09AD-4976-AEFE-9BEC1E2908AA}) (Version: 0.0.60209.0 - MOTU) Hidden
Calibration Plug-in 64 bit DLL (HKLM\...\{487E13ED-C5D1-4304-BC10-C35506C1A458}) (Version: 0.0.60209.0 - MOTU) Hidden
Calibration Plug-in Data (HKLM-x32\...\{E9A73D49-67C0-4DCD-904A-CFE13CB312D1}) (Version: 0.0.60209.0 - MOTU) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Chorus Plug-in 32 bit DLL (HKLM-x32\...\{ECAEA022-F708-4932-9862-0A591F367280}) (Version: 0.0.60209.0 - MOTU) Hidden
Chorus Plug-in 64 bit DLL (HKLM\...\{EC4DCC31-993A-48BD-B533-FE046FA1D5BB}) (Version: 0.0.60209.0 - MOTU) Hidden
Chorus Plug-in Data (HKLM-x32\...\{FB6B7DF9-B8BD-4F43-9F98-5A9282982C77}) (Version: 0.0.60209.0 - MOTU) Hidden
ClearPebble Plug-in 32 bit DLL (HKLM-x32\...\{BC571FA2-4F88-4B46-87B3-D3C467B17EC9}) (Version: 0.0.60209.0 - MOTU) Hidden
ClearPebble Plug-in 64 bit DLL (HKLM\...\{5EE09414-EAC3-4A55-A262-C2035E5DA819}) (Version: 0.0.60209.0 - MOTU) Hidden
ClearPebble Plug-in Data (HKLM-x32\...\{83D59B09-772B-4506-97D4-1F106C144EEE}) (Version: 0.0.60209.0 - MOTU) Hidden
CopyTrans Suite Remove Only (HKCU\...\CopyTrans Suite) (Version: 2.36 - WindSolutions)
Custom59 Plug-in 32 bit DLL (HKLM-x32\...\{5085B1DC-3A41-4811-B4AF-905801E4ED99}) (Version: 0.0.60209.0 - MOTU) Hidden
Custom59 Plug-in 64 bit DLL (HKLM\...\{8480FEB4-C418-47A3-BE3A-1524D17BF368}) (Version: 0.0.60209.0 - MOTU) Hidden
Custom59 Plug-in Data (HKLM-x32\...\{13EC9437-5C79-41E9-AA3E-994657503139}) (Version: 0.0.60209.0 - MOTU) Hidden
DCNotch Plug-in 32 bit DLL (HKLM-x32\...\{205F551F-BE30-43D8-995A-D46AF934BBFA}) (Version: 0.0.60209.0 - MOTU) Hidden
DCNotch Plug-in 64 bit DLL (HKLM\...\{BBF1473E-C53E-418B-A3C3-F752B06E993F}) (Version: 0.0.60209.0 - MOTU) Hidden
DCNotch Plug-in Data (HKLM-x32\...\{7F63FD4C-64D2-4C19-8289-25A3F881DE2B}) (Version: 0.0.60209.0 - MOTU) Hidden
DeEsser Plug-in 32 bit DLL (HKLM-x32\...\{76F2124A-B09D-44D9-BAC1-69BAC4DD2A71}) (Version: 0.0.60209.0 - MOTU) Hidden
DeEsser Plug-in 64 bit DLL (HKLM\...\{38151C10-D3C6-45E3-90C1-F5065F93CB1B}) (Version: 0.0.60209.0 - MOTU) Hidden
DeEsser Plug-in Data (HKLM-x32\...\{F98ACBFA-968D-4FF9-99F3-C3019DE4924C}) (Version: 0.0.60209.0 - MOTU) Hidden
Delay Plug-in 32 bit DLL (HKLM-x32\...\{D6738119-6902-4911-947E-AAB7F04448EA}) (Version: 0.0.60209.0 - MOTU) Hidden
Delay Plug-in 64 bit DLL (HKLM\...\{FF249A79-69A9-4549-8D34-F5C3A3EB8724}) (Version: 0.0.60209.0 - MOTU) Hidden
Delay Plug-in Data (HKLM-x32\...\{EE538593-C204-4FC3-9E2B-B68A664BF3B2}) (Version: 0.0.60209.0 - MOTU) Hidden
DeltaFuzz Plug-in 32 bit DLL (HKLM-x32\...\{853C5010-E589-400F-8A38-3C6F136A6A66}) (Version: 0.0.60209.0 - MOTU) Hidden
DeltaFuzz Plug-in 64 bit DLL (HKLM\...\{0B79540D-506F-438D-A834-84B4547473C7}) (Version: 0.0.60209.0 - MOTU) Hidden
DeltaFuzz Plug-in Data (HKLM-x32\...\{86E65555-7216-4E63-90CC-6C40CFC12790}) (Version: 0.0.60209.0 - MOTU) Hidden
DiamondDrive Plug-in 32 bit DLL (HKLM-x32\...\{2C5CA2A4-DFB2-41BB-BEA8-DF1C835F1A3F}) (Version: 0.0.60209.0 - MOTU) Hidden
DiamondDrive Plug-in 64 bit DLL (HKLM\...\{81474A91-8DC7-4145-8155-AC113DCB7EB4}) (Version: 0.0.60209.0 - MOTU) Hidden
DiamondDrive Plug-in Data (HKLM-x32\...\{1086280F-87F3-41DD-A883-AA1B6002A58C}) (Version: 0.0.60209.0 - MOTU) Hidden
Digital Performer 8.0 (HKLM-x32\...\{31b99d51-9bbc-444b-816e-4564179b6cba}) (Version: 8.0.60183.0 - MOTU)
Digital Performer 8.0 x64 (HKLM\...\{5669FC5A-1C8F-4FEE-A54A-FDA4D6CCEFCE}) (Version: 8.0.60183.0 - MOTU) Hidden
Digital Performer 8.0 x64 (HKLM\...\{A78A257E-44D8-43B6-80D2-BA56574730C4}) (Version: 8.0.60183.0 - MOTU) Hidden
Digital Performer 8.0 x86 (HKLM-x32\...\{09B43455-B230-4878-8498-7765C3D641C6}) (Version: 8.0.60183.0 - MOTU) Hidden
Digital Performer 8.0 x86 (HKLM-x32\...\{79C2AAF5-3EF8-4FCC-B4EF-6C742C0C1F51}) (Version: 8.0.60183.0 - MOTU) Hidden
Digital Performer Data (HKLM-x32\...\{16C34FDE-B7B8-46DE-AA25-6A6FE4BCB179}) (Version: 8.0.60183.0 - MOTU) Hidden
Digital Performer Data (HKLM-x32\...\{806D4785-FB08-444C-A4A5-C480157C4F48}) (Version: 8.0.60183.0 - MOTU) Hidden
Digital Performer Plug-ins x64 (HKLM\...\{0C2B0518-C475-403C-A285-925D98FC08FB}) (Version: 8.0.60183.0 - MOTU) Hidden
Digital Performer Plug-ins x64 (HKLM\...\{97BBA5C9-B57A-41CA-A936-5BA6985C59C3}) (Version: 8.0.60183.0 - MOTU) Hidden
Digital Performer Plug-ins x86 (HKLM-x32\...\{076A9FF4-1116-4C64-9FFB-E0572E0CABE0}) (Version: 8.0.60183.0 - MOTU) Hidden
Digital Performer Plug-ins x86 (HKLM-x32\...\{2BAD824B-AF7B-4736-BEC8-F93738ABEE21}) (Version: 8.0.60183.0 - MOTU) Hidden
DPlus Plug-in 32 bit DLL (HKLM-x32\...\{D713D486-AB65-41B0-9650-C77946F9BC04}) (Version: 0.0.60209.0 - MOTU) Hidden
DPlus Plug-in 64 bit DLL (HKLM\...\{EEB8BC11-BC67-484A-9AC3-E870B0EB4DBB}) (Version: 0.0.60209.0 - MOTU) Hidden
DPlus Plug-in Data (HKLM-x32\...\{43EE1611-C0D0-455D-B809-5019FC8F016C}) (Version: 0.0.60209.0 - MOTU) Hidden
DynamicEQ Plug-in 32 bit DLL (HKLM-x32\...\{4DEEAF7D-78F5-4CE2-B24B-AFC4A9F3A86B}) (Version: 0.0.60209.0 - MOTU) Hidden
DynamicEQ Plug-in 64 bit DLL (HKLM\...\{EE23B16B-2849-47F9-B661-3CBB40BF6CFB}) (Version: 0.0.60209.0 - MOTU) Hidden
DynamicEQ Plug-in Data (HKLM-x32\...\{A4C79621-0275-4E6E-995E-32834F3242B6}) (Version: 0.0.60209.0 - MOTU) Hidden
Dynamics Plug-in 32 bit DLL (HKLM-x32\...\{231CD500-147F-4E2D-90DF-A55E055F2BF4}) (Version: 0.0.60209.0 - MOTU) Hidden
Dynamics Plug-in 64 bit DLL (HKLM\...\{B802C4E8-3973-4AA1-BDCF-E5B46E37D7D7}) (Version: 0.0.60209.0 - MOTU) Hidden
Dynamics Plug-in Data (HKLM-x32\...\{383779F7-BF2D-47DB-B3A5-40C542011E79}) (Version: 0.0.60209.0 - MOTU) Hidden
DynaSquash Plug-in 32 bit DLL (HKLM-x32\...\{CD23232D-9694-4FFE-824C-E8149CF0E992}) (Version: 0.0.60209.0 - MOTU) Hidden
DynaSquash Plug-in 64 bit DLL (HKLM\...\{56933228-8844-4E88-AE0D-9EAE9F696FD0}) (Version: 0.0.60209.0 - MOTU) Hidden
DynaSquash Plug-in Data (HKLM-x32\...\{900AFA8E-F9EF-4B8D-A1B5-501758F00CE5}) (Version: 0.0.60209.0 - MOTU) Hidden
Echo Plug-in 32 bit DLL (HKLM-x32\...\{C8E723EB-EEC0-468F-AB19-8E26B4AB1A74}) (Version: 0.0.60209.0 - MOTU) Hidden
Echo Plug-in 64 bit DLL (HKLM\...\{719AC169-CE31-4764-B2EF-2C598D7D16CD}) (Version: 0.0.60209.0 - MOTU) Hidden
Echo Plug-in Data (HKLM-x32\...\{E49BC09B-9D73-4BD8-8437-7FC0B8EF819B}) (Version: 0.0.60209.0 - MOTU) Hidden
EnsembleChorus Plug-in 32 bit DLL (HKLM-x32\...\{5C665787-C91D-4A3C-B21B-0BDD419952E6}) (Version: 0.0.60209.0 - MOTU) Hidden
EnsembleChorus Plug-in 64 bit DLL (HKLM\...\{2A416DA8-B744-4C44-ACA4-42C9E306C233}) (Version: 0.0.60209.0 - MOTU) Hidden
EnsembleChorus Plug-in Data (HKLM-x32\...\{4511031F-85D1-4EF4-8D48-612145D97434}) (Version: 0.0.60209.0 - MOTU) Hidden
EPSON NX510 Series Printer Uninstall (HKLM\...\EPSON NX510 Series) (Version:  - SEIKO EPSON Corporation)
eVerb Plug-in 32 bit DLL (HKLM-x32\...\{8F3277E6-F644-493C-B41C-90F6943CC5F9}) (Version: 0.0.60209.0 - MOTU) Hidden
eVerb Plug-in 64 bit DLL (HKLM\...\{3BDD4F84-6BBB-44F8-A4E7-3894BF9CAEDE}) (Version: 0.0.60209.0 - MOTU) Hidden
eVerb Plug-in Data (HKLM-x32\...\{84318F62-9AFA-4E1B-987A-A2394B0478AD}) (Version: 0.0.60209.0 - MOTU) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Flanger Plug-in 32 bit DLL (HKLM-x32\...\{B8CA7B06-7DBE-435C-9339-B6EBB9E34A5A}) (Version: 0.0.60209.0 - MOTU) Hidden
Flanger Plug-in 64 bit DLL (HKLM\...\{7AA9C599-300D-4BC1-A349-3415D4402A7C}) (Version: 0.0.60209.0 - MOTU) Hidden
Flanger Plug-in Data (HKLM-x32\...\{279844F3-BACE-43A5-89B4-388DB59637B8}) (Version: 0.0.60209.0 - MOTU) Hidden
FreeFixer (HKLM-x32\...\FreeFixer1.13) (Version: 1.13 - Kephyr)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.15 - Google Inc.) Hidden
HiTop Plug-in 32 bit DLL (HKLM-x32\...\{83CB3956-4170-46F1-9575-4B09E48F731D}) (Version: 0.0.60209.0 - MOTU) Hidden
HiTop Plug-in 64 bit DLL (HKLM\...\{8A3AE3A0-0796-4D61-A3A2-8855F16D2AE5}) (Version: 0.0.60209.0 - MOTU) Hidden
HiTop Plug-in Data (HKLM-x32\...\{62EE7B35-0E09-472B-B989-34D42F9F3E0D}) (Version: 0.0.60209.0 - MOTU) Hidden
IntelligentNoiseGate Plug-in 32 bit DLL (HKLM-x32\...\{CE6AD9DB-2A09-448B-9588-319525CA9C31}) (Version: 0.0.60209.0 - MOTU) Hidden
IntelligentNoiseGate Plug-in Data (HKLM-x32\...\{72B5E0B3-1A5A-4655-B55B-4C124D89397C}) (Version: 0.0.60209.0 - MOTU) Hidden
ISO Recorder (HKLM\...\{2D7ED2A0-9553-412B-939F-D6E0AEB2ABE1}) (Version: 3.1.0 - Alex Feinman)
iTunes (HKLM\...\{A04DCB25-7040-4935-A30D-8E0A893ABF2D}) (Version: 11.1.2.32 - Apple Inc.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
