Jump to content

i have Trojan.0Access and i can't get rid of it!


Recommended Posts

i ran a malwerebytes scan and it came up with Malwerebytes Anti-malwere has blocked and quarantined a threat                                                                                                                                                                                                C:\$Recycle.Bin\s-1-5-18\ $495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access.                                                                                                                                                                                                                                             That keeps coming up and im not sure how to f=get rid of it. can someone please help me it has blocked me from downloading anything and i was banned from all http sights please help   :(  

Link to post
Share on other sites

  • Replies 91
  • Created
  • Last Reply

Top Posters In This Topic

Hello iDayzKilla and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
I'm afraid I have bad news.

One or more of the identified infections is a rootkit. Rootkits are very dangerous because they use advanced techniques (backdoors) as a means of accessing a computer system that bypasses security mechanisms and steal sensitive information which they send back to the hacker. Many rootkits can hook into the Windows 32-bit kernel, and patch several APIs to hide new registry keys and files they install. Remote attackers use backdoor Trojans and rootkits as part of an exploit to gain unauthorized access to a computer and take control of it without your knowledge.

I suggest you disconnect this computer from the Internet immediately you finish reading this post.

If you do any banking or other financial transactions on the computer, or if it contains any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the trojan has been identified and can be killed, your computer is very likely compromised and there is no way to be sure your computer can ever again be trusted.

Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the Operating System.

Visit the following sites for more information on Internet theft and when to reformat!

Help: I Got Hacked. Now What Do I Do?

Help: I Got Hacked. Now What Do I Do? Part II

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

When Should I Format, How Should I Reinstall

Should you decide not to follow that advice, we will of course do our best to clean the computer of any infections that we can see but, as I already stated, we can in no way guarantee it to be trustworthy.

If you have any questions before making a final decision, please feel free to ask.

Instructions how to format and reinstall Windows can be found here

Link to post
Share on other sites

Hello iDayzKilla and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
I'm afraid I have bad news.

One or more of the identified infections is a rootkit. Rootkits are very dangerous because they use advanced techniques (backdoors) as a means of accessing a computer system that bypasses security mechanisms and steal sensitive information which they send back to the hacker. Many rootkits can hook into the Windows 32-bit kernel, and patch several APIs to hide new registry keys and files they install. Remote attackers use backdoor Trojans and rootkits as part of an exploit to gain unauthorized access to a computer and take control of it without your knowledge.

I suggest you disconnect this computer from the Internet immediately you finish reading this post.

If you do any banking or other financial transactions on the computer, or if it contains any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the trojan has been identified and can be killed, your computer is very likely compromised and there is no way to be sure your computer can ever again be trusted.

Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the Operating System.

Visit the following sites for more information on Internet theft and when to reformat!

Help: I Got Hacked. Now What Do I Do?

Help: I Got Hacked. Now What Do I Do? Part II

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

When Should I Format, How Should I Reinstall

Should you decide not to follow that advice, we will of course do our best to clean the computer of any infections that we can see but, as I already stated, we can in no way guarantee it to be trustworthy.

If you have any questions before making a final decision, please feel free to ask.

Instructions how to format and reinstall Windows can be found here

 

ok so this is the location of the trojan i think it might be C:\$Recycle.Bin\s-1-5-18\ $495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access that is what came up on on malwerebytes

Link to post
Share on other sites

Malwarebytes Anti-Malware (Trial) 1.75.0.1300

www.malwarebytes.org

 

Database version: v2013.07.01.01

 

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

josh :: WILLIAMS-PC [administrator]

 

Protection: Enabled

 

3/07/2013 5:05:44 PM

MBAM-log-2013-07-03 (17-49-51).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 281322

Time elapsed: 21 minute(s), 27 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 17

HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> No action taken.

HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLab) -> No action taken.

HKCR\Interface\{55555555-5555-5555-5555-550055225558} (Adware.GamePlayLab) -> No action taken.

HKCR\CrossriderApp0002258.BHO.1 (Adware.GamePlayLab) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> No action taken.

HKCR\CLSID\{22222222-2222-2222-2222-220022222258} (Adware.GamePlayLab) -> No action taken.

HKCR\CrossriderApp0002258.Sandbox.1 (Adware.GamePlayLab) -> No action taken.

HKCR\CrossriderApp0002258.Sandbox (Adware.GamePlayLab) -> No action taken.

HKCR\CLSID\{33333333-3333-3333-3333-330033223358} (Adware.GamePlayLab) -> No action taken.

HKCR\CrossriderApp0002258.FBApi.1 (Adware.GamePlayLab) -> No action taken.

HKCR\CrossriderApp0002258.FBApi (Adware.GamePlayLab) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> No action taken.

HKCR\CrossriderApp0002258.BHO (Adware.GamePlayLab) -> No action taken.

HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> No action taken.

HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> No action taken.

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 1

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bad: (http://search.certified-toolbar.com?si=41460&home=true&tid=592) Good: (http://www.google.com) -> No action taken.

 

Folders Detected: 4

C:\Users\Williams\Local Settings\Application Data\I Want This (Adware.GamePlayLab) -> No action taken.

C:\Users\Williams\Local Settings\Application Data\I Want This\Chrome (Adware.GamePlayLab) -> No action taken.

C:\Users\Williams\AppData\Local\I Want This (Adware.GamePlayLab) -> No action taken.

C:\Users\Williams\AppData\Local\I Want This\Chrome (Adware.GamePlayLab) -> No action taken.

 

Files Detected: 13

C:\Users\josh\Downloads\Camstudio_Setup.exe (PUP.Bundle.Installer.OI) -> No action taken.

C:\Users\josh\Downloads\Injector.rar (Trojan.Agent) -> No action taken.

C:\Users\Williams\Downloads\7Zip_Setup (1).exe (Adware.IBryte) -> No action taken.

C:\Users\Williams\Downloads\7Zip_Setup.exe (Adware.IBryte) -> No action taken.

C:\Users\Williams\Downloads\DownloadManager_Setup.exe (PUP.Bundle.Installer.OI) -> No action taken.

C:\Users\Williams\Downloads\minecraft.exe (PUP.Adware.MediaGet) -> No action taken.

C:\Users\Williams\Downloads\setup.exe (PUP.BundleInstaller.VG) -> No action taken.

C:\Users\Williams\Downloads\SoftonicDownloader_for_eihort.exe (PUP.OfferBundler.ST) -> No action taken.

C:\Users\Williams\Downloads\SoftonicDownloader_for_winrar.exe (PUP.OfferBundler.ST) -> No action taken.

C:\Users\josh\AppData\Roaming\fk1xxx.e2ts (Malware.Trace) -> No action taken.

C:\Users\josh\AppData\Roaming\josh-wchelper.dll (Trojan.Agent.Gen) -> No action taken.

C:\Users\Williams\Local Settings\Application Data\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> No action taken.

C:\Users\Williams\AppData\Local\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> No action taken.

 

(end)

Link to post
Share on other sites

different log  2013/07/01 16:44:40 +1000 WILLIAMS-PC Williams MESSAGE Starting protection

2013/07/01 16:44:40 +1000 WILLIAMS-PC Williams MESSAGE Protection started successfully
2013/07/01 16:44:40 +1000 WILLIAMS-PC Williams MESSAGE Starting IP protection
2013/07/01 16:44:40 +1000 WILLIAMS-PC Williams ERROR IP protection failed:  FwpmEngineOpen0 failed with error code 1753
2013/07/01 16:46:21 +1000 WILLIAMS-PC Williams MESSAGE Starting database refresh
2013/07/01 16:46:32 +1000 WILLIAMS-PC Williams MESSAGE Database refreshed successfully
2013/07/01 16:47:27 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 16:48:33 +1000 WILLIAMS-PC Williams DETECTION c:\$recycle.bin\s-1-5-18\$495924e8b7e33e121feccf96590e0c21\u\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 16:48:34 +1000 WILLIAMS-PC Williams ERROR Quarantine failed:  SDKQuarantine failed with error code 0
2013/07/01 16:49:32 +1000 WILLIAMS-PC Williams DETECTION c:\$recycle.bin\s-1-5-18\$495924e8b7e33e121feccf96590e0c21\u\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 16:49:32 +1000 WILLIAMS-PC Williams ERROR Quarantine failed:  SDKQuarantine failed with error code 0
2013/07/01 16:51:35 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 16:56:20 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 17:00:08 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 17:04:55 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 17:08:52 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 17:12:53 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 17:17:25 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 17:21:42 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 17:25:42 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 17:30:14 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 17:34:16 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 17:38:46 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 17:41:05 +1000 WILLIAMS-PC Williams MESSAGE Executing scheduled update:  Daily
2013/07/01 17:41:53 +1000 WILLIAMS-PC Williams MESSAGE Starting database refresh
2013/07/01 17:41:53 +1000 WILLIAMS-PC Williams MESSAGE Scheduled update executed successfully:  database updated from version v2013.06.30.07 to version v2013.07.01.01
2013/07/01 17:42:06 +1000 WILLIAMS-PC Williams MESSAGE Database refreshed successfully
2013/07/01 17:42:46 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 17:47:03 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 17:51:36 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 17:55:55 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 18:00:07 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 18:04:21 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 18:08:37 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 18:13:19 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 18:17:08 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 18:21:25 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 18:28:57 +1000 WILLIAMS-PC (null) DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 18:30:53 +1000 WILLIAMS-PC (null) MESSAGE Starting protection
2013/07/01 18:30:53 +1000 WILLIAMS-PC (null) MESSAGE Protection started successfully
2013/07/01 18:30:53 +1000 WILLIAMS-PC (null) MESSAGE Starting IP protection
2013/07/01 18:30:53 +1000 WILLIAMS-PC (null) ERROR IP protection failed:  FwpmEngineOpen0 failed with error code 1753
2013/07/01 18:31:15 +1000 WILLIAMS-PC (null) DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 18:33:05 +1000 WILLIAMS-PC (null) DETECTION c:\$recycle.bin\s-1-5-18\$495924e8b7e33e121feccf96590e0c21\u\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 18:33:05 +1000 WILLIAMS-PC (null) ERROR Quarantine failed:  SDKQuarantine failed with error code 0
2013/07/01 18:34:00 +1000 WILLIAMS-PC (null) DETECTION c:\$recycle.bin\s-1-5-18\$495924e8b7e33e121feccf96590e0c21\u\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 18:34:00 +1000 WILLIAMS-PC (null) ERROR Quarantine failed:  SDKQuarantine failed with error code 0
2013/07/01 18:35:42 +1000 WILLIAMS-PC (null) DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 18:36:50 +1000 WILLIAMS-PC Williams DETECTION c:\$recycle.bin\s-1-5-18\$495924e8b7e33e121feccf96590e0c21\u\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 18:36:50 +1000 WILLIAMS-PC Williams ERROR Quarantine failed:  SDKQuarantine failed with error code 0
2013/07/01 18:37:40 +1000 WILLIAMS-PC Williams DETECTION c:\$recycle.bin\s-1-5-18\$495924e8b7e33e121feccf96590e0c21\u\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 18:37:40 +1000 WILLIAMS-PC Williams ERROR Quarantine failed:  SDKQuarantine failed with error code 0
2013/07/01 18:38:15 +1000 WILLIAMS-PC Williams DETECTION c:\$recycle.bin\s-1-5-18\$495924e8b7e33e121feccf96590e0c21\u\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 18:38:15 +1000 WILLIAMS-PC Williams ERROR Quarantine failed:  SDKQuarantine failed with error code 0
2013/07/01 18:38:28 +1000 WILLIAMS-PC Williams DETECTION c:\$recycle.bin\s-1-5-18\$495924e8b7e33e121feccf96590e0c21\u\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 18:38:28 +1000 WILLIAMS-PC Williams ERROR Quarantine failed:  SDKQuarantine failed with error code 0
2013/07/01 18:39:42 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 18:40:14 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-21-3287801049-2637330249-1735968051-1002\$495924e8b7e33e121feccf96590e0c21\n Trojan.0Access QUARANTINE
2013/07/01 18:43:43 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 18:48:16 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 18:52:18 +1000 WILLIAMS-PC Williams DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 19:38:18 +1000 WILLIAMS-PC (null) DETECTION c:\$recycle.bin\s-1-5-18\$495924e8b7e33e121feccf96590e0c21\u\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 19:38:18 +1000 WILLIAMS-PC (null) ERROR Quarantine failed:  SDKQuarantine failed with error code 0
2013/07/01 19:38:32 +1000 WILLIAMS-PC (null) DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 19:38:58 +1000 WILLIAMS-PC (null) DETECTION c:\$recycle.bin\s-1-5-18\$495924e8b7e33e121feccf96590e0c21\u\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 19:38:58 +1000 WILLIAMS-PC (null) ERROR Quarantine failed:  SDKQuarantine failed with error code 0
2013/07/01 19:39:08 +1000 WILLIAMS-PC (null) DETECTION c:\$recycle.bin\s-1-5-18\$495924e8b7e33e121feccf96590e0c21\u\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 19:39:09 +1000 WILLIAMS-PC (null) ERROR Quarantine failed:  SDKQuarantine failed with error code 0
2013/07/01 19:39:14 +1000 WILLIAMS-PC (null) DETECTION C:\$Recycle.Bin\S-1-5-18\$495924e8b7e33e121feccf96590e0c21\U\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 19:39:30 +1000 WILLIAMS-PC (null) DETECTION c:\$recycle.bin\s-1-5-18\$495924e8b7e33e121feccf96590e0c21\u\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 19:39:30 +1000 WILLIAMS-PC (null) ERROR Quarantine failed:  SDKQuarantine failed with error code 0
2013/07/01 19:39:42 +1000 WILLIAMS-PC josh DETECTION c:\$recycle.bin\s-1-5-18\$495924e8b7e33e121feccf96590e0c21\u\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 19:39:42 +1000 WILLIAMS-PC josh ERROR Quarantine failed:  SDKQuarantine failed with error code 0
2013/07/01 19:39:54 +1000 WILLIAMS-PC josh DETECTION c:\$recycle.bin\s-1-5-18\$495924e8b7e33e121feccf96590e0c21\u\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 19:39:54 +1000 WILLIAMS-PC josh ERROR Quarantine failed:  SDKQuarantine failed with error code 0
2013/07/01 19:39:58 +1000 WILLIAMS-PC josh DETECTION c:\$recycle.bin\s-1-5-18\$495924e8b7e33e121feccf96590e0c21\u\80000032.@ Trojan.0Access QUARANTINE
2013/07/01 19:39:58 +1000 WILLIAMS-PC josh ERROR Quarantine failed:  SDKQuarantine failed with error code 0
2013/07/01 19:40:05 +1000 WILLIAMS-PC josh MESSAGE Stopping protection
2013/07/01 19:40:05 +1000 WILLIAMS-PC josh MESSAGE Protection stopped successfully
2013/07/01 19:40:14 +1000 WILLIAMS-PC josh MESSAGE Protection stopped
2013/07/01 22:15:50 +1000 WILLIAMS-PC josh MESSAGE Starting protection
2013/07/01 22:15:50 +1000 WILLIAMS-PC josh MESSAGE Protection started successfully
2013/07/01 22:15:50 +1000 WILLIAMS-PC josh MESSAGE Starting IP protection
2013/07/01 22:15:55 +1000 WILLIAMS-PC josh MESSAGE IP Protection started successfully
Link to post
Share on other sites

Malwarebytes Anti-Malware (PRO) 1.75.0.1300

www.malwarebytes.org

 

Database version: v2013.07.03.10

 

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

josh :: WILLIAMS-PC [administrator]

 

Protection: Enabled

 

4/07/2013 8:07:38 AM

mbam-log-2013-07-04 (08-07-38).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 281697

Time elapsed: 22 minute(s), 29 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 17

HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.

HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLab) -> Quarantined and deleted successfully.

HKCR\Interface\{55555555-5555-5555-5555-550055225558} (Adware.GamePlayLab) -> Quarantined and deleted successfully.

HKCR\CrossriderApp0002258.BHO.1 (Adware.GamePlayLab) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.

HKCR\CLSID\{22222222-2222-2222-2222-220022222258} (Adware.GamePlayLab) -> Quarantined and deleted successfully.

HKCR\CrossriderApp0002258.Sandbox.1 (Adware.GamePlayLab) -> Quarantined and deleted successfully.

