Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

The Execute/Action Button is Missing


  • Please log in to reply
20 replies to this topic

#1 RhondaG

RhondaG

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wilmington, NC
  • Local time:06:14 PM

Posted 21 December 2013 - 11:48 PM

When I go to Instant Rewards website, log in, and click onto the offers tab, I can then scroll down to the offer I want (ex. freecreditreport.com) and click on it. And from that next page, I am then supposed to be able to click on a green action button that redirects me to the website of the specific offer I chose. However there is no button anywhere that page. In fact there is no button or anything that allows me to make any further action from that page. Once I'm at that page, I'm stuck and can't do anything else but back out and start over, just to run into the same scenario over again! I've done some troubleshooting and I was told it might be a browser issue so I downloaded the latest Adobe Flash Player, changed some security settings and refreshed my Instant Rewards account. But none of these worked. Please help!!! I work from home so I'm losing money everyday until this gets fixed.

BC AdBot (Login to Remove)

 


#2 RhondaG

RhondaG
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wilmington, NC
  • Local time:06:14 PM

Posted 23 December 2013 - 03:43 PM

Hello. Just checking again to see if anyone has a possible solution. I need help right away! I didn't mention this previously but I'm using a laptop. If you need any other information, please let me know. Thank you!!!

#3 RhondaG

RhondaG
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wilmington, NC
  • Local time:06:14 PM

Posted 23 December 2013 - 08:32 PM

Hello. I just want to express the importance of resolving this issue asap. It is affecting my job. I work from home and I cannot do anything until this is fixed. So PLEASE help me. Thank you.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:14 PM

Posted 27 December 2013 - 10:18 PM

It may be an issue with their site but we can scan and be sue it's not malware.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
.
.
.
ADW Cleaner

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
    .
    .
    .
    .
    • Last run ESET.
      • Hold down Control and click on this link to open ESET OnlineScan in a new window.
      • Click the esetonlinebtn.png button.
      • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
      • Double click on the esetsmartinstaller_enu.png icon on your desktop.
      • Check "YES, I accept the Terms of Use."
      • Click the Start button.
      • Accept any security warnings from your browser.
      • Under scan settings, check "Scan Archives" and "Remove found threats"
      • Click Advanced settings and select the following:
      • Scan potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology
      • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
      • When the scan completes, click List Threats
      • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
      • Click the Back button.
      • Click the Finish button.
      • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 RhondaG

RhondaG
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wilmington, NC
  • Local time:06:14 PM

Posted 30 December 2013 - 01:46 PM

Thank you for your quick response. Here is Part 1of your request:

 

MiniToolBox by Farbar  Version: 18-12-2013
Ran by Runnels Laptop (administrator) on 30-12-2013 at 13:29:27
Running from "C:\Documents and Settings\Runnels Laptop\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1       localhost

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
Realtek RTL8185 54M Wireless LAN Network Adapter = Wireless Network Connection (Connected)
Marvell Yukon 88E8036 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : Rhondaslaptop

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Broadcast

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : Marvell Yukon 88E8036 PCI-E Fast Ethernet Controller

        Physical Address. . . . . . . . . : 00-E0-B8-B6-EC-FA



Ethernet adapter Wireless Network Connection:



        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : Realtek RTL8185 54M Wireless LAN Network Adapter

        Physical Address. . . . . . . . . : 00-C0-A8-CB-B9-32

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.43.3

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.43.1

        DHCP Server . . . . . . . . . . . : 192.168.43.1

        DNS Servers . . . . . . . . . . . : 192.168.43.1

        Lease Obtained. . . . . . . . . . : Monday, December 30, 2013 1:04:10 PM

        Lease Expires . . . . . . . . . . : Monday, December 30, 2013 2:04:10 PM

Server:  UnKnown
Address:  192.168.43.1

Name:    google.com
Addresses:  74.125.196.139, 74.125.196.102, 74.125.196.138, 74.125.196.113
      74.125.196.101, 74.125.196.100



Pinging google.com [74.125.196.100] with 32 bytes of data:



Reply from 74.125.196.100: bytes=32 time=56ms TTL=43

Reply from 74.125.196.100: bytes=32 time=54ms TTL=43



Ping statistics for 74.125.196.100:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 54ms, Maximum = 56ms, Average = 55ms

Server:  UnKnown
Address:  192.168.43.1

Name:    yahoo.com
Addresses:  98.139.183.24, 206.190.36.45, 98.138.253.109



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:



Reply from 98.138.253.109: bytes=32 time=124ms TTL=48

Reply from 98.138.253.109: bytes=32 time=146ms TTL=48



Ping statistics for 98.138.253.109:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 124ms, Maximum = 146ms, Average = 135ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 e0 b8 b6 ec fa ...... Marvell Yukon 88E8036 PCI-E Fast Ethernet Controller - Packet Scheduler Miniport
0x3 ...00 c0 a8 cb b9 32 ...... Realtek RTL8185 54M Wireless LAN Network Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     192.168.43.1    192.168.43.3      25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
     192.168.43.0    255.255.255.0     192.168.43.3    192.168.43.3      25
     192.168.43.3  255.255.255.255        127.0.0.1       127.0.0.1      25
   192.168.43.255  255.255.255.255     192.168.43.3    192.168.43.3      25
        224.0.0.0        240.0.0.0     192.168.43.3    192.168.43.3      25
  255.255.255.255  255.255.255.255     192.168.43.3    192.168.43.3      1
  255.255.255.255  255.255.255.255     192.168.43.3               2      1
Default Gateway:      192.168.43.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/30/2013 00:59:12 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 26.0.0.5087, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/30/2013 00:58:02 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 26.0.0.5087, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/30/2013 00:55:57 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 26.0.0.5087, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/30/2013 00:35:11 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 26.0.0.5087, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/30/2013 11:58:26 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/30/2013 10:40:45 AM) (Source: Iminent) (User: )
Description: Unexpected exception.

System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.NullReferenceException: Object reference not set to an instance of an object.
   at Iminent.Mediator.Server.ApplicationService.<>c__DisplayClassa.<WarmUp>b__9(Composite composite)
   --- End of inner exception stack trace ---
   at System.RuntimeMethodHandle._InvokeMethodFast(IRuntimeMethodInfo method, Object target, Object[] arguments, SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeType typeOwner)
   at System.RuntimeMethodHandle.InvokeMethodFast(IRuntimeMethodInfo method, Object target, Object[] arguments, Signature sig, MethodAttributes methodAttributes, RuntimeType typeOwner)
   at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks)
   at System.Delegate.DynamicInvokeImpl(Object[] args)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(Object source, Delegate method, Object args, Int32 numArgs, Delegate catchHandler)

Error: (12/20/2013 00:29:18 AM) (Source: Iminent) (User: )
Description: Unexpected exception.

System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.NullReferenceException: Object reference not set to an instance of an object.
   at Iminent.Mediator.Server.ApplicationService.<>c__DisplayClassa.<WarmUp>b__9(Composite composite)
   --- End of inner exception stack trace ---
   at System.RuntimeMethodHandle._InvokeMethodFast(IRuntimeMethodInfo method, Object target, Object[] arguments, SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeType typeOwner)
   at System.RuntimeMethodHandle.InvokeMethodFast(IRuntimeMethodInfo method, Object target, Object[] arguments, Signature sig, MethodAttributes methodAttributes, RuntimeType typeOwner)
   at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks)
   at System.Delegate.DynamicInvokeImpl(Object[] args)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(Object source, Delegate method, Object args, Int32 numArgs, Delegate catchHandler)

Error: (12/19/2013 03:03:14 PM) (Source: Iminent) (User: )
Description: Unexpected exception.

System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.NullReferenceException: Object reference not set to an instance of an object.
   at Iminent.Mediator.Server.ApplicationService.<>c__DisplayClassa.<WarmUp>b__9(Composite composite)
   --- End of inner exception stack trace ---
   at System.RuntimeMethodHandle._InvokeMethodFast(IRuntimeMethodInfo method, Object target, Object[] arguments, SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeType typeOwner)
   at System.RuntimeMethodHandle.InvokeMethodFast(IRuntimeMethodInfo method, Object target, Object[] arguments, Signature sig, MethodAttributes methodAttributes, RuntimeType typeOwner)
   at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks)
   at System.Delegate.DynamicInvokeImpl(Object[] args)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(Object source, Delegate method, Object args, Int32 numArgs, Delegate catchHandler)

Error: (12/18/2013 09:28:58 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (12/18/2013 09:28:56 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


System errors:
=============
Error: (12/30/2013 01:04:02 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.43.3 for the Network Card with network address 00C0A8CBB932 has been
denied by the DHCP server 192.168.169.1 (The DHCP Server sent a DHCPNACK message).

Error: (12/30/2013 00:13:32 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.43.3 for the Network Card with network address 00C0A8CBB932 has been
denied by the DHCP server 192.168.33.1 (The DHCP Server sent a DHCPNACK message).

Error: (12/30/2013 11:44:26 AM) (Source: DCOM) (User: RHONDASLAPTOP)
Description: The server {D5E8041D-920F-45E9-B8FB-B1DEB82C6E5E} did not register with DCOM within the required timeout.

Error: (12/30/2013 10:37:38 AM) (Source: Service Control Manager) (User: )
Description: The Computer Backup (MyPC Backup) service failed to start due to the following error:
%%1053

Error: (12/30/2013 10:37:38 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Computer Backup (MyPC Backup) service to connect.

Error: (12/19/2013 02:49:38 PM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume1

Error: (12/18/2013 07:48:02 PM) (Source: Service Control Manager) (User: )
Description: The Computer Backup (MyPC Backup) service failed to start due to the following error:
%%1053

Error: (12/18/2013 07:48:02 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Computer Backup (MyPC Backup) service to connect.