LiveRoomB Plug-in 32 bit DLL (HKLM-x32\...\{0A6D6813-BF0E-4C88-B087-A4F092E7A84E}) (Version: 0.0.60209.0 - MOTU) Hidden
LiveRoomB Plug-in 64 bit DLL (HKLM\...\{1AF57B3D-3212-4846-AA61-F8F7E0A944EC}) (Version: 0.0.60209.0 - MOTU) Hidden
LiveRoomB Plug-in Data (HKLM-x32\...\{6B912752-8204-49A4-B02E-1C50E6ED8188}) (Version: 0.0.60209.0 - MOTU) Hidden
LiveRoomB Plug-in Data Library (HKLM-x32\...\{0680DB48-A80E-4FD4-A1BA-EACA93F40A70}) (Version: 0.0.55504.0 - MOTU) Hidden
LiveRoomG Plug-in 32 bit DLL (HKLM-x32\...\{3FB411A1-4CEF-438B-A6CA-750C0186C642}) (Version: 0.0.60209.0 - MOTU) Hidden
LiveRoomG Plug-in 64 bit DLL (HKLM\...\{C285947C-3A29-42D5-A3D1-376775985E00}) (Version: 0.0.60209.0 - MOTU) Hidden
LiveRoomG Plug-in Data (HKLM-x32\...\{82EA5523-4A97-4F39-AEFB-CAA95C643129}) (Version: 0.0.60209.0 - MOTU) Hidden
LiveRoomG Plug-in Data Library (HKLM-x32\...\{71884BA7-189E-43A6-B3F3-B48FDC2BBAFC}) (Version: 0.0.55504.0 - MOTU) Hidden
LiveStage Plug-in 32 bit DLL (HKLM-x32\...\{070800FB-BDC2-4B1D-BA0B-3F0BDD891866}) (Version: 0.0.60209.0 - MOTU) Hidden
LiveStage Plug-in 64 bit DLL (HKLM\...\{365932E8-EFDE-4D6B-B8A6-9A8D95B7DCFF}) (Version: 0.0.60209.0 - MOTU) Hidden
LiveStage Plug-in Data (HKLM-x32\...\{6809DE44-E1A1-416C-9BAB-D3A9D936E82D}) (Version: 0.0.60209.0 - MOTU) Hidden
LiveStage Plug-in Data Library (HKLM-x32\...\{843CFCB5-8C66-4ED4-B6A8-F84B6BA4CAE4}) (Version: 0.0.55504.0 - MOTU) Hidden
MagniPic (HKLM\...\{D94DC2F0-40FF-428A-A061-08DD02AEE006}) (Version: 1.0 - )
MasterWorks Compressor Plug-in 32 bit DLL (HKLM-x32\...\{962CD3F7-AF70-4DB9-80E1-4F33C046BAE1}) (Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks Compressor Plug-in 64 bit DLL (HKLM\...\{31015C15-5868-4F2A-8D2F-C583F636C0F8}) (Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks Compressor Plug-in Data (HKLM-x32\...\{8B9E883D-CAC2-4EB3-964C-5D70AC8A7548}) (Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks EQ Plug-in 32 bit DLL (HKLM-x32\...\{7A15903C-CB0C-4C4F-A656-AA512B7527C6}) (Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks EQ Plug-in 64 bit DLL (HKLM\...\{751B869A-E45D-4A07-8B25-4EE0C9D951EF}) (Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks EQ Plug-in Data (HKLM-x32\...\{CA027493-FC27-49AC-AF4D-C50D87A1D009}) (Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks Gate Plug-in 32 bit DLL (HKLM-x32\...\{F6DE0CD9-A9A6-48FF-A988-5EF8E9BAA822}) (Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks Gate Plug-in 64 bit DLL (HKLM\...\{17A930F3-00DB-4D2F-877F-72496701584A}) (Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks Gate Plug-in Data (HKLM-x32\...\{2F814723-6C84-4E61-85CA-769A6E5FF763}) (Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks Leveler Plug-in 32 bit DLL (HKLM-x32\...\{19DC520D-008A-4BB4-939F-3BB3DB13BF75}) (Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks Leveler Plug-in 64 bit DLL (HKLM\...\{7FCB91EE-F3E9-47DA-8516-45CA59E175A3}) (Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks Leveler Plug-in Data (HKLM-x32\...\{80959A8F-4A4D-4D7E-8404-6DD4AB4CF513}) (Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks Limiter Plug-in 32 bit DLL (HKLM-x32\...\{651C5285-C502-42F9-A5A7-86C3B2678070}) (Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks Limiter Plug-in 64 bit DLL (HKLM\...\{A87EDBB7-0C85-4728-948F-6B993457F8F6}) (Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks Limiter Plug-in Data (HKLM-x32\...\{DAB5D9E1-FD58-4687-8479-43DCB39DA100}) (Version: 0.0.60209.0 - MOTU) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.163.2 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.0.1526.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{A0FE116E-9A8A-466F-AEE0-625CB7C207E3}) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710F4C1C-CC18-4C49-8CBF-51240C89A1A2}) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052B-02A4-4627-81F2-1818DA5D550D}) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version:  - )
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version:  - )
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Model12 Plug-in 32 bit DLL (HKLM-x32\...\{2C34B3B5-E159-4564-A22A-C3992ECF26FC}) (Version: 0.0.60209.0 - MOTU) Hidden
Model12 Plug-in 64 bit DLL (HKLM\...\{900CF671-E5A8-440D-BDEB-2958FD0C538B}) (Version: 0.0.60209.0 - MOTU) Hidden
Model12 Plug-in Data (HKLM-x32\...\{75C00E3B-B6CA-4836-AB1D-30A18F4E81AE}) (Version: 0.0.60209.0 - MOTU) Hidden
Model12 Plug-in Data Library (HKLM-x32\...\{9A037089-0A86-4C2B-8F97-5EF96AD75077}) (Version: 0.0.55504.0 - MOTU) Hidden
Modulo Plug-in 32 bit DLL (HKLM-x32\...\{B8059E3E-9445-497D-BCA6-B63B74F9038D}) (Version: 0.0.60209.0 - MOTU) Hidden
Modulo Plug-in 64 bit DLL (HKLM\...\{445A8151-7678-4FF3-8F0E-5EB321FB68D7}) (Version: 0.0.60209.0 - MOTU) Hidden
Modulo Plug-in Data (HKLM-x32\...\{C11D2CAF-68AF-4DBF-91A7-2F4BE576CB4C}) (Version: 0.0.60209.0 - MOTU) Hidden
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MS Decoder Plug-in 32 bit DLL (HKLM-x32\...\{6F8F880A-E7A0-46DA-A136-D338BFE0CE32}) (Version: 0.0.60209.0 - MOTU) Hidden
MS Decoder Plug-in 64 bit DLL (HKLM\...\{3E6F794E-A524-479B-A8A1-4BF98BCE2CD5}) (Version: 0.0.60209.0 - MOTU) Hidden
MS Decoder Plug-in Data (HKLM-x32\...\{08FFBE73-2730-4B92-857D-F474C39CAECB}) (Version: 0.0.60209.0 - MOTU) Hidden
Multimode Filter Plug-in 32 bit DLL (HKLM-x32\...\{A9D865F2-D7FD-42AF-920D-D7E12374EAAC}) (Version: 0.0.60209.0 - MOTU) Hidden
Multimode Filter Plug-in 64 bit DLL (HKLM\...\{EC8E074F-34BC-4A11-9BDF-E8264C567B3D}) (Version: 0.0.60209.0 - MOTU) Hidden
Multimode Filter Plug-in Data (HKLM-x32\...\{0319B0AB-00B4-4CE7-A81D-96500D023EB7}) (Version: 0.0.60209.0 - MOTU) Hidden
nanosampler Plug-in 32 bit DLL (HKLM-x32\...\{3819A030-3C95-4C0D-97FA-7E8B8E96B9E5}) (Version: 0.0.60209.0 - MOTU) Hidden
nanosampler Plug-in 64 bit DLL (HKLM\...\{7F3EBB43-8004-49F1-8CF7-1B3C26E6CB53}) (Version: 0.0.60209.0 - MOTU) Hidden
nanosampler Plug-in Data (HKLM-x32\...\{610FC3FD-8EA3-4E4D-B6B9-620DFD4DD25F}) (Version: 0.0.60209.0 - MOTU) Hidden
nanosampler Plug-in Data Library (HKLM-x32\...\{1E96047A-609D-44AD-AF73-F881B7B21067}) (Version: 0.0.55504.0 - MOTU) Hidden
n-Panner Plug-in 32 bit DLL (HKLM-x32\...\{78817431-B750-476B-9D06-AE392C886867}) (Version: 0.0.60209.0 - MOTU) Hidden
n-Panner Plug-in 64 bit DLL (HKLM\...\{D9BDC67A-FDD1-4938-9F6A-AFD3CE6DB98C}) (Version: 0.0.60209.0 - MOTU) Hidden
n-Panner Plug-in Data (HKLM-x32\...\{C8819FDF-2E32-425A-9FF6-6770F4F724E9}) (Version: 0.0.60209.0 - MOTU) Hidden
PACE License Support Win64 (HKLM\...\{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.3.1.0494 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.3.1.0494 - PACE Anti-Piracy, Inc.)
ParaEQ Plug-in 32 bit DLL (HKLM-x32\...\{B0D3CCAF-4B49-4F91-9AC5-6E39C492C46A}) (Version: 0.0.60209.0 - MOTU) Hidden
ParaEQ Plug-in 64 bit DLL (HKLM\...\{1DDAB3CA-4BF3-44A7-8E96-9F10EBF1D05C}) (Version: 0.0.60209.0 - MOTU) Hidden
ParaEQ Plug-in Data (HKLM-x32\...\{4F857826-36A1-4F18-BA0A-EA763A216727}) (Version: 0.0.60209.0 - MOTU) Hidden
PatternGate Plug-in 32 bit DLL (HKLM-x32\...\{DBE429C5-1A90-4AFB-981F-5CEDE458A719}) (Version: 0.0.60209.0 - MOTU) Hidden
PatternGate Plug-in 64 bit DLL (HKLM\...\{564DA5E6-3E38-4F10-A029-C293AB9D106E}) (Version: 0.0.60209.0 - MOTU) Hidden
PatternGate Plug-in Data (HKLM-x32\...\{587A8EC0-B201-4004-8848-FB4BFB37A2D8}) (Version: 0.0.60209.0 - MOTU) Hidden
Phaser Plug-in 32 bit DLL (HKLM-x32\...\{A30FEFB2-DFAF-424D-9C4D-AC723A32CACB}) (Version: 0.0.60209.0 - MOTU) Hidden
Phaser Plug-in 64 bit DLL (HKLM\...\{49331E07-8F34-466A-974B-748847C70B2E}) (Version: 0.0.60209.0 - MOTU) Hidden
Phaser Plug-in Data (HKLM-x32\...\{F5DC433B-1163-46E3-9955-C8219C52EBCC}) (Version: 0.0.60209.0 - MOTU) Hidden
Plate Plug-in 32 bit DLL (HKLM-x32\...\{7293D404-BD14-4E3E-AB71-600CEB92E396}) (Version: 0.0.60209.0 - MOTU) Hidden
Plate Plug-in 64 bit DLL (HKLM\...\{10D8A131-33FE-4122-806C-952A6FC442E1}) (Version: 0.0.60209.0 - MOTU) Hidden
Plate Plug-in Data (HKLM-x32\...\{5C01CCCF-B41F-454D-9AED-246924C5BFE2}) (Version: 0.0.60209.0 - MOTU) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Plex Media Server (HKLM-x32\...\{B4760EA0-17DF-4F24-89ED-97DDD2DB57A2}) (Version: 0.9.1211 - Plex, Inc.) Hidden
Plex Media Server (HKLM-x32\...\{ca5910de-4c30-4f28-b6bd-5dd8edff922d}) (Version: 0.9.1211 - Plex, Inc.)
PolySynth Plug-in 32 bit DLL (HKLM-x32\...\{2D7F23A1-A2FD-4DFA-87FA-1FEF2C67A5CB}) (Version: 0.0.60209.0 - MOTU) Hidden
PolySynth Plug-in 64 bit DLL (HKLM\...\{9146E16D-16A4-4739-A449-8A6FCB95DD02}) (Version: 0.0.60209.0 - MOTU) Hidden