HKCR\CrossriderApp0002258.Sandbox (Adware.GamePlayLab) -> Quarantined and deleted successfully.

HKCR\CLSID\{33333333-3333-3333-3333-330033223358} (Adware.GamePlayLab) -> Quarantined and deleted successfully.

HKCR\CrossriderApp0002258.FBApi.1 (Adware.GamePlayLab) -> Quarantined and deleted successfully.

HKCR\CrossriderApp0002258.FBApi (Adware.GamePlayLab) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> Quarantined and deleted successfully.

HKCR\CrossriderApp0002258.BHO (Adware.GamePlayLab) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> Quarantined and deleted successfully.

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 1

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bad: (http://search.certified-toolbar.com?si=41460&home=true&tid=592) Good: (http://www.google.com) -> Quarantined and repaired successfully.

 

Folders Detected: 4

C:\Users\Williams\Local Settings\Application Data\I Want This (Adware.GamePlayLab) -> Quarantined and deleted successfully.

C:\Users\Williams\Local Settings\Application Data\I Want This\Chrome (Adware.GamePlayLab) -> Quarantined and deleted successfully.

C:\Users\Williams\AppData\Local\I Want This (Adware.GamePlayLab) -> Quarantined and deleted successfully.

C:\Users\Williams\AppData\Local\I Want This\Chrome (Adware.GamePlayLab) -> Quarantined and deleted successfully.

 

Files Detected: 13

C:\Users\josh\Downloads\Camstudio_Setup.exe (PUP.Bundle.Installer.OI) -> No action taken.

C:\Users\josh\Downloads\Injector.rar (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Users\Williams\Downloads\7Zip_Setup (1).exe (Adware.IBryte) -> Quarantined and deleted successfully.

C:\Users\Williams\Downloads\7Zip_Setup.exe (Adware.IBryte) -> Quarantined and deleted successfully.

C:\Users\Williams\Downloads\DownloadManager_Setup.exe (PUP.Bundle.Installer.OI) -> Quarantined and deleted successfully.

C:\Users\Williams\Downloads\minecraft.exe (PUP.Adware.MediaGet) -> Quarantined and deleted successfully.

C:\Users\Williams\Downloads\setup.exe (PUP.BundleInstaller.VG) -> Quarantined and deleted successfully.

C:\Users\Williams\Downloads\SoftonicDownloader_for_eihort.exe (PUP.OfferBundler.ST) -> Quarantined and deleted successfully.

C:\Users\Williams\Downloads\SoftonicDownloader_for_winrar.exe (PUP.OfferBundler.ST) -> Quarantined and deleted successfully.

C:\Users\josh\AppData\Roaming\fk1xxx.e2ts (Malware.Trace) -> Quarantined and deleted successfully.

C:\Users\josh\AppData\Roaming\josh-wchelper.dll (Trojan.Agent.Gen) -> Quarantined and deleted successfully.

C:\Users\Williams\Local Settings\Application Data\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> Quarantined and deleted successfully.

C:\Users\Williams\AppData\Local\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> Quarantined and deleted successfully.

 

(end)

Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_x86 

Internet Explorer: 9.0.8112.16490  BrowserJavaVersion: 10.25.2

Run by josh at 9:46:52 on 2013-07-05

Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.61.1033.18.3325.1396 [GMT 10:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}

AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}

FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\system32\atiesrxx.exe

C:\Windows\system32\SLsvc.exe

C:\Program Files\Dell\DellDock\DockLogin.exe

C:\Windows\system32\atieclxx.exe

C:\Windows\System32\WLTRYSVC.EXE

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\bcmwltry.exe

C:\Windows\system32\taskeng.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\FreeWordHelper\FreeWordHelperUpdt.exe

C:\Program Files\LogMeIn Hamachi\hamachi-2.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe

C:\Windows\system32\PnkBstrB.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Program Files\Fighters\FighterSuiteService.exe

C:\Program Files\Wajam\Updater\WajamUpdater.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\PROGRA~1\Bandoo\Bandoo.exe

C:\Windows\System32\WUDFHost.exe

c:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\system32\schtasks.exe

C:\Program Files\Dell\DellDock\DellDock.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Windows\System32\WLTRAY.EXE

C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\NetWorx\networx.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\Fighters\Tray\FightersTray.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Steam\steam2\Steam.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\McAfee Security Scan\2.1.121\SSScheduler.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\UnHackMe\hackmon.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\Program Files\Common Files\Steam\SteamService.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe

C:\Program Files\McAfee Security Scan\2.1.121\McUICnt.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\WerCon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k hpdevmgmt

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

.

============== Pseudo HJT Report ===============

.

uWindow Title = Windows Internet Explorer provided by Yahoo!






BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Wincore Mediabar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - c:\program files\imesh applications\mediabar\datamngr\toolbar\wincoreimdtx.dll

BHO: Linkury SmartbarEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} - 

BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton internet security\engine\19.9.1.14\coieplg.dll

BHO: CescrtHlpr Object: {64182481-4F71-486b-A045-B233BD0DA8FC} - c:\program files\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll

BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton internet security\engine\19.9.1.14\ips\ipsbho.dll

BHO: UrlHelper Class: {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - c:\program files\bearshare applications\mediabar\datamngr\IEBHO.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll

BHO: FreeWordHelp 1.0: {A229BC5B-E7A2-447B-B015-1E7CA944978D} - c:\program files\freewordhelper\FreeWordHelper1.0.dll

BHO: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - c:\program files\wajam\ie\wajam.dll

BHO: TopArcadeHits Games: {A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} - c:\users\josh\appdata\local\toparcadehits\Toparcadehits.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: DownTango Launcher Toolbar: {b52d0735-ec19-448a-abde-e01b5bd275d2} - c:\users\josh\appdata\roaming\downtangolaunchertoolbar\DownTangoLauncherToolbar.dll

BHO: news.net: {BA3E58F7-60C6-485E-A775-0C1FD9C0E55E} - c:\program files\breakingnews\ScriptHost.dll

BHO: Wincore Mediabar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - c:\program files\bearshare applications\mediabar\datamngr\toolbar\wincorebsdtx.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.1.391.0\BingExt.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: Zoom Downloader: {E5C66DD8-308B-4a4f-AF0A-3D04F25B5343} - 

BHO: Softonic Helper Object: {E87806B5-E908-45FD-AF5E-957D83E58E68} - c:\program files\softonic\softonic\1.6.4.3\bh\Softonic.dll

BHO: BandooIEPlugin Class: {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - c:\program files\bandoo\plugins\ie\ieplugin.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - 

TB: SweetIM Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - 

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton internet security\engine\19.9.1.14\coieplg.dll

TB: &NetWorx Desk Band: {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - c:\program files\networx\deskband.dll

TB: facemoods Toolbar: {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - c:\program files\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll

TB: SweetIM Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - 

TB: Wincore Mediabar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - c:\program files\imesh applications\mediabar\datamngr\toolbar\wincoreimdtx.dll

TB: Wincore Mediabar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - c:\program files\bearshare applications\mediabar\datamngr\toolbar\wincorebsdtx.dll

TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - 

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton internet security\engine\19.9.1.14\coieplg.dll

TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - 

TB: Softonic Toolbar: {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - c:\program files\softonic\softonic\1.6.4.3\SoftonicTlbr.dll

TB: Linkury Smartbar: {ae07101b-46d4-4a98-af68-0333ea26e113} - 

TB: DownTango Launcher Toolbar: {b52d0735-ec19-448a-abde-e01b5bd275d2} - c:\users\josh\appdata\roaming\downtangolaunchertoolbar\DownTangoLauncherToolbar.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - 

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [steam] "c:\program files\steam\steam2\steam.exe" -silent

uRun: [FDPRO-516] c:\program files\fighters\FighterLauncher.exe FDPRO

uRun: [Exetender] "c:\program files\free ride games\GPlayer.exe" /runonstartup

uRun: [Desura] c:\program files\desura\desura.exe -autostart

uRun: [hw.exe] c:\users\josh\appdata\local\temp\rar$exa0.651\hw.exe

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [Dxtory Update Checker 2.0] c:\program files\dxtory software\dxtory2.0\UpdateChecker.exe

uRun: [EvolveClient] "c:\program files\echobit\evolve\EvolveClient.exe" -autorun

uRun: [breakingNews] c:\program files\breakingnews\breakingnews\DesktopContainer.exe

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun

mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe

mRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Dell DataSafe Online] "c:\program files\dell datasafe online\DataSafeOnline.exe" /m

mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon

mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon

mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter

mRun: [NetWorx] "c:\program files\networx\networx.exe" /auto

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [facemoods] "c:\program files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [CommonToolkitTray] c:\program files\fighters\tray\FightersTray.exe

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [amd_dc_opt] c:\program files\amd\dual-core optimizer\amd_dc_opt.exe

mRun: [MSC] "c:\program files\microsoft security client\mssecex.exe" -hide -runkey

mRun: [LogMeIn Hamachi Ui] "c:\program files\logmein hamachi\hamachi-2-ui.exe" --auto-start

dRun: [Exetender] "c:\program files\free ride games\GPlayer.exe" /runonstartup

StartupFolder: c:\users\josh\appdata\roaming\micros~1\windows\startm~1\programs\startup\delldo~1.lnk - c:\program files\dell\delldock\DellDock.exe

StartupFolder: c:\users\josh\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.1.121\SSScheduler.exe

mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {45d8438c-b51d-47a8-aeea-9061535f25f1} - {b52d0735-ec19-448a-abde-e01b5bd275d2}

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com


DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} - 







TCP: NameServer = 10.0.0.138

TCP: Interfaces\{478B4304-BA1B-4DBB-BEC8-D3389FCF3CB6} : DHCPNameServer = 10.143.147.147 10.143.147.148

TCP: Interfaces\{AB062B98-9986-4F2B-9B17-5EC7862F454C} : DHCPNameServer = 10.0.0.138

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll

AppInit_DLLs= c:\progra~1\bandoo\bndhook.dll 

LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\josh\appdata\roaming\mozilla\firefox\profiles\lxx114p3.default\

FF - prefs.js: browser.startup.homepage - 

FF - plugin: c:\program files\free ride games\npExentCtl.dll

FF - plugin: c:\program files\free ride games\npGameTreatWidget.dll

FF - plugin: c:\program files\google\update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: c:\program files\microsoft\office live\npOLW.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npFreeWordHelper.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll

FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\users\josh\appdata\local\roblox\versions\version-bac2ef28b67142d0\NPRobloxProxy.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_224.dll

FF - plugin: c:\windows\system32\npdeployJava1.dll

FF - plugin: c:\windows\system32\npmproxy.dll

FF - ExtSQL: 2013-05-17 18:16; {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}; c:\program files\mozilla firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}

FF - ExtSQL: 2013-06-30 10:51; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\coFFPlgn

FF - ExtSQL: 2013-07-01 08:23; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

.

---- FIREFOX POLICIES ----

FF - user.js: extensions.mixidj.tlbrSrchUrl - 

FF - user.js: extensions.mixidj.id - 669dcf4f0000000000000000a1f8c1a8

FF - user.js: extensions.mixidj.appId - {A2773ED4-83BD-488A-A186-73590706C916}

FF - user.js: extensions.mixidj.instlDay - 15888

FF - user.js: extensions.mixidj.vrsn - 1.8.18.8

FF - user.js: extensions.mixidj.vrsni - 1.8.18.8

FF - user.js: extensions.mixidj.vrsnTs - 1.8.18.819:45:56

FF - user.js: extensions.mixidj.prtnrId - mixidj

FF - user.js: extensions.mixidj.prdct - mixidj

FF - user.js: extensions.mixidj.aflt - babsst

FF - user.js: extensions.mixidj.smplGrp - none

FF - user.js: extensions.mixidj.tlbrId - baseyh

FF - user.js: extensions.mixidj.instlRef - sst

FF - user.js: extensions.mixidj.dfltLng - en

FF - user.js: extensions.mixidj.excTlbr - false

FF - user.js: extensions.mixidj.ffxUnstlRst - false

FF - user.js: extensions.mixidj.admin - false

FF - user.js: extensions.mixidj.autoRvrt - false

FF - user.js: extensions.mixidj.rvrt - false

FF - user.js: extensions.mixidj.newTab - false

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296]

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1309010.00e\symds.sys [2013-2-7 340088]

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1309010.00e\symefa.sys [2013-2-7 924320]

R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\bashdefs\20120517.001\BHDrvx86.sys [2012-5-25 821880]

R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1309010.00e\ccsetx86.sys [2013-2-7 132768]

R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\ipsdefs\20120601.001\IDSvix86.sys [2012-6-2 368248]

R1 PSSDK42;PSSDK42;c:\windows\system32\drivers\pssdk42.sys [2009-8-29 38976]

R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1309010.00e\ironx86.sys [2013-2-7 149624]

R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\nis\1309010.00e\symtdiv.sys [2013-2-7 345208]

R2 AERTFilters;Andrea RT Filters Service;c:\program files\realtek\audio\hda\AERTSrv.exe [2009-7-2 81920]

R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-11-17 217088]

R2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]

R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-12-18 155648]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]

R2 FreeWordHelper;FreeWordHelper;c:\program files\freewordhelper\FreeWordHelperUpdt.exe [2011-12-16 1778176]

R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\logmein hamachi\hamachi-2.exe [2013-6-28 1440080]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-7-1 418376]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-7-1 701512]

R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\19.9.1.14\ccsvchst.exe [2013-2-7 138272]

R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2013-1-20 100328]

R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2013-5-14 3289208]

R2 Suite Service;Suite Service;c:\program files\fighters\FighterSuiteService.exe [2012-5-10 1267264]

R2 WajamUpdater;WajamUpdater;c:\program files\wajam\updater\WajamUpdater.exe [2012-3-10 109064]

R2 X6XSEx_Pr143;X6XSEx_Pr143;c:\program files\free ride games\X6XSEx_Pr143.sys [2012-11-13 47400]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdLH3.sys [2012-2-23 83984]

R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]

R3 Common Toolkit Tools;Common Toolkit Tools;c:\program files\fighters\full-diskfighter\Common Toolkit Tools.exe [2012-6-5 217200]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2013-5-5 106656]

R3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver;c:\windows\system32\drivers\evolve.sys [2013-5-22 18584]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-7-1 22856]

R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-1-27 295232]

R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate1caff9443795676;Google Update Service (gupdate1caff9443795676);c:\program files\google\update\GoogleUpdate.exe [2010-5-30 133104]

S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-6-21 162408]

S2 Web Assistant Updater;Web Assistant Updater;c:\program files\web assistant\extensionupdaterservice.exe --> c:\program files\web assistant\ExtensionUpdaterService.exe [?]

S3 Desura Install Service;Desura Install Service;c:\program files\common files\desura\desura_service.exe [2012-11-24 131912]

S3 EvoSvc;Evolve Service;c:\program files\echobit\evolve\EvoSvc.exe [2013-5-22 1495512]

S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2013-2-25 39272]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-22 1493352]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.1.121\McCHSvc.exe [2010-9-3 227232]

S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\drivers\MijXfilt.sys [2013-6-29 99400]

S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2011-8-2 18432]

S3 PCD5SRVC{3F6A8B78-EC003E00-05040104};PCD5SRVC{3F6A8B78-EC003E00-05040104} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\dellsu~1\hwdiag\bin\PCD5SRVC.pkms [2008-11-5 22904]

S3 RegGuard;RegGuard;c:\windows\system32\drivers\regguard.sys [2013-7-3 24416]

S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]

.

=============== Created Last 30 ================

.