Error: (12/18/2013 07:48:02 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (12/18/2013 07:48:02 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.228)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Athlon 64 Processor Driver (Version: 1.1.0.14)
ATI - Software Uninstall Utility (Version: 6.14.10.1012)
ATI Control Panel (Version: 6.14.10.5154)
ATI Display Driver (Version: 8.131-050428a-022899C-Gateway)
att.net Internet Mail
AVG 2013 (Version: 13.0.3462)
AVG 2013 (Version: 13.0.3658)
AVG 2013 (Version: 2013.0.3462)
AVG Security Toolbar (Version: 12.2.5.34)
CCleaner (Version: 3.23)
Conexant AC-Link Audio
Define Ext (Version: 8)
FindWide.com
Flash Player Pro V5.4
Free Ride Games Player
GamingWonderland Firefox Toolbar
GamingWonderland Internet Explorer Toolbar
HP Wireless Multimedia Keyboard and Mouse Driver V1.3
Iminent (Version: 6.27.21.0)
InterActual Player
InternetHelper3.1 Toolbar (Version: 6.15.0.27)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 11 (Version: 6.0.110)
Jewel Quest III (remove only)
Jewel Quest Mysteries: Curse of the Emerald Tear (remove only)
K-Lite Codec Pack 4.7.0 (Full) (Version: 4.7.0)
LimeWire 5.1.1 (Version: 5.1.1)
Mah Jong Quest III (remove only)
Matchmaker: Joining Hearts (remove only)
McAfee Security Scan Plus (Version: 3.8.130.10)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Outlook 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 26.0 (x86 en-US) (Version: 26.0)
Mozilla Maintenance Service (Version: 26.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyPC Backup  (Version: )
Nero Suite
NetZero Internet (Version: 8.9.3.0)
RebateInformer (Version: 1.0.0.75)
Search Protect (Version: 2.9.8.2)
Soft Data Fax Modem with SmartCP
Software Update for Web Folders (Version: 9.60.6715.0)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
SUPERAntiSpyware (Version: 5.5.1012)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 7.12.3.0)
SySaver (Version: 2)
Texas Instruments PCIxx21/x515/xx12 drivers. (Version: 2.00.0003)
TidyNetwork.com
TIPCI (Version: 2.00.0003)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2904266) (Version: 1)
Web Cake 3.00 (Version: 3.00)
Web Layers 3.0.0 (Version: 3.0.0)
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows XP Service Pack 3 (Version: 20080414.031525)
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 57%
Total physical RAM: 894.22 MB
Available physical RAM: 381.27 MB
Total Pagefile: 2165.84 MB
Available Pagefile: 1194.48 MB
Total Virtual: 2047.88 MB
Available Virtual: 1972.64 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:74.52 GB) (Free:53.23 GB) NTFS

========================= Users: ========================================

User accounts for \\RHONDASLAPTOP

Administrator            Guest                    HelpAssistant            
Runnels Laptop           SUPPORT_388945a0         


**** End of log ****
 



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:14 PM

Posted 30 December 2013 - 03:47 PM

OK, keep going.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 RhondaG

RhondaG
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wilmington, NC
  • Local time:06:14 PM

Posted 30 December 2013 - 10:53 PM

Sorry for the length of time between replies. My computer is having other issues.

 

Part 2

13:51:44.0984 0x0d60  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50

13:52:58.0187 0x0d60  ============================================================

13:52:58.0187 0x0d60  Current date / time: 2013/12/30 13:52:58.0187

13:52:58.0187 0x0d60  SystemInfo:

13:52:58.0187 0x0d60 

13:52:58.0187 0x0d60  OS Version: 5.1.2600 ServicePack: 3.0

13:52:58.0187 0x0d60  Product type: Workstation

13:52:58.0187 0x0d60  ComputerName: RHONDASLAPTOP

13:52:58.0187 0x0d60  UserName: Runnels Laptop

13:52:58.0187 0x0d60  Windows directory: C:\WINDOWS

13:52:58.0187 0x0d60  System windows directory: C:\WINDOWS

13:52:58.0187 0x0d60  Processor architecture: Intel x86

13:52:58.0187 0x0d60  Number of processors: 1

13:52:58.0187 0x0d60  Page size: 0x1000

13:52:58.0187 0x0d60  Boot type: Normal boot

13:52:58.0187 0x0d60  ============================================================

13:53:00.0390 0x0d60  KLMD registered as C:\WINDOWS\system32\drivers\86346105.sys

13:53:01.0453 0x0d60  System UUID: {D1D984CB-312A-B717-217A-5F0EFA07F454}

13:53:04.0218 0x0d60  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

13:53:04.0250 0x0d60  ============================================================

13:53:04.0250 0x0d60  \Device\Harddisk0\DR0:

13:53:04.0265 0x0d60  MBR partitions:

13:53:04.0265 0x0d60  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1

13:53:04.0265 0x0d60  ============================================================

13:53:04.0343 0x0d60  C: <-> \Device\Harddisk0\DR0\Partition1

13:53:04.0343 0x0d60  ============================================================

13:53:04.0343 0x0d60  Initialize success

13:53:04.0343 0x0d60  ============================================================

13:53:15.0109 0x08cc  ============================================================

13:53:15.0109 0x08cc  Scan started

13:53:15.0109 0x08cc  Mode: Manual;

13:53:15.0109 0x08cc  ============================================================

13:53:15.0109 0x08cc  KSN ping started

13:53:18.0390 0x08cc  KSN ping finished: true

13:53:20.0593 0x08cc  ================ Scan system memory ========================

13:53:20.0593 0x08cc  System memory - ok

13:53:20.0593 0x08cc  ================ Scan services =============================

13:53:20.0734 0x08cc  [ 01E81C84AD1D0ACC61CF3CFD06632210, 1140756BA2F28CA8DFCFF8FD223654E6A78BA1B770A169CC557ECE0E01381B17 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

13:53:20.0750 0x08cc  !SASCORE - ok

13:53:21.0156 0x08cc  Abiosdsk - ok

13:53:21.0156 0x08cc  abp480n5 - ok

13:53:21.0218 0x08cc  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys

13:53:21.0234 0x08cc  ACPI - ok

13:53:21.0265 0x08cc  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

13:53:21.0265 0x08cc  ACPIEC - ok

13:53:21.0390 0x08cc  [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

13:53:21.0468 0x08cc  AdobeFlashPlayerUpdateSvc - ok

13:53:21.0500 0x08cc  adpu160m - ok

13:53:21.0593 0x08cc  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys

13:53:21.0593 0x08cc  aec - ok

13:53:21.0687 0x08cc  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys

13:53:21.0687 0x08cc  AFD - ok

13:53:21.0703 0x08cc  Aha154x - ok

13:53:21.0718 0x08cc  aic78u2 - ok

13:53:21.0734 0x08cc  aic78xx - ok

13:53:21.0796 0x08cc  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll

13:53:21.0953 0x08cc  Alerter - ok

13:53:21.0984 0x08cc  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe

13:53:21.0984 0x08cc  ALG - ok

13:53:22.0000 0x08cc  AliIde - ok

13:53:22.0109 0x08cc  [ E6A2299284013EC4DE3419481A62069F, D1B5020E2F3C102377546805208777ABD288A66AB861809BC1BA80C099B0C026 ] AmdK8           C:\WINDOWS\system32\DRIVERS\AmdK8.sys

13:53:22.0109 0x08cc  AmdK8 - ok

13:53:22.0125 0x08cc  amsint - ok

13:53:22.0187 0x08cc  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll

13:53:22.0390 0x08cc  AppMgmt - ok

13:53:22.0453 0x08cc  [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys

13:53:22.0671 0x08cc  Arp1394 - ok

13:53:22.0687 0x08cc  asc - ok

13:53:22.0703 0x08cc  asc3350p - ok

13:53:22.0718 0x08cc  asc3550 - ok

13:53:22.0828 0x08cc  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

13:53:22.0921 0x08cc  aspnet_state - ok

13:53:22.0984 0x08cc  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys

13:53:23.0140 0x08cc  AsyncMac - ok

13:53:23.0187 0x08cc  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys

13:53:23.0187 0x08cc  atapi - ok

13:53:23.0203 0x08cc  Atdisk - ok

13:53:23.0281 0x08cc  [ 97F0D1CFEE7CCD1F3302F393BA3481FC, 18B2FCD2E7C710EA27C652354A90410CFB45A4CAB531AB4CE6373797B429DBE7 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe

13:53:23.0328 0x08cc  Ati HotKey Poller - ok

13:53:23.0437 0x08cc  [ C8DC21751C5684A14EC075FDD2473719, 407AF973F48CA9C5ECFA28B48A3FF238B55079E8C74931A6328654C698A0D229 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

13:53:23.0781 0x08cc  ati2mtag - ok

13:53:23.0843 0x08cc  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys

13:53:24.0093 0x08cc  Atmarpc - ok

13:53:24.0156 0x08cc  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll

13:53:24.0156 0x08cc  AudioSrv - ok

13:53:24.0203 0x08cc  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys

13:53:24.0421 0x08cc  audstub - ok

13:53:25.0015 0x08cc  [ 4DB93F4DB7077801D2D82013506AC1D0, 3D71655D1557021D5D828E37EAFDBA35C631061E48D64B9D376746F8FCC760B3 ] AVGIDSAgent     C:\Program Files\AVG\AVG2013\avgidsagent.exe

13:53:25.0421 0x08cc  AVGIDSAgent - ok

13:53:25.0515 0x08cc  [ 5BCAE36134162830ED283F4C3D88476A, A47EE816A88A8C18458BA721AB829E49D492128BA8D5BF6FF317C2B5A1FFA60F ] AVGIDSDriver    C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys

13:53:25.0546 0x08cc  AVGIDSDriver - ok

13:53:25.0562 0x08cc  [ 7C8E88549BCDAAC965B1B724C175F7A9, 86240BF965C60FFAF381879D1B2DD7190FAD597E7534AEE9A9E48A2BDEC119BA ] AVGIDSHX        C:\WINDOWS\system32\DRIVERS\avgidshx.sys

13:53:25.0562 0x08cc  AVGIDSHX - ok

13:53:25.0578 0x08cc  [ F8D2E76EA51B3B4119DF3D6A7A6D99F3, 417E05BA987345ED48223404DEBC10043A18CBC749462186CC3EE9C20F47C86D ] AVGIDSShim      C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys

13:53:25.0843 0x08cc  AVGIDSShim - ok

13:53:25.0906 0x08cc  [ 2018C4E9A40B122408763A5635CF14D9, E0BF5D5C7CFDD078F8BBA9627F1F8E0434B38A23FA9E039B37A22D7E1AD4EFFA ] Avgldx86        C:\WINDOWS\system32\DRIVERS\avgldx86.sys

13:53:25.0906 0x08cc  Avgldx86 - ok

13:53:25.0937 0x08cc  [ E2B9CF2CF787C6978E7CC898E9684E48, 73D5D8514EF1BF3BCC64DC158C68189D07B3940641F1155823C6822D03BC761B ] Avglogx         C:\WINDOWS\system32\DRIVERS\avglogx.sys

13:53:25.0953 0x08cc  Avglogx - ok

13:53:25.0968 0x08cc  [ 3F59750A3AA55C46663801E7C2FD1E2B, F748EB6552889974CB1FC6F666F2D78F654CAA990A339C741255355295CD46E8 ] Avgmfx86        C:\WINDOWS\system32\DRIVERS\avgmfx86.sys

13:53:25.0984 0x08cc  Avgmfx86 - ok

13:53:26.0000 0x08cc  [ 90FA3A4BB1039701D68FD1CC2ED3EE22, 5842AECBF76163BCAEE19DED708291DD8402E2D24DD48453E6067A9AE5BABB11 ] Avgrkx86        C:\WINDOWS\system32\DRIVERS\avgrkx86.sys

13:53:26.0000 0x08cc  Avgrkx86 - ok

13:53:26.0062 0x08cc  [ 14370FB29526F593C04FA48B5D69F7F0, EE5BBE674210AC3BC4103B6D43BABDCCCE681F3B0E93075F93CD453730C316B8 ] Avgtdix         C:\WINDOWS\system32\DRIVERS\avgtdix.sys