PolySynth Plug-in Data (HKLM-x32\...\{C7FC1097-9AF9-407C-800C-4E2C92B1322D}) (Version: 0.0.60209.0 - MOTU) Hidden
Preamp-1 Plug-in 32 bit DLL (HKLM-x32\...\{954AC3FF-4AF0-48EC-AE69-16722D6C5B73}) (Version: 0.0.60209.0 - MOTU) Hidden
Preamp-1 Plug-in 64 bit DLL (HKLM\...\{340D5C9B-1D2B-41D6-9D3F-B1CC73D57A16}) (Version: 0.0.60209.0 - MOTU) Hidden
Preamp-1 Plug-in Data (HKLM-x32\...\{DC641BAB-69C5-4396-AA0C-5B1E0465CEF3}) (Version: 0.0.60209.0 - MOTU) Hidden
PrecisionDelay Plug-in 32 bit DLL (HKLM-x32\...\{30D0B56B-CB5B-4B19-B393-E4BCF5BE6C47}) (Version: 0.0.60209.0 - MOTU) Hidden
PrecisionDelay Plug-in 64 bit DLL (HKLM\...\{3C2D3551-209B-4EC4-8087-DDC71C48E242}) (Version: 0.0.60209.0 - MOTU) Hidden
PrecisionDelay Plug-in Data (HKLM-x32\...\{EF2AA1D9-7225-4899-AECE-4FB08B7F2A95}) (Version: 0.0.60209.0 - MOTU) Hidden
Proton Plug-in 32 bit DLL (HKLM-x32\...\{5895AEF4-DA29-4D56-A881-366BCD80BB6F}) (Version: 0.0.60209.0 - MOTU) Hidden
Proton Plug-in 64 bit DLL (HKLM\...\{3D9F4C76-6247-4645-8474-0DFAF88502FB}) (Version: 0.0.60209.0 - MOTU) Hidden
Proton Plug-in Data (HKLM-x32\...\{FDFF073B-63A9-483C-A557-6E763AA41779}) (Version: 0.0.60209.0 - MOTU) Hidden
ProVerb Plug-in 32 bit DLL (HKLM-x32\...\{5205DB88-CD2C-4A2D-84DB-4CC8D59E2CB0}) (Version: 0.0.60209.0 - MOTU) Hidden
ProVerb Plug-in 64 bit DLL (HKLM\...\{16030A75-933B-4B5F-A0B8-F39F8867A0E7}) (Version: 0.0.60209.0 - MOTU) Hidden
ProVerb Plug-in Data (HKLM-x32\...\{2E911766-57DA-4A25-AE8B-E29D061D043D}) (Version: 0.0.60209.0 - MOTU) Hidden
ProVerb Plug-in Data Library (HKLM-x32\...\{5093CBF6-3EF2-4F4F-BF25-F7F2A23764CC}) (Version: 0.0.55504.0 - MOTU) Hidden
Quan Jr Plug-in 32 bit DLL (HKLM-x32\...\{6F1F8CD4-F858-499B-9C52-E5FB2270514F}) (Version: 0.0.60209.0 - MOTU) Hidden
Quan Jr Plug-in 64 bit DLL (HKLM\...\{7F3C57E0-66DB-4274-AF22-901B1BF0A785}) (Version: 0.0.60209.0 - MOTU) Hidden
Quan Jr Plug-in Data (HKLM-x32\...\{C6469D42-BB7E-47F0-99CB-A560DD7DECBF}) (Version: 0.0.60209.0 - MOTU) Hidden
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Reverb Plug-in 32 bit DLL (HKLM-x32\...\{D268135F-CAB0-44CD-8ACF-457A01409DB6}) (Version: 0.0.60209.0 - MOTU) Hidden
Reverb Plug-in 64 bit DLL (HKLM\...\{66031394-6793-4C90-ACE3-B9B927792636}) (Version: 0.0.60209.0 - MOTU) Hidden
Reverb Plug-in Data (HKLM-x32\...\{DA0F09C7-FE5A-44A1-8E82-8D2626A32D7D}) (Version: 0.0.60209.0 - MOTU) Hidden
RingMod Plug-in 32 bit DLL (HKLM-x32\...\{B5CE96F5-5985-440C-9F5B-DC9E446C2577}) (Version: 0.0.60209.0 - MOTU) Hidden
RingMod Plug-in 64 bit DLL (HKLM\...\{FFBA29EF-5A6C-4346-9BAD-CB4901456FB8}) (Version: 0.0.60209.0 - MOTU) Hidden
RingMod Plug-in Data (HKLM-x32\...\{56C12059-8DF0-46FA-8C41-6496812FBA50}) (Version: 0.0.60209.0 - MOTU) Hidden
RXT Plug-in 32 bit DLL (HKLM-x32\...\{729A4FF4-B2A9-4E16-B47E-F7CC5A6181E0}) (Version: 0.0.60209.0 - MOTU) Hidden
RXT Plug-in 64 bit DLL (HKLM\...\{ACA341F0-827D-4F9A-944D-0D4E5C7E0409}) (Version: 0.0.60209.0 - MOTU) Hidden
RXT Plug-in Data (HKLM-x32\...\{65598830-34A6-409A-BEB4-5A3E248F5166}) (Version: 0.0.60209.0 - MOTU) Hidden
Search App by Ask (HKLM-x32\...\{4F524A2D-5350-4500-76A7-A758B70C2300}) (Version: 12.35.0.284 - APN, LLC)
Soloist Plug-in 32 bit DLL (HKLM-x32\...\{8EC9A86F-9466-40DD-9D7C-93E69D77C07F}) (Version: 0.0.60209.0 - MOTU) Hidden
Soloist Plug-in 64 bit DLL (HKLM\...\{9067BCBE-2346-4B31-95B4-626F4DDD2B63}) (Version: 0.0.60209.0 - MOTU) Hidden
Soloist Plug-in Data (HKLM-x32\...\{5C790FFF-8CAF-4638-8DFE-03CAC069DF3F}) (Version: 0.0.60209.0 - MOTU) Hidden
Sonic Modulator Plug-in 32 bit DLL (HKLM-x32\...\{17870E8D-7B30-4616-B98F-E25C793343E5}) (Version: 0.0.60209.0 - MOTU) Hidden
Sonic Modulator Plug-in 64 bit DLL (HKLM\...\{53329AA0-D63C-41C6-B461-C4F9D02E6005}) (Version: 0.0.60209.0 - MOTU) Hidden
Sonic Modulator Plug-in Data (HKLM-x32\...\{07634F1F-156A-450F-91D7-9CDFE7842CF4}) (Version: 0.0.60209.0 - MOTU) Hidden
SpatialMaximizer Plug-in 32 bit DLL (HKLM-x32\...\{7502BADD-F56D-4502-AE42-510D1A30EC34}) (Version: 0.0.60209.0 - MOTU) Hidden
SpatialMaximizer Plug-in 64 bit DLL (HKLM\...\{DF73B092-2F27-4BF0-A99B-F437B7278290}) (Version: 0.0.60209.0 - MOTU) Hidden
SpatialMaximizer Plug-in Data (HKLM-x32\...\{F4E97221-0202-4815-8280-7D70069064F5}) (Version: 0.0.60209.0 - MOTU) Hidden
Springamabob Plug-in 32 bit DLL (HKLM-x32\...\{BA144E00-82CC-4A50-9E76-E7C12DD92599}) (Version: 0.0.60209.0 - MOTU) Hidden
Springamabob Plug-in 64 bit DLL (HKLM\...\{498E58E5-A3FD-4AF1-83B4-56608CDDE04E}) (Version: 0.0.60209.0 - MOTU) Hidden
Springamabob Plug-in Data (HKLM-x32\...\{54D79B3B-E4E4-4202-8E6D-88024ADE2D11}) (Version: 0.0.60209.0 - MOTU) Hidden
Springamabob Plug-in Data Library (HKLM-x32\...\{4EF1B2A0-E378-4C09-B238-BD6BDB6D190E}) (Version: 0.0.55504.0 - MOTU) Hidden
SubKick Plug-in 32 bit DLL (HKLM-x32\...\{FD13B7C3-6E8E-4D20-AE71-37276704BBC3}) (Version: 0.0.60209.0 - MOTU) Hidden
SubKick Plug-in 64 bit DLL (HKLM\...\{65730471-ACB6-4343-9FC0-144B36338DE4}) (Version: 0.0.60209.0 - MOTU) Hidden
SubKick Plug-in Data (HKLM-x32\...\{C834B45D-589C-4DA2-B562-B419371392F0}) (Version: 0.0.60209.0 - MOTU) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.11.0 - Synaptics Incorporated)
SynthMaster 2.6 FREE Player VST/VSTi/RTAS/AAX (x64) Software Synthesizer version 2.6.21 (HKLM\...\{16ABC699-54DC-42B7-B0C1-319186F1BD2C}_is1) (Version: 2.6.21 - KV331 Audio)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.5.1.64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)
Tremolo Plug-in 32 bit DLL (HKLM-x32\...\{E791CD10-72B6-4C66-A4E2-3235AD8FE5C3}) (Version: 0.0.60209.0 - MOTU) Hidden
Tremolo Plug-in 64 bit DLL (HKLM\...\{B4767FF6-066F-4AA7-A0B4-468ECCEA96BA}) (Version: 0.0.60209.0 - MOTU) Hidden
Tremolo Plug-in Data (HKLM-x32\...\{97AD2036-F3D6-4DB7-97BA-BC3C7C5434D0}) (Version: 0.0.60209.0 - MOTU) Hidden
Trigger Plug-in 32 bit DLL (HKLM-x32\...\{72B19F35-3282-4A4D-BB96-1368E34F1366}) (Version: 0.0.60209.0 - MOTU) Hidden
Trigger Plug-in 64 bit DLL (HKLM\...\{4E84CD64-175D-4A17-9BD9-CA8B5009AD3D}) (Version: 0.0.60209.0 - MOTU) Hidden
Trigger Plug-in Data (HKLM-x32\...\{7CB57752-3FD0-4672-8938-D3D160D183D8}) (Version: 0.0.60209.0 - MOTU) Hidden
Trim Plug-in 32 bit DLL (HKLM-x32\...\{380C2A89-07DF-43F7-9453-D5385D53F04F}) (Version: 0.0.60209.0 - MOTU) Hidden
Trim Plug-in 64 bit DLL (HKLM\...\{2DD9C7C5-82A9-42B1-B605-1AE5BB823E47}) (Version: 0.0.60209.0 - MOTU) Hidden
Trim Plug-in Data (HKLM-x32\...\{7D464694-266A-4F89-BBAF-D8E5C5A42E60}) (Version: 0.0.60209.0 - MOTU) Hidden
TriPan Plug-in 32 bit DLL (HKLM-x32\...\{6CFFFEDA-64CC-42DD-AB99-506C49770741}) (Version: 0.0.60209.0 - MOTU) Hidden
TriPan Plug-in 64 bit DLL (HKLM\...\{578A91F2-2012-4080-9267-0B2506291802}) (Version: 0.0.60209.0 - MOTU) Hidden
TriPan Plug-in Data (HKLM-x32\...\{03402361-A4BA-4F6E-AB74-3AA373DC4EB5}) (Version: 0.0.60209.0 - MOTU) Hidden
TubeWailer Plug-in 32 bit DLL (HKLM-x32\...\{B5B702AA-3D91-4580-8712-6BC40E5358C3}) (Version: 0.0.60209.0 - MOTU) Hidden
TubeWailer Plug-in 64 bit DLL (HKLM\...\{239CCC85-A412-47FA-9F7F-2D97FAA889B8}) (Version: 0.0.60209.0 - MOTU) Hidden
TubeWailer Plug-in Data (HKLM-x32\...\{758F9306-637E-4288-9F30-C758BEAF7DAB}) (Version: 0.0.60209.0 - MOTU) Hidden
Tuner Plug-in 32 bit DLL (HKLM-x32\...\{5FA3E512-EB1F-475F-8802-AEF4C865210E}) (Version: 0.0.60209.0 - MOTU) Hidden
Tuner Plug-in 64 bit DLL (HKLM\...\{87CAAF63-CDE7-4DD7-A338-37A40CF9906D}) (Version: 0.0.60209.0 - MOTU) Hidden
Tuner Plug-in Data (HKLM-x32\...\{10F5A2D4-79D6-453A-B739-16D988E1F4CB}) (Version: 0.0.60209.0 - MOTU) Hidden
TWC WiFi (HKLM-x32\...\TWC WiFi_is1) (Version:  - )
UberTube Plug-in 32 bit DLL (HKLM-x32\...\{87055BCF-7FF6-4EA4-9BB8-0564D974C4C0}) (Version: 0.0.60209.0 - MOTU) Hidden
UberTube Plug-in 64 bit DLL (HKLM\...\{B0FA3DA8-AB68-4978-A7A0-8FF96FB2EED6}) (Version: 0.0.60209.0 - MOTU) Hidden
UberTube Plug-in Data (HKLM-x32\...\{7407A554-3AAE-4A4E-B55B-0F4B4BABF6F4}) (Version: 0.0.60209.0 - MOTU) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WahPedal Plug-in 32 bit DLL (HKLM-x32\...\{E614024C-46B6-46D2-A11B-1474363EED4B}) (Version: 0.0.60209.0 - MOTU) Hidden
WahPedal Plug-in 64 bit DLL (HKLM\...\{9C34009C-38CE-4704-AC03-6F2C90A4E83D}) (Version: 0.0.60209.0 - MOTU) Hidden
WahPedal Plug-in Data (HKLM-x32\...\{FDDC7BFA-4700-4A2B-A5E8-A0AB330D19D5}) (Version: 0.0.60209.0 - MOTU) Hidden
ZOOM Edit&Share for Windows (HKLM-x32\...\{E99B8E1C-262D-49E6-9A84-D2AC486B2648}) (Version: 5.00.0000 - ZOOM Corporation)