2013-07-03 23:51:58 7068072 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{8b41fe18-a987-48e6-8d0b-9ac8d75449b2}\mpengine.dll

2013-07-03 21:49:54 -------- d-----w- c:\programdata\McAfee Security Scan

2013-07-03 21:47:39 -------- d-----w- c:\program files\LogMeIn Hamachi

2013-07-03 10:25:25 69784 ----a-w- c:\program files\windows defender\en-us\systemprofile\appdata\local\microsoft\windows\temporary internet files\content.ie5\nybgovm4\wajam_update[2].exe

2013-07-03 07:43:11 -------- d-----w- c:\program files\AMD APP

2013-07-03 07:36:35 -------- d-----w- c:\program files\ATI

2013-07-03 07:35:08 -------- d-----w- C:\AMD

2013-07-03 06:50:44 -------- d-----w- C:\@RestoreQuarantine

2013-07-03 03:20:14 -------- d-----w- C:\BackSys

2013-07-02 22:59:38 40208 ----a-w- c:\windows\system32\Partizan.exe

2013-07-02 22:59:28 24416 ----a-w- c:\windows\system32\drivers\regguard.sys

2013-07-02 22:30:13 7068072 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2013-07-02 22:24:47 32290 ----a-w- c:\windows\system32\drivers\Partizan.sys

2013-07-02 22:24:47 -------- d-----w- c:\programdata\RegRun

2013-07-02 22:24:42 2 --shatr- c:\windows\winstart.bat

2013-07-02 22:24:32 12800 ----a-w- c:\windows\system32\drivers\UnHackMeDrv.sys

2013-07-02 22:24:23 -------- d-----w- c:\program files\UnHackMe

2013-07-02 10:25:02 69784 ----a-w- c:\program files\windows defender\en-us\systemprofile\appdata\local\microsoft\windows\temporary internet files\content.ie5\nybgovm4\wajam_update[1].exe

2013-07-02 09:36:06 -------- d-----w- c:\program files\BreakingNews

2013-07-02 09:34:19 -------- d-----w- c:\users\josh\appdata\local\TopArcadeHits

2013-07-01 15:35:34 724464 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{54b1d383-4166-46aa-8aac-d9bc7625f866}\gapaengine.dll

2013-07-01 12:12:03 -------- d-----w- C:\9a65bd9af90ba97ce36c19

2013-07-01 12:05:30 -------- d-----w- c:\program files\Microsoft Security Client

2013-07-01 11:25:32 -------- d-----w- c:\users\josh\appdata\roaming\Malwarebytes

2013-07-01 06:43:54 -------- d-----w- c:\programdata\Malwarebytes

2013-07-01 06:43:47 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-07-01 06:43:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-07-01 06:42:30 -------- d-----w- c:\programdata\1E1A5

2013-07-01 00:49:30 -------- d-----w- c:\users\josh\appdata\local\Macromedia

2013-07-01 00:48:36 -------- d-----w- c:\users\josh\appdata\local\Mozilla

2013-06-29 05:26:06 61984 ----a-w- c:\windows\system32\drivers\xusb21.sys

2013-06-29 05:26:06 255496 ----a-w- c:\windows\system32\MijFrc.dll

2013-06-29 05:26:06 -------- d-----w- c:\users\josh\appdata\roaming\MotioninJoy

2013-06-29 05:26:05 99400 ----a-w- c:\windows\system32\drivers\MijXfilt.sys

2013-06-28 23:40:12 34304 ----a-w- c:\windows\system32\drivers\AmdLLD.sys

2013-06-28 23:40:10 -------- d-----w- c:\program files\AMD

2013-06-28 23:39:18 -------- d-----w- c:\windows\system32\AGEIA

2013-06-28 23:39:01 -------- d-----w- c:\program files\common files\Wise Installation Wizard

2013-06-25 06:31:32 -------- d-----w- c:\program files\McAfee Security Scan

2013-06-25 06:28:30 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-06-21 06:39:14 -------- d-----w- c:\users\josh\appdata\roaming\.StarMade

2013-06-18 11:43:54 -------- d-----w- c:\users\josh\appdata\roaming\3909 LLC

2013-06-17 12:00:11 -------- d-----w- c:\users\josh\appdata\local\IsolatedStorage

2013-06-15 09:10:05 163328 ----a-w- c:\windows\system32\FlashPlayerUpdateService.exe

2013-06-15 09:09:34 -------- d-----w- c:\users\josh\appdata\roaming\File Scout

2013-06-11 21:13:06 985600 ----a-w- c:\windows\system32\crypt32.dll

2013-06-11 21:13:06 812544 ----a-w- c:\windows\system32\certutil.exe

2013-06-11 21:13:05 98304 ----a-w- c:\windows\system32\cryptnet.dll

2013-06-11 21:13:05 41984 ----a-w- c:\windows\system32\certenc.dll

2013-06-11 21:13:05 133120 ----a-w- c:\windows\system32\cryptsvc.dll

2013-06-11 21:13:01 443904 ----a-w- c:\windows\system32\win32spl.dll

2013-06-11 21:13:01 37376 ----a-w- c:\windows\system32\printcom.dll

2013-06-11 21:13:00 914792 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-06-11 21:13:00 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys

2013-06-11 21:12:57 3603832 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-06-11 21:12:57 3551096 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-06-11 21:12:52 24576 ----a-w- c:\windows\system32\cryptdlg.dll

2013-06-08 01:55:15 -------- d-----w- c:\users\josh\appdata\roaming\.minecraft

2013-06-05 09:25:19 -------- d-----w- c:\users\josh\appdata\roaming\LolClient

.

==================== Find3M  ====================

.

2013-06-25 06:24:51 867240 ----a-w- c:\windows\system32\npdeployJava1.dll

2013-06-25 06:24:51 789416 ----a-w- c:\windows\system32\deployJava1.dll

2013-06-13 07:39:09 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-06-13 07:39:09 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-06-12 01:43:54 9089416 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe

2013-05-28 07:58:59 139424 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys

2013-05-28 07:58:34 282104 ----a-w- c:\windows\system32\PnkBstrB.xtr

2013-05-28 07:58:34 282104 ----a-w- c:\windows\system32\PnkBstrB.exe

2013-05-28 07:42:02 138056 ----a-w- c:\users\josh\appdata\roaming\PnkBstrK.sys

2013-05-28 07:41:11 75136 ----a-w- c:\windows\system32\PnkBstrA.exe

2013-05-22 12:15:28 18584 ----a-w- c:\windows\system32\drivers\evolve.sys

2013-05-16 22:39:39 1800704 ----a-w- c:\windows\system32\jscript9.dll

2013-05-16 22:28:26 1129472 ----a-w- c:\windows\system32\wininet.dll

2013-05-16 22:27:30 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2013-05-16 22:21:37 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2013-05-16 22:20:30 420864 ----a-w- c:\windows\system32\vbscript.dll

2013-05-16 22:16:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2013-05-02 15:28:50 238872 ------w- c:\windows\system32\MpSigStub.exe

2013-04-15 14:20:04 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2013-04-13 10:56:44 37376 ----a-w- c:\windows\system32\cdd.dll

2013-04-11 01:15:42 2793768 ----a-w- c:\windows\system32\pbsvc.exe

2013-04-09 01:36:18 2049024 ----a-w- c:\windows\system32\win32k.sys

.

============= FINISH:  9:52:13.98 ===============
Link to post
Share on other sites

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft® Windows Vista™ Home Premium 

Boot Device: \Device\HarddiskVolume3

Install Date: 2/07/2009 9:34:23 AM

System Uptime: 5/07/2013 9:32:07 AM (0 hours ago)

.

Motherboard: Dell Inc. |  | 0N826N

Processor: Pentium® Dual-Core  CPU      E5200  @ 2.50GHz | Socket 775 | 1200/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 581 GiB total, 84.347 GiB free.

D: is FIXED (NTFS) - 15 GiB total, 9.737 GiB free.

E: is CDROM ()

F: is Removable

G: is Removable

H: is Removable

I: is Removable

J: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP1372: 25/06/2013 7:47:08 AM - Installed DirectX

RP1373: 25/06/2013 4:20:44 PM - Installed Java 7 Update 25

RP1375: 29/06/2013 9:36:39 AM - Installed DirectX

RP1376: 29/06/2013 9:40:17 AM - Device Driver Package Install: Advanced Micro Devices System devices

RP1377: 29/06/2013 3:33:18 PM - Device Driver Package Install: www.MotioninJoy.com Microsoft Common Controller For Windows Class

RP1378: 1/07/2013 10:42:53 PM - Windows Update

RP1379: 3/07/2013 12:26:17 AM - Scheduled Checkpoint

RP1380: 3/07/2013 3:00:11 AM - Windows Update

RP1382: 3/07/2013 8:58:35 AM - RegRun Virus Scan

RP1383: 3/07/2013 1:22:16 PM - Windows Update

RP1384: 3/07/2013 4:44:35 PM - Removed Ask Toolbar.

RP1385: 3/07/2013 5:37:46 PM - Device Driver Package Install: Advanced Micro Devices, Inc. Display adapters

RP1386: 3/07/2013 5:40:08 PM - Device Driver Package Install: Advanced Micro Devices Sound, video and game controllers

RP1387: 4/07/2013 4:51:29 PM - Scheduled Checkpoint

.

==== Installed Programs ======================

.

 Update for Microsoft Office 2007 (KB2508958)

32 Bit HP CIO Components Installer

7-Zip 9.20

7 Wonders II

Ace of Spades

Acrobat.com

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9

Adobe Shockwave Player 11.6

Alien Swarm

AMD APP SDK Runtime

AMD Catalyst Install Manager

Amnesia - The Dark Descent 

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Arma 2

Arma 2: DayZ Mod

Arma 2: Operation Arrowhead

Arma 2: Operation Arrowhead Beta

ATI Catalyst Control Center

µTorrent

Bandoo

Battlefield Play4Free

BattlEye for OA Uninstall

BattlEye Uninstall

BearShare

Bing Bar

Bonjour

BreakingNews

BufferChm

Build-a-lot 4 - Power Source (remove only)

Call of Duty: Black Ops II - Multiplayer

Call of Duty: Modern Warfare 3 - Multiplayer

CamStudio OSS Desktop Recorder

Camtasia Studio 8

Canon MP Navigator EX 2.0

Canon MP540 series MP Drivers

Canon Utilities Easy-PhotoPrint EX

Canon Utilities My Printer

Canon Utilities Solution Menu

Catalyst Control Center

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

ccc-utility

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CCleaner

Cheat Engine 6.2

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Compatibility Pack for the 2007 Office system

Copy

Counter-Strike: Source

Counter-Strike: Source Beta

Coupon Printer for Windows

Cradle of Rome

Cry of Fear

Cucusoft YouTube Mate 8.15

D3DX10

DayZ Commander

Dead Island

Debut Video Capture Software

Dell-eBay

Dell DataSafe Online

Dell Dock

Dell Edoc Viewer

Dell Getting Started Guide

Dell Support Center (Support Software)

Dell Wireless WLAN Card Utility

Destinations

Desura

Desura: Slender's Woods

DeviceDiscovery

DJ_AIO_05_F4400_Software_Min

DownTango

DownTango Launcher Toolbar

Dual-Core Optimizer

Dxtory version 2.0.121

Endless Space

Euro Truck Simulator 2 Demo

Evolve

F4400

Facebook Video Calling 1.2.0.287

Facemoods Toolbar

Far Cry 2

Farming Simulator 2013 Demo

Fraps

Free Ride Games Player

FreeWordHelper 1.0

FULL-DISKfighter

Garry's Mod

Google Chrome

Google Update Helper

GoToAssist 8.0.0.514

GPBaseService2

Guncraft

Gunpoint Demo

Heartwild Solitaire - Book Two

Heroes of Hellas

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HP Customer Participation Program 14.0

HP Deskjet F4400 Printer Driver Software 14.0 Rel. 5

HP Imaging Device Functions 14.0

HP Photo Creations

HP Smart Web Printing 4.60

HP Solution Center 14.0

HP Update

HPDiagnosticAlert

HPPhotoGadget

HPProductAssistant

HPSSupply

iMesh

iPod To Computer Transfer 6.2

iTunes

Java 7 Update 25

Java Auto Updater

Java SE Development Kit 7 Update 21

Java 6 Update 35

Java 7

Java 7 Update 5

JavaFX 2.1.1

Junk Mail filter update

League of Legends

LogMeIn Hamachi

Magicka

Malwarebytes Anti-Malware version 1.75.0.1300

MarketResearch

McAfee Security Scan Plus

Mesh Runtime

Messenger Companion

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Expression Encoder 4

Microsoft Expression Encoder 4 Screen Capture Codec

Microsoft Flight

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office Live Add-in 1.5

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106

Microsoft Works

Microsoft XNA Framework Redistributable 3.1

Microsoft XNA Framework Redistributable 4.0

Moonbase Alpha

MotioninJoy ds3 driver version 0.5.0000

Mozilla Firefox 14.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NetMeter 1.1.4 BETA

NetWorx 5.0.2

Norton Internet Security

Norton Security Scan

Notepad++

NVIDIA PhysX v8.10.29

OGA Notifier 2.0.0048.0

Pando Media Booster

Paradise Beach

PCHealthDoc Unzip 1.0

Picasa 3

Pivot Stickfigure Animator

PlanetSide 2

Play withSIX

PunkBuster Services

QuickTime

Realtek High Definition Audio Driver

Renaissance Heroes

ROBLOX Player for josh

Roxio Creator Audio

Roxio Creator Copy

Roxio Creator Data

Roxio Creator DE

Roxio Creator Tools

Roxio Express Labeler 3

Roxio Update Manager

Saints Row: The Third

Scan

Screencast-O-Matic

Searchqu Toolbar

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition 

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition 

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition 

Segoe UI

Shop for HP Supplies

Skins

Skype Click to Call

Skype™ 6.6

SmartWebPrinting

Softonic toolbar  on IE

SolutionCenter

SPORE™

Status

Steam

Stellarium 0.11.4

SweetIM for Messenger 3.6

SweetIM Toolbar for Internet Explorer 4.2

swMSM

Team Fortress 2

Terraria

Time Riddles: The Mansion

Toolbox

TopArcadeHits

TrayApp

UnHackMe 5.99 release

Uniblue DriverScanner

Uniblue RegistryBooster

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB2836940)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2836939)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

VirtualDJ Home FREE

War Thunder Launcher 1.0.1.164

Web Assistant 2.0.0.478

WebReg

Wincore MediaBar

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinRAR 4.20 (32-bit)

WinZip 16.0

Xfire

XSplit

Zoom Downloader

.

==== Event Viewer Messages From Past Week ========

.

5/07/2013 9:37:02 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate1caff9443795676) service to connect.

5/07/2013 9:37:02 AM, Error: Service Control Manager [7000]  - The Google Update Service (gupdate1caff9443795676) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

5/07/2013 9:34:08 AM, Error: Service Control Manager [7023]  - The WinDefend service terminated with the following error:  Access is denied.

5/07/2013 9:34:08 AM, Error: Service Control Manager [7019]  - The Microsoft Network Inspection System service depends on a service in a group which starts later. Change the order in the service dependency tree to ensure that all services required to start this service are starting before this service is started.

5/07/2013 9:34:08 AM, Error: Service Control Manager [7018]  - Detected circular dependencies auto-starting services. Check the service dependency tree.

5/07/2013 9:32:42 AM, Error: EventLog [6008]  - The previous system shutdown at 8:46:22 AM on 5/07/2013 was unexpected.

4/07/2013 7:49:40 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.

4/07/2013 7:48:34 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the LogMeIn Hamachi Tunneling Engine service to connect.

4/07/2013 7:48:34 AM, Error: Service Control Manager [7000]  - The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

4/07/2013 7:48:22 AM, Error: Service Control Manager [7030]  - The LogMeIn Hamachi Tunneling Engine service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

4/07/2013 7:46:51 AM, Error: EventLog [6008]  - The previous system shutdown at 10:44:18 PM on 3/07/2013 was unexpected.

30/06/2013 10:48:37 AM, Error: EventLog [6008]  - The previous system shutdown at 9:19:02 PM on 29/06/2013 was unexpected.

3/07/2013 8:11:54 AM, Error: Service Control Manager [7043]  - The Windows Update service did not shut down properly after receiving a preshutdown control.

3/07/2013 5:40:00 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the AMD External Events Utility service to connect.

3/07/2013 5:40:00 PM, Error: Service Control Manager [7000]  - The AMD External Events Utility service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

3/07/2013 3:07:16 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Server 2003, Vista and Server 2008 x86 (KB2836940).

3/07/2013 3:03:29 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008 x86 (KB2836939).

3/07/2013 12:12:54 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 1.153.969.0   Update Source: Microsoft Update Server   Update Stage: Search   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:   Previous Engine Version: 1.1.9607.0   Error code: 0x8024402c   Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 

3/07/2013 1:35:50 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.