13:53:26.0546 0x08cc  Avgtdix - ok

13:53:26.0640 0x08cc  [ 3001E24F340D400BFF85935E5777FC5B, BA1D3B4D4EC6E4DD6C0FAE22238E37A6168067B5E4A0E533C25B3625473A3A48 ] avgtp           C:\WINDOWS\system32\drivers\avgtpx86.sys

13:53:26.0765 0x08cc  avgtp - ok

13:53:26.0828 0x08cc  [ D646FA5135A1CD795877AFE9D17FA9ED, 2F97FBCD7BD75727A77C17D75D2482AE819D5D2EB9760D96412F9C20AA7D9473 ] avgwd           C:\Program Files\AVG\AVG2013\avgwdsvc.exe

13:53:26.0890 0x08cc  avgwd - ok

13:53:27.0046 0x08cc  [ 17023C57A820B5CD411B90C1C772E030, 74649ABE4F8C16CEBC5405141112633108F94D5E4F519F04D1ABBA65B59497FA ] BackupStack     C:\Program Files\MyPC Backup\BackupStack.exe

13:53:27.0062 0x08cc  BackupStack - ok

13:53:27.0125 0x08cc  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

13:53:27.0593 0x08cc  Beep - ok

13:53:27.0703 0x08cc  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll

13:53:28.0109 0x08cc  BITS - ok

13:53:28.0156 0x08cc  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll

13:53:28.0171 0x08cc  Browser - ok

13:53:28.0234 0x08cc  [ 80EB55B615ED0F669A28A96FEFD4603F, 7739361BCC0AC85F0DE0691EC45EB7AB9340F1C1F3C483E87910B9D78A5B1F96 ] CAMCAUD         C:\WINDOWS\system32\drivers\camc6aud.sys

13:53:28.0562 0x08cc  CAMCAUD - ok

13:53:28.0625 0x08cc  [ AD1D8DEBDB1DF8682E374E0CD1638C1B, B469B41E34498463D15D61986AB322E93BC049362B2013FB881F56A39C74ADBF ] CAMCHALA        C:\WINDOWS\system32\drivers\camc6hal.sys

13:53:28.0953 0x08cc  CAMCHALA - ok

13:53:29.0000 0x08cc  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys

13:53:29.0265 0x08cc  cbidf2k - ok

13:53:29.0281 0x08cc  cd20xrnt - ok

13:53:29.0328 0x08cc  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys

13:53:29.0562 0x08cc  Cdaudio - ok

13:53:29.0609 0x08cc  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys

13:53:29.0625 0x08cc  Cdfs - ok

13:53:29.0640 0x08cc  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys

13:53:29.0859 0x08cc  Cdrom - ok

13:53:29.0875 0x08cc  Changer - ok

13:53:29.0937 0x08cc  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe

13:53:30.0062 0x08cc  CiSvc - ok

13:53:30.0125 0x08cc  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe

13:53:30.0359 0x08cc  ClipSrv - ok

13:53:30.0421 0x08cc  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

13:53:30.0468 0x08cc  clr_optimization_v2.0.50727_32 - ok

13:53:30.0578 0x08cc  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

13:53:30.0578 0x08cc  clr_optimization_v4.0.30319_32 - ok

13:53:30.0984 0x08cc  [ 5875746AAC710D1F3101A665300E793F, EBCB88F48912E1D915F4DE0C16211DB90201B1991636214E7C59CDE0E95E14DA ] CltMngSvc       C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe

13:53:31.0406 0x08cc  CltMngSvc - ok

13:53:31.0484 0x08cc  [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys

13:53:31.0625 0x08cc  CmBatt - ok

13:53:31.0640 0x08cc  CmdIde - ok

13:53:31.0671 0x08cc  [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys

13:53:31.0671 0x08cc  Compbatt - ok

13:53:31.0687 0x08cc  COMSysApp - ok

13:53:31.0703 0x08cc  Cpqarray - ok

13:53:31.0781 0x08cc  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll

13:53:31.0781 0x08cc  CryptSvc - ok

13:53:31.0796 0x08cc  dac2w2k - ok

13:53:31.0812 0x08cc  dac960nt - ok

13:53:31.0906 0x08cc  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

13:53:31.0921 0x08cc  DcomLaunch - ok

13:53:32.0000 0x08cc  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll

13:53:32.0015 0x08cc  Dhcp - ok

13:53:32.0031 0x08cc  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys

13:53:32.0031 0x08cc  Disk - ok

13:53:32.0078 0x08cc  dlbt_device - ok

13:53:32.0093 0x08cc  dmadmin - ok

13:53:32.0171 0x08cc  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys

13:53:32.0640 0x08cc  dmboot - ok

13:53:32.0671 0x08cc  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys

13:53:32.0687 0x08cc  dmio - ok

13:53:32.0718 0x08cc  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys

13:53:32.0718 0x08cc  dmload - ok

13:53:32.0765 0x08cc  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll

13:53:32.0765 0x08cc  dmserver - ok

13:53:32.0828 0x08cc  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys

13:53:32.0828 0x08cc  DMusic - ok

13:53:32.0906 0x08cc  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

13:53:32.0906 0x08cc  Dnscache - ok

13:53:32.0968 0x08cc  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll

13:53:33.0312 0x08cc  Dot3svc - ok

13:53:33.0328 0x08cc  dpti2o - ok

13:53:33.0390 0x08cc  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

13:53:33.0390 0x08cc  drmkaud - ok

13:53:33.0468 0x08cc  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll

13:53:33.0562 0x08cc  EapHost - ok

13:53:33.0609 0x08cc  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll

13:53:33.0609 0x08cc  ERSvc - ok

13:53:33.0703 0x08cc  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe

13:53:33.0718 0x08cc  Eventlog - ok

13:53:33.0796 0x08cc  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll

13:53:33.0812 0x08cc  EventSystem - ok

13:53:33.0875 0x08cc  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys

13:53:33.0875 0x08cc  Fastfat - ok

13:53:33.0937 0x08cc  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

13:53:33.0953 0x08cc  FastUserSwitchingCompatibility - ok

13:53:33.0984 0x08cc  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys

13:53:34.0187 0x08cc  Fdc - ok

13:53:34.0234 0x08cc  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys

13:53:34.0500 0x08cc  Fips - ok

13:53:34.0531 0x08cc  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys

13:53:34.0750 0x08cc  Flpydisk - ok

13:53:34.0796 0x08cc  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys

13:53:34.0796 0x08cc  FltMgr - ok

13:53:34.0890 0x08cc  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

13:53:34.0906 0x08cc  FontCache3.0.0.0 - ok

13:53:34.0953 0x08cc  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

13:53:35.0109 0x08cc  Fs_Rec - ok

13:53:35.0156 0x08cc  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys

13:53:35.0171 0x08cc  Ftdisk - ok

13:53:35.0218 0x08cc  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys

13:53:35.0500 0x08cc  Gpc - ok

13:53:35.0578 0x08cc  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

13:53:35.0578 0x08cc  helpsvc - ok

13:53:35.0609 0x08cc  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll

13:53:35.0609 0x08cc  HidServ - ok

13:53:35.0640 0x08cc  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys

13:53:35.0875 0x08cc  HidUsb - ok

13:53:35.0906 0x08cc  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll

13:53:36.0125 0x08cc  hkmsvc - ok

13:53:36.0156 0x08cc  hpn - ok

13:53:36.0234 0x08cc  [ A32F20830996D61D862311F138870A0C, 3FF381F1464B88128A376EBF35B1490F8E1A203F4D444F0782DED00B92ACE82D ] HSFHWATI        C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys

13:53:36.0468 0x08cc  HSFHWATI - ok

13:53:36.0546 0x08cc  [ 822C60F2ABEE73A0E089230D94064F39, B47035F773D2E5A7761330A9B8931B17B53C4804388FF8640F32EAFACC5604DC ] HSF_DPV         C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys

13:53:37.0031 0x08cc  HSF_DPV - ok

13:53:37.0078 0x08cc  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys

13:53:37.0125 0x08cc  HTTP - ok

13:53:37.0171 0x08cc  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll

13:53:37.0375 0x08cc  HTTPFilter - ok

13:53:37.0390 0x08cc  i2omgmt - ok

13:53:37.0406 0x08cc  i2omp - ok

13:53:37.0453 0x08cc  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys

13:53:37.0765 0x08cc  i8042prt - ok

13:53:38.0046 0x08cc  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

13:53:38.0125 0x08cc  idsvc - ok

13:53:38.0171 0x08cc  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys

13:53:38.0328 0x08cc  Imapi - ok

13:53:38.0437 0x08cc  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe

13:53:38.0750 0x08cc  ImapiService - ok

13:53:38.0765 0x08cc  ini910u - ok

13:53:38.0796 0x08cc  IntelIde - ok

13:53:38.0828 0x08cc  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys

13:53:39.0062 0x08cc  Ip6Fw - ok

13:53:39.0109 0x08cc  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

13:53:39.0312 0x08cc  IpFilterDriver - ok

13:53:39.0359 0x08cc  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys

13:53:39.0546 0x08cc  IpInIp - ok

13:53:39.0625 0x08cc  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys

13:53:39.0671 0x08cc  IpNat - ok

13:53:39.0859 0x08cc  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys

13:53:40.0203 0x08cc  IPSec - ok

13:53:40.0234 0x08cc  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys

13:53:40.0406 0x08cc  IRENUM - ok

13:53:40.0468 0x08cc  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys

13:53:40.0468 0x08cc  isapnp - ok

13:53:40.0718 0x08cc  [ A12175F063302CD68F8FC6D572D7E5FD, 1FCDBBC169A5137DA97B90F6593B8BB3B49D7AD55BE8AFAD763F4FE1D2D4A76C ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe

13:53:40.0859 0x08cc  JavaQuickStarterService - ok

13:53:40.0921 0x08cc  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys

13:53:41.0265 0x08cc  Kbdclass - ok

13:53:41.0500 0x08cc  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys

13:53:41.0781 0x08cc  kbdhid - ok

13:53:41.0859 0x08cc  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys

13:53:41.0859 0x08cc  kmixer - ok

13:53:41.0921 0x08cc  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys

13:53:41.0937 0x08cc  KSecDD - ok

13:53:42.0015 0x08cc  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll

13:53:42.0015 0x08cc  lanmanserver - ok

13:53:42.0109 0x08cc  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

13:53:42.0125 0x08cc  lanmanworkstation - ok

13:53:42.0125 0x08cc  lbrtfdc - ok

13:53:42.0250 0x08cc  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll

13:53:42.0250 0x08cc  LmHosts - ok

13:53:42.0406 0x08cc  [ E6CB119EF2E148EAA1A247343550756E, 11729FDA2D41D00B43107391416651E674F23DE21D398DA299FFFF61032A98D0 ] McciCMService   C:\Program Files\Common Files\Motive\McciCMService.exe