========================= Devices: ================================

Name: Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC
Description: Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: rtl8192se
Device ID: PCI\VEN_10EC&DEV_8172&SUBSYS_818110EC&REV_10\4&1B9170B1&0&00E1
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: SASDIFSV
Description: SASDIFSV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SASDIFSV
Device ID: ROOT\LEGACY_SASDIFSV\0000
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: SASKUTIL
Description: SASKUTIL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SASKUTIL
Device ID: ROOT\LEGACY_SASKUTIL\0000
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


========================= Memory info: ===================================

Percentage of memory in use: 70%
Total physical RAM: 3893.61 MB
Available physical RAM: 1152.5 MB
Total Virtual: 7785.41 MB
Available Virtual: 5343.21 MB

========================= Partitions: =====================================

1 Drive c: (TI105605W0G) (Fixed) (Total:454.98 GB) (Free:80.51 GB) NTFS

========================= Users: ========================================

User accounts for \\JUDE-PC

1AC62BE95DBC40C7B182     30DC200FBED84244BD33     Administrator            
Guest                    Jude                     

========================= Minidump Files ==================================

C:\windows\Minidump\071915-43602-01.dmp
========================= Restore Points ==================================


**** End of log ****
 

Rkill 2.8.2 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/28/2015 12:22:51 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Users\Jude\AppData\Roaming\BitTorrent\updates\7.9.5_41203\utorrentie.exe (PID: 2000) [UP-HEUR]
 * C:\Users\Jude\AppData\Roaming\BitTorrent\updates\7.9.5_41203\utorrentie.exe (PID: 4024) [UP-HEUR]
 * C:\Users\Jude\AppData\Roaming\BitTorrent\updates\7.9.5_41203\utorrentie.exe (PID: 2276) [UP-HEUR]

3 proccesses terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  * HKLM\Software\Classes\exefile\shell\open\command\\IsolatedCommand was changed. It was reset to "%1" %*!

  * HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!


Performing miscellaneous checks:

 * Reparse Point/Junctions Found (Most likely legitimate)!

     * C:\windows\system64 => c:\users [Dir]

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost
  0.0.0.1    mssplus.mcafee.com

Program finished at: 10/28/2015 12:29:12 PM
Execution time: 0 hours(s), 6 minute(s), and 20 seconds(s)

 

4 objects detected by Kapersky

 

not-a-virus:Downloader.Win32.SearchSafe.a
File: C:\Program Files\pcreg\service.exe
Legal software that can be used by criminals to damage your computer or personal data
--------------------------------------------------------
Trojan-Dropper.Win32.Injector.noec
File: C:\Users\Jude\AppData\Local\IehaWwuj\EozUzgo.dll
Trojan program
--------------------------------------------------------
HEUR:Trojan.Win32.Generic
File: C:\ProgramData\Winclean performap\Wincleanperformap_x64.dll
Trojan program
--------------------------------------------------------
not-a-virus:WebToolbar.Win32.Agent.azm
File: C:\Program Files (x86)\BitTorrentBar2\prxtbBit2.dll
Legal software that can be used by criminals to damage your computer or personal data

 

 

Restarting comp and then doing the anti malwarebytes scan



#4 jj266609

jj266609
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 28 October 2015 - 08:03 PM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10/28/2015
Scan Time: 5:11 PM
Logfile: mbam scan 1.txt
Administrator: Yes

Version: 0.0.0.0000
Malware Database: v2015.10.28.06
Rootkit Database: v2015.10.28.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Jude

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 863296
Time Elapsed: 3 hr, 21 min, 59 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)



#5 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:07:57 PM

Posted 29 October 2015 - 03:04 AM

Hello again,

 

did you remove threats that Kaspersky detected?

 

-------

Please download AdwCleaner by Xplode onto your desktop.

§  Close all open programs and internet browsers.

§  Double click on adwcleaner.exe to run the tool.

§  In EULA window click I agree.

§  In Options uncheck Reset Winsock settings.

§  Click on Scan button.

§  When the scan has finished click on Cleaning button.

§  Your computer will be rebooted automatically. A text file will open after the restart.

§  Please post the contents of that logfile with your next reply.

§  You can find the logfile at C:\AdwCleaner[C1].txt as well.

-------------

 

Please download Junkware Removal Tool  to your desktop.

§  Shut down your protection software now to avoid potential conflicts.

§  Run the tool by double-clicking it. If you are using Windows Vista, 7, 8 or 10; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".

§  The tool will open and start scanning your system.

§  Please be patient as this can take a while to complete depending on your system's specifications.

§  On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

§  Post the contents of JRT.txt into your next message.


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#6 jj266609

jj266609
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 29 October 2015 - 12:58 PM

I did remove the threats. After running malwarebytes and rebooting my computer I can no longer connect to the internet. I've downloaded the last 2 programs on another the laptop and will get them on my computer and post the results through that, but can you help me get the internet working on my original laptop?



#7 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:07:57 PM

Posted 29 October 2015 - 01:06 PM

But MBAM done nothing, nothing was found. It can't be MBAM related problem.

 

Post all logs and we will see.

 

You are connected with ethernet cable?


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#8 jj266609

jj266609
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 29 October 2015 - 01:19 PM

Its weird the MBAM log from the scan says nothing was found, but there are hundreds of PUPs and trojans in the quarantined area and I'm not sure how to export those results to you. I'm still awaiting the results of the adw and JRT scans.



