-
Posts
69 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by moonze
-
-
Been over a week with no response.
-
I was directed here after having some malware issues removed.
The problem i am having is i get an error saying punkbuster needs to shut down. I play Call of Duty World at War online. When i turn my pc on and wait for the system to fully load, i then click on waw to play online. The screens starts to open, then it minimizes and says there was an error with pnkbstr.exe and it needs to shut down. Sometimes i can click on the minimized window of cod and continue to play, and somestimes i have to right click it to close it out since its not responding. I then i have to wait a few minutes to try again, because if i dont, it says i have a duplicate on the server. I was told to use punkbuster setup to reload it, but the sight is no longer being payed by Activision, so therefore it doesnt support COD anymore. This never happened until after the malware was removed. What else can i do?
-
Results of screen317's Security Check version 0.99.81
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
McAfee Anti-Virus and Anti-Spyware
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
CCleaner
Java 7 Update 51
Adobe Flash Player 12.0.0.44
Adobe Reader XI
Mozilla Firefox (27.0)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 15% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
-
Fixlog:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-03-2014 01
Ran by Mike at 2014-03-24 09:01:58 Run:1
Running from C:\Documents and Settings\Mike\Desktop
Boot Mode: Normal==============================================
Content of fixlist:
*****************
C:\Documents and Settings\Mike\My Documents\wpsetup.exe
C:\Program Files\Flvto Converter\FlvtoConverterSetupV0.3.2.exe
C:\WINDOWS\system32\Adobe\Shockwave 12\gt.exe
*****************C:\Documents and Settings\Mike\My Documents\wpsetup.exe => Moved successfully.
C:\Program Files\Flvto Converter\FlvtoConverterSetupV0.3.2.exe => Moved successfully.
C:\WINDOWS\system32\Adobe\Shockwave 12\gt.exe => Moved successfully.==== End of Fixlog ====
Adwarecleaner:
# AdwCleaner v3.022 - Report created 24/03/2014 at 09:06:50
# Updated 13/03/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Mike - TRON33
# Running from : C:\Documents and Settings\Mike\Desktop\adwcleaner.exe
# Option : Clean***** [ Services ] *****
***** [ Files / Folders ] *****
[!] Folder Deleted : C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v27.0 (en-US)
[ File : C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\6alscx3p.default-1391569677500\prefs.js ]
-\\ Google Chrome v
[ File : C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [1114 octets] - [24/03/2014 09:05:48]
AdwCleaner[s0].txt - [1042 octets] - [24/03/2014 09:06:50]########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1102 octets] ##########
JRT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Microsoft Windows XP x86
Ran by Mike on Mon 03/24/2014 at 9:16:17.73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 03/24/2014 at 9:36:29.57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Secuirty Check did not run. Said, unsupported operating system, aborting.
-
Malware:
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.orgDatabase version: v2014.03.23.01
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Mike :: TRON33 [administrator]Protection: Enabled
3/22/2014 7:22:36 PM
mbam-log-2014-03-22 (19-22-36).txtScan type: Full scan (C:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 485706
Time elapsed: 6 hour(s), 4 minute(s), 2 second(s)Memory Processes Detected: 0
(No malicious items detected)Memory Modules Detected: 0
(No malicious items detected)Registry Keys Detected: 0
(No malicious items detected)Registry Values Detected: 0
(No malicious items detected)Registry Data Items Detected: 2
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.Folders Detected: 0
(No malicious items detected)Files Detected: 0
(No malicious items detected)(end)
ESET
C:\Documents and Settings\Mike\My Documents\wpsetup.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\Program Files\Flvto Converter\FlvtoConverterSetupV0.3.2.exe Win32/InstallMonetizer.AN potentially unwanted application
C:\System Volume Information\_restore{C12F2F84-3FDB-45AF-AD32-216C6308BF29}\RP222\A0182069.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\System Volume Information\_restore{C12F2F84-3FDB-45AF-AD32-216C6308BF29}\RP222\A0182070.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\System Volume Information\_restore{C12F2F84-3FDB-45AF-AD32-216C6308BF29}\RP222\A0182072.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\System Volume Information\_restore{C12F2F84-3FDB-45AF-AD32-216C6308BF29}\RP222\A0182074.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\System Volume Information\_restore{C12F2F84-3FDB-45AF-AD32-216C6308BF29}\RP222\A0182075.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
C:\System Volume Information\_restore{C12F2F84-3FDB-45AF-AD32-216C6308BF29}\RP222\A0182076.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
C:\System Volume Information\_restore{C12F2F84-3FDB-45AF-AD32-216C6308BF29}\RP222\A0182077.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\System Volume Information\_restore{C12F2F84-3FDB-45AF-AD32-216C6308BF29}\RP222\A0182078.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
C:\System Volume Information\_restore{C12F2F84-3FDB-45AF-AD32-216C6308BF29}\RP226\A0185477.exe Win32/InstallCore.IY potentially unwanted application
C:\WINDOWS\system32\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
-
I think by shutting down all the way, then turning the machine back on, allowed the antivirus to update. It did shut off, but it was during the update then it installed the new files. After it was complete, the pc restarted, and the antivirus stayed on. This morning when turning on my machine, it found a trojan with the name Artemis! and it quarentined it.