13:53:42.0421 0x08cc  McciCMService - ok

13:53:42.0625 0x08cc  [ E4DFBE4C4A9C2BD87C1430F445F3E3CB, 34A0295D0AC37537B010FEC4534535D92AA4C30900DC37444C992C15F86D3AA4 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe

13:53:42.0656 0x08cc  McComponentHostService - ok

13:53:42.0671 0x08cc  [ 3C318B9CD391371BED62126581EE9961, 1254273DE950EF8D5922F26D67B55C9D9082F45CDE168E3DAB20A2E53208DC3A ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

13:53:42.0671 0x08cc  mdmxsdk - ok

13:53:42.0734 0x08cc  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll

13:53:42.0968 0x08cc  Messenger - ok

13:53:43.0000 0x08cc  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys

13:53:43.0265 0x08cc  mnmdd - ok

13:53:43.0343 0x08cc  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe

13:53:43.0734 0x08cc  mnmsrvc - ok

13:53:43.0796 0x08cc  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys

13:53:43.0796 0x08cc  Modem - ok

13:53:43.0812 0x08cc  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys

13:53:44.0015 0x08cc  Mouclass - ok

13:53:44.0078 0x08cc  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys

13:53:44.0265 0x08cc  mouhid - ok

13:53:44.0296 0x08cc  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys

13:53:44.0312 0x08cc  MountMgr - ok

13:53:44.0375 0x08cc  [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

13:53:44.0484 0x08cc  MozillaMaintenance - ok

13:53:44.0500 0x08cc  mraid35x - ok

13:53:44.0546 0x08cc  [ 9BD4DCB5412921864A7AACDEDFBD1923, 46DEE9B9414D26203B62F0D6CAEBF37A3CEFD118556129547B2C5FC7B6FDBA05 ] MREMP50         C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS

13:53:44.0953 0x08cc  MREMP50 - ok

13:53:44.0968 0x08cc  MREMPR5 - ok

13:53:45.0015 0x08cc  MRENDIS5 - ok

13:53:45.0078 0x08cc  [ 07C02C892E8E1A72D6BF35004F0E9C5E, 09ECD59AADF08E2AA0C1BAF5D3D7CBB0948153E531E1F82ECACD43F14F88106B ] MRESP50         C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS

13:53:45.0328 0x08cc  MRESP50 - ok

13:53:45.0375 0x08cc  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys

13:53:45.0375 0x08cc  MRxDAV - ok

13:53:45.0453 0x08cc  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

13:53:45.0531 0x08cc  MRxSmb - ok

13:53:45.0593 0x08cc  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe

13:53:45.0765 0x08cc  MSDTC - ok

13:53:45.0812 0x08cc  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

13:53:45.0812 0x08cc  Msfs - ok

13:53:45.0828 0x08cc  MSIServer - ok

13:53:45.0859 0x08cc  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

13:53:46.0078 0x08cc  MSKSSRV - ok

13:53:46.0093 0x08cc  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

13:53:46.0437 0x08cc  MSPCLOCK - ok

13:53:46.0453 0x08cc  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

13:53:46.0625 0x08cc  MSPQM - ok

13:53:46.0656 0x08cc  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys

13:53:46.0656 0x08cc  mssmbios - ok

13:53:46.0750 0x08cc  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys

13:53:46.0750 0x08cc  Mup - ok

13:53:46.0828 0x08cc  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll

13:53:47.0203 0x08cc  napagent - ok

13:53:47.0265 0x08cc  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys

13:53:47.0281 0x08cc  NDIS - ok

13:53:47.0343 0x08cc  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

13:53:47.0343 0x08cc  NdisTapi - ok

13:53:47.0359 0x08cc  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

13:53:47.0359 0x08cc  Ndisuio - ok

13:53:47.0390 0x08cc  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

13:53:47.0609 0x08cc  NdisWan - ok

13:53:47.0640 0x08cc  [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

13:53:47.0656 0x08cc  NDProxy - ok

13:53:47.0687 0x08cc  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

13:53:47.0687 0x08cc  NetBIOS - ok

13:53:47.0718 0x08cc  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

13:53:47.0921 0x08cc  NetBT - ok

13:53:47.0984 0x08cc  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe

13:53:48.0109 0x08cc  NetDDE - ok

13:53:48.0125 0x08cc  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe

13:53:48.0125 0x08cc  NetDDEdsdm - ok

13:53:48.0187 0x08cc  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe

13:53:48.0187 0x08cc  Netlogon - ok

13:53:48.0265 0x08cc  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll

13:53:48.0265 0x08cc  Netman - ok

13:53:48.0390 0x08cc  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

13:53:48.0390 0x08cc  NetTcpPortSharing - ok

13:53:48.0437 0x08cc  [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys

13:53:48.0437 0x08cc  NIC1394 - ok

13:53:48.0468 0x08cc  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll

13:53:48.0500 0x08cc  Nla - ok

13:53:48.0546 0x08cc  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

13:53:48.0562 0x08cc  Npfs - ok

13:53:48.0593 0x08cc  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

13:53:48.0625 0x08cc  Ntfs - ok

13:53:48.0656 0x08cc  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe

13:53:48.0656 0x08cc  NtLmSsp - ok

13:53:48.0734 0x08cc  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll

13:53:49.0000 0x08cc  NtmsSvc - ok

13:53:49.0031 0x08cc  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys

13:53:49.0218 0x08cc  Null - ok

13:53:49.0250 0x08cc  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

13:53:49.0421 0x08cc  NwlnkFlt - ok

13:53:49.0484 0x08cc  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

13:53:49.0640 0x08cc  NwlnkFwd - ok

13:53:49.0781 0x08cc  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

13:53:49.0828 0x08cc  odserv - ok

13:53:49.0875 0x08cc  [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys

13:53:49.0875 0x08cc  ohci1394 - ok

13:53:49.0937 0x08cc  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

13:53:50.0000 0x08cc  ose - ok

13:53:50.0062 0x08cc  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\drivers\Parport.sys

13:53:50.0078 0x08cc  Parport - ok

13:53:50.0093 0x08cc  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys

13:53:50.0093 0x08cc  PartMgr - ok

13:53:50.0140 0x08cc  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys

13:53:50.0187 0x08cc  ParVdm - ok

13:53:50.0218 0x08cc  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys

13:53:50.0218 0x08cc  PCI - ok

13:53:50.0234 0x08cc  PCIDump - ok

13:53:50.0265 0x08cc  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys

13:53:50.0265 0x08cc  PCIIde - ok

13:53:50.0281 0x08cc  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\DRIVERS\pcmcia.sys

13:53:50.0296 0x08cc  Pcmcia - ok

13:53:50.0312 0x08cc  PDCOMP - ok

13:53:50.0328 0x08cc  PDFRAME - ok

13:53:50.0343 0x08cc  PDRELI - ok

13:53:50.0359 0x08cc  PDRFRAME - ok

13:53:50.0375 0x08cc  perc2 - ok

13:53:50.0390 0x08cc  perc2hib - ok

13:53:50.0453 0x08cc  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe

13:53:50.0453 0x08cc  PlugPlay - ok

13:53:50.0468 0x08cc  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe

13:53:50.0468 0x08cc  PolicyAgent - ok

13:53:50.0531 0x08cc  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys

13:53:50.0671 0x08cc  PptpMiniport - ok

13:53:50.0718 0x08cc  [ A32BEBAF723557681BFC6BD93E98BD26, 35039BA72A29F87B2CA37DCDE4EFDAABBDEAD8CE3EB8652ACC665994118145A6 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys

13:53:50.0906 0x08cc  Processor - ok

13:53:50.0953 0x08cc  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

13:53:50.0953 0x08cc  ProtectedStorage - ok

13:53:50.0984 0x08cc  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys

13:53:51.0187 0x08cc  PSched - ok

13:53:51.0234 0x08cc  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys

13:53:51.0359 0x08cc  Ptilink - ok

13:53:51.0375 0x08cc  ql1080 - ok

13:53:51.0390 0x08cc  Ql10wnt - ok

13:53:51.0406 0x08cc  ql12160 - ok

13:53:51.0406 0x08cc  ql1240 - ok

13:53:51.0421 0x08cc  ql1280 - ok

13:53:51.0468 0x08cc  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

13:53:51.0656 0x08cc  RasAcd - ok

13:53:51.0703 0x08cc  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll

13:53:51.0890 0x08cc  RasAuto - ok

13:53:51.0906 0x08cc  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

13:53:52.0031 0x08cc  Rasl2tp - ok

13:53:52.0078 0x08cc  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll

13:53:52.0093 0x08cc  RasMan - ok

13:53:52.0125 0x08cc  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

13:53:52.0328 0x08cc  RasPppoe - ok

13:53:52.0375 0x08cc  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys

13:53:52.0593 0x08cc  Raspti - ok

13:53:52.0640 0x08cc  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

13:53:52.0656 0x08cc  Rdbss - ok

13:53:52.0671 0x08cc  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

13:53:52.0796 0x08cc  RDPCDD - ok

13:53:52.0859 0x08cc  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys

13:53:53.0062 0x08cc  rdpdr - ok

13:53:53.0156 0x08cc  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys

13:53:53.0156 0x08cc  RDPWD - ok

13:53:53.0218 0x08cc  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe

13:53:53.0578 0x08cc  RDSessMgr - ok

13:53:53.0625 0x08cc  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys

13:53:53.0843 0x08cc  redbook - ok

13:53:53.0906 0x08cc  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

13:53:54.0140 0x08cc  RemoteAccess - ok

13:53:54.0187 0x08cc  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll

13:53:54.0203 0x08cc  RemoteRegistry - ok

13:53:54.0265 0x08cc  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe

13:53:54.0515 0x08cc  RpcLocator - ok

13:53:54.0625 0x08cc  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\system32\rpcss.dll

13:53:54.0625 0x08cc  RpcSs - ok

13:53:54.0703 0x08cc  [ 0E11B35E972796042044BC27CE13B065, B6DE2EEF6D55443C469173E5335558DBCD0C4382B3B515DC408E3EF6F8EE710E ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys

13:53:54.0718 0x08cc  rspndr - ok

13:53:54.0734 0x08cc  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe

13:53:54.0968 0x08cc  RSVP - ok

13:53:55.0046 0x08cc  [ 02409EE14C811AEE6DD7954C5FBC9D45, 2652D115C3884E27964440A0B84436A5A549A61F795F4BED6B56BD00D576910B ] rtl8185         C:\WINDOWS\system32\DRIVERS\rtl8185.sys