#9 jj266609

jj266609
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 29 October 2015 - 01:22 PM

And yes I'm connected by Ethernet cable 



#10 jj266609

jj266609
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 29 October 2015 - 01:49 PM

# AdwCleaner v5.014 - Logfile created 29/10/2015 at 11:25:39
# Updated 18/10/2015 by Xplode
# Database : 2015-10-18.5 [Local]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Jude - JUDE-PC
# Running from : F:\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
[-] Service Deleted : APNMCP
[-] Service Deleted : pcregservice
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\Program Files\FreeFixer
[-] Folder Deleted : C:\Program Files\pcreg
[-] Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
[-] Folder Deleted : C:\Program Files (x86)\Bench
[-] Folder Deleted : C:\Program Files (x86)\Conduit
[-] Folder Deleted : C:\Program Files (x86)\KeyDownload-Addon
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\ProgramData\AskPartnerNetwork
[-] Folder Deleted : C:\ProgramData\clsoft ltd
[-] Folder Deleted : C:\ProgramData\Partner
[-] Folder Deleted : C:\ProgramData\Premium
[-] Folder Deleted : C:\ProgramData\StarApp
[-] Folder Deleted : C:\ProgramData\Tarma Installer
[-] Folder Deleted : C:\ProgramData\Winclean performap
[-] Folder Deleted : C:\ProgramData\kedhmdkoflbhpmaaklnjfnpgpclhdhkn
[-] Folder Deleted : C:\Users\Guest\AppData\LocalLow\oovootoolbar
[-] Folder Deleted : C:\Users\Jude\AppData\Local\AskPartnerNetwork
[-] Folder Deleted : C:\Users\Jude\AppData\Local\Babylon
[-] Folder Deleted : C:\Users\Jude\AppData\Local\Conduit
[-] Folder Deleted : C:\Users\Jude\AppData\Local\FreeFixer
[-] Folder Deleted : C:\Users\Jude\AppData\Local\SanctionedMedia
[-] Folder Deleted : C:\Users\Jude\AppData\Local\SwvUpdater
[-] Folder Deleted : C:\Users\Jude\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoiidodopnnhiflaflbfeblnojefhigh
[-] Folder Deleted : C:\Users\Jude\AppData\Local\Temp\apn
[-] Folder Deleted : C:\Users\Jude\AppData\LocalLow\AVG Security Toolbar
[-] Folder Deleted : C:\Users\Jude\AppData\LocalLow\Conduit
[-] Folder Deleted : C:\Users\Jude\AppData\LocalLow\oovootoolbar
[-] Folder Deleted : C:\Users\Jude\AppData\LocalLow\PriceGong
[-] Folder Deleted : C:\Users\Jude\AppData\Roaming\Babylon
[-] Folder Deleted : C:\Users\Jude\AppData\Roaming\FreeFixer
[-] Folder Deleted : C:\Users\Jude\AppData\Roaming\download Manager
[-] Folder Deleted : C:\Users\Jude\AppData\Roaming\Update Manager
[-] Folder Deleted : C:\Users\Jude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeFixer
[-] Folder Deleted : C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\ConduitCommon
[-] Folder Deleted : C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\Extensions\appoiooye@gqsabzfr.com
[-] Folder Deleted : C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\Extensions\iai_o@ugfogxqssa.org
[-] Folder Deleted : C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\Extensions\tg3v@iajssv.co.uk
[-] Folder Deleted : C:\Users\Jude\Desktop\Ap
 