3/07/2013 1:35:50 PM, Error: Service Control Manager [7000]  - The Windows Media Player Network Sharing Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

29/06/2013 5:27:46 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.

29/06/2013 5:27:46 PM, Error: Service Control Manager [7000]  - The Windows Modules Installer service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

29/06/2013 5:27:46 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

29/06/2013 5:21:56 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Common Toolkit Tools service to connect.

29/06/2013 5:21:56 PM, Error: Service Control Manager [7000]  - The Common Toolkit Tools service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

29/06/2013 5:21:56 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service Common Toolkit Tools with arguments "" in order to run the server: {23ACFB23-2EFF-40F4-B941-96840990CCAB}

29/06/2013 5:17:14 PM, Error: EventLog [6008]  - The previous system shutdown at 3:52:45 PM on 29/06/2013 was unexpected.

28/06/2013 2:26:11 PM, Error: EventLog [6008]  - The previous system shutdown at 11:01:57 PM on 27/06/2013 was unexpected.

2/07/2013 5:17:53 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 1.153.969.0   Update Source: Microsoft Update Server   Update Stage: Search   Source Path: http://www.microsoft.com   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:   Previous Engine Version: 1.1.9607.0   Error code: 0x8024402c   Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 

1/07/2013 7:39:54 PM, Error: Microsoft-Windows-WMPNSS-Service [14325]  - Service 'WMPNetworkSvc' did not start correctly because QueryService encountered error '0x80070424'. In Windows Media Player, turn off media sharing, and then turn it back on.

1/07/2013 6:31:55 PM, Error: Service Control Manager [7003]  - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

1/07/2013 6:31:55 PM, Error: Service Control Manager [7003]  - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

1/07/2013 6:31:55 PM, Error: Service Control Manager [7000]  - The Microsoft Antimalware Service service failed to start due to the following error:  The system cannot find the file specified.

1/07/2013 5:37:11 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {AE3A66BB-85FE-49B8-BF7B-4DB4E0005091}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

1/07/2013 5:33:54 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the BrowserProtect service, but this action failed with the following error:  An instance of the service is already running.

1/07/2013 5:33:24 PM, Error: Service Control Manager [7031]  - The BrowserProtect service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

1/07/2013 4:22:50 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the iPod Service service to connect.

1/07/2013 4:22:50 PM, Error: Service Control Manager [7000]  - The iPod Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

1/07/2013 4:22:50 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}

1/07/2013 4:19:56 PM, Error: EventLog [6008]  - The previous system shutdown at 4:17:57 PM on 1/07/2013 was unexpected.

1/07/2013 10:16:50 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

1/07/2013 10:16:50 PM, Error: Service Control Manager [7000]  - The Windows Search service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

1/07/2013 10:16:33 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.

1/07/2013 10:16:33 PM, Error: Service Control Manager [7000]  - The Apple Mobile Device service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

1/07/2013 10:10:08 PM, Error: Service Control Manager [7023]  - The Computer Browser service terminated with the following error:  The specified service does not exist as an installed service.

1/07/2013 10:07:46 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:   Previous Signature Version: 1.151.2073.0   Update Source: Microsoft Update Server   Update Stage: Search   Source Path: Default URL   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:   Previous Engine Version: 1.1.9506.0   Error code: 0x80070424   Error description: The specified service does not exist as an installed service. 

.

==== End Of File ===========================
Link to post
Share on other sites

Step 1

I notice that you are using more than one antivirus program.

  • Microsoft Security Essentials
  • Norton Internet Security
This is very dangerous, as multiple Antivirus programs can interfere with one another and actually allow more viruses to get through. It is important that only one antivirus program is running realtime protection. If you have license for Norton Internet Security, I strongly recommend you to keep it, if not uninstall it and leave Microsoft Security Essentials.

Also, please uninstall the following programs:

µTorrent

Bandoo

Coupon Printer for Windows

Facemoods Toolbar

Searchqu Toolbar

Softonic toolbar on IE

Uniblue DriverScanner

Uniblue RegistryBooster

Wincore MediaBar

Finally, restart your computer.

Step 2

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 3

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.
Step 4

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    image000q.png

  • Put a checkmark beside loaded modules.

    2012081514h0118.png

  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.

    2012081517h0349.png

  • Click the Start Scan button.

    19695967.jpg

  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    67776163.jpg

  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.

    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

    62117367.jpg

    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
Step 5
  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • AdwCleaner log
  • TDSSKiller log
  • Malwarebytes' Anti-Malware log
  • a new fresh DDS log
Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.9.4 (05.06.2013:1)

OS: Windows Vista Home Premium x86

Ran by josh on Sun 07/07/2013 at 11:12:09.70

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

Successfully stopped: [service] wajamupdater 

Successfully deleted: [service] wajamupdater 

Successfully stopped: [service] web assistant updater 

Successfully deleted: [service] web assistant updater 

 

 

 

~~~ Registry Values

 

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\New Windows\Allow\\*.crossrider.com

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC}

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7}

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113}

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} 

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} 

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\wtb.band

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\wtb.band.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\bandoo

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\datamngr

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\startsearch

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\tarma installer

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wajam

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\wajam

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\web assistant

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\crossrider

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\pricegong

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\searchqutoolbar

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\bandoocore.exe

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\browserconnection.dll

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\discoveryhelper.dll

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\dnsbho.dll

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\extension.dll

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\genericasktoolbar.dll

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\imtrprogress.dll

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\imweb.dll

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\priam_bho.dll

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\pricegongie.dll

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\wajam.dll

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\wmhelper.dll

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocore.bandoocore

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocore.bandoocore.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocore.resourcesmngr

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocore.resourcesmngr.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocore.settingsmngr

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocore.settingsmngr.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocore.statisticmngr

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bandoocore.statisticmngr.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\browserconnection.loader

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\browserconnection.loader.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\discoveryhelper.imesh6discovery

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\discoveryhelper.imesh6discovery.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnsbho.bho

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnsbho.bho.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\imweb.imwebcontrol

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthost.tool

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthost.tool.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\sim-packages

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\sweetie.ietoolbar

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\sweetie.ietoolbar.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\sweetim_urlsearchhook.toolbarurlsearchhook

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.sweetie

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.sweetie.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajambho

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajambho.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.notificationsource

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.notificationsource.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.sourcesinkimpl

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.sourcesinkimpl.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.toolbarinfo

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.toolbarinfo.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\windows\currentversion\app paths\sweetim.exe

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{52AC9703-45DB-48CB-A233-DFB87D488AF3}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493F-B0DA-6D2FC5E6429E}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A229BC5B-E7A2-447B-B015-1E7CA944978D}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B52D0735-EC19-448A-ABDE-E01B5BD275D2}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5C66DD8-308B-4A4F-AF0A-3D04F25B5343}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} 

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} 

 

 

 

~~~ Files

 

Successfully deleted: [File] "C:\end"

Successfully deleted: [File] "C:\Users\josh\AppData\Local\Temp\searchqutoolbar-manifest.xml"

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\ProgramData\babylonupdater"

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"

Successfully deleted: [Folder] "C:\ProgramData\free ride games"

Successfully deleted: [Folder] "C:\ProgramData\premium"

Successfully deleted: [Folder] "C:\ProgramData\trymedia"

Successfully deleted: [Folder] "C:\Users\josh\AppData\Roaming\dealply"

Successfully deleted: [Folder] "C:\Users\josh\AppData\Roaming\downtangolaunchertoolbar"

Successfully deleted: [Folder] "C:\Users\josh\AppData\Roaming\file scout"

Successfully deleted: [Folder] "C:\Users\josh\appdata\local\downtango"

Successfully deleted: [Folder] "C:\Users\josh\appdata\local\swvupdater"

Successfully deleted: [Folder] "C:\Users\josh\appdata\locallow\babylontoolbar"

Successfully deleted: [Folder] "C:\Users\josh\appdata\locallow\downtangolaunchertoolbar"

Successfully deleted: [Folder] "C:\Users\josh\appdata\locallow\ibryte"

Successfully deleted: [Folder] "C:\Users\josh\appdata\locallow\mediabarim"

Successfully deleted: [Folder] "C:\Users\josh\appdata\locallow\pricegong"

Successfully deleted: [Folder] "C:\Users\josh\appdata\locallow\searchquband"

Successfully deleted: [Folder] "C:\Users\josh\appdata\locallow\simplytech"

Successfully deleted: [Folder] "C:\Users\josh\appdata\locallow\softonic"

Successfully deleted: [Folder] "C:\Users\josh\appdata\locallow\sweetim"

Successfully deleted: [Folder] "C:\Program Files\downtangolaunchertoolbar"

Successfully deleted: [Folder] "C:\Program Files\free ride games"

Successfully deleted: [Folder] "C:\Program Files\ibryte"

Successfully deleted: [Folder] "C:\Program Files\imesh applications"

Successfully deleted: [Folder] "C:\Program Files\sweetim"

Successfully deleted: [Folder] "C:\Program Files\wajam"

Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dealply"

Successfully deleted: [Folder] "C:\Users\josh\AppData\Roaming\microsoft\windows\start menu\programs\free ride games"

Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"

Successfully deleted: [Folder] "C:\ProgramData\ask" 

 

 

 

~~~ FireFox

 

Successfully deleted: [File] C:\user.js

Successfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml"

Successfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\bearsharewebsearch.xml"

Successfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\fcmdsrch.xml"

Successfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\imeshwebsearch.xml"

Successfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\searchquwebsearch.xml"

Successfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\searchresults.xml"

Successfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\websearch.xml"

Successfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\web search.xml"

Successfully deleted: [File] C:\Users\josh\AppData\Roaming\mozilla\firefox\profiles\lxx114p3.default\user.js

Successfully deleted: [File] C:\Users\josh\AppData\Roaming\mozilla\firefox\profiles\lxx114p3.default\searchplugins\babylon.xml

Successfully deleted: [File] C:\Users\josh\AppData\Roaming\mozilla\firefox\profiles\lxx114p3.default\searchplugins\mystart search.xml

Successfully deleted: [Folder] C:\Users\josh\AppData\Roaming\mozilla\firefox\profiles\lxx114p3.default\extensions\ffxtlbr@babylon.com

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{336D0C35-8A85-403A-B9D2-65C292C39087}

 

 

 

~~~ Chrome

 

Successfully deleted: [Folder] C:\Users\josh\appdata\local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ejdabpabkmacjiiooccecnpakonoibah

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Sun 07/07/2013 at 11:14:39.57

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to post
Share on other sites

18:25:26.0423 20388  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

18:25:28.0426 20388  ============================================================

18:25:28.0426 20388  Current date / time: 2013/07/01 18:25:28.0426

18:25:28.0426 20388  SystemInfo:

18:25:28.0426 20388  

18:25:28.0426 20388  OS Version: 6.0.6002 ServicePack: 2.0

18:25:28.0426 20388  Product type: Workstation

18:25:28.0426 20388  ComputerName: WILLIAMS-PC

18:25:28.0427 20388  UserName: Williams

18:25:28.0427 20388  Windows directory: C:\Windows

18:25:28.0427 20388  System windows directory: C:\Windows

18:25:28.0427 20388  Processor architecture: Intel x86

18:25:28.0427 20388  Number of processors: 2

18:25:28.0427 20388  Page size: 0x1000

18:25:28.0427 20388  Boot type: Normal boot

18:25:28.0427 20388  ============================================================

18:25:29.0914 20388  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

18:25:29.0936 20388  Drive \Device\Harddisk5\DR8 - Size: 0x77800000 (1.87 Gb), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

18:25:29.0937 20388  ============================================================

18:25:29.0937 20388  \Device\Harddisk0\DR0:

18:25:29.0937 20388  MBR partitions:

18:25:29.0938 20388  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1F800, BlocksNum 0x1E00000

18:25:29.0938 20388  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E1F800, BlocksNum 0x48A38000

18:25:29.0938 20388  \Device\Harddisk5\DR8:

18:25:29.0938 20388  MBR partitions:

18:25:29.0938 20388  \Device\Harddisk5\DR8\Partition1: MBR, Type 0xC, StartLBA 0x40, BlocksNum 0x3BBFC0

18:25:29.0938 20388  ============================================================

18:25:29.0964 20388  C: <-> \Device\Harddisk0\DR0\Partition2

18:25:29.0999 20388  D: <-> \Device\Harddisk0\DR0\Partition1

18:25:30.0000 20388  ============================================================

18:25:30.0000 20388  Initialize success

18:25:30.0000 20388  ============================================================

18:26:00.0554 10084  ============================================================

18:26:00.0554 10084  Scan started

18:26:00.0554 10084  Mode: Manual; 

18:26:00.0554 10084  ============================================================

18:26:03.0331 10084  ================ Scan system memory ========================

18:26:03.0331 10084  System memory - ok

18:26:03.0333 10084  ================ Scan services =============================

18:26:03.0563 10084  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys

18:26:03.0575 10084  ACPI - ok

18:26:03.0672 10084  [ 249A44DCFA2500EB1C020E33A3E9F25B ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

18:26:03.0673 10084  AdobeFlashPlayerUpdateSvc - ok

18:26:03.0719 10084  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys

18:26:03.0737 10084  adp94xx - ok

18:26:03.0781 10084  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys

18:26:03.0786 10084  adpahci - ok

18:26:03.0804 10084  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys

18:26:03.0805 10084  adpu160m - ok

18:26:03.0835 10084  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys

18:26:03.0837 10084  adpu320 - ok

18:26:03.0873 10084  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

18:26:03.0874 10084  AeLookupSvc - ok

18:26:03.0921 10084  [ 973F07C81F3B90C44C9BEAE261F7C93D ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe

18:26:03.0922 10084  AERTFilters - ok

18:26:03.0986 10084  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys

18:26:03.0991 10084  AFD - ok

18:26:04.0018 10084  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys

18:26:04.0019 10084  agp440 - ok

18:26:04.0056 10084  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys

18:26:04.0057 10084  aic78xx - ok

18:26:04.0080 10084  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe

18:26:04.0081 10084  ALG - ok

18:26:04.0101 10084  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys

18:26:04.0102 10084  aliide - ok

18:26:04.0129 10084  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys

18:26:04.0130 10084  amdagp - ok

18:26:04.0146 10084  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys

18:26:04.0147 10084  amdide - ok

18:26:04.0166 10084  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys

18:26:04.0167 10084  AmdK7 - ok

18:26:04.0181 10084  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys

18:26:04.0183 10084  AmdK8 - ok

18:26:04.0238 10084  [ AD8FA28D8ED0D0A689A0559085CE0F18 ] AmdLLD          C:\Windows\system32\DRIVERS\AmdLLD.sys

18:26:04.0239 10084  AmdLLD - ok

18:26:04.0296 10084  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll

18:26:04.0297 10084  Appinfo - ok

18:26:04.0412 10084  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

18:26:04.0414 10084  Apple Mobile Device - ok

18:26:04.0434 10084  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys

18:26:04.0436 10084  arc - ok

18:26:04.0456 10084  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys

18:26:04.0458 10084  arcsas - ok

18:26:04.0595 10084  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

18:26:04.0619 10084  aspnet_state - ok

18:26:04.0646 10084  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

18:26:04.0647 10084  AsyncMac - ok

18:26:04.0684 10084  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys

18:26:04.0684 10084  atapi - ok

18:26:04.0843 10084  [ 02CBD9AF51BE20608C21547582723FC8 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe

18:26:04.0861 10084  Ati External Event Utility - ok

18:26:04.0979 10084  [ 7A46CF1F1075EB0340EA40F12D88A862 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys

18:26:05.0063 10084  atikmdag - ok

18:26:05.0089 10084  Scan interrupted by user!

18:26:05.0089 10084  ================ Scan global ===============================

18:26:05.0089 10084  Scan interrupted by user!

18:26:05.0089 10084  ================ Scan MBR ==================================

18:26:05.0089 10084  Scan interrupted by user!

18:26:05.0089 10084  ================ Scan VBR ==================================

18:26:05.0089 10084  Scan interrupted by user!