13:53:55.0296 0x08cc  rtl8185 - ok

13:53:55.0328 0x08cc  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe

13:53:55.0328 0x08cc  SamSs - ok

13:53:55.0390 0x08cc  [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

13:53:55.0468 0x08cc  SASDIFSV - ok

13:53:55.0484 0x08cc  [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

13:53:55.0515 0x08cc  SASKUTIL - ok

13:53:55.0562 0x08cc  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe

13:53:55.0765 0x08cc  SCardSvr - ok

13:53:55.0843 0x08cc  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll

13:53:55.0843 0x08cc  Schedule - ok

13:53:55.0921 0x08cc  [ 8D04819A3CE51B9EB47E5689B44D43C4, B0588AF967A7611F05BC8A8AD0C945DBB7BF995D7DA5C28FD0D007E33BF1F502 ] sdbus           C:\WINDOWS\system32\DRIVERS\sdbus.sys

13:53:56.0140 0x08cc  sdbus - ok

13:53:56.0203 0x08cc  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys

13:53:56.0203 0x08cc  Secdrv - ok

13:53:56.0296 0x08cc  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll

13:53:56.0296 0x08cc  seclogon - ok

13:53:56.0312 0x08cc  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll

13:53:56.0328 0x08cc  SENS - ok

13:53:56.0375 0x08cc  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\drivers\Serial.sys

13:53:56.0390 0x08cc  Serial - ok

13:53:56.0500 0x08cc  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys

13:53:56.0765 0x08cc  Sfloppy - ok

13:53:56.0828 0x08cc  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

13:53:56.0890 0x08cc  SharedAccess - ok

13:53:56.0937 0x08cc  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

13:53:56.0953 0x08cc  ShellHWDetection - ok

13:53:56.0968 0x08cc  Simbad - ok

13:53:56.0984 0x08cc  Sparrow - ok

13:53:57.0031 0x08cc  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys

13:53:57.0031 0x08cc  splitter - ok

13:53:57.0125 0x08cc  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe

13:53:57.0125 0x08cc  Spooler - ok

13:53:57.0359 0x08cc  [ BE5C0E39BE31233770C92BD54492F856, D710563E28DB1F7B35853D29AE9BB55276DE2684012498617BD371938DB20D85 ] SProtection     C:\Program Files\Common Files\Umbrella\umbrella.exe

13:53:57.0671 0x08cc  SProtection - ok

13:53:57.0718 0x08cc  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys

13:53:57.0718 0x08cc  sr - ok

13:53:57.0765 0x08cc  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll

13:53:57.0781 0x08cc  srservice - ok

13:53:57.0812 0x08cc  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys

13:53:57.0828 0x08cc  Srv - ok

13:53:57.0859 0x08cc  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

13:53:57.0875 0x08cc  SSDPSRV - ok

13:53:57.0906 0x08cc  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll

13:53:57.0921 0x08cc  stisvc - ok

13:53:57.0984 0x08cc  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys

13:53:58.0234 0x08cc  swenum - ok

13:53:58.0312 0x08cc  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys

13:53:58.0312 0x08cc  swmidi - ok

13:53:58.0328 0x08cc  SwPrv - ok

13:53:58.0343 0x08cc  symc810 - ok

13:53:58.0359 0x08cc  symc8xx - ok

13:53:58.0375 0x08cc  sym_hi - ok

13:53:58.0390 0x08cc  sym_u3 - ok

13:53:58.0453 0x08cc  [ EB363DDFBE8B6D51003CCAB29D93D744, 971589D7662670F6B3080476787E5DBCE67193144B423639200F2034CE2C0D21 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys

13:53:58.0687 0x08cc  SynTP - ok

13:53:58.0718 0x08cc  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys

13:53:58.0750 0x08cc  sysaudio - ok

13:53:58.0812 0x08cc  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe

13:53:59.0031 0x08cc  SysmonLog - ok

13:53:59.0093 0x08cc  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

13:53:59.0109 0x08cc  TapiSrv - ok

13:53:59.0171 0x08cc  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys

13:53:59.0187 0x08cc  Tcpip - ok

13:53:59.0281 0x08cc  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys

13:53:59.0453 0x08cc  TDPIPE - ok

13:53:59.0468 0x08cc  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys

13:53:59.0656 0x08cc  TDTCP - ok

13:53:59.0703 0x08cc  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys

13:54:00.0015 0x08cc  TermDD - ok

13:54:00.0109 0x08cc  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll

13:54:00.0187 0x08cc  TermService - ok

13:54:00.0234 0x08cc  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll

13:54:00.0250 0x08cc  Themes - ok

13:54:00.0328 0x08cc  [ C424F991494E5674F2E9B3CF9F5F55D1, CC799C9154431763D052AB8B41EFAE71A039EDD6EAC5E6D892E22C8BEF1D2BB5 ] tifm21          C:\WINDOWS\system32\drivers\tifm21.sys

13:54:00.0593 0x08cc  tifm21 - ok

13:54:00.0656 0x08cc  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe

13:54:00.0984 0x08cc  TlntSvr - ok

13:54:01.0000 0x08cc  TosIde - ok

13:54:01.0062 0x08cc  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll

13:54:01.0078 0x08cc  TrkWks - ok

13:54:01.0109 0x08cc  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys

13:54:01.0359 0x08cc  Udfs - ok

13:54:01.0359 0x08cc  ultra - ok

13:54:01.0468 0x08cc  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys

13:54:01.0734 0x08cc  Update - ok

13:54:01.0781 0x08cc  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll

13:54:02.0000 0x08cc  upnphost - ok

13:54:02.0062 0x08cc  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe

13:54:02.0265 0x08cc  UPS - ok

13:54:02.0312 0x08cc  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys

13:54:02.0312 0x08cc  usbccgp - ok

13:54:02.0359 0x08cc  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys

13:54:02.0359 0x08cc  usbehci - ok

13:54:02.0437 0x08cc  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys

13:54:02.0656 0x08cc  usbhub - ok

13:54:02.0703 0x08cc  [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys

13:54:02.0906 0x08cc  usbohci - ok

13:54:02.0953 0x08cc  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys

13:54:03.0171 0x08cc  usbprint - ok

13:54:03.0218 0x08cc  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys

13:54:03.0218 0x08cc  usbscan - ok

13:54:03.0265 0x08cc  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

13:54:03.0406 0x08cc  USBSTOR - ok

13:54:03.0437 0x08cc  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys

13:54:03.0625 0x08cc  VgaSave - ok

13:54:03.0625 0x08cc  ViaIde - ok

13:54:03.0671 0x08cc  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys

13:54:03.0687 0x08cc  VolSnap - ok

13:54:03.0796 0x08cc  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe

13:54:03.0937 0x08cc  VSS - ok

13:54:04.0109 0x08cc  [ 40DBA03782BCC10685A8C200C5EBDCD0, EE5AE02AB67EB58539D8D65AF2AD28C5CCEBAF55CDD61348914AC53969BD0342 ] vToolbarUpdater12.2.6 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe

13:54:04.0187 0x08cc  vToolbarUpdater12.2.6 - ok

13:54:04.0265 0x08cc  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll

13:54:04.0281 0x08cc  W32Time - ok

13:54:04.0343 0x08cc  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys

13:54:04.0500 0x08cc  Wanarp - ok

13:54:04.0515 0x08cc  WDICA - ok

13:54:04.0562 0x08cc  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys

13:54:04.0562 0x08cc  wdmaud - ok

13:54:04.0671 0x08cc  [ 7D66C7460240C5FA7DA4E775DF9FF328, C3EC471149F4D1554CABA8275623BDE34D560541BD38D77BD6E9E528B99D3B8E ] WebCakeUpdater  C:\Program Files\Web Cake\WebCakeDesktop.Updater.exe

13:54:04.0671 0x08cc  WebCakeUpdater - ok

13:54:04.0718 0x08cc  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll

13:54:04.0734 0x08cc  WebClient - ok

13:54:04.0812 0x08cc  [ 566F3BE98A6B4790B1A5768238F756E0, C9FA9CD8AF2D8931CF6F1C33F147BB510AF060A403D16E1FDE1BBB9C9FE6C498 ] WebUpdater      C:\Program Files\Web Layers\updater.exe

13:54:04.0828 0x08cc  WebUpdater - ok

13:54:04.0921 0x08cc  [ 5EA185425BFCBC2D4B96D673D8C4DEAF, DE501F74658B3D9106BF4EE5F4C48B6A276BC67829B145AE09900EE70B3FFF77 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

13:54:05.0187 0x08cc  winachsf - ok

13:54:05.0312 0x08cc  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

13:54:05.0328 0x08cc  winmgmt - ok

13:54:05.0390 0x08cc  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll

13:54:05.0546 0x08cc  WmdmPmSN - ok

13:54:05.0625 0x08cc  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll

13:54:05.0687 0x08cc  Wmi - ok

13:54:05.0812 0x08cc  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe

13:54:06.0156 0x08cc  WmiApSrv - ok

13:54:06.0281 0x08cc  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe

13:54:06.0765 0x08cc  WMPNetworkSvc - ok

13:54:06.0828 0x08cc  [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys

13:54:06.0984 0x08cc  WpdUsb - ok

13:54:07.0312 0x08cc  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

13:54:07.0390 0x08cc  WPFFontCache_v0400 - ok

13:54:07.0468 0x08cc  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll

13:54:07.0468 0x08cc  wscsvc - ok

13:54:07.0515 0x08cc  [ D29AD7484B98279ED21877DE051A180F, F132BEED68960D4D3A1A731CDD48C17390FCFF89746E642272D778ECF23B30EA ] wuauserv        C:\WINDOWS\system32\wuauserv.dll

13:54:07.0531 0x08cc  wuauserv - ok

13:54:07.0578 0x08cc  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys

13:54:07.0578 0x08cc  WudfPf - ok

13:54:07.0625 0x08cc  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys

13:54:07.0906 0x08cc  WudfRd - ok

13:54:07.0953 0x08cc  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll

13:54:07.0968 0x08cc  WudfSvc - ok

13:54:08.0062 0x08cc  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll

13:54:08.0078 0x08cc  WZCSVC - ok

13:54:08.0203 0x08cc  [ BCDC438BF7429772D1AA25233705C585, 7E934A67A4BFCF239502D2A7BAB00C170DDBD04C905237CDF576CDCE0EE014B0 ] X4HSEx_Pr143    C:\Program Files\Free Ride Games\X4HSEx_Pr143.Sys

13:54:08.0203 0x08cc  X4HSEx_Pr143 - ok

13:54:08.0265 0x08cc  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll

13:54:08.0562 0x08cc  xmlprov - ok

13:54:08.0687 0x08cc  [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

13:54:08.0718 0x08cc  YahooAUService - ok

13:54:08.0781 0x08cc  [ 9A916F4354EEF85C535DD792754EDC1D, FEEDC03C10C816B76E3654DBB8D82D4CFA81E3D2EFBB0D4949B0A3E56CB33424 ] yukonwxp        C:\WINDOWS\system32\DRIVERS\yk51x86.sys

13:54:08.0796 0x08cc  yukonwxp - ok

13:54:08.0828 0x08cc  ================ Scan global ===============================