***** [ Files ] *****
 
[-] File Deleted : C:\END
[-] File Deleted : C:\ProgramData\9nBEv6pEC58D.dll
[-] File Deleted : C:\ProgramData\p2hbAwRM5A9B.dll
[-] File Deleted : C:\ProgramData\p2hbAwRMC58D.dll
[-] File Deleted : C:\Users\Jude\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aoiidodopnnhiflaflbfeblnojefhigh_0.localstorage
[-] File Deleted : C:\Users\Jude\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aoiidodopnnhiflaflbfeblnojefhigh_0.localstorage-journal
[-] File Deleted : C:\Users\Jude\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.azlyrics.com_0.localstorage
[-] File Deleted : C:\Users\Jude\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.azlyrics.com_0.localstorage-journal
[-] File Deleted : C:\Users\Jude\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File Deleted : C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\invalidprefs.js
[-] File Deleted : C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\searchplugins\bingp.xml
[-] File Deleted : C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\searchplugins\Conduit.xml
[-] File Deleted : C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\searchplugins\conduit-search.xml
[-] File Deleted : C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\searchplugins\Searchab.xml
[-] File Deleted : C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\searchplugins\yahoo_ff.xml
[-] File Deleted : C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\user.js
[-] File Deleted : C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\searchplugins\yahoo.xml
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
[-] Task Deleted : pcreg
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\KeyDownload.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\PCProxy.DataContainer
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
[-] Key Deleted : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.DATATABLE
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.DATATABLE.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.DATATABLEFIELDS
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.DATATABLEFIELDS.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.DATATABLEHOLDER
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.DATATABLEHOLDER.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.LSPLOGIC
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.LSPLOGIC.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.READONLYMANAGER
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.READONLYMANAGER.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.WATCHDOG
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.WATCHDOG.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.DATACONTAINER.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.DATACONTROLLER
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.DATACONTROLLER.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.DATASTATISTICS
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\PCPROXY.DATASTATISTICS.1
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.apn.native_messaging_host_aaaaaiabcopkplhgaedhbloeejhhankf
[-] Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3045275
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [fmconverter@gmail.com]
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
[-] Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C2178B36-2955-479B-818C-A2AE8E500454}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{74137531-80F7-406F-9543-7D11385FA8C8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9B7B034B-944A-4261-B487-862F642F7615}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1EA4179-A319-4C6A-A3E5-67FF3592A12E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F62A4AF9-58B4-4FEC-89CC-D717A547D8E8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7DDBC31B-22BD-4BBD-9F65-E8623814F3BB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0D2C81-7DB5-4599-B7C0-1033418B5672}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{ED721A76-8160-4DA0-A18E-7FD7C4574774}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1EA4179-A319-4C6A-A3E5-67FF3592A12E}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1EA4179-A319-4C6A-A3E5-67FF3592A12E}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Value Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7DDBC31B-22BD-4BBD-9F65-E8623814F3BB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED0D2C81-7DB5-4599-B7C0-1033418B5672}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\AskToolbar
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\AVG Security Toolbar
[-] Key Deleted : HKCU\Software\AskPartnerNetwork
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
[-] Key Deleted : HKCU\Software\IM
[-] Key Deleted : HKCU\Software\PrivitizeVPNInstallDates
[-] Key Deleted : HKCU\Software\SanctionedMedia
[-] Key Deleted : HKCU\Software\StartSearch
[-] Key Deleted : HKCU\Software\usyndication.com
[-] Key Deleted : HKCU\Software\Yahoo\Companion
[-] Key Deleted : HKCU\Software\Yahoo\YFriendsBar
[!] Key Not Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKCU\Software\AppDataLow\Toolbar
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
[-] Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Settings Manager
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKLM\SOFTWARE\AdvertisingSupport
[-] Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
[-] Key Deleted : HKLM\SOFTWARE\Cheat Engine\OpenCandy
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\SP Global
[-] Key Deleted : HKLM\SOFTWARE\SProtector
[-] Key Deleted : HKLM\SOFTWARE\Yahoo\Companion
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5350-4500-76A7-A758B70C2300}
[!] Key Not Deleted : [x64] HKCU\Software\AskPartnerNetwork
[!] Key Not Deleted : [x64] HKCU\Software\Conduit
[!] Key Not Deleted : [x64] HKCU\Software\dt soft\daemon tools toolbar
[!] Key Not Deleted : [x64] HKCU\Software\IM
[!] Key Not Deleted : [x64] HKCU\Software\PrivitizeVPNInstallDates
[!] Key Not Deleted : [x64] HKCU\Software\SanctionedMedia
[!] Key Not Deleted : [x64] HKCU\Software\StartSearch
[!] Key Not Deleted : [x64] HKCU\Software\usyndication.com
[!] Key Not Deleted : [x64] HKCU\Software\Yahoo\Companion
[!] Key Not Deleted : [x64] HKCU\Software\Yahoo\YFriendsBar
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\AskToolbar
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\AVG Security Toolbar
[-] Key Deleted : HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\AskToolbar
[-] Key Deleted : HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\AVG Security Toolbar
[-] Key Deleted : HKU\S-1-5-19\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\S-1-5-20\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[!] Key Not Deleted : HKU\S-1-5-21-2540521652-1859901435-2141200411-1001\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[!] Key Not Deleted : HKU\S-1-5-21-2540521652-1859901435-2141200411-1001\Software\AppDataLow\Toolbar
[!] Key Not Deleted : HKU\S-1-5-21-2540521652-1859901435-2141200411-1001\Software\AppDataLow\Software\Conduit
[!] Key Not Deleted : HKU\S-1-5-21-2540521652-1859901435-2141200411-1001\Software\AppDataLow\Software\ConduitSearchScopes
[!] Key Not Deleted : HKU\S-1-5-21-2540521652-1859901435-2141200411-1001\Software\AppDataLow\Software\Settings Manager
[!] Key Not Deleted : HKU\S-1-5-21-2540521652-1859901435-2141200411-1001\Software\AppDataLow\Software\Yahoo\Companion
[-] Key Deleted : HKU\S-1-5-21-2540521652-1859901435-2141200411-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\S-1-5-21-2540521652-1859901435-2141200411-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Toolbar
[-] Key Deleted : HKU\S-1-5-21-2540521652-1859901435-2141200411-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\Conduit
[-] Key Deleted : HKU\S-1-5-21-2540521652-1859901435-2141200411-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\ConduitSearchScopes
[-] Key Deleted : HKU\S-1-5-21-2540521652-1859901435-2141200411-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\Settings Manager
[-] Key Deleted : HKU\S-1-5-21-2540521652-1859901435-2141200411-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\Yahoo\Companion
[-] Key Deleted : HKU\S-1-5-21-2540521652-1859901435-2141200411-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\AVG Security Toolbar
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\AskToolbar
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\AVG Security Toolbar
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[!] Key Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1EC9799B-FDC6-443A-8C58-FD44DB5C6938}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{73D8A601-7BC4-4CC2-8BE5-0CC79159F3E5}
[!] Key Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1EC9799B-FDC6-443A-8C58-FD44DB5C6938}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{73D8A601-7BC4-4CC2-8BE5-0CC79159F3E5}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
[!] Key Not Deleted : HKU\S-1-5-21-2540521652-1859901435-2141200411-1001\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
[!] Key Not Deleted : HKU\S-1-5-21-2540521652-1859901435-2141200411-1001\Software\Microsoft\Internet Explorer\SearchScopes\{1EC9799B-FDC6-443A-8C58-FD44DB5C6938}
[!] Key Not Deleted : HKU\S-1-5-21-2540521652-1859901435-2141200411-1001\Software\Microsoft\Internet Explorer\SearchScopes\{73D8A601-7BC4-4CC2-8BE5-0CC79159F3E5}
[!] Key Not Deleted : HKU\S-1-5-21-2540521652-1859901435-2141200411-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
[-] Key Deleted : HKU\S-1-5-21-2540521652-1859901435-2141200411-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
[-] Key Deleted : HKU\S-1-5-21-2540521652-1859901435-2141200411-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{1EC9799B-FDC6-443A-8C58-FD44DB5C6938}
[-] Key Deleted : HKU\S-1-5-21-2540521652-1859901435-2141200411-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{73D8A601-7BC4-4CC2-8BE5-0CC79159F3E5}
[-] Key Deleted : HKU\S-1-5-21-2540521652-1859901435-2141200411-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
[-] Key Deleted : HKU\S-1-5-21-2540521652-1859901435-2141200411-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{ECAB143B-561A-4C8C-968F-37FFA8175C51}
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275..clientLogIsEnabled", false);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.BrowserCompStateIsOpen_129642293130788232", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.BrowserCompStateIsOpen_130055933872007228", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.BrowserCompStateIsOpen_1359634299000", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.BrowserCompStateIsOpen_8004788264818610546", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.CTID", "CT3045275");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.CurrentServerDate", "24-10-2013");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.DSChangedManually", false);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.DSInstall", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.DSProtectChoice", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.DSProtectCount", 1);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.DialogsAlignMode", "LTR");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.DialogsGetterLastCheckTime", "Wed Oct 23 2013 19:06:21 GMT-0400 (Eastern Daylight Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.DownloadReferralCookieData", "");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.EMailNotifierPollDate", "Wed Oct 23 2013 19:13:57 GMT-0400 (Eastern Daylight Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.FeedLastCount129541806417675859", 353);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.FeedPollDate129313974171006416", "Wed Oct 23 2013 19:06:20 GMT-0400 (Eastern Daylight Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.FeedPollDate129313975698350231", "Wed Oct 23 2013 19:06:20 GMT-0400 (Eastern Daylight Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.FeedPollDate129313976370850190", "Wed Oct 23 2013 19:06:20 GMT-0400 (Eastern Daylight Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.FeedPollDate129313976648818968", "Wed Oct 23 2013 19:06:20 GMT-0400 (Eastern Daylight Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.FeedPollDate129313977444757117", "Wed Oct 23 2013 19:06:20 GMT-0400 (Eastern Daylight Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.FeedPollDate129313980389131455", "Wed Oct 23 2013 19:06:21 GMT-0400 (Eastern Daylight Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.FeedPollDate129313980655381977", "Wed Oct 23 2013 19:06:21 GMT-0400 (Eastern Daylight Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.FeedPollDate129313980886163259", "Wed Oct 23 2013 19:06:21 GMT-0400 (Eastern Daylight Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.FeedPollDate129313981234756535", "Wed Oct 23 2013 19:06:21 GMT-0400 (Eastern Daylight Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.FeedPollDate129313983226631720", "Wed Oct 23 2013 19:06:21 GMT-0400 (Eastern Daylight Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.FeedPollDate129313983607725691", "Wed Oct 23 2013 19:06:21 GMT-0400 (Eastern Daylight Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.FeedTTL129313974171006416", 10);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.FeedTTL129313975698350231", 5);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.FeedTTL129313977444757117", 15);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.FeedTTL129313980655381977", 5);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.FeedTTL129313981234756535", 5);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.FirstServerDate", "30-11-2012");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.FirstTime", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.FirstTimeFF3", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.FirstTimeHiddenVer", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.FixPageNotFoundErrors", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.GroupingServerCheckInterval", 1440);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.HPInstall", false);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.HPProtectChoice", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.HPProtectCount", 2);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.HasUserGlobalKeys", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.HomePageProtectorEnabled", false);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.HomepageBeforeUnload", "about:home");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.Initialize", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.InitializeCommonPrefs", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.InstallationAndCookieDataSentCount", 3);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.InstallationType", "Unknown");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.InstalledDate", "Thu Nov 29 2012 23:22:03 GMT-0500 (Eastern Standard Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.IsAlertDBUpdated", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.IsGrouping", false);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.IsInitSetupIni", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.IsMulticommunity", false);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.IsOpenThankYouPage", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.IsOpenUninstallPage", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.IsProtectorsInit", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.LanguagePackLastCheckTime", "Wed Oct 23 2013 19:06:21 GMT-0400 (Eastern Daylight Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.LanguagePackReloadIntervalMM", 1440);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.LastLogin_3.16.0.3", "Wed Oct 23 2013 19:06:21 GMT-0400 (Eastern Daylight Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.LatestVersion", "3.20.0.4");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.Locale", "en");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.MCDetectTooltipHeight", "83");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.MCDetectTooltipShow", false);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.MCDetectTooltipWidth", "295");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.MyStuffEnabledAtInstallation", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.OriginalFirstVersion", "3.16.0.3");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.SearchCaption", "BitTorrentBar2 Customized Web Search");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.SearchFromAddressBarIsInit", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3045275&SearchSource=2&q=");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.SearchInNewTabEnabled", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.SearchInNewTabIntervalMM", 1440);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.SearchInNewTabLastCheckTime", "Wed Oct 23 2013 19:06:19 GMT-0400 (Eastern Daylight Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.SearchInNewTabUserEnabled", false);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.SearchProtectorEnabled", false);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.SearchProtectorToolbarDisabled", false);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.SendProtectorDataViaLogin", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.ServiceMapLastCheckTime", "Wed Oct 23 2013 19:06:20 GMT-0400 (Eastern Daylight Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.SettingsLastCheckTime", "Wed Oct 23 2013 19:06:18 GMT-0400 (Eastern Daylight Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.SettingsLastUpdate", "1382515953");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3045275&SearchSource=13");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.ThirdPartyComponentsInterval", 504);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.ThirdPartyComponentsLastCheck", "Wed Oct 23 2013 19:06:18 GMT-0400 (Eastern Daylight Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.ThirdPartyComponentsLastUpdate", "1331805997");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.ToolbarShrinkedFromSetup", false);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3045275");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.UserID", "UN55693881239116264");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.ValidationData_Toolbar", 2);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.WeatherNetwork", "");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.WeatherPollDate", "Thu Sep 26 2013 13:05:50 GMT-0400 (Eastern Daylight Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.WeatherUnit", "F");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.alertChannelId", "1436844");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.approveUntrustedApps", false);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.autoDisableScopes", -1);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B474953462D584D503D263F2D2E3135443B464E4F5B565E695B426D6265523B544243464959505B637D737B6E55217578654E675[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C4748402C574C4F3C253E2C2E2B2F433A454E59505B57676A66426D62455E69543D56444643465B525D66716C216E6B587D73675[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7e-x305", "247E29327641363937333545397E3F493B2F77317E202520362D3842474A58515A5C585D505F593964595C49324B393A3F395047525C4173686B6965677B796F6D7B6E552175785926766[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7e.:2z527", "247E70716B71773C37276F2979757475772F26312323234F484B4C552E53493D263F302B30352F453C4739383C3D64605C5B5F716571704974696C4D7A675C455E4F4A4F4E4D645B665[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F564654524C474A595A4851505E51523964595C49324B393C3B3E5047525D6C6A6B6F786D68506A6F7171742256227679664F6[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C4343534E2D585B3C253E2C302E34433A45515862695E675A416C6164513A5341454348584F5A666D7B7C7174726E702174745B2[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7e06cg5el8:", "6E6D69706E6D7575726F");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74736F7674737B7B7875242F4B49474F42357D5D5C3D");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E41295547484D515A4E5A59325D5255422B443237303749404B585E685E706E6E6674626E696B4D786D705D465F4D524B51645B66732[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473E454745482F5A4F523F2841302D2F33463D48566265685C6B675F6D70604873686B58415A4946484B5F56616F7C217D74747[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D3229344356554E472E594E51325E4F412A4335373231483F4A59655F5F626C5B717369756975744D786D70517E6B60496252505451675[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352C37474B59574B4A4858584E5E3762573A535E49324B3A3D3F3B504752626C625D75786D766A7C517C7174614A63525557526[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A522B55553A233C2B2F282941384354515E5D56615F56685C426D6265523B544346494A59505B6C697A7E21702370765925797[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D49564A50592E594E314A55402942322E332F473E495B5D595A6A5E58707262674974696C59425B4B474B51605762747C2473737[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B364953545259585A5A50524E36615659462F4838353D3C4D444F626C6D6B72716A77614D786D705D465F4F4C5451645B66797[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347513F445559424C5A315C5154412A4333323037483F4A5E68565B5970606E6C666164734C776C6F5C455E4E4D4B51635A6579247[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E782332293449565540472E594E513E274030323533453C475C5558636A656E625E6C616B7068734B766B6E5B445D4D4F524F6259647927767[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4F44504C4754585C5048345F5457442D46373135344B424D636B5D5F5F73696B4A756A6D5A435C4D474B4961586379226F742[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A30273249485545442C574C4F3C253E2F2A2D2D433A455C67555B5E3F6A5F624F3851423D403F564D586F7A68786C717154207477644D66575[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354D462C574C4F3C253E2F2B2B31433A455D6356575C5C5A416C6164513A5344404045584F5A7273717A786D2256227679664F6[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352C37504C4757514B4F47345F5457442D4637343A3A4B424D665E705B646571634A756A6D5A435C4D4A504F6158637C7179207[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B36505459574C554F515B345F5457442D46373637384B424D676B706E606F61666B63664D786D705D465F504F5050645B66212[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A35504F5346482F5A4F523F28413233342F463D48635C5D66626A436E6366533C55464748425A515C77707773202371215925797[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3652504C5249555256525C35605558452E47383B38364C434E6A706F5F65635D736F677578684C65706B54207477644D66575[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2A554A2D46513C253E302B332C433A45626756516259655F5F436E63465F6A553E5749444C445C535E7B21747C7821745A267[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4B524B4445494B49485450585952535F513863585B48314A3C3B363D4F46516F6B6E6D63776D687666507B707360496254534E54675[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D334B57");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352C37565949484E4F51525C4E4C55535B54605A5A3E695E614E37503B3D41544B567575656D7367796D6D7C55217578654E675[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E3128335351565551575A4F584C5E335E5356432C4534383649404B6B59566C686B46716669563F58474B485C535E7E6C6956227679664F6[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C484A2C574C2F48533E27403233433A45665B68505C5E406B6E4F38514343544B56776C79616D6F517C71547873634C6557566[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C32293423524C5457474A4E50565D4A61515F5D575255643D685D604D364F3D3E3E3D544B5645486A736D696F527D7275624B645253535[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b-0?3g>d", "6A3A3F3E6C40406F7A42787446204977497D252124517C2A52272925572C2B2B5E2D292A");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b-0?3g@6:5;", "");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A232E333E58604F6456604F6852645858635E604E376B7167617059");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b3=>@44i48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b5ba==9cjag", "6B3F3E6F423E74457A74794779487B7B494C7E2021");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D69706E6D75757175707A76");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b90e@.3c;7b=?ofb>>rhiqs", "393F352F3E");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b9643g3/9e", "6A");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b<:222h64<", "393F352F3E");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b<:222h64<l8daj", "6D70706F76746C7975722A7974727D79757C7E");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b=+03eh8h8j?:", "4443");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9b?b0d:8aj62<h", "6D");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage./9ba@0<0bi6a7gn:6@l?", "6C");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.amazonnew_all", "353037303035312D312C353039393038312C353039393039312C376E716E332B763063484541454A565946365A50303974514B69673D2C353034333837312C353038393933312C35303[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.cbfirsttime", "5468752053657020323620323031332031333A30363A303420474D542D3034303020284561737465726E204461796C696768742054696D6529");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.mam_gk_appsdata", "7B2261707073223A5B7B226964223A224143706C7573222C2275726C223A22687474703A2F2F63646E2E6175746F636F6D706C657465706C75732E636F6D2F636F6E647569742F6D6[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.mam_gk_appsdefaultenabled", "6E756C6C");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.mam_gk_appstate_acplus", "6F6E");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.mam_gk_appstate_couponbuddy", "6F6E");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.mam_gk_appstate_easytobook", "6F6E");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.mam_gk_appstate_easytobook_targeted", "6F6E");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.mam_gk_appstate_find-a-pro", "6F6E");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.mam_gk_appstate_pricegong", "6F6E");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.mam_gk_appstate_windowshopper", "6F6E");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.mam_gk_appstatereporttime", "31333832353639353839393531");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.mam_gk_calledsetupservice", "31");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.mam_gk_configuration", "7B22636F6E66696775726174696F6E223A5B7B226964223A224143706C7573222C22637269746572696173223A5B7B2263726974657269614964223A2237356232356663352D[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.mam_gk_currentversion", "312E31302E342E30");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.mam_gk_existingusersrecoverydone", "31");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.mam_gk_first_time", "31");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.mam_gk_lastlogintime", "31333832353639353836313438");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.mam_gk_localization", "7B22676164676574436F6E74656E74506F6C696379223A7B2254657874223A22436F6E74656E7420506F6C696379227D2C226761646765744465736372697074696F6E5072696[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.mam_gk_mamenabled", "74727565");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.mam_gk_new_welcome_experience", "31");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.mam_gk_settings1.10.4.0", "7B22537461747573223A22737563636565646564222C2244617461223A7B2263757272656E7444617465223A223230313331303234222C22696E74657276616C223A32343[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.mam_gk_showwelcomegadget", "66616C7365");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.mam_gk_user_approval_interacted", "31");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.mam_gk_userid", "62616361323630342D393762392D346633392D613530302D323034313464626338356137");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.mam_gk_welcomedialogmode", "31");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.pg_enable", "74727565");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F6775692F");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.searchappstate", "33");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.searchapptracking", "73656E74");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.sf_just_installed", "46414C5345");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.backendstorage.sf_status", "454E41424C4544");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.components.1000234", false);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.globalFirstTimeInfoLastCheckTime", "Wed Oct 23 2013 19:06:22 GMT-0400 (Eastern Daylight Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.homepageProtectorEnableByLogin", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.initDone", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.isAppTrackingManagerOn", false);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.myStuffEnabled", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.myStuffPublihserMinWidth", 400);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.myStuffServiceIntervalMM", 1440);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.revertSettingsEnabled", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.searchProtectorDialogDelayInSec", 10);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.searchProtectorEnableByLogin", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.testingCtid", "");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.toolbarAppMetaDataLastCheckTime", "Wed Oct 23 2013 19:06:22 GMT-0400 (Eastern Daylight Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.toolbarContextMenuLastCheckTime", "Wed Oct 23 2013 19:06:22 GMT-0400 (Eastern Daylight Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CT3045275.usagesFlag", 2);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3045275/CT3045275", "\"cb2e5e15c3703f686e4d5b75e30012aa3\"");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1237862/1233535/US", "\"0\"");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1436844/1432499/US", "\"0\"");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3045275", "\"1361119787\"");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "uG7mdamLoNmpmgC2c0JctQ==");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en&ctid=CT3045275", "uG7mdamLoNmpmgC2c0JctQ==");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "jf4tQQjNr2TQ31uHimzTMg==");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en&ctid=CT3045275", "jf4tQQjNr2TQ31uHimzTMg==");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "0BEXfBAJ1PdxmWK9VOejOg==");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en&ctid=CT3045275", "0BEXfBAJ1PdxmWK9VOejOg==");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "ZU6zjERHpZr7lBpInn+HyA==");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en&ctid=CT3045275", "ZU6zjERHpZr7lBpInn+HyA==");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"f4cb1557a8bece1:0\"");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"f414eeaa6bece1:16f8\"");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3045275", "\"9971ee9815a5fc569766cf6ddcaaca8e\"");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"2d87e72a099b1428cae19f08d2b5e786\"");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Jude\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\8zecnceh.default\\conduitCommon\\modules\\3.16.0.3");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.16.0.3");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.globalUserId", "836e9079-d4d1-41a1-b8d9-ff72196c0f28");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Oct 23 2013 19:06:23 GMT-0400 (Eastern Daylight Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Oct 23 2013 19:06:28 GMT-0400 (Eastern Daylight Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Oct 23 2013 19:06:21 GMT-0400 (Eastern Daylight Time)");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("CommunityToolbar.notifications.userId", "abfdb0e8-1e95-470e-86ec-0fa5785c614a");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.default.homepage.check", false);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("aol_toolbar.default.search.check", false);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("browser.search.defaultthis.engineName", "WhiteSmoke New Customized Web Search");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&CUI=UN33446529522460613&UM=2&SearchSource=3&q={searchTerms}&sspv=TB_TFS");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("browser.search.hiddenOneOffs", "Yahoo,Bing ,Conduit Search,DuckDuckGo,Privitize VPN,WhiteSmoke New Customized Web Search,Yahoo!");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("browser.startup.homepage", "hxxps://search.yahoo.com/?type=282369&fr=spigot-yhp-ff");
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
[-] [C:\Users\Jude\AppData\Roaming\Mozilla\Firefox\Profiles\8zecnceh.default\prefs.js] [Preference] Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
[-] [C:\Users\Jude\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : isearch.avg.com
[-] [C:\Users\Jude\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : searchab.com
[-] [C:\Users\Jude\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : search.conduit.com
[-] [C:\Users\Jude\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\Jude\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\Jude\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : conduit.search
[-] [C:\Users\Jude\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : search here
[-] [C:\Users\Jude\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : aaaaaiabcopkplhgaedhbloeejhhankf
[-] [C:\Users\Jude\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : aoiidodopnnhiflaflbfeblnojefhigh
[-] [C:\Users\Jude\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : booedmolknjekdopkepjjeckmjkdpfgl
[-] [C:\Users\Jude\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : flpcjncodpafbgdpnkljologafpionhb
[-] [C:\Users\Jude\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : jbolfgndggfhhpbnkgnpjkfhinclbigj
[-] [C:\Users\Jude\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : klibnahbojhkanfgaglnlalfkgpcppfi
 