18:26:05.0089 10084  ============================================================

18:26:05.0089 10084  Scan finished

18:26:05.0089 10084  ============================================================

18:26:05.0102 4260  Detected object count: 0

18:26:05.0102 4260  Actual detected object count: 0

18:26:32.0842 24044  ============================================================

18:26:32.0842 24044  Scan started

18:26:32.0842 24044  Mode: Manual; SigCheck; TDLFS; 

18:26:32.0842 24044  ============================================================

18:26:33.0534 24044  ================ Scan system memory ========================

18:26:33.0534 24044  System memory - ok

18:26:33.0535 24044  ================ Scan services =============================

18:26:33.0684 24044  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys

18:26:33.0856 24044  ACPI - ok

18:26:33.0976 24044  [ 249A44DCFA2500EB1C020E33A3E9F25B ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

18:26:34.0032 24044  AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - warning

18:26:34.0032 24044  AdobeFlashPlayerUpdateSvc - detected UnsignedFile.Multi.Generic (1)

18:26:34.0086 24044  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys

18:26:34.0141 24044  adp94xx - ok

18:26:34.0168 24044  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys

18:26:34.0188 24044  adpahci - ok

18:26:34.0220 24044  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys

18:26:34.0240 24044  adpu160m - ok

18:26:34.0325 24044  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys

18:26:34.0343 24044  adpu320 - ok

18:26:34.0376 24044  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

18:26:34.0507 24044  AeLookupSvc - ok

18:26:34.0713 24044  [ 973F07C81F3B90C44C9BEAE261F7C93D ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe

18:26:34.0781 24044  AERTFilters - ok

18:26:34.0828 24044  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys

18:26:34.0904 24044  AFD - ok

18:26:34.0926 24044  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys

18:26:34.0942 24044  agp440 - ok

18:26:34.0965 24044  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys

18:26:34.0983 24044  aic78xx - ok

18:26:35.0013 24044  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe

18:26:35.0102 24044  ALG - ok

18:26:35.0135 24044  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys

18:26:35.0150 24044  aliide - ok

18:26:35.0169 24044  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys

18:26:35.0185 24044  amdagp - ok

18:26:35.0203 24044  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys

18:26:35.0221 24044  amdide - ok

18:26:35.0241 24044  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys

18:26:35.0294 24044  AmdK7 - ok

18:26:35.0332 24044  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys

18:26:35.0384 24044  AmdK8 - ok

18:26:35.0463 24044  [ AD8FA28D8ED0D0A689A0559085CE0F18 ] AmdLLD          C:\Windows\system32\DRIVERS\AmdLLD.sys

18:26:35.0527 24044  AmdLLD - ok

18:26:35.0554 24044  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll

18:26:35.0658 24044  Appinfo - ok

18:26:35.0903 24044  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

18:26:35.0920 24044  Apple Mobile Device - ok

18:26:35.0934 24044  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys

18:26:35.0951 24044  arc - ok

18:26:35.0973 24044  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys

18:26:35.0990 24044  arcsas - ok

18:26:36.0170 24044  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

18:26:36.0185 24044  aspnet_state - ok

18:26:36.0204 24044  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

18:26:36.0245 24044  AsyncMac - ok

18:26:36.0284 24044  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys

18:26:36.0300 24044  atapi - ok

18:26:36.0335 24044  [ 02CBD9AF51BE20608C21547582723FC8 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe

18:26:36.0452 24044  Ati External Event Utility - ok

18:26:36.0631 24044  [ 7A46CF1F1075EB0340EA40F12D88A862 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys

18:26:36.0820 24044  atikmdag - ok

18:26:36.0938 24044  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

18:26:37.0004 24044  AudioEndpointBuilder - ok

18:26:37.0011 24044  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll

18:26:37.0043 24044  Audiosrv - ok

18:26:37.0139 24044  [ 29D3E7E54992225D853F8665D573EC5D ] Bandoo Coordinator C:\PROGRA~1\Bandoo\Bandoo.exe

18:26:37.0273 24044  Bandoo Coordinator - ok

18:26:37.0471 24044  [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc           C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe

18:26:37.0492 24044  BBSvc - ok

18:26:37.0510 24044  [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate        C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe

18:26:37.0532 24044  BBUpdate - ok

18:26:37.0560 24044  [ 423C7B87E886AC93D22936EA82665F83 ] BCM42RLY        C:\Windows\system32\drivers\BCM42RLY.sys

18:26:37.0583 24044  BCM42RLY - ok

18:26:37.0651 24044  [ B56999BE8F22BA3071E4CEAFA9E82E26 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys

18:26:37.0783 24044  BCM43XX - ok

18:26:37.0861 24044  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys

18:26:37.0889 24044  Beep - ok

18:26:38.0136 24044  [ A503D32AE26F77CB942AED530112EDAA ] BHDrvx86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120517.001\BHDrvx86.sys

18:26:38.0174 24044  BHDrvx86 - ok

18:26:38.0220 24044  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys

18:26:38.0284 24044  blbdrive - ok

18:26:38.0421 24044  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

18:26:38.0443 24044  Bonjour Service - ok

18:26:38.0495 24044  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

18:26:38.0573 24044  bowser - ok

18:26:38.0628 24044  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys

18:26:38.0667 24044  BrFiltLo - ok

18:26:38.0682 24044  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys

18:26:38.0733 24044  BrFiltUp - ok

18:26:38.0792 24044  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll

18:26:38.0867 24044  Browser - ok

18:26:39.0237 24044  [ 981794879E8FD26CDD6ABCFF3F3F65EF ] BrowserProtect  C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe

18:26:39.0389 24044  BrowserProtect - ok

18:26:39.0438 24044  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys

18:26:39.0596 24044  Brserid - ok

18:26:39.0645 24044  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys

18:26:39.0716 24044  BrSerWdm - ok

18:26:39.0738 24044  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys

18:26:39.0791 24044  BrUsbMdm - ok

18:26:39.0811 24044  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys

18:26:39.0869 24044  BrUsbSer - ok

18:26:39.0916 24044  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys

18:26:40.0000 24044  BTHMODEM - ok

18:26:40.0073 24044  [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5        C:\Windows\system32\drivers\BVRPMPR5.SYS

18:26:40.0110 24044  BVRPMPR5 ( UnsignedFile.Multi.Generic ) - warning

18:26:40.0110 24044  BVRPMPR5 - detected UnsignedFile.Multi.Generic (1)

18:26:40.0290 24044  [ ACE85AF1C31F68BDFEE9333F6592917E ] ccSet_NIS       C:\Windows\system32\drivers\NIS\1309010.00E\ccSetx86.sys

18:26:40.0308 24044  ccSet_NIS - ok

18:26:40.0323 24044  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

18:26:40.0375 24044  cdfs - ok

18:26:40.0427 24044  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

18:26:40.0476 24044  cdrom - ok

18:26:40.0521 24044  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll

18:26:40.0552 24044  CertPropSvc - ok

18:26:40.0574 24044  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys

18:26:40.0603 24044  circlass - ok

18:26:40.0648 24044  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys

18:26:40.0672 24044  CLFS - ok

18:26:40.0706 24044  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

18:26:40.0724 24044  clr_optimization_v2.0.50727_32 - ok

18:26:40.0810 24044  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

18:26:41.0172 24044  clr_optimization_v4.0.30319_32 - ok

18:26:41.0231 24044  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys

18:26:41.0247 24044  cmdide - ok

18:26:41.0453 24044  [ FED3549F39ED71EB00EEE062151EA47B ] Common Toolkit Tools C:\Program Files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe

18:26:41.0507 24044  Common Toolkit Tools - ok

18:26:41.0546 24044  [ 4FC0A44DA7603229E1A9454126A59EFD ] Compbatt        C:\Windows\system32\drivers\compbatt.sys

18:26:41.0563 24044  Compbatt - ok

18:26:41.0568 24044  COMSysApp - ok

18:26:41.0593 24044  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys

18:26:41.0610 24044  crcdisk - ok

18:26:41.0637 24044  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys

18:26:41.0682 24044  Crusoe - ok

18:26:41.0765 24044  [ 3EDE4C1F9672C972479201544969ADCB ] CryptSvc        C:\Windows\system32\cryptsvc.dll

18:26:41.0834 24044  CryptSvc - ok

18:26:41.0894 24044  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll

18:26:41.0992 24044  DcomLaunch - ok

18:26:42.0077 24044  [ 2B9A817DC1BDAD9CE5495099B6A7136A ] Desura Install Service C:\Program Files\Common Files\Desura\desura_service.exe

18:26:42.0093 24044  Desura Install Service - ok

18:26:42.0155 24044  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

18:26:42.0287 24044  DfsC - ok

18:26:42.0342 24044  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe

18:26:42.0614 24044  DFSR - ok

18:26:42.0728 24044  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll

18:26:42.0787 24044  Dhcp - ok

18:26:42.0872 24044  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys

18:26:42.0904 24044  disk - ok

18:26:42.0981 24044  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll

18:26:43.0024 24044  Dnscache - ok

18:26:43.0120 24044  [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe

18:26:43.0181 24044  DockLoginService ( UnsignedFile.Multi.Generic ) - warning

18:26:43.0181 24044  DockLoginService - detected UnsignedFile.Multi.Generic (1)

18:26:43.0232 24044  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll

18:26:43.0285 24044  dot3svc - ok

18:26:43.0354 24044  [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys

18:26:43.0414 24044  Dot4 - ok

18:26:43.0449 24044  [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys

18:26:43.0516 24044  Dot4Print - ok

18:26:43.0554 24044  [ C55004CA6B419B6695970DFE849B122F ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys

18:26:43.0592 24044  dot4usb - ok

18:26:43.0674 24044  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll

18:26:43.0732 24044  DPS - ok

18:26:43.0806 24044  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

18:26:43.0859 24044  drmkaud - ok

18:26:43.0995 24044  [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

18:26:44.0038 24044  DXGKrnl - ok

18:26:44.0105 24044  [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys

18:26:44.0161 24044  e1express - ok

18:26:44.0183 24044  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys

18:26:44.0231 24044  E1G60 - ok

18:26:44.0250 24044  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll

18:26:44.0315 24044  EapHost - ok

18:26:44.0396 24044  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys

18:26:44.0416 24044  Ecache - ok

18:26:44.0498 24044  [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

18:26:44.0522 24044  eeCtrl - ok

18:26:44.0562 24044  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

18:26:44.0600 24044  ehRecvr - ok

18:26:44.0617 24044  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe

18:26:44.0661 24044  ehSched - ok

18:26:44.0673 24044  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll

18:26:44.0707 24044  ehstart - ok

18:26:44.0820 24044  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys

18:26:44.0907 24044  elxstor - ok

18:26:44.0973 24044  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll

18:26:45.0067 24044  EMDMgmt - ok

18:26:45.0155 24044  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

18:26:45.0174 24044  EraserUtilRebootDrv - ok

18:26:45.0211 24044  [ F2A80DE2D1B7116052C09CB4D4CA1416 ] ErrDev          C:\Windows\system32\drivers\errdev.sys

18:26:45.0272 24044  ErrDev - ok

18:26:45.0357 24044  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll

18:26:45.0398 24044  EventSystem - ok

18:26:45.0485 24044  [ 7FA352252FE7F5BD7D235A66AA1F69FE ] EvolveVirtualAdapter C:\Windows\system32\DRIVERS\evolve.sys

18:26:45.0505 24044  EvolveVirtualAdapter - ok

18:26:45.0665 24044  [ 858F6C2F1FB3F5005F532FE961947DB4 ] EvoSvc          C:\Program Files\Echobit\Evolve\EvoSvc.exe

18:26:45.0724 24044  EvoSvc - ok

18:26:45.0820 24044  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys

18:26:45.0886 24044  exfat - ok

18:26:45.0959 24044  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys

18:26:46.0020 24044  fastfat - ok

18:26:46.0083 24044  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

18:26:46.0116 24044  fdc - ok

18:26:46.0153 24044  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll

18:26:46.0222 24044  fdPHost - ok

18:26:46.0227 24044  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll

18:26:46.0317 24044  FDResPub - ok

18:26:46.0332 24044  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

18:26:46.0349 24044  FileInfo - ok

18:26:46.0375 24044  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

18:26:46.0444 24044  Filetrace - ok

18:26:46.0496 24044  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys

18:26:46.0581 24044  flpydisk - ok

18:26:46.0610 24044  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

18:26:46.0665 24044  FltMgr - ok

18:26:46.0759 24044  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll

18:26:46.0954 24044  FontCache - ok

18:26:47.0011 24044  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

18:26:47.0029 24044  FontCache3.0.0.0 - ok

18:26:47.0139 24044  [ 5EEBF3E55ABC8FB1D34C19EB1231681A ] FreeWordHelper  C:\Program Files\FreeWordHelper\FreeWordHelperUpdt.exe

18:26:47.0282 24044  FreeWordHelper ( UnsignedFile.Multi.Generic ) - warning

18:26:47.0282 24044  FreeWordHelper - detected UnsignedFile.Multi.Generic (1)

18:26:47.0341 24044  [ D909075FA72C090F27AA926C32CB4612 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys

18:26:47.0373 24044  fssfltr - ok

18:26:47.0477 24044  [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe

18:26:47.0643 24044  fsssvc - ok

18:26:47.0705 24044  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

18:26:47.0809 24044  Fs_Rec - ok

18:26:47.0868 24044  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys

18:26:47.0886 24044  gagp30kx - ok

18:26:47.0964 24044  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

18:26:47.0977 24044  GEARAspiWDM - ok

18:26:48.0059 24044  [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist      C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe

18:26:48.0073 24044  GoToAssist - ok

18:26:48.0161 24044  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll

18:26:48.0248 24044  gpsvc - ok

18:26:48.0381 24044  [ 626A24ED1228580B9518C01930936DF9 ] gupdate1caff9443795676 C:\Program Files\Google\Update\GoogleUpdate.exe

18:26:48.0395 24044  gupdate1caff9443795676 - ok

18:26:48.0434 24044  [ 626A24ED1228580B9518C01930936DF9 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe

18:26:48.0452 24044  gupdatem - ok

18:26:48.0502 24044  [ C1B577B2169900F4CF7190C39F085794 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

18:26:48.0535 24044  gusvc - ok

18:26:48.0593 24044  [ 833051C6C6C42117191935F734CFBD97 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys

18:26:48.0608 24044  hamachi - ok

18:26:48.0719 24044  [ FAC31204987B0BC037938DCEBFAAAE6F ] Hamachi2Svc     C:\Program Files\LogMeIn Hamachi\hamachi-2.exe

18:26:48.0806 24044  Hamachi2Svc - ok

18:26:48.0941 24044  [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

18:26:49.0010 24044  HdAudAddService - ok

18:26:49.0073 24044  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys

18:26:49.0155 24044  HDAudBus - ok

18:26:49.0213 24044  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys

18:26:49.0263 24044  HidBth - ok

18:26:49.0283 24044  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys

18:26:49.0345 24044  HidIr - ok

18:26:49.0390 24044  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll

18:26:49.0428 24044  hidserv - ok

18:26:49.0468 24044  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

18:26:49.0504 24044  HidUsb - ok

18:26:49.0540 24044  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll

18:26:49.0589 24044  hkmsvc - ok

18:26:49.0604 24044  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys

18:26:49.0621 24044  HpCISSs - ok

18:26:49.0756 24044  [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll

18:26:49.0776 24044  hpqcxs08 - ok

18:26:49.0794 24044  [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll

18:26:49.0809 24044  hpqddsvc - ok

18:26:49.0862 24044  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys

18:26:49.0946 24044  HTTP - ok

18:26:49.0994 24044  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys

18:26:50.0011 24044  i2omp - ok

18:26:50.0037 24044  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys

18:26:50.0070 24044  i8042prt - ok

18:26:50.0113 24044  [ 8EF427C54497C5F8A7A645990E4278C7 ] iaStor          C:\Windows\system32\drivers\iastor.sys

18:26:50.0136 24044  iaStor - ok

18:26:50.0160 24044  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys

18:26:50.0183 24044  iaStorV - ok

18:26:50.0276 24044  [ 81EACB021DC52E908187861FD92370B4 ] IBUpdaterService C:\Windows\system32\dmwu.exe