13:54:08.0875 0x08cc  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll

13:54:08.0937 0x08cc  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll

13:54:09.0015 0x08cc  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll

13:54:09.0062 0x08cc  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe

13:54:09.0078 0x08cc  [ Global ] - ok

13:54:09.0078 0x08cc  ================ Scan MBR ==================================

13:54:09.0078 0x08cc  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0

13:54:09.0093 0x08cc  Suspicious mbr (Forged): \Device\Harddisk0\DR0

13:54:09.0109 0x08cc  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c ( 0 )

13:54:09.0109 0x08cc  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected

13:54:11.0953 0x08cc  ================ Scan VBR ==================================

13:54:11.0953 0x08cc  [ 42C20E3B90B8242871F268C800B5ECE4 ] \Device\Harddisk0\DR0\Partition1

13:54:11.0953 0x08cc  \Device\Harddisk0\DR0\Partition1 - ok

13:54:11.0968 0x08cc  Waiting for KSN requests completion. In queue: 227

13:54:12.0968 0x08cc  Waiting for KSN requests completion. In queue: 227

13:54:14.0265 0x08cc  AV detected via SS1: AVG AntiVirus Free Edition 2013, 2013.0, enabled, outofdate

13:54:14.0265 0x08cc  Win FW state via NFM: enabled

13:54:16.0812 0x08cc  ============================================================

13:54:16.0812 0x08cc  Scan finished

13:54:16.0812 0x08cc  ============================================================

13:54:16.0828 0x01f8  Detected object count: 1

13:54:16.0828 0x01f8  Actual detected object count: 1

13:54:44.0250 0x01f8  \Device\Harddisk0\DR0\# - copied to quarantine

13:54:44.0250 0x01f8  \Device\Harddisk0\DR0 - copied to quarantine

13:54:44.0296 0x01f8  \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine

13:54:44.0296 0x01f8  \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine

13:54:44.0312 0x01f8  \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine

13:54:44.0312 0x01f8  \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine

13:54:44.0328 0x01f8  \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine

13:54:44.0359 0x01f8  \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine

13:54:44.0375 0x01f8  \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine

13:54:44.0375 0x01f8  \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine

13:54:44.0375 0x01f8  \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine

13:54:44.0390 0x01f8  \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine

13:54:44.0390 0x01f8  \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine

13:54:44.0390 0x01f8  \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine

13:54:44.0390 0x01f8  \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine

13:54:44.0390 0x01f8  \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine

13:54:44.0453 0x01f8  \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine

13:54:44.0531 0x01f8  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot

13:54:44.0531 0x01f8  \Device\Harddisk0\DR0 - ok

13:54:44.0562 0x01f8  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure

13:54:45.0359 0x01f8  KLMD registered as C:\WINDOWS\system32\drivers\68623469.sys

13:54:57.0265 0x0494  Deinitialize success

 

 

Part 3

 

# AdwCleaner v3.016 - Report created 30/12/2013 at 14:15:58

# Updated 23/12/2013 by Xplode

# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

# Username : Runnels Laptop - RHONDASLAPTOP

# Running from : C:\Documents and Settings\Runnels Laptop\My Documents\Downloads\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

Service Deleted : BackupStack

Service Deleted : CltMngSvc

Service Deleted : SProtection

[#] Service Deleted : WebCakeUpdater

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Secure Search

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Free Ride Games

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Iminent

Folder Deleted : C:\Documents and Settings\All Users\Application Data\ParetoLogic

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Tarma Installer

Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\Iminent

Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\RebateInformer

Folder Deleted : C:\Program Files\AVG Secure Search

Folder Deleted : C:\Program Files\Conduit

Folder Deleted : C:\Program Files\Free Ride Games

Folder Deleted : C:\Program Files\GamingWonderland

Folder Deleted : C:\Program Files\Iminent

Folder Deleted : C:\Program Files\Inbox.com

Folder Deleted : C:\Program Files\internethelper3.1

Folder Deleted : C:\Program Files\MyPC Backup

Folder Deleted : C:\Program Files\RebateInformer

Folder Deleted : C:\Program Files\Searchprotect

Folder Deleted : C:\Program Files\Web Cake

Folder Deleted : C:\Program Files\Common Files\AVG Secure Search

Folder Deleted : C:\Program Files\Common Files\ParetoLogic

Folder Deleted : C:\Program Files\Common Files\Umbrella

Folder Deleted : C:\WINDOWS\Installer\{5CDCDBCD-119A-4AE1-9C55-B816DBBE4245}

Folder Deleted : C:\DOCUME~1\RUNNEL~1\LOCALS~1\Temp\AirInstaller

Folder Deleted : C:\DOCUME~1\RUNNEL~1\LOCALS~1\Temp\Iminent

Folder Deleted : C:\DOCUME~1\RUNNEL~1\LOCALS~1\Temp\CT3289663

Folder Deleted : C:\Documents and Settings\NetworkService\Local Settings\Application Data\Searchprotect

Folder Deleted : C:\Documents and Settings\Runnels Laptop\Local Settings\Application Data\AVG Secure Search

Folder Deleted : C:\Documents and Settings\Runnels Laptop\Local Settings\Application Data\Conduit

Folder Deleted : C:\Documents and Settings\Runnels Laptop\Local Settings\Application Data\DefineExt

Folder Deleted : C:\Documents and Settings\Runnels Laptop\Local Settings\Application Data\internethelper3.1

Folder Deleted : C:\Documents and Settings\Runnels Laptop\Local Settings\Application Data\Searchprotect

Folder Deleted : C:\Documents and Settings\Runnels Laptop\Local Settings\Application Data\TidyNetwork.com

Folder Deleted : C:\Documents and Settings\Runnels Laptop\Local Settings\Application Data\visi_coupon

Folder Deleted : C:\Documents and Settings\Runnels Laptop\Application Data\Ask.com

Folder Deleted : C:\Documents and Settings\Runnels Laptop\Application Data\AVG Secure Search

Folder Deleted : C:\Documents and Settings\Runnels Laptop\Application Data\DriverCure

Folder Deleted : C:\Documents and Settings\Runnels Laptop\Application Data\Iminent

Folder Deleted : C:\Documents and Settings\Runnels Laptop\Application Data\ParetoLogic

Folder Deleted : C:\Documents and Settings\Runnels Laptop\Application Data\RebateInformer

Folder Deleted : C:\Documents and Settings\Runnels Laptop\Application Data\Searchprotect

Folder Deleted : C:\Documents and Settings\Runnels Laptop\Application Data\searchresultstb

Folder Deleted : C:\Documents and Settings\Runnels Laptop\Application Data\Web Cake

Folder Deleted : C:\Documents and Settings\Runnels Laptop\Start Menu\Programs\Free Ride Games

Folder Deleted : C:\Documents and Settings\Runnels Laptop\Start Menu\Programs\MyPC Backup

Folder Deleted : C:\Documents and Settings\Runnels Laptop\My Documents\ShopToWin

Folder Deleted : C:\Documents and Settings\Runnels Laptop\Application Data\Mozilla\Firefox\Profiles\hj05rkpb.default-1375728568265\CT3289663

Folder Deleted : C:\Documents and Settings\Runnels Laptop\Application Data\Mozilla\Firefox\Profiles\hj05rkpb.default-1375728568265\Extensions\plugin@getwebcake.com

Folder Deleted : C:\Documents and Settings\Runnels Laptop\Application Data\Mozilla\Firefox\Profiles\hj05rkpb.default-1375728568265\Extensions\tidynetwork@tidynetwork

Folder Deleted : C:\Documents and Settings\Runnels Laptop\Application Data\Mozilla\Firefox\Profiles\hj05rkpb.default-1375728568265\Extensions\{07cbf788-1359-421b-a4e3-5a8d041b90a3}

File Deleted : C:\Documents and Settings\Runnels Laptop\Application Data\Mozilla\Firefox\Profiles\hj05rkpb.default-1375728568265\Extensions\webbooster@iminent.com.xpi

File Deleted : C:\END

File Deleted : C:\Documents and Settings\All Users\Desktop\More FREE games.lnk

File Deleted : C:\Documents and Settings\All Users\Desktop\Play Free Games.lnk

File Deleted : C:\Documents and Settings\All Users\Desktop\RebateGiant.com.url

File Deleted : C:\Documents and Settings\All Users\Desktop\RebateInformer.lnk

File Deleted : C:\WINDOWS\system32\conduitEngine.tmp

File Deleted : C:\Documents and Settings\Runnels Laptop\Start Menu\Programs\Startup\MyPC Backup.lnk

File Deleted : C:\Documents and Settings\Runnels Laptop\Desktop\MyPC Backup.lnk

File Deleted : C:\Program Files\Mozilla Firefox\defaults\pref\all-iminent.js

File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml

File Deleted : C:\Documents and Settings\Runnels Laptop\Application Data\Mozilla\Firefox\Profiles\hj05rkpb.default-1375728568265\searchplugins\Conduit.xml

File Deleted : C:\Documents and Settings\Runnels Laptop\Application Data\Mozilla\Firefox\Profiles\hj05rkpb.default-1375728568265\user.js

File Deleted : C:\WINDOWS\Tasks\paretologic registration3.job

File Deleted : C:\WINDOWS\Tasks\paretologic update version3.job

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.com

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WebCake Desktop]

Key Deleted : HKCU\Toolbar

Key Deleted : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1

Key Deleted : HKLM\SOFTWARE\Classes\CShared.TB4Client

Key Deleted : HKLM\SOFTWARE\Classes\CShared.TB4Script

Key Deleted : HKLM\SOFTWARE\Classes\CShared.TB4Server

Key Deleted : HKLM\SOFTWARE\Classes\CShared.TB4Server2

Key Deleted : HKLM\SOFTWARE\Classes\GameTreatWidget.GameTreatWidget

Key Deleted : HKLM\SOFTWARE\Classes\Iminent

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri

Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy

Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1

Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler

Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject

Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1

Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender

Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1

Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler

Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1

Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\rebinfo

Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol

Key Deleted : HKLM\SOFTWARE\Classes\RebateI.Rebate Informer BHO

Key Deleted : HKLM\SOFTWARE\Classes\RebateI.RebateInformImageGen

Key Deleted : HKLM\SOFTWARE\Classes\RebateInf.RebateInfObj

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api

Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1

Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers

Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll

Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss

Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger]

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\webcakeupdater

Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Iminent\Iminent.exe]

Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Iminent\Iminent.Messengers.exe]

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CNXT_MODEM_PCI_VEN_1002&DEV_4378&SUBSYS_0300107B