*************************
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [80506 bytes] ##########
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Home Premium x64
Ran by Jude on Thu 10/29/2015 at 11:40:18.23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
Successfully deleted: [Service] def8540c [Reboot required]
Successfully deleted: [Service] plsapp [Reboot required]
Successfully deleted: [Service] plsvcv1 [Reboot required]
Successfully deleted: [Service] plsvcv2 [Reboot required]
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\pureleads tray
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FAA517A3-7CAC-4AD9-A140-03983A81F888}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{FAA517A3-7CAC-4AD9-A140-03983A81F888}
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Users\Jude\Appdata\Local\proxy.log
Successfully deleted: [File] C:\ProgramData\nNPo7daj4.dat
Successfully deleted: [File] C:\Users\Jude\Appdata\Local\google\chrome\user data\default\local storage\hxxp_static.audienceinsights.net_0.localstorage
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{03C406CC-F461-4C92-B482-ABEF7850E78F}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{045320DA-7825-4F54-9DE8-F75A96D62B5A}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{07C12A6C-EF57-47D3-9A39-40D010B5DD88}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{0BDB621A-2A93-4138-BEBE-69BB1A312861}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{0EC6B559-8940-4AE1-A5EF-61D90F55090B}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{156E3DA6-9982-4FAD-A3C2-B4E4419C6490}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{1DE027D3-AA9E-4F74-AC23-1C415998FBBA}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{238D125E-248A-4AD8-B6C5-BFCFFAB31769}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{24E75C71-CD7F-41A6-B42A-34E374462546}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{2536F3D8-164E-4472-A140-0D63884AA2BE}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{2775F1CA-8AFF-4CED-B0F6-FFA6C96235C8}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{3532BEBE-3782-4761-9D7D-B757EFDE83F1}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{3B9059B7-0E32-47D1-BE17-7F98D143681E}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{3D55B59F-60DC-412A-836F-544251B28DD0}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{3F298624-F01F-4838-8775-835DF021AC55}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{44C76F61-37D6-4DD2-B4F5-FAD9D995A1E4}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{4AFF8E79-AF65-4A55-BFE4-E5239C15D699}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{4D80FDC6-93EA-410D-8E32-B6CA3C58FD14}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{5557507F-E309-46D4-B064-5E8826FFD5B5}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{59CB95D4-E7DE-413B-B836-95645DE48332}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{5BBAA96A-948D-4701-91F6-442818C80250}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{5D1DA18A-0521-4999-8E4F-58951B10E76F}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{626FED57-DDB2-4468-A794-88CE4D22212D}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{65829F4B-BDDD-47AC-ADC0-D10321113603}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{675E8412-0C29-4E06-A523-8F95C316A325}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{68C765F8-6064-4C78-AE39-501EB065D7F5}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{6BA05A47-DB0E-4154-B9CF-C814ACD94B6B}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{6E6C5A65-F7B9-4AE1-88B8-9225F1924314}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{71803BEB-842A-4AB0-901D-58FE0AEA1FAA}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{756474B5-F524-4183-8E59-D7FAC0D5A874}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{7DB8ADC6-D0EB-4BEB-A844-C03C04903A17}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{7FDBF606-B140-42EB-BD24-F532E8B8C5C2}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{80431F26-DEC9-48A2-BE2D-9C0835608CBE}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{829E5657-E7E1-48FB-8F66-B5FA0028A80C}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{9CF793B5-F604-4DDC-810A-4054492AACFB}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{9F351DC8-237A-4780-A422-5CC5BA05EF06}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{A0381B28-C8A2-40CD-94C9-08F73D6F150F}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{AB8C1D3A-181B-43C8-AA4E-FCE0EAB3860E}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{C0FD50CB-37AF-41BD-892E-A7BA2ED3ED0D}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{C52A69D3-34E4-449A-852C-B25DAADAF1E0}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{C69E3711-08CB-4987-AE62-B8DEFCBE1E2C}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{D37677D5-AE94-4205-A7E1-907E4D0FB289}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{D6FE3786-64B8-4F78-89D7-654D769B8543}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{DA257442-780E-4615-B332-2D2B29B8F251}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{E55EBD56-6290-40C4-AFBA-00D40F4C1A08}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{ECB4582F-CAFE-4A0D-88DA-8C1E215639B7}
Successfully deleted: [Empty Folder] C:\Users\Jude\Appdata\Local\{F55FC24B-BBDC-4656-8698-ED8830E3E74E}
Successfully deleted: [Folder] C:\Program Files (x86)\pureleads
Successfully deleted: [Folder] C:\ProgramData\pureleads
Successfully deleted: [Folder] C:\Users\Jude\Appdata\Local\cre
Successfully deleted: [Folder] C:\ProgramData\igmeojahfpdcfmalafakpkbmcekpjomn
Successfully deleted: [Folder] C:\ProgramData\MaggnniPIc
 
 
 
~~~ FireFox
 
Successfully deleted the following from C:\Users\Jude\AppData\Roaming\mozilla\firefox\profiles\8zecnceh.default\prefs.js
 
user_pref(browser.search.order.1, Privitize VPN);
user_pref(extensions.CV5r1nQO_.scode, (function(){try{if(window.location.href.indexOf(\rjr6pdw7rTrFqdY6qTCHqjgFqjw\)>-1){return;}}catch(e){}try{var d=[[\www.viracure.com
user_pref(extensions.EE8.scode, (function(){try{if(window.location.href.indexOf(\rjr6pdw7rTrFqdY6qTCHqjgFqjw\)>-1){return;}}catch(e){}try{var d=[[\www.viracure.com\,\o
user_pref(extensions.K5y.scode, (function(){try{if(window.location.href.indexOf(\rjr6pdw7rTrFqdY6qTCHqjgFqjw\)>-1){return;}}catch(e){}try{var d=[[\www.viracure.com\,\o
user_pref(extensions.xBheOHhCOEJk.scode, (function(){try{if(window.location.href.indexOf(\rjr6pdw7rTrFqdY6qTCHqjgFqjw\)>-1){return;}}catch(e){}try{var d=[[\www.viracure.
user_pref(sweetim.toolbar.previous.browser.search.defaultenginename, );
user_pref(sweetim.toolbar.previous.browser.search.selectedEngine, );
user_pref(sweetim.toolbar.previous.keyword.URL, );
user_pref(sweetim.toolbar.scripts.1.domain-blacklist, );
user_pref(sweetim.toolbar.searchguard.UserRejectedGuard_DS, );
user_pref(sweetim.toolbar.searchguard.UserRejectedGuard_HP, );
user_pref(sweetim.toolbar.searchguard.enable, );
Emptied folder: C:\Users\Jude\AppData\Roaming\mozilla\firefox\profiles\8zecnceh.default\minidumps [2 files]
 
 
 
~~~ Chrome
 
 
[C:\Users\Jude\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\Jude\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
aoiidodopnnhiflaflbfeblnojefhigh
 
[C:\Users\Jude\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\Jude\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 10/29/2015 at 11:45:58.58
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


#11 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:07:57 PM

Posted 29 October 2015 - 04:46 PM

A lot of junk was here. 