18:26:50.0362 24044  IBUpdaterService - ok

18:26:50.0458 24044  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

18:26:50.0551 24044  IDriverT ( UnsignedFile.Multi.Generic ) - warning

18:26:50.0551 24044  IDriverT - detected UnsignedFile.Multi.Generic (1)

18:26:50.0624 24044  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

18:26:50.0709 24044  idsvc - ok

18:26:50.0914 24044  [ F9069CE7A7B9F9BA75D009B0CE3D7601 ] IDSVix86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120601.001\IDSvix86.sys

18:26:50.0959 24044  IDSVix86 - ok

18:26:51.0009 24044  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys

18:26:51.0028 24044  iirsp - ok

18:26:51.0107 24044  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll

18:26:51.0177 24044  IKEEXT - ok

18:26:51.0307 24044  [ DAAD0B351A544D3A76770F4BBD75260F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys

18:26:51.0444 24044  IntcAzAudAddService - ok

18:26:51.0519 24044  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys

18:26:51.0554 24044  intelide - ok

18:26:51.0627 24044  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

18:26:51.0699 24044  intelppm - ok

18:26:51.0736 24044  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

18:26:51.0784 24044  IPBusEnum - ok

18:26:51.0814 24044  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

18:26:51.0873 24044  IpFilterDriver - ok

18:26:51.0878 24044  IpInIp - ok

18:26:51.0921 24044  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys

18:26:51.0963 24044  IPMIDRV - ok

18:26:51.0980 24044  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys

18:26:52.0020 24044  IPNAT - ok

18:26:52.0112 24044  [ E46B17060D3962A384AE484094614788 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

18:26:52.0164 24044  iPod Service - ok

18:26:52.0209 24044  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys

18:26:52.0253 24044  IRENUM - ok

18:26:52.0312 24044  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys

18:26:52.0329 24044  isapnp - ok

18:26:52.0411 24044  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys

18:26:52.0432 24044  iScsiPrt - ok

18:26:52.0461 24044  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys

18:26:52.0477 24044  iteatapi - ok

18:26:52.0501 24044  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys

18:26:52.0523 24044  iteraid - ok

18:26:52.0566 24044  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

18:26:52.0582 24044  kbdclass - ok

18:26:52.0644 24044  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

18:26:52.0725 24044  kbdhid - ok

18:26:52.0779 24044  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe

18:26:52.0869 24044  KeyIso - ok

18:26:52.0966 24044  kkhlafex - ok

18:26:53.0002 24044  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

18:26:53.0029 24044  KSecDD - ok

18:26:53.0084 24044  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll

18:26:53.0122 24044  KtmRm - ok

18:26:53.0163 24044  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll

18:26:53.0239 24044  LanmanServer - ok

18:26:53.0296 24044  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

18:26:53.0358 24044  LanmanWorkstation - ok

18:26:53.0404 24044  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

18:26:53.0450 24044  lltdio - ok

18:26:53.0577 24044  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll

18:26:53.0665 24044  lltdsvc - ok

18:26:53.0682 24044  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll

18:26:53.0745 24044  lmhosts - ok

18:26:53.0768 24044  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys

18:26:53.0792 24044  LSI_FC - ok

18:26:53.0812 24044  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys

18:26:53.0830 24044  LSI_SAS - ok

18:26:53.0844 24044  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys

18:26:53.0861 24044  LSI_SCSI - ok

18:26:53.0885 24044  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys

18:26:53.0916 24044  luafv - ok

18:26:53.0990 24044  [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys

18:26:54.0016 24044  MBAMProtector - ok

18:26:54.0167 24044  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

18:26:54.0326 24044  MBAMScheduler - ok

18:26:54.0424 24044  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

18:26:54.0571 24044  MBAMService - ok

18:26:54.0689 24044  [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy   C:\Windows\system32\drivers\mbamswissarmy.sys

18:26:54.0704 24044  MBAMSwissArmy - ok

18:26:55.0015 24044  [ FD3AD5E1ECDAA94A89D6697F5C5465D6 ] McComponentHostService C:\Program Files\McAfee Security Scan\2.1.121\McCHSvc.exe

18:26:55.0090 24044  McComponentHostService - ok

18:26:55.0151 24044  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

18:26:55.0177 24044  Mcx2Svc - ok

18:26:55.0206 24044  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys

18:26:55.0225 24044  megasas - ok

18:26:55.0331 24044  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys

18:26:55.0384 24044  MegaSR - ok

18:26:55.0435 24044  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll

18:26:55.0465 24044  MMCSS - ok

18:26:55.0493 24044  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys

18:26:55.0580 24044  Modem - ok

18:26:55.0634 24044  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

18:26:55.0679 24044  monitor - ok

18:26:55.0720 24044  [ A77205D70D14D153342D357DE5A4E770 ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys

18:26:55.0735 24044  MotioninJoyXFilter - ok

18:26:55.0761 24044  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

18:26:55.0801 24044  mouclass - ok

18:26:55.0818 24044  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

18:26:55.0897 24044  mouhid - ok

18:26:55.0946 24044  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys

18:26:55.0964 24044  MountMgr - ok

18:26:56.0086 24044  [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

18:26:56.0135 24044  MozillaMaintenance - ok

18:26:56.0218 24044  [ 7E34BFA1A7B60BBA1DA03D677F16CD63 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys

18:26:56.0240 24044  MpFilter - ok

18:26:56.0262 24044  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys

18:26:56.0374 24044  mpio - ok

18:26:56.0438 24044  [ F32E2D6A1640A469A9ED4F1929A4A861 ] MpNWMon         C:\Windows\system32\DRIVERS\MpNWMon.sys

18:26:56.0454 24044  MpNWMon - ok

18:26:56.0497 24044  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

18:26:56.0540 24044  mpsdrv - ok

18:26:56.0560 24044  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys

18:26:56.0588 24044  Mraid35x - ok

18:26:56.0639 24044  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

18:26:56.0674 24044  MRxDAV - ok

18:26:56.0718 24044  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

18:26:56.0823 24044  mrxsmb - ok

18:26:56.0888 24044  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

18:26:56.0918 24044  mrxsmb10 - ok

18:26:56.0932 24044  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

18:26:56.0970 24044  mrxsmb20 - ok

18:26:56.0986 24044  [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci          C:\Windows\system32\drivers\msahci.sys

18:26:57.0003 24044  msahci - ok

18:26:57.0026 24044  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

18:26:57.0044 24044  msdsm - ok

18:26:57.0071 24044  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe

18:26:57.0129 24044  MSDTC - ok

18:26:57.0151 24044  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

18:26:57.0201 24044  Msfs - ok

18:26:57.0235 24044  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

18:26:57.0254 24044  msisadrv - ok

18:26:57.0286 24044  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

18:26:57.0370 24044  MSiSCSI - ok

18:26:57.0375 24044  msiserver - ok

18:26:57.0424 24044  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

18:26:57.0471 24044  MSKSSRV - ok

18:26:57.0558 24044  MsMpSvc - ok

18:26:57.0609 24044  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

18:26:57.0644 24044  MSPCLOCK - ok

18:26:57.0661 24044  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

18:26:57.0690 24044  MSPQM - ok

18:26:57.0756 24044  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

18:26:57.0776 24044  MsRPC - ok

18:26:57.0788 24044  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys

18:26:57.0807 24044  mssmbios - ok

18:26:57.0828 24044  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

18:26:57.0864 24044  MSTEE - ok

18:26:57.0917 24044  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys

18:26:57.0935 24044  Mup - ok

18:26:58.0007 24044  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll

18:26:58.0055 24044  napagent - ok

18:26:58.0151 24044  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

18:26:58.0225 24044  NativeWifiP - ok

18:26:58.0452 24044  [ F11033730B38260B6892E837C457FB4B ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120601.020\NAVENG.SYS

18:26:58.0467 24044  NAVENG - ok

18:26:58.0528 24044  [ 4E4E7C0259D3BB97DE24A636C0E06ABA ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120601.020\NAVEX15.SYS

18:26:58.0592 24044  NAVEX15 - ok

18:26:58.0655 24044  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys

18:26:58.0694 24044  NDIS - ok

18:26:58.0737 24044  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

18:26:58.0761 24044  NdisTapi - ok

18:26:58.0812 24044  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

18:26:58.0862 24044  Ndisuio - ok

18:26:58.0973 24044  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

18:26:59.0075 24044  NdisWan - ok

18:26:59.0108 24044  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

18:26:59.0132 24044  NDProxy - ok

18:26:59.0155 24044  [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

18:26:59.0162 24044  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

18:26:59.0163 24044  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

18:26:59.0217 24044  [ 1352E1648213551923A0A822E441553C ] Netaapl         C:\Windows\system32\DRIVERS\netaapl.sys

18:26:59.0280 24044  Netaapl - ok

18:26:59.0304 24044  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

18:26:59.0369 24044  NetBIOS - ok

18:26:59.0417 24044  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys

18:26:59.0460 24044  netbt - ok

18:26:59.0471 24044  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe

18:26:59.0490 24044  Netlogon - ok

18:26:59.0512 24044  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll

18:26:59.0561 24044  Netman - ok

18:26:59.0636 24044  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

18:26:59.0756 24044  NetMsmqActivator - ok

18:26:59.0761 24044  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

18:26:59.0777 24044  NetPipeActivator - ok

18:26:59.0853 24044  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll

18:26:59.0922 24044  netprofm - ok

18:26:59.0928 24044  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

18:26:59.0943 24044  NetTcpActivator - ok

18:26:59.0952 24044  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

18:26:59.0972 24044  NetTcpPortSharing - ok

18:26:59.0991 24044  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys

18:27:00.0007 24044  nfrd960 - ok

18:27:00.0095 24044  [ F2840DBFE9322F35557219AE82CC4597 ] NIS             C:\Program Files\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe

18:27:00.0113 24044  NIS - ok

18:27:00.0170 24044  [ 17E2C08C5ECFBE94A7C67B1C275EE9D9 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys

18:27:00.0184 24044  NisDrv - ok

18:27:00.0192 24044  NisSrv - ok

18:27:00.0216 24044  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll

18:27:00.0266 24044  NlaSvc - ok

18:27:00.0311 24044  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys

18:27:00.0337 24044  Npfs - ok

18:27:00.0359 24044  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll

18:27:00.0399 24044  nsi - ok

18:27:00.0427 24044  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

18:27:00.0456 24044  nsiproxy - ok

18:27:00.0503 24044  [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

18:27:00.0567 24044  Ntfs - ok

18:27:00.0606 24044  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys

18:27:00.0738 24044  ntrigdigi - ok

18:27:00.0769 24044  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys

18:27:00.0798 24044  Null - ok

18:27:00.0834 24044  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys

18:27:00.0852 24044  nvraid - ok

18:27:00.0903 24044  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys

18:27:00.0938 24044  nvstor - ok

18:27:00.0968 24044  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

18:27:00.0986 24044  nv_agp - ok

18:27:00.0991 24044  NwlnkFlt - ok

18:27:00.0997 24044  NwlnkFwd - ok

18:27:01.0082 24044  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

18:27:01.0107 24044  odserv - ok

18:27:01.0167 24044  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

18:27:01.0215 24044  ohci1394 - ok

18:27:01.0309 24044  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

18:27:01.0326 24044  ose - ok

18:27:01.0401 24044  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll

18:27:01.0547 24044  p2pimsvc - ok

18:27:01.0561 24044  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll

18:27:01.0591 24044  p2psvc - ok

18:27:01.0628 24044  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys

18:27:01.0728 24044  Parport - ok

18:27:01.0781 24044  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys

18:27:01.0799 24044  partmgr - ok

18:27:01.0827 24044  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys

18:27:01.0913 24044  Parvdm - ok

18:27:01.0992 24044  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll

18:27:02.0144 24044  PcaSvc - ok

18:27:02.0272 24044  [ 42EDE7D217325FF56CB8A9983CD7F73B ] PCD5SRVC{3F6A8B78-EC003E00-05040104} C:\PROGRA~1\DELLSU~1\HWDiag\bin\PCD5SRVC.pkms

18:27:02.0312 24044  PCD5SRVC{3F6A8B78-EC003E00-05040104} - ok

18:27:02.0368 24044  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys

18:27:02.0402 24044  pci - ok

18:27:02.0457 24044  [ 1636D43F10416AEB483BC6001097B26C ] pciide          C:\Windows\system32\drivers\pciide.sys

18:27:02.0474 24044  pciide - ok

18:27:02.0490 24044  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys

18:27:02.0510 24044  pcmcia - ok

18:27:02.0552 24044  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

18:27:02.0672 24044  PEAUTH - ok

18:27:02.0749 24044  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll

18:27:02.0877 24044  pla - ok

18:27:02.0917 24044  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

18:27:02.0957 24044  PlugPlay - ok

18:27:03.0016 24044  [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

18:27:03.0044 24044  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

18:27:03.0044 24044  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

18:27:03.0089 24044  [ 0E4C4FCAE8646C62362FDE5F1281245C ] PnkBstrB        C:\Windows\system32\PnkBstrB.exe

18:27:03.0111 24044  PnkBstrB - ok

18:27:03.0305 24044  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll

18:27:03.0488 24044  PNRPAutoReg - ok

18:27:03.0500 24044  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll

18:27:03.0554 24044  PNRPsvc - ok

18:27:03.0676 24044  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

18:27:03.0740 24044  PolicyAgent - ok

18:27:03.0786 24044  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

18:27:03.0837 24044  PptpMiniport - ok

18:27:03.0886 24044  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys

18:27:03.0938 24044  Processor - ok

18:27:03.0993 24044  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll

18:27:04.0051 24044  ProfSvc - ok

18:27:04.0079 24044  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe

18:27:04.0097 24044  ProtectedStorage - ok

18:27:04.0174 24044  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys

18:27:04.0261 24044  PSched - ok

18:27:04.0390 24044  [ C8EB36910D3BD582891977E80925E21E ] PSSDK42         C:\Windows\system32\Drivers\pssdk42.sys

18:27:04.0415 24044  PSSDK42 - ok

18:27:04.0491 24044  [ 03E0FE281823BA64B3782F5B38950E73 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys

18:27:04.0506 24044  PxHelp20 - ok

18:27:04.0551 24044  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys

18:27:04.0655 24044  ql2300 - ok

18:27:04.0681 24044  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys

18:27:04.0704 24044  ql40xx - ok

18:27:04.0792 24044  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll

18:27:04.0875 24044  QWAVE - ok

18:27:04.0897 24044  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

18:27:04.0933 24044  QWAVEdrv - ok

18:27:05.0314 24044  [ 7A46CF1F1075EB0340EA40F12D88A862 ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys

18:27:05.0436 24044  R300 - ok

18:27:05.0472 24044  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

18:27:05.0520 24044  RasAcd - ok

18:27:05.0541 24044  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll

18:27:05.0594 24044  RasAuto - ok

18:27:05.0616 24044  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

18:27:05.0682 24044  Rasl2tp - ok

18:27:05.0772 24044  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll

18:27:05.0831 24044  RasMan - ok

18:27:05.0882 24044  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

18:27:05.0937 24044  RasPppoe - ok

18:27:05.0998 24044  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

18:27:06.0017 24044  RasSstp - ok

18:27:06.0069 24044  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

18:27:06.0097 24044  rdbss - ok

18:27:06.0129 24044  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

18:27:06.0176 24044  RDPCDD - ok

18:27:06.0194 24044  [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys

18:27:06.0235 24044  rdpdr - ok

18:27:06.0239 24044  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

18:27:06.0286 24044  RDPENCDD - ok

18:27:06.0338 24044  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

18:27:06.0401 24044  RDPWD - ok

18:27:06.0434 24044  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll

18:27:06.0469 24044  RemoteAccess - ok

18:27:06.0517 24044  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll

18:27:06.0563 24044  RemoteRegistry - ok

18:27:06.0587 24044  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe

18:27:06.0645 24044  RpcLocator - ok

18:27:06.0660 24044  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll

18:27:06.0720 24044  RpcSs - ok

18:27:06.0756 24044  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

18:27:06.0801 24044  rspndr - ok

18:27:06.0837 24044  [ 5163F804256DEB8CF1EF64B780A18CAA ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys