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289663

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{07CBF788-1359-421B-A4E3-5A8D041B90A3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44D07CAA-4FC4-5A84-9951-A485AD808D0E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF808758-C780-404C-A4EE-4526323FD9B6}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB69577-088B-4004-9ED8-FF5BCC83A039}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB35C569-5624-4CFC-8043-E5139F55A073}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6CE83F03-4DFD-4070-A0A7-C46C82E20971}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{103DFC4E-147A-5606-9B4E-1C216DF227A1}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{438B047C-C041-4D15-98CF-A97C6B366C28}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07CBF788-1359-421B-A4E3-5A8D041B90A3}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CCB69577-088B-4004-9ED8-FF5BCC83A039}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07CBF788-1359-421B-A4E3-5A8D041B90A3}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7736C7FA-512D-11E2-B871-DEC36088709B}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A899079D-206F-43A6-BE6A-07E0FA648EA0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCB69577-088B-4004-9ED8-FF5BCC83A039}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6CE83F03-4DFD-4070-A0A7-C46C82E20971}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07CBF788-1359-421B-A4E3-5A8D041B90A3}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCB69577-088B-4004-9ED8-FF5BCC83A039}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{44D07CAA-4FC4-5A84-9951-A485AD808D0E}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6CE83F03-4DFD-4070-A0A7-C46C82E20971}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C0BF2B3-59AC-4710-9F23-363037B129F9}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6FB0411F-8318-48CB-A164-A1D51F65743A}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]

Key Deleted : HKCU\Software\AVG Secure Search

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\CToolbar

Key Deleted : HKCU\Software\Iminent

Key Deleted : HKCU\Software\ParetoLogic

Key Deleted : HKCU\Software\SmartBar

Key Deleted : HKCU\Software\InternetHelper3.1

Key Deleted : HKCU\Software\AppDataLow\Software\Freecause

Key Deleted : HKLM\Software\AVG Secure Search

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\CToolbar

Key Deleted : HKLM\Software\Iminent

Key Deleted : HKLM\Software\ParetoLogic

Key Deleted : HKLM\Software\SearchProtect

Key Deleted : HKLM\Software\Tarma Installer

Key Deleted : HKLM\Software\Umbrella

Key Deleted : HKLM\Software\InternetHelper3.1

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5CDCDBCD-119A-4AE1-9C55-B816DBBE4245}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InternetHelper3.1 Toolbar

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0702826FCAC36EE52AC0441EEEEE2170

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1198E28F40C3E185E9958608554D4253

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14C66209FCA938858B9729645C666684

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15A073601B9AEC3549BE4A9314794615

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F7C80F9CE5CDF44E9AADDC99402534C

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\206AF45B775E3A445B3B2273827DA85F

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\225C3CBCEB850204D860A6C7CC7724AF

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2310FC151CD4F185798FA0996B3524D7

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\28572D2E2DE533256AC6B560EA573C22

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29C79786B109AC443B0DC7BFD61B1896

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2ABB56EABB920EB59B04BDDD26A62083

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2DABA02DFED47E352A2FA2EBDD6F6187

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\311567B4A9A002050BB9423FD73FB880

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\373FCED70D7F84E5FB5F3F7B76BEE024

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3BE992C130B235E53A2937391FDCA35B

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3DA5F64B3483DE549947A9164ACBAD21

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3ED93605BB9B6635E9D0D86615AF31F1

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4759B017032BA185F9BA6F7DBC95A2D4

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4A78ABCBB54E46E5482A3EE0AD66C39E

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4F9E947B6B895EB5A86757FC5D3DB862

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4FEEA83BF72B97E43A2DF0EE4BE4F261

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\509EC7EFB89B7D942997574AB14037A4

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50A730A9A3A61BF5BA70CA8A3B7C133B

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\51A95A1D4CDE4F958A9451FBB39BF54A

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\536133807DE80465BA6CD0A9742B7DE5

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5E25036E68895D45B95E72D1C3C58C74

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60ECC80C54085B141A40437A96CA2618

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60FD8CD5BE007315CA3B5C7E41F24017

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\618E7D05458C4F257909ED9C8CDC0D66

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\621C21014D3C152529E2460FA6304EE3

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6241FF6F317CABD4EBBEE0DE9076BD94

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\636B9C23C79154B57AB561F39A139BFD

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65AAF0F0CB7F0B45F900FDF19CEAAF2B

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6879A5E348601C45986308CA84958E94

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6A6F3B7A9805E1F5492A1020EEDF2341

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B1F5D204E4EEB342A5AD1D7E60D61BF

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7005A2A4DCF9DD7548137AB17E3A3AF3

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\712EAF07EE73CC65C822CC3BAE3B2483

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75FF6D97AF9FC004A9521D4B83FA6321

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7947B301B2446E752A3FE06EAD7D26B5

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7987CE52D13E16258B0E1E3DB1BB0974

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7BEED197C514FDA53901AE8DD8EF0891

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DFDCF03D46C34159BDE29FBDBF1ACF5

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\87EC9ACEAFE8ECD52A529663CD35213F

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\890F436B85B790A55A582B7307DA12CE

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C13DA6755F685B529615C8E92B3CA39

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D07CD9CB3E6BE652872BF06A1CCA782

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90841B1FC98200349925C88999866F17

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\94194FDD4DF523E53A888D65722A135D

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\95266D07D008D2E4E9B6F8E0DD15432A

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A4223BBC9438CAD49BBE10B4E344B1DD

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A72F23B1D745C27508518132197BC982

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A89E2B6FB14D8275DA63D075171DA184

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A9C43CD4001E9E4518B274AF9A0EFDA9

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AABA081CF7F19915FBB80B3BAF47CE63

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AC2A0FFD0A1686D53A4E24D6E96949E4

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AE5BDB2750259915D8442D4591A7717B

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1A79C71D5DC1C150B76B6ED11195DFC

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6D497DB33974935488761F7C4C3D755

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B752EF3300008394886C402CC27B474F

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B8C8BCC1206978D51A8B9EECBF806C53

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAD3576CEA646895B962F94754612791

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BB4091512C8F4295E99CE2D061ED2020

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEE6BBC9A31531F598794A62120B51C7

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C19162788CA4D235E829F88E2F771567

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C71F07DA356B66B5484A8E7F2ADEB7DC

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C96AD15EE8E887B56BAF2136A9088503

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C9E6B66ECC49D155888399C51D05C49E

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA360F24F0B214744BE40657FDA0B727

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB13D869D7D092348847B7481BB59E27

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE85F265816AE2D4E9B73C3E207E679C

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5389AEEA4A1E20428D045E86BCF643B

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5B62BB7BC607FB539585E2B7B6AFD16

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB027F01D4D53765C8E4FBE7DB77E07E

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DC2EB492393411F5ABE8ED13C59FBF20

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDA2534BD056D1F44B6EC96AAA7F1F6E

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDCA763D4C48A105086B4CCCEE78043F

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DEF7558C7CD27EF46AF802AFBE402675

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E05B987540A9E2849AAF9E5B06C27DA8

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E09F4A6B9D2A08B599AE9E38BFC93CD6

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E27B6535D0D94A24E91047C7D86F27BC

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E45D171E075A5425CBACF6631A45FA39

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E513C2076D90AD04F888BD762143F191

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E8F4C985459564F5B8DCFF2B3C7EBD27

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E96E33222BAC06B57A1FA9D72951C945

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EAA46CE9007F70A5CAFA5F26E5DDEBE5

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE43FF091A8714A599F33EF2533FB59A

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE790015CF30DAA569960905FF1651A0

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EEB44C47185BD304D80FDF5A4BBE8F54

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F214EB834D2EC474CA76C1CDE306CF3A

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F25491036D0FA5D5FA6742F5742F151A

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2E0D3DD9E5E4B74CA43BCE77815E287

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F4D1BA8B482D9734E943EE260A7ADEF2

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F6704141BAAF6884785EC6843143D6A7

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7507D4D4C310125E9A22BD909A41FB6

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F79C21D785419125595AC59458A6142D

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA15C90F092A60F53A4E0F88CED02968

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA1CF130B3D58B553833ACB6BE8AFAD4

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB0F1A18E4F0DBD509A42F4D4C05C02A

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FD17ED194F1C2B457B4F6EF4AE8DEAF3

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v8.0.6001.18702

 

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl []

 

-\\ Mozilla Firefox v26.0 (en-US)

 

[ File : C:\Documents and Settings\Runnels Laptop\Application Data\Mozilla\Firefox\Profiles\hj05rkpb.default-1375728568265\prefs.js ]

 

Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3289663&octid=CT3289663&SearchSource=61&CUI=UN21421092007932984&UM=2&UP=SPCC2820B0-C4AA-4074-BEAD-7496DF7B5CE4");

Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3289663&octid=CT3289663&SearchSource=61&CUI=UN21421092007932984&UM=2&UP=SPCC2820B0-C4AA-4074-BEAD-7496DF7B5CE4&SSPV=");

Line Deleted : user_pref("extensions.enabledAddons", "webbooster%40iminent.com:7.51.3.1,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0");

Line Deleted : user_pref("extentions.webcake.defaultEnableAppsList", "layers/banner,layers/inline,layers/search,layers/shopping,newOffers/wc");

Line Deleted : user_pref("extentions.webcake.installId", "af4534ee-1fc6-425f-95a3-f25d51981be3");

Line Deleted : user_pref("iminent.LayoutId", "1");

Line Deleted : user_pref("iminent.ShowThankyouPixel", "0");

Line Deleted : user_pref("iminent.adapters", "{\"conduit\":{\"CountryCode\":\"US\",\"NoAds\":true,\"Status\":1,\"expireTime\":\"1387309582310259200\"},\"instantrewards\":{\"CountryCode\":\"US\",\"NoAds\":true,\"Stat[...]

Line Deleted : user_pref("iminent.registerToolbarEvent101", "1388419281406");

Line Deleted : user_pref("iminent.registerToolbarEvent140", "1387520853134");

Line Deleted : user_pref("iminent.version", "7.51.3.1");

Line Deleted : user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.43.4.1\",\"InstallEventCTime\":1387242150420,\"InstallEvent\":\"True\",\"UpdateEventCTime\":1388418764574}");

Line Deleted : user_pref("iminent.webbooster.scripts.minibar.LayoutId", "1");

Line Deleted : user_pref("iminent.webbooster.scripts.minibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar");

Line Deleted : user_pref("iminent.webbooster.scripts.minibar.SOFTONICREFRESHRATE", "140000");

Line Deleted : user_pref("iminent.webbooster.scripts.minibar.Services.BHPCode", "01");

Line Deleted : user_pref("iminent.webbooster.scripts.minibar.Services.DefaultEvent", "000");

Line Deleted : user_pref("iminent.webbooster.scripts.minibar.Services.DefaultWebSite", "000");

Line Deleted : user_pref("iminent.webbooster.scripts.minibar.Services.IminentClientCode", "11");

Line Deleted : user_pref("iminent.webbooster.scripts.minibar.Services.SmartFavCode", "02");

Line Deleted : user_pref("iminent.webbooster.scripts.minibar.ShowThankyouPixel", "0");

Line Deleted : user_pref("iminent.webbooster.scripts.minibar.displayFavLinks", "1");

Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3289663&octid=CT3289663&SearchSource=61&CUI=UN21421092007932984&UM=2&UP=SPCC2820B0-C4AA-4074-BEAD-7496DF7B5CE4");

 

[ File : C:\Documents and Settings\Runnels Laptop\Application Data\Mozilla\Firefox\Profiles\ikgilo5b.default-1388427538187\prefs.js ]

 

 

*************************

 

AdwCleaner[R0].txt - [56303 octets] - [30/12/2013 14:14:10]

AdwCleaner[S0].txt - [55461 octets] - [30/12/2013 14:15:58]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [55522 octets] ##########



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:14 PM

Posted 30 December 2013 - 11:56 PM

Hi, we got some nasty stuff off especially with TDss..
You need t reboot the machine

Run ESET it will be an hour or more.. Let me know how it is after.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 RhondaG

RhondaG
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wilmington, NC
  • Local time:06:14 PM

Posted 31 December 2013 - 12:40 AM

Part 4--Okay, now as far as the Junkware removal tool, I am supposed to shut down my protection software first.  Please forgive my ignorance but I don't know quite how to do that.  I am not even quite sure what protection software I have.  Please help??