-
tried the procedures above, same thing, antivirus still turns itself off. tried to update, but still turns off.
-
For the scannow, there was nothing after it was done, it just stopped.
Event Type: Information
Event Source: Winlogon
Event Category: None
Event ID: 1001
Date: 3/20/2014
Time: 10:21:32 PM
User: N/A
Computer: TRON33
Description:
Checking file system on C:
The type of the file system is NTFS.A disk check has been scheduled.
Windows will now check the disk.
Cleaning up minor inconsistencies on the drive.
Cleaning up 146 unused index entries from index $SII of file 0x9.
Cleaning up 146 unused index entries from index $SDH of file 0x9.
Cleaning up 146 unused security descriptors.
CHKDSK is verifying file data (stage 4 of 5)...
File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
Free space verification is complete.488375968 KB total disk space.
104475408 KB in 257060 files.
91488 KB in 10444 indexes.
0 KB in bad sectors.
359204 KB in use by the system.
65536 KB occupied by the log file.
383449868 KB available on disk.4096 bytes in each allocation unit.
122093992 total allocation units on disk.
95862467 allocation units available on disk.Internal Info:
50 38 04 00 fb 14 04 00 15 64 06 00 00 00 00 00 P8.......d......
e8 0a 00 00 04 00 00 00 bd 08 00 00 00 00 00 00 ................
58 55 1f 15 00 00 00 00 68 a1 16 8f 00 00 00 00 XU......h.......
d2 db 69 1f 00 00 00 00 ea f9 e9 39 07 00 00 00 ..i........9....
4c fc 99 14 1d 00 00 00 6e 74 48 19 25 00 00 00 L.......ntH.%...
99 9e 36 00 00 00 00 00 a8 39 07 00 24 ec 03 00 ..6......9..$...
00 00 00 00 00 40 ac e8 18 00 00 00 cc 28 00 00 .....@.......(..Windows has finished checking your disk.
Please wait while your computer restarts.For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
-
For this part:
System File Check
For Windows XP:
- Press the Windows- and the R-key simultanously.
- Within the text box that jus opened, write cmd and hit Enter.
Can i Click Start then Run and type in CMD? I use an older keyboard and it doesnt have the Window Key.
-
I didnt do anything, i just copy pasted from the notepad.
Here is combofix:
ComboFix 14-03-19.01 - Mike 03/19/2014 20:26:50.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2815.1928 [GMT -7:00]
Running from: c:\documents and settings\Mike\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: ActiveArmor Firewall *Enabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}
FW: McAfee Firewall *Enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
.
.
((((((((((((((((((((((((( Files Created from 2014-02-20 to 2014-03-20 )))))))))))))))))))))))))))))))
.
.