18:27:06.0917 24044  RTL8169 - ok

18:27:06.0922 24044  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe

18:27:06.0941 24044  SamSs - ok

18:27:06.0962 24044  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

18:27:06.0979 24044  sbp2port - ok

18:27:07.0006 24044  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll

18:27:07.0045 24044  SCardSvr - ok

18:27:07.0080 24044  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll

18:27:07.0222 24044  Schedule - ok

18:27:07.0277 24044  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll

18:27:07.0302 24044  SCPolicySvc - ok

18:27:07.0326 24044  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

18:27:07.0403 24044  SDRSVC - ok

18:27:07.0419 24044  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys

18:27:07.0481 24044  secdrv - ok

18:27:07.0520 24044  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll

18:27:07.0579 24044  seclogon - ok

18:27:07.0609 24044  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll

18:27:07.0663 24044  SENS - ok

18:27:07.0689 24044  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys

18:27:07.0763 24044  Serenum - ok

18:27:07.0780 24044  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys

18:27:07.0837 24044  Serial - ok

18:27:07.0852 24044  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys

18:27:07.0879 24044  sermouse - ok

18:27:07.0922 24044  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll

18:27:08.0000 24044  SessionEnv - ok

18:27:08.0045 24044  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

18:27:08.0086 24044  sffdisk - ok

18:27:08.0110 24044  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

18:27:08.0155 24044  sffp_mmc - ok

18:27:08.0172 24044  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

18:27:08.0209 24044  sffp_sd - ok

18:27:08.0241 24044  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys

18:27:08.0299 24044  sfloppy - ok

18:27:08.0363 24044  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

18:27:08.0438 24044  ShellHWDetection - ok

18:27:08.0460 24044  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys

18:27:08.0479 24044  sisagp - ok

18:27:08.0490 24044  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys

18:27:08.0507 24044  SiSRaid2 - ok

18:27:08.0538 24044  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys

18:27:08.0555 24044  SiSRaid4 - ok

18:27:08.0720 24044  [ EB17DF573B4423DF0B3B2EE3B268A6DE ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

18:27:08.0941 24044  Skype C2C Service - ok

18:27:09.0107 24044  [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe

18:27:09.0125 24044  SkypeUpdate - ok

18:27:09.0233 24044  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe

18:27:09.0452 24044  slsvc - ok

18:27:09.0537 24044  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll

18:27:09.0601 24044  SLUINotify - ok

18:27:09.0657 24044  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

18:27:09.0685 24044  Smb - ok

18:27:09.0723 24044  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

18:27:09.0750 24044  SNMPTRAP - ok

18:27:09.0761 24044  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys

18:27:09.0778 24044  spldr - ok

18:27:09.0836 24044  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe

18:27:09.0918 24044  Spooler - ok

18:27:09.0959 24044  [ 777115C9CC675BD98127660712D2F784 ] sprtsvc_DellSupportCenter C:\Program Files\Dell Support Center\bin\sprtsvc.exe

18:27:09.0978 24044  sprtsvc_DellSupportCenter - ok

18:27:10.0115 24044  [ 7BB297CADA42903328E92425D9761DA6 ] SRTSP           C:\Windows\System32\Drivers\NIS\1309010.00E\SRTSP.SYS

18:27:10.0152 24044  SRTSP - ok

18:27:10.0196 24044  [ 475FCF0F28D845BF1C8ABAC27F19003E ] SRTSPX          C:\Windows\system32\drivers\NIS\1309010.00E\SRTSPX.SYS

18:27:10.0224 24044  SRTSPX - ok

18:27:10.0278 24044  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys

18:27:10.0362 24044  srv - ok

18:27:10.0421 24044  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

18:27:10.0464 24044  srv2 - ok

18:27:10.0494 24044  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

18:27:10.0533 24044  srvnet - ok

18:27:10.0566 24044  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

18:27:10.0605 24044  SSDPSRV - ok

18:27:10.0646 24044  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll

18:27:10.0696 24044  SstpSvc - ok

18:27:10.0726 24044  Steam Client Service - ok

18:27:10.0780 24044  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll

18:27:10.0853 24044  stisvc - ok

18:27:10.0885 24044  [ 1D0063597C3666404FCF97698ABEB019 ] stllssvr        C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

18:27:10.0900 24044  stllssvr - ok

18:27:11.0047 24044  [ 8D244018E1268C6E0345DF087BFAE422 ] Suite Service   C:\Program Files\Fighters\FighterSuiteService.exe

18:27:11.0102 24044  Suite Service - ok

18:27:11.0139 24044  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

18:27:11.0159 24044  swenum - ok

18:27:11.0228 24044  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll

18:27:11.0289 24044  swprv - ok

18:27:11.0331 24044  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys

18:27:11.0347 24044  Symc8xx - ok

18:27:11.0408 24044  [ 690FA0E61B90084C4D9A721BD4F3D779 ] SymDS           C:\Windows\system32\drivers\NIS\1309010.00E\SYMDS.SYS

18:27:11.0438 24044  SymDS - ok

18:27:11.0481 24044  [ 8F88EDB211B12537D2DC2A6D73D6067C ] SymEFA          C:\Windows\system32\drivers\NIS\1309010.00E\SYMEFA.SYS

18:27:11.0529 24044  SymEFA - ok

18:27:11.0586 24044  [ 74E2521E96176A4449570E50BE91954D ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS

18:27:11.0603 24044  SymEvent - ok

18:27:11.0657 24044  [ 2C356CCA706505CF63CBE39D532B9236 ] SymIRON         C:\Windows\system32\drivers\NIS\1309010.00E\Ironx86.SYS

18:27:11.0674 24044  SymIRON - ok

18:27:11.0703 24044  [ 40C6E6417C8B7D7FCF82CFBE71525795 ] SYMTDIv         C:\Windows\System32\Drivers\NIS\1309010.00E\SYMTDIV.SYS

18:27:11.0743 24044  SYMTDIv - ok

18:27:11.0773 24044  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys

18:27:11.0789 24044  Sym_hi - ok

18:27:11.0815 24044  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys

18:27:11.0836 24044  Sym_u3 - ok

18:27:11.0913 24044  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll

18:27:12.0016 24044  SysMain - ok

18:27:12.0056 24044  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll

18:27:12.0108 24044  TabletInputService - ok

18:27:12.0158 24044  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll

18:27:12.0210 24044  TapiSrv - ok

18:27:12.0246 24044  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll

18:27:12.0276 24044  TBS - ok

18:27:12.0377 24044  [ 078218D74C4EFC2CE7E4C6DF22A94F2F ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

18:27:12.0440 24044  Tcpip - ok

18:27:12.0483 24044  [ 078218D74C4EFC2CE7E4C6DF22A94F2F ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys

18:27:12.0543 24044  Tcpip6 - ok

18:27:12.0586 24044  [ 4C11A1820DDC37FA653913AD680ACCAE ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

18:27:12.0663 24044  tcpipreg - ok

18:27:12.0688 24044  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

18:27:12.0770 24044  TDPIPE - ok

18:27:12.0803 24044  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

18:27:12.0850 24044  TDTCP - ok

18:27:12.0890 24044  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

18:27:12.0926 24044  tdx - ok

18:27:12.0973 24044  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

18:27:12.0990 24044  TermDD - ok

18:27:13.0009 24044  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll

18:27:13.0054 24044  TermService - ok

18:27:13.0071 24044  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll

18:27:13.0105 24044  Themes - ok

18:27:13.0133 24044  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll

18:27:13.0164 24044  THREADORDER - ok

18:27:13.0178 24044  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll

18:27:13.0233 24044  TrkWks - ok

18:27:13.0330 24044  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

18:27:13.0356 24044  TrustedInstaller - ok

18:27:13.0389 24044  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

18:27:13.0450 24044  tssecsrv - ok

18:27:13.0472 24044  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys

18:27:13.0547 24044  tunmp - ok

18:27:13.0621 24044  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

18:27:13.0669 24044  tunnel - ok

18:27:13.0692 24044  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys

18:27:13.0709 24044  uagp35 - ok

18:27:13.0754 24044  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

18:27:13.0801 24044  udfs - ok

18:27:13.0840 24044  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe

18:27:13.0870 24044  UI0Detect - ok

18:27:13.0890 24044  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

18:27:13.0910 24044  uliagpkx - ok

18:27:13.0944 24044  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys

18:27:13.0966 24044  uliahci - ok

18:27:13.0991 24044  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys

18:27:14.0009 24044  UlSata - ok

18:27:14.0031 24044  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys

18:27:14.0049 24044  ulsata2 - ok

18:27:14.0078 24044  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

18:27:14.0108 24044  umbus - ok

18:27:14.0129 24044  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll

18:27:14.0169 24044  upnphost - ok

18:27:14.0254 24044  [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys

18:27:14.0336 24044  USBAAPL - ok

18:27:14.0369 24044  [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys

18:27:14.0409 24044  usbaudio - ok

18:27:14.0486 24044  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

18:27:14.0530 24044  usbccgp - ok

18:27:14.0586 24044  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys

18:27:14.0635 24044  usbcir - ok

18:27:14.0678 24044  Scan interrupted by user!

18:27:14.0678 24044  ================ Scan global ===============================

18:27:14.0678 24044  Scan interrupted by user!

18:27:14.0678 24044  ================ Scan MBR ==================================

18:27:14.0678 24044  Scan interrupted by user!

18:27:14.0678 24044  ================ Scan VBR ==================================

18:27:14.0678 24044  Scan interrupted by user!

18:27:14.0678 24044  ============================================================

18:27:14.0678 24044  Scan finished

18:27:14.0678 24044  ============================================================

18:27:14.0689 7516  Detected object count: 7

18:27:14.0689 7516  Actual detected object count: 7

18:27:21.0045 7516  AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - skipped by user

18:27:21.0045 7516  AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:27:21.0047 7516  BVRPMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user

18:27:21.0047 7516  BVRPMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:27:21.0050 7516  DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user

18:27:21.0050 7516  DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:27:21.0051 7516  FreeWordHelper ( UnsignedFile.Multi.Generic ) - skipped by user

18:27:21.0051 7516  FreeWordHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:27:21.0053 7516  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

18:27:21.0053 7516  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:27:21.0055 7516  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

18:27:21.0056 7516  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:27:21.0056 7516  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

18:27:21.0056 7516  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

18:27:29.0593 0012  Deinitialize success

Link to post
Share on other sites

Malwarebytes Anti-Malware (PRO) 1.75.0.1300

www.malwarebytes.org

 

Database version: v2013.07.08.02

 

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

josh :: WILLIAMS-PC [administrator]

 

Protection: Enabled

 

8/07/2013 6:04:35 PM

mbam-log-2013-07-08 (18-04-35).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 281932

Time elapsed: 21 minute(s), 38 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 2

HKCR\Interface\{66666666-6666-6666-6666-660066226658} (Adware.GamePlayLab) -> Quarantined and deleted successfully.

HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLab) -> Quarantined and deleted successfully.

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 1

C:\Users\josh\Downloads\Camstudio_Setup.exe (PUP.Bundle.Installer.OI) -> Quarantined and deleted successfully.

 

(end)

Link to post
Share on other sites

 AdwCleaner v2.304 - Logfile created 07/07/2013 at 11:17:39

# Updated 03/07/2013 by Xplode

# Operating system : Windows Vista Home Premium Service Pack 2 (32 bits)

# User : josh - WILLIAMS-PC

# Boot Mode : Normal

# Running from : C:\Users\josh\Desktop\AdwCleaner.exe

# Option [Delete]

 

 

***** [services] *****

 

 

***** [Files / Folders] *****

 

Deleted on reboot : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}

File Deleted : C:\Users\josh\AppData\Roaming\Mozilla\Firefox\Profiles\lxx114p3.default\searchplugins\mixidj.xml

File Deleted : C:\Users\Williams\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data

File Deleted : C:\Users\Williams\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences

File Deleted : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\bprotector_extensions.sqlite

File Deleted : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\bprotector_prefs.js

File Deleted : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi

File Deleted : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi

File Deleted : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\extensions\plugin@yontoo.com.xpi

File Deleted : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\searchplugins\Babylon.xml

File Deleted : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\searchplugins\MyStart Search.xml

File Deleted : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\searchplugins\Web Search.xml

Folder Deleted : C:\Program Files\Red Sky

Folder Deleted : C:\Program Files\Zoom Downloader

Folder Deleted : C:\ProgramData\iMesh

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DownTango

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMesh

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong

Folder Deleted : C:\Users\josh\AppData\Local\PackageAware

Folder Deleted : C:\Users\Ken\AppData\Local\iMesh

Folder Deleted : C:\Users\Ken\AppData\LocalLow\facemoods.com

Folder Deleted : C:\Users\Ken\AppData\LocalLow\iBryte

Folder Deleted : C:\Users\Ken\AppData\LocalLow\mediabarim

Folder Deleted : C:\Users\Ken\AppData\LocalLow\SearchquTB

Folder Deleted : C:\Users\Ken\AppData\LocalLow\Searchqutoolbar

Folder Deleted : C:\Users\Ken\AppData\Roaming\Bandoo

Folder Deleted : C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\z1jbkpyl.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}

Folder Deleted : C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\z1jbkpyl.default\extensions\crossriderapp2258@crossrider.com

Folder Deleted : C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\z1jbkpyl.default\extensions\staged

Folder Deleted : C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\z1jbkpyl.default\mediabarim

Folder Deleted : C:\Users\Williams\AppData\Local\APN

Folder Deleted : C:\Users\Williams\AppData\Local\Babylon

Folder Deleted : C:\Users\Williams\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_mpfapcdfbbledbojijcbcclmlieaoogk_0

Folder Deleted : C:\Users\Williams\AppData\Local\Ilivid Player

Folder Deleted : C:\Users\Williams\AppData\Local\iMesh

Folder Deleted : C:\Users\Williams\AppData\Local\PackageAware

Folder Deleted : C:\Users\Williams\AppData\Local\Smartbar

Folder Deleted : C:\Users\Williams\AppData\Local\Wajam

Folder Deleted : C:\Users\Williams\AppData\Local\Zoom_Downloader

Folder Deleted : C:\Users\Williams\AppData\LocalLow\DownTangoLauncherToolbar

Folder Deleted : C:\Users\Williams\AppData\LocalLow\facemoods.com

Folder Deleted : C:\Users\Williams\AppData\LocalLow\iBryte

Folder Deleted : C:\Users\Williams\AppData\LocalLow\mediabarim

Folder Deleted : C:\Users\Williams\AppData\LocalLow\PriceGong

Folder Deleted : C:\Users\Williams\AppData\LocalLow\Searchqutoolbar

Folder Deleted : C:\Users\Williams\AppData\LocalLow\SimplyTech

Folder Deleted : C:\Users\Williams\AppData\LocalLow\Smartbar

Folder Deleted : C:\Users\Williams\AppData\LocalLow\Softonic

Folder Deleted : C:\Users\Williams\AppData\LocalLow\SweetIM

Folder Deleted : C:\Users\Williams\AppData\Roaming\Babylon

Folder Deleted : C:\Users\Williams\AppData\Roaming\Bandoo

Folder Deleted : C:\Users\Williams\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam

Folder Deleted : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\Conduit

Folder Deleted : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\ConduitCommon

Folder Deleted : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\CT2642703

Folder Deleted : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\CT3196716

Folder Deleted : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}

Folder Deleted : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\extensions\{a386d4b0-fddb-4e1c-ae61-4f014013cd9b}

Folder Deleted : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}

Folder Deleted : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\extensions\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}

Folder Deleted : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\extensions\crossriderapp2258@crossrider.com

Folder Deleted : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\extensions\downloadmanager@zoomdownloader.com

Folder Deleted : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\extensions\ffxtlbr@babylon.com

Folder Deleted : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\extensions\ffxtlbr@Facemoods.com

Folder Deleted : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\extensions\ffxtlbra@softonic.com

Folder Deleted : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\extensions\firefox@bandoo.com

Folder Deleted : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\extensions\helperbar@helperbar.com

Folder Deleted : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\extensions\playbryte@playbryte.com

Folder Deleted : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\mediabarim

Folder Deleted : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\SweetIMToolbarData

Folder Deleted : C:\Users\Williams\AppData\Roaming\OpenCandy

Folder Deleted : C:\Users\Williams\Documents\iMesh

 