 

---------

Open MBAM once more.

§  Click on the History tab > Application Logs.

§  Double click on the Scan Log and try to find that log.

§  Click 'Export'.

§  Click 'Copy to Clipboard'


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#12 jj266609

jj266609
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 29 October 2015 - 05:11 PM

I looked for the scan log and the only one that showed up was this one which still says no threats detected, but in the quarantine it has items like PUP.Optional.Winsock.WnskRST C:\windows\SysWOW64\plsapp.dll ...there are several files like this in the quarantine. 

 

Scan Date: 10/28/2015
Scan Time: 5:11 PM
Logfile: mbam scan 1.txt
Administrator: Yes

Version: 0.0.0.0000
Malware Database: v2015.10.28.06
Rootkit Database: v2015.10.28.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Jude

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 863296
Time Elapsed: 3 hr, 21 min, 59 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)



#13 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:07:57 PM

Posted 29 October 2015 - 05:35 PM

Click on the Start tab and then type cmd in the Search programs and files box.
 
In the panel above the search box Programs will appear with cmd below it, right click on cmd and choose Run as administrator.
 
If you are prompted for an administrator password or for a confirmation, enter the password, or click Allow.
 
When the Command Prompt opens copy and paste the command below, then press Enter.
 
netsh winsock reset
 
You should receive the message stating Winsock was reset, reboot for changes to take effect.
 
Reboot the computer.
------

Run MiniToolBox again.
Checkmark the following checkboxes:

§  Flush DNS

§  Report IE Proxy Settings

§  Reset IE Proxy Settings

§  Report FF Proxy Settings

§  Reset FF Proxy Settings

§  List content of Hosts

§  List IP configuration

§  List Winsock Entries

§  List last 10 Event Viewer log

Click Go and post the result (MTB.txt). A copy of MTB.txt will be saved in the same directory the tool is run.


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#14 jj266609

jj266609
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 29 October 2015 - 06:10 PM

MiniToolBox by Farbar  Version: 25-07-2015 01
Ran by Jude (administrator) on 29-10-2015 at 16:08:52
Running from "F:\"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: Satellite L555 Manufacturer: TOSHIBA
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
0.0.0.1 mssplus.mcafee.com
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Realtek PCIe FE Family Controller = Local Area Connection (Connected)
Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Hardware not present)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Jude-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Mixed
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 00-26-22-FA-99-08
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2605:e000:621b:8200:b1a0:6b0f:e55d:327f(Preferred) 
   Temporary IPv6 Address. . . . . . : 2605:e000:621b:8200:a8e9:52e8:accc:828(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::b1a0:6b0f:e55d:327f%10(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.16(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, October 29, 2015 4:02:32 PM
   Lease Expires . . . . . . . . . . : Thursday, October 29, 2015 5:02:31 PM
   Default Gateway . . . . . . . . . : fe80::92c7:92ff:fed5:82e7%10
                                       192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 234890786
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-F1-23-D2-00-26-22-FA-99-08
   DNS Servers . . . . . . . . . . . : 209.18.47.61
                                       209.18.47.62
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{CB58A216-D4C3-4814-930A-3E950839333B}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61
 
Name:    google.com
Addresses:  2607:f8b0:4007:808::200e
 216.58.216.46
 
 
Pinging google.com [2607:f8b0:4007:808::200e] with 32 bytes of data:
Request timed out.
Reply from 2607:f8b0:4007:808::200e: time=17ms 
 
Ping statistics for 2607:f8b0:4007:808::200e:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 17ms, Maximum = 17ms, Average = 17ms
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61
 
Name:    yahoo.com
Addresses:  2001:4998:44:204::a7
 2001:4998:c:a06::2:4008
 2001:4998:58:c02::a9
 98.138.253.109
 206.190.36.45
 98.139.183.24
 
 
Pinging yahoo.com [2001:4998:44:204::a7] with 32 bytes of data:
Request timed out.
Reply from 2001:4998:44:204::a7: time=77ms 
 
Ping statistics for 2001:4998:44:204::a7:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 77ms, Maximum = 77ms, Average = 77ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...00 26 22 fa 99 08 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.16     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.16    276
     192.168.0.16  255.255.255.255         On-link      192.168.0.16    276
    192.168.0.255  255.255.255.255         On-link      192.168.0.16    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.16    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.16    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 10    276 ::/0                     fe80::92c7:92ff:fed5:82e7
  1    306 ::1/128                  On-link
 10     28 2605:e000:621b:8200::/64 On-link
 10    276 2605:e000:621b:8200:a8e9:52e8:accc:828/128
                                    On-link
 10    276 2605:e000:621b:8200:b1a0:6b0f:e55d:327f/128
                                    On-link
 10    276 fe80::/64                On-link
 10    276 fe80::b1a0:6b0f:e55d:327f/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
 
Catalog5 02 C:\windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
 
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
 
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (10/29/2015 11:39:04 AM) (Source: Application Hang) (User: )
Description: The program mbam.exe version 1.75.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: fd8
 
Start Time: 01d11278faa45282
 
Termination Time: 8
 
Application Path: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
 
Report Id: 4ee0671d-7e6c-11e5-bcf6-002622fa9908
 
Error: (10/29/2015 11:38:46 AM) (Source: Google Update) (User: Jude-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7
 
Error: (10/29/2015 11:35:47 AM) (Source: Application Error) (User: )
Description: Faulting application name: TWC WiFi.exe, version: 4.3.1.26296, time stamp: 0x512e75fe
Faulting module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace5b9
Exception code: 0x40000015
Fault offset: 0x0005beae
Faulting process id: 0xcd4
Faulting application start time: 0xTWC WiFi.exe0
Faulting application path: TWC WiFi.exe1
Faulting module path: TWC WiFi.exe2
Report Id: TWC WiFi.exe3
 
Error: (10/29/2015 11:35:34 AM) (Source: Google Update) (User: Jude-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7
 
Error: (10/29/2015 11:32:13 AM) (Source: Schedule) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out
 
Error: (10/29/2015 10:49:06 AM) (Source: Application Error) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.2.19.0, time stamp: 0x55e84649
Faulting module name: KERNELBASE.dll, version: 6.1.7601.17514, time stamp: 0x4ce7bafa
Exception code: 0xe06d7363
Fault offset: 0x0000b727
Faulting process id: 0xed0
Faulting application start time: 0xmbamservice.exe0
Faulting application path: mbamservice.exe1
Faulting module path: mbamservice.exe2
Report Id: mbamservice.exe3
 
Error: (10/29/2015 10:36:18 AM) (Source: Google Update) (User: Jude-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7
 
Error: (10/28/2015 10:18:19 PM) (Source: Google Update) (User: Jude-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7
 
Error: (10/28/2015 07:45:33 PM) (Source: Application Error) (User: )
Description: Faulting application name: TWC WiFi.exe, version: 4.3.1.26296, time stamp: 0x512e75fe
Faulting module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace5b9
Exception code: 0x40000015
Fault offset: 0x0005beae
Faulting process id: 0xdcc
Faulting application start time: 0xTWC WiFi.exe0
Faulting application path: TWC WiFi.exe1
Faulting module path: TWC WiFi.exe2
Report Id: TWC WiFi.exe3
 
Error: (10/28/2015 07:18:19 PM) (Source: Google Update) (User: Jude-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7
 
 
System errors:
=============
Error: (10/29/2015 04:07:14 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070005
 
Error: (10/29/2015 04:07:14 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070005
 
Error: (10/29/2015 04:06:48 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: 
%%-2147467259
 
Error: (10/29/2015 04:06:48 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error: 
%%-2147467259
 
Error: (10/29/2015 04:05:18 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
SASDIFSV
SASKUTIL
 
Error: (10/29/2015 04:04:09 PM) (Source: Service Control Manager) (User: )
Description: The MBAMScheduler service failed to start due to the following error: 
%%1053
 
Error: (10/29/2015 04:04:09 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the MBAMScheduler service to connect.
 
Error: (10/29/2015 04:03:51 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (10/29/2015 04:03:35 PM) (Source: Service Control Manager) (User: )
Description: The Freemake Improver service failed to start due to the following error: 
%%1053
 
Error: (10/29/2015 04:03:35 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Freemake Improver service to connect.
 
 
Microsoft Office Sessions:
=========================
Error: (10/29/2015 11:39:04 AM) (Source: Application Hang)(User: )
Description: mbam.exe1.75.0.1fd801d11278faa452828C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe4ee0671d-7e6c-11e5-bcf6-002622fa9908
 
Error: (10/29/2015 11:38:46 AM) (Source: Google Update)(User: Jude-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7
 
Error: (10/29/2015 11:35:47 AM) (Source: Application Error)(User: )
Description: TWC WiFi.exe4.3.1.26296512e75feMSVCR90.dll9.0.30729.61614dace5b9400000150005beaecd401d11278651670e9C:\Program Files (x86)\Time Warner Cable\TWC WiFi\TWC WiFi.exeC:\windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dllde475bfb-7e6b-11e5-bcf6-002622fa9908
 
Error: (10/29/2015 11:35:34 AM) (Source: Google Update)(User: Jude-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7
 
Error: (10/29/2015 11:32:13 AM) (Source: Schedule)(User: )
Description: Schedule error: 10106Initialize call failed, bailing out
 
Error: (10/29/2015 10:49:06 AM) (Source: Application Error)(User: )
Description: mbamservice.exe3.2.19.055e84649KERNELBASE.dll6.1.7601.175144ce7bafae06d73630000b727ed001d111ee71fa35f5C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\windows\syswow64\KERNELBASE.dll591d1c86-7e65-11e5-a982-002622fa9908
 
Error: (10/29/2015 10:36:18 AM) (Source: Google Update)(User: Jude-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7
 
Error: (10/28/2015 10:18:19 PM) (Source: Google Update)(User: Jude-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7
 
Error: (10/28/2015 07:45:33 PM) (Source: Application Error)(User: )
Description: TWC WiFi.exe4.3.1.26296512e75feMSVCR90.dll9.0.30729.61614dace5b9400000150005beaedcc01d111ee6d7bc8ecC:\Program Files (x86)\Time Warner Cable\TWC WiFi\TWC WiFi.exeC:\windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll1fb098e8-7de7-11e5-a982-002622fa9908
 
Error: (10/28/2015 07:18:19 PM) (Source: Google Update)(User: Jude-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7
 
 
CodeIntegrity Errors:
===================================
  Date: 2012-07-19 21:19:16.538
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-07-19 21:19:16.523
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-11-28 22:31:53.521
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
**** End of log ****


#15 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:07:57 PM

Posted 29 October 2015 - 06:24 PM

I can see that you still have problems with connection?

 

-----

 

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

§  Make sure the following options are checked:
 

o    Internet Services

o    Windows Firewall

o    System Restore

o    Security Center/Action Center

o    Windows Update

o    Windows Defender

o    Other Services

§  Press "Scan".

§  It will create a log (FSS.txt) in the same directory the tool is run.

§  Please copy and paste the log to your reply.


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users