 

Part 5

 

C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setupx.dll.vir    probably a variant of Win32/Adware.Yontoo.B application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Runnels Laptop\Application Data\Mozilla\Firefox\Profiles\hj05rkpb.default-1375728568265\Extensions\plugin@getwebcake.com\content\overlay.js.vir    JS/Adware.Yontoo.C application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Runnels Laptop\Application Data\Web Cake\WebCakeDesktop.exe.vir    MSIL/WebCake.A application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Runnels Laptop\Application Data\Web Cake\dat\Desktop.OS.dll.vir    a variant of MSIL/WebCake.A application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Runnels Laptop\Application Data\Web Cake\dat\Dora.dat.vir    a variant of MSIL/WebCake.A application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Runnels Laptop\Application Data\Web Cake\dat\Maintain.dat.vir    a variant of MSIL/WebCake.A application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Runnels Laptop\Application Data\Web Cake\dat\Paladin.dat.vir    a variant of MSIL/WebCake.A application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Runnels Laptop\Local Settings\Application Data\Conduit\CT3289663\InternetHelper3.1AutoUpdateHelper.exe.vir    multiple threats    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Runnels Laptop\Local Settings\Application Data\internethelper3.1\ldrtbInt0.dll.vir    a variant of Win32/Toolbar.Conduit.P application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Runnels Laptop\Local Settings\Application Data\internethelper3.1\ldrtbInt2.dll.vir    a variant of Win32/Toolbar.Conduit.P application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Runnels Laptop\Local Settings\Application Data\internethelper3.1\ldrtbInte.dll.vir    a variant of Win32/Toolbar.Conduit.P application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Runnels Laptop\Local Settings\Application Data\internethelper3.1\tbInt0.dll.vir    a variant of Win32/Toolbar.Conduit.B application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Runnels Laptop\Local Settings\Application Data\internethelper3.1\tbInt2.dll.vir    a variant of Win32/Toolbar.Conduit.B application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Runnels Laptop\Local Settings\Application Data\internethelper3.1\tbInte.dll.vir    a variant of Win32/Toolbar.Conduit.B application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\RUNNEL~1\LOCALS~1\Temp\CT3289663\ieLogic.exe.vir    multiple threats    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\GamingWonderland\bar\1.bin\gtauxstb.dll.vir    Win32/Toolbar.MyWebSearch.W application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\GamingWonderland\bar\1.bin\gtbrmon.exe.vir    Win32/Toolbar.MyWebSearch.W application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\GamingWonderland\bar\1.bin\gtieovr.dll.vir    probably a variant of Win32/Toolbar.MyWebSearch.P application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\internethelper3.1\ldrtbInt0.dll.vir    a variant of Win32/Toolbar.Conduit.P application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\internethelper3.1\ldrtbInt2.dll.vir    a variant of Win32/Toolbar.Conduit.P application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\internethelper3.1\ldrtbInte.dll.vir    a variant of Win32/Toolbar.Conduit.P application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\internethelper3.1\tbInt0.dll.vir    a variant of Win32/Toolbar.Conduit.B application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\internethelper3.1\tbInt2.dll.vir    a variant of Win32/Toolbar.Conduit.B application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\internethelper3.1\tbInte.dll.vir    a variant of Win32/Toolbar.Conduit.B application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\RebateInformer\RebateI.dll.vir    a variant of Win32/Toolbar.Inbox.B application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\RebateInformer\RebateInf.exe.vir    a variant of Win32/Toolbar.Inbox.B application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Web Cake\WebCakeDesktop.Updater.exe.vir    MSIL/WebCake.A application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Web Cake\WebCakeIEClient.dll.vir    probably a variant of Win32/Adware.Yontoo.A application    cleaned by deleting - quarantined
C:\Documents and Settings\Runnels Laptop\Application Data\Mozilla\Firefox\Profiles\hj05rkpb.default-1375728568265\extensions\firefox@weblayers.co.xpi    Win32/BrowseFox.B application    deleted - quarantined
C:\Documents and Settings\Runnels Laptop\Application Data\Web Layers\desktop.exe    a variant of MSIL/WebCake.A application    cleaned by deleting - quarantined
C:\Documents and Settings\Runnels Laptop\Desktop\Old Firefox Data\hj05rkpb.default-1375728568265\extensions\firefox@weblayers.co.xpi    Win32/BrowseFox.B application    deleted - quarantined
C:\Documents and Settings\Runnels Laptop\Desktop\Old Firefox Data\hj05rkpb.default-1375728568265\extensions\plugin@getwebcake.com\content\overlay.js    JS/Adware.Yontoo.C application    cleaned by deleting - quarantined
C:\Documents and Settings\Runnels Laptop\Local Settings\Temp\air100.exe    Win32/BrowseFox.C application    cleaned by deleting - quarantined
C:\Documents and Settings\Runnels Laptop\Local Settings\Temp\air11F.exe    Win32/MyPCBackup.A application    cleaned by deleting - quarantined
C:\Documents and Settings\Runnels Laptop\Local Settings\Temp\airA1.exe    a variant of Win32/AirAdInstaller.A application    cleaned by deleting - quarantined
C:\Documents and Settings\Runnels Laptop\Local Settings\Temp\SecondStepInstaller.exe    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Runnels Laptop\Local Settings\Temp\setup.exe    a variant of Win32/AirAdInstaller.A application    cleaned by deleting - quarantined
C:\Documents and Settings\Runnels Laptop\My Documents\Downloads\AVGAnti-VirusFreeEdition.exe    a variant of Win32/OpenInstall application    cleaned by deleting - quarantined
C:\Downloads\TuneUp Utilities 2008 7.0.7991\Patch.exe    Win32/HackTool.Patcher.A application    cleaned by deleting - quarantined
C:\Program Files\Web Layers\IEClient.dll    a variant of Win32/BrowseFox.F application    cleaned by deleting - quarantined
C:\Program Files\Web Layers\Uninstall.exe    Win32/BrowseFox.C application    cleaned by deleting - quarantined
C:\Program Files\Web Layers\updater.exe    a variant of MSIL/WebCake.A application    cleaned by deleting (after the next restart) - quarantined
C:\TDSSKiller_Quarantine\30.12.2013_13.52.58\mbr0000\tdlfs0000\tsk0001.dta    a variant of Win32/Olmarik.AYI trojan    cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.12.2013_13.52.58\mbr0000\tdlfs0000\tsk0002.dta    Win64/Olmarik.BC trojan    cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.12.2013_13.52.58\mbr0000\tdlfs0000\tsk0003.dta    Win32/Olmarik.AYH trojan    cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.12.2013_13.52.58\mbr0000\tdlfs0000\tsk0004.dta    Win64/Olmarik.AL trojan    cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.12.2013_13.52.58\mbr0000\tdlfs0000\tsk0005.dta    a variant of Win32/Rootkit.Kryptik.MY trojan    cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.12.2013_13.52.58\mbr0000\tdlfs0000\tsk0006.dta    Win64/Olmarik.AK trojan    cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.12.2013_13.52.58\mbr0000\tdlfs0000\tsk0010.dta    Win32/Olmarik.AFK trojan    cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.12.2013_13.52.58\mbr0000\tdlfs0000\tsk0011.dta    Win64/Olmarik.AK trojan    cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\30.12.2013_13.52.58\mbr0000\tdlfs0000\tsk0014.dta    a variant of Win32/Olmarik.AYI trojan    cleaned by deleting - quarantined
Operating memory    a variant of MSIL/WebCake.A application    contained infected files
 



#10 RhondaG

RhondaG
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wilmington, NC
  • Local time:06:14 PM

Posted 31 December 2013 - 12:48 AM

Hi, okay thanks.  I will reboot and await your response.



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:14 PM

Posted 31 December 2013 - 11:07 AM

You have AVG 2013 (Version: 2013.0.3462)
Should be able to Right click icon in Tray by Clock (System Tray)
Select disable or shut down.

Restart after the scan.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 RhondaG

RhondaG
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wilmington, NC
  • Local time:06:14 PM

Posted 01 January 2014 - 12:59 PM

Okay thanks.

Part 4 done.

Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Microsoft Windows XP x86
Ran by Runnels Laptop on Wed 01/01/2014 at 12:52:16.76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] webupdater
Successfully deleted: [Service] webupdater



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{976D7863-9E6C-4066-8C67-0993DB9DE35F}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\web layers
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{976D7863-9E6C-4066-8C67-0993DB9DE35F}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{976D7863-9E6C-4066-8C67-0993DB9DE35F}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\Free Ride Games
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{34D64DD2-394D-4295-BAD8-C1309CEF5A52}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB5D199E-9659-47A2-930B-FC3B69061353}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\Runnels Laptop\Application Data\web layers"
Successfully deleted: [Folder] "C:\Program Files\mypc backup"
Successfully deleted: [Folder] "C:\Program Files\web layers"



~~~ FireFox

Successfully deleted: [Folder] "C:\Program Files\Mozilla Firefox\extensions\ecyoivyyjrojzoyplneg@nrbkkafymvigofepbi.org"
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\gtffxtbr@gamingwonderland.com





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 01/01/2014 at 12:56:14.67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Please advise.



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:14 PM

Posted 01 January 2014 - 03:10 PM

Hi, this looks clean now..

 

You may have to to install that App if it still does not function as files were corrupted by infection.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 RhondaG

RhondaG
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wilmington, NC
  • Local time:06:14 PM

Posted 01 January 2014 - 03:53 PM

Hi, thank you so much for your help.  Now again, please excuse my ignorance but did you do something on your end? What exactly was done and how did it fix my problem if it is fixed? Instant Rewards is a website that I was using but was not able to navigate to the next website from their page because the "go" button was not showing on the page. How can we get it to show??



#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:14 PM

Posted 01 January 2014 - 10:49 PM

We removed Rootkits, Trojans and ad/spyware Some files may have been part of your program.

If that network saw infection in your connection it may not allow you to proceed.

If you still cannot see/ use that button then you may need to see if they offer support.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users