***** [Registry] *****

 

Key Deleted : HKCU\Software\5d0d78de76ae817

Key Deleted : HKCU\Software\BabSolution

Key Deleted : HKCU\Software\BI

Key Deleted : HKCU\Software\DownTango

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A81A974F-8A22-43E6-9243-5198FF758DA1}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\bi_uninstaller

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DownTango

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\I Want This

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Imesh

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mixidj

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PriceGong

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Protected Search_is1

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WNLT

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B52D0735-EC19-448A-ABDE-E01B5BD275D2}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D0F4A166-B8D4-48B8-9D63-80849FE137CB}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E5C66DD8-308B-4A4F-AF0A-3D04F25B5343}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B52D0735-EC19-448A-ABDE-E01B5BD275D2}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E5C66DD8-308B-4A4F-AF0A-3D04F25B5343}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Deleted : HKCU\Software\ProtectedSearch

Key Deleted : HKLM\SOFTWARE\5d0d78de76ae817

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\iMesh.exe

Key Deleted : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0974BA1E-64EC-11DE-B2A5-E43756D89593}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2656B92B-0207-4AFB-BEBF-F5FD231ECD39}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44D07CAA-4FC4-5A84-9951-A485AD808D0E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{59570C1F-B692-48C9-91B4-7809E6945287}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63A0F7FA-2C95-4D7E-AF25-EFCC303D20A1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6559E502-6EE1-46B8-A83C-F3A45BDA23EE}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69D3F709-9DE2-479F-980F-532D46895703}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7FF99715-3016-4381-84CE-E4E4C9673020}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B52D0735-EC19-448A-ABDE-E01B5BD275D2}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C63CA8A4-AB4E-49E5-A6C0-33FC86D80205}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C6A7847E-8931-4A9A-B4EF-72A91E3CCF4D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD0F1D24-E250-4E93-966C-65615720AEFB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E5C66DD8-308B-4A4F-AF0A-3D04F25B5343}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EC1277BB-1C71-4C0D-BA6D-BFEA16E773A6}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}

Key Deleted : HKLM\SOFTWARE\Classes\GameTreatWidget.GameTreatWidget

Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.BandObjectAttribute

Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.BHO

Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.DockingPanel

Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBar

Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject

Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarMenuForm

Key Deleted : HKLM\Software\Classes\Installer\Features\90C64EA18BA25EE488BF80DCF07F2FFD

Key Deleted : HKLM\Software\Classes\Installer\Features\F479A18A22A86E3429341589FF57D81A

Key Deleted : HKLM\Software\Classes\Installer\Features\FA20CB7A821113A4CB8FA1E38E303D3B

Key Deleted : HKLM\Software\Classes\Installer\Products\90C64EA18BA25EE488BF80DCF07F2FFD

Key Deleted : HKLM\Software\Classes\Installer\Products\F479A18A22A86E3429341589FF57D81A

Key Deleted : HKLM\Software\Classes\Installer\Products\FA20CB7A821113A4CB8FA1E38E303D3B

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{103DFC4E-147A-5606-9B4E-1C216DF227A1}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672}

Key Deleted : HKLM\Software\DownTango

Key Deleted : HKLM\Software\Imesh

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{250BECD2-5C43-48CF-A3C6-666338526D67}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{44D07CAA-4FC4-5A84-9951-A485AD808D0E}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\90C64EA18BA25EE488BF80DCF07F2FFD

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F479A18A22A86E3429341589FF57D81A

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FA20CB7A821113A4CB8FA1E38E303D3B

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A81A974F-8A22-43E6-9243-5198FF758DA1}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DownTango

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Imesh

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater

Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{0F827075-B026-42F3-885D-98981EE7B1AE}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{28387537-E3F9-4ED7-860C-11E69AF4A8A0}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B52D0735-EC19-448A-ABDE-E01B5BD275D2}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]

 

***** [internet Browsers] *****

 

-\\ Internet Explorer v9.0.8112.16490

 








 

-\\ Mozilla Firefox v14.0.1 (en-US)

 

File : C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\prefs.js

 

C:\Users\Williams\AppData\Roaming\Mozilla\Firefox\Profiles\k8f6vpkg.default\user.js ... Deleted !

 

Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");


Deleted : user_pref("browser.search.defaultengine", "Ask.com");

Deleted : user_pref("browser.search.defaultenginename", "MyStart Search");

Deleted : user_pref("browser.search.defaultthis.engineName", "WiseConvert Customized Web Search");


Deleted : user_pref("browser.search.order.1", "Delta Search");

Deleted : user_pref("browser.search.selectedEngine", "Search the web (Softonic)");


Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri May 13 2011 15:47:53 GMT+10[...]

Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);

Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sat Oct 29 2011 20:02:58 GMT+1100 (AUS E[...]


Deleted : user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);

Deleted : user_pref("CommunityToolbar.alert.locale", "");

Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 0);

Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sat Oct 29 2011 21:59:40 GMT+1100 (AUS Easte[...]

Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "");

Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);


Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);

Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);

Deleted : user_pref("CommunityToolbar.alert.userId", "{44baf5c3-a319-4100-96b3-ccc3f2b05027}");

Deleted : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2642703,CT2438727");


Deleted : user_pref("CommunityToolbar.ConduitSearchList", "WiseConvert Customized Web Search");

Deleted : user_pref("CommunityToolbar.EngineOwner", "");

Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{1e7e4de1-5ef4-4baa-9250-c26258dc499a}");

Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "mapneto_1");







Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);

Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);


Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.18.0.7");

Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Jul 01 2013 17:43:4[...]

Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);

Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Jul 01 2013 17:43:54 GMT+100[...]

Deleted : user_pref("CommunityToolbar.notifications.locale", "");

Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 0);

Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Jul 01 2013 17:43:43 GMT+1000 (A[...]

Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "");


Deleted : user_pref("CommunityToolbar.notifications.userId", "3c3d8c49-3e7d-4d5f-b55f-d73e2b89b616");

Deleted : user_pref("CT3196716.alertChannelId", "1613210");

Deleted : user_pref("CT3196716.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);

Deleted : user_pref("CT3196716.DialogsAlignMode", "LTR");

Deleted : user_pref("CT3196716.DialogsGetterLastCheckTime", "Mon Jul 01 2013 17:43:43 GMT+1000 (AUS Eastern St[...]

Deleted : user_pref("CT3196716.globalFirstTimeInfoLastCheckTime", "Mon Jul 01 2013 17:43:43 GMT+1000 (AUS East[...]

Deleted : user_pref("CT3196716.HasUserGlobalKeys", true);

Deleted : user_pref("CT3196716.initDone", true);

Deleted : user_pref("CT3196716.IsGrouping", false);

Deleted : user_pref("CT3196716.Locale", "en");

Deleted : user_pref("CT3196716.MCDetectTooltipHeight", "83");


Deleted : user_pref("CT3196716.MCDetectTooltipWidth", "295");

Deleted : user_pref("CT3196716.MyStuffEnabledAtInstallation", true);

Deleted : user_pref("CT3196716.revertSettingsEnabled", true);

Deleted : user_pref("CT3196716.ServiceMapLastCheckTime", "Mon Jul 01 2013 17:43:43 GMT+1000 (AUS Eastern Stand[...]

Deleted : user_pref("CT3196716.SettingsLastCheckTime", "Mon Jul 01 2013 17:43:43 GMT+1000 (AUS Eastern Standar[...]

Deleted : user_pref("CT3196716.SettingsLastUpdate", "1372663975");

Deleted : user_pref("CT3196716.testingCtid", "");

Deleted : user_pref("CT3196716.ThirdPartyComponentsInterval", 504);

Deleted : user_pref("CT3196716.ThirdPartyComponentsLastCheck", "Mon Jul 01 2013 17:43:41 GMT+1000 (AUS Eastern[...]

Deleted : user_pref("CT3196716.ThirdPartyComponentsLastUpdate", "1331805997");

Deleted : user_pref("CT3196716.toolbarAppMetaDataLastCheckTime", "Mon Jul 01 2013 17:43:43 GMT+1000 (AUS Easte[...]

Deleted : user_pref("CT3196716.toolbarContextMenuLastCheckTime", "Mon Jul 01 2013 17:43:43 GMT+1000 (AUS Easte[...]

Deleted : user_pref("CT3196716.ToolbarShrinkedFromSetup", false);

Deleted : user_pref("extensions.crossriderapp2258.2258.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]

Deleted : user_pref("extensions.crossriderapp2258.2258.cookie.InstallationTime.value", "1372664619");

Deleted : user_pref("extensions.crossriderapp2258.2258.InstallationTime", 1372664619);

Deleted : user_pref("extensions.crossriderapp2258.bic", "13f992fe04b42c6225c181011032cb68");

Deleted : user_pref("extensions.crossriderapp2258.firstrun", false);

Deleted : user_pref("extensions.crossriderapp2258.installationdate", 1372664619);

Deleted : user_pref("extensions.crossriderapp2258.lastcheck", 22877744);

Deleted : user_pref("extensions.crossriderapp2258.lastcheckitem", 22877744);

Deleted : user_pref("extensions.crossriderapp2258.reportInstall", true);

Deleted : user_pref("extensions.Softonic.admin", false);

Deleted : user_pref("extensions.Softonic.aflt", "orgnl");

Deleted : user_pref("extensions.Softonic.autoRvrt", "false");

Deleted : user_pref("extensions.Softonic.dfltLng", "");

Deleted : user_pref("extensions.Softonic.dfltSrch", true);

Deleted : user_pref("extensions.Softonic.dspNew", "Search the web (Softonic)");

Deleted : user_pref("extensions.Softonic.dspOld", "MyStart Search");

Deleted : user_pref("extensions.Softonic.excTlbr", false);

Deleted : user_pref("extensions.Softonic.hmpg", true);




Deleted : user_pref("extensions.Softonic.id", "669dcf4f000000000000002269618415");

Deleted : user_pref("extensions.Softonic.instlDay", "15591");

Deleted : user_pref("extensions.Softonic.instlRef", "MON00001");


Deleted : user_pref("extensions.Softonic.lastVrsnTs", "1.6.4.314:59:55");

Deleted : user_pref("extensions.Softonic.newTab", false);


Deleted : user_pref("extensions.Softonic.prdct", "Softonic");

Deleted : user_pref("extensions.Softonic.prtnrId", "softonic");

Deleted : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search set[...]

Deleted : user_pref("extensions.Softonic.smplGrp", "none");

Deleted : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");

Deleted : user_pref("extensions.Softonic.tlbrId", "base");


Deleted : user_pref("extensions.Softonic.vrsn", "1.6.4.3");

Deleted : user_pref("extensions.Softonic.vrsni", "1.6.4.3");

Deleted : user_pref("extensions.Softonic.vrsnTs", "1.6.4.314:59:55");

Deleted : user_pref("extensions.Softonic_i.dnsErr", true);

Deleted : user_pref("extensions.Softonic_i.hmpg", true);

Deleted : user_pref("extensions.Softonic_i.newTab", false);

Deleted : user_pref("extensions.Softonic_i.smplGrp", "none");

Deleted : user_pref("extensions.Softonic_i.vrsnTs", "1.6.4.314:59:55");

Deleted : user_pref("extensions.wajam.affiliate_id", "4220");

Deleted : user_pref("extensions.wajam.no_trace", "false");

Deleted : user_pref("extensions.wajam.trace_log", "1372664615038 - readAffiliateId - 64 bits - Error Message: [...]

Deleted : user_pref("extensions.wajam.unique_id", "A159077639CBE2844233380E7D38FB7D");

Deleted : user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,ezLooker,pagerage,buzzdock,toprelat[...]

Deleted : user_pref("extentions.y2layers.installId", "504c3ca8-46c6-4145-a421-ac3f9739fd83");


 

File : C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\z1jbkpyl.default\prefs.js

 


Deleted : user_pref("extensions.crossriderapp2258.2258.InstallationTime", 1359751141);

Deleted : user_pref("extensions.crossriderapp2258.2258.active", true);

Deleted : user_pref("extensions.crossriderapp2258.2258.addressbar", "");

Deleted : user_pref("extensions.crossriderapp2258.2258.affid", "0");

Deleted : user_pref("extensions.crossriderapp2258.2258.backgroundjs", "\n//------------------  PLUGIN resource[...]

Deleted : user_pref("extensions.crossriderapp2258.2258.backgroundver", 27);

Deleted : user_pref("extensions.crossriderapp2258.2258.certdomaininstaller", "");

Deleted : user_pref("extensions.crossriderapp2258.2258.changeprevious", false);

Deleted : user_pref("extensions.crossriderapp2258.2258.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]

Deleted : user_pref("extensions.crossriderapp2258.2258.cookie.InstallationTime.value", "1359751141");

Deleted : user_pref("extensions.crossriderapp2258.2258.description", "I Want This!");

Deleted : user_pref("extensions.crossriderapp2258.2258.domain", "");

Deleted : user_pref("extensions.crossriderapp2258.2258.emailsig", "");

Deleted : user_pref("extensions.crossriderapp2258.2258.enablesearch", false);

Deleted : user_pref("extensions.crossriderapp2258.2258.exposesites", "");

Deleted : user_pref("extensions.crossriderapp2258.2258.fbremoteurl", "");

Deleted : user_pref("extensions.crossriderapp2258.2258.group", 0);

Deleted : user_pref("extensions.crossriderapp2258.2258.homepage", "");

Deleted : user_pref("extensions.crossriderapp2258.2258.iframe", false);

Deleted : user_pref("extensions.crossriderapp2258.2258.js", "\n\n//------------------ USER PLUGIN GPL Plugin ([...]

Deleted : user_pref("extensions.crossriderapp2258.2258.manifesturl", "");

Deleted : user_pref("extensions.crossriderapp2258.2258.name", "I Want This");

Deleted : user_pref("extensions.crossriderapp2258.2258.newtab", "");

Deleted : user_pref("extensions.crossriderapp2258.2258.opensearch", "");

Deleted : user_pref("extensions.crossriderapp2258.2258.premium", true);

Deleted : user_pref("extensions.crossriderapp2258.2258.publisher", "215 Apps");

Deleted : user_pref("extensions.crossriderapp2258.2258.searchstatus", 0);

Deleted : user_pref("extensions.crossriderapp2258.2258.setnewtab", false);

Deleted : user_pref("extensions.crossriderapp2258.2258.settingsurl", "");


Deleted : user_pref("extensions.crossriderapp2258.2258.updateinterval", 360);

Deleted : user_pref("extensions.crossriderapp2258.2258.ver", 116);

Deleted : user_pref("extensions.crossriderapp2258.adsOldValue", -1);

Deleted : user_pref("extensions.crossriderapp2258.apps", "2258");

Deleted : user_pref("extensions.crossriderapp2258.bic", "13c977bd7a9c8811ed41458bb7819913");

Deleted : user_pref("extensions.crossriderapp2258.cid", 2258);

Deleted : user_pref("extensions.crossriderapp2258.firstrun", false);

Deleted : user_pref("extensions.crossriderapp2258.hadappinstalled", true);

Deleted : user_pref("extensions.crossriderapp2258.installationdate", 1359751141);

Deleted : user_pref("extensions.crossriderapp2258.jsver", 3);

Deleted : user_pref("extensions.crossriderapp2258.lastcheck", 22662519);

Deleted : user_pref("extensions.crossriderapp2258.lastcheckitem", 22662531);

Deleted : user_pref("extensions.enabledAddons", "crossriderapp2258@crossrider.com:0.78.15,{99079a25-328f-4bd4-[...]

 

File : C:\Users\josh\AppData\Roaming\Mozilla\Firefox\Profiles\lxx114p3.default\prefs.js

 

[OK] File is clean.

 

-\\ Google Chrome v27.0.1453.116

 

File : C:\Users\Williams\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] File is clean.

 

File : C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] File is clean.

 

File : C:\Users\josh\AppData\Local\Google\Chrome\User Data\Default\Preferences

 


Deleted [l.44] : keyword = "delta-search.com",


 

*************************

 

AdwCleaner[s1].txt - [55590 octets] - [07/07/2013 11:17:39]

 

########## EOF - C:\AdwCleaner[s1].txt - [55651 octets] ##########

Link to post
Share on other sites

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please post the C:\ComboFix.txt in your next reply for further review.

Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.