2014-03-17 16:31 . 2014-03-17 16:57 -------- d-----w- C:\FRST
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-19 23:31 . 2012-04-05 16:06 139280 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2014-03-19 23:31 . 2012-04-06 17:22 281872 ----a-w- c:\windows\system32\PnkBstrB.xtr
2014-03-19 23:31 . 2012-04-05 16:06 281872 ----a-w- c:\windows\system32\PnkBstrB.exe
2014-03-19 17:21 . 2012-04-05 16:06 281872 ----a-w- c:\windows\system32\PnkBstrB.ex0
2014-02-24 11:46 . 2005-08-31 15:58 920064 ----a-w- c:\windows\system32\wininet.dll
2014-02-24 11:45 . 2005-08-31 15:58 43520 ------w- c:\windows\system32\licmgr10.dll
2014-02-24 11:45 . 2005-08-31 15:57 1469440 ------w- c:\windows\system32\inetcpl.cpl
2014-02-24 11:45 . 2005-08-31 15:57 18944 ----a-w- c:\windows\system32\corpol.dll
2014-02-24 10:54 . 2005-08-31 15:57 385024 ------w- c:\windows\system32\html.iec
2014-02-07 02:01 . 2005-08-31 15:58 1879040 ----a-w- c:\windows\system32\win32k.sys
2014-02-05 18:01 . 2012-04-05 07:53 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-05 18:01 . 2012-04-05 07:53 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-02-05 08:55 . 2005-08-31 15:58 562688 ----a-w- c:\windows\system32\qedit.dll
2014-01-27 16:18 . 2012-07-03 20:28 61400 ----a-w- c:\windows\system32\drivers\cfwids.sys
2014-01-27 16:11 . 2012-07-03 20:22 175480 ----a-w- c:\windows\system32\mfevtps.exe
2014-01-27 16:11 . 2012-07-03 20:28 92216 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys
2014-01-27 16:06 . 2012-02-22 20:29 573840 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2014-01-27 16:05 . 2012-12-17 16:18 85544 ----a-w- c:\windows\system32\drivers\mfendisk.sys
2014-01-27 16:04 . 2012-07-03 20:28 366248 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2014-01-27 16:04 . 2012-07-03 20:28 66408 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2014-01-27 16:03 . 2014-01-27 16:03 236480 ----a-w- c:\windows\system32\drivers\SETB6.tmp
2014-01-27 16:03 . 2012-07-03 20:28 236480 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2014-01-27 16:02 . 2012-02-22 20:29 134568 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2014-01-21 10:49 . 2014-01-21 10:49 10632 ----a-w- c:\windows\system32\drivers\mfeclnrk.sys
2014-01-21 10:49 . 2014-01-21 10:49 81264 ----a-w- c:\windows\system32\drivers\mfencrk.sys
2014-01-21 10:48 . 2014-01-21 10:48 330248 ----a-w- c:\windows\system32\drivers\mfencbdc.sys
2014-01-04 03:13 . 2005-08-31 15:58 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-12-24 14:47 . 2012-04-05 04:39 36864 ----a-w- c:\windows\system32\drivers\AmdK8.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-02-27 16005120]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2014-01-28 517392]
"Nvtmru"="c:\program files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2013-06-21 15677728]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2013-06-21 223008]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888]
"mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2014-01-28 517392]
.
c:\documents and settings\Mike\Start Menu\Programs\Startup\
Xfire.lnk - c:\program files\Xfire\Xfire.exe [2013-3-20 3560832]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57 959904 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-04-22 04:43 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2010-07-26 02:08 2569616 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-04-05 05:02 116648 ----atw- c:\documents and settings\Mike\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2013-08-16 16:07 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 22:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 21:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-03 03:24 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-07-02 17:16 254336 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2012-04-10 02:26 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Common Files\\Mcafee\\McSvcHost\\McSvHost.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Common Files\\Mcafee\\Platform\\McSvcHost\\McSvHost.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R?2 mcbootdelaystartsvc;McAfee Boot Delay Start Service;"c:\program files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [3/17/2014 7:02 AM 281560]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [7/3/2012 1:28 PM 92216]
R2 EventService;MR APP Event Service;c:\program files\MR APP\MRAPP.Event.Service.exe [12/17/2013 12:50 PM 31744]
R2 HomeNetSvc;McAfee Home Network;"c:\program files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [3/17/2014 7:02 AM 281560]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [7/3/2012 1:28 PM 167784]
R2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe [3/17/2014 7:02 AM 145568]
R2 mcpltsvc;McAfee Platform Services;"c:\program files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [3/17/2014 7:02 AM 281560]
R2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\Mcafee\AMCore\mcshield.exe [3/16/2014 8:43 AM 644088]
R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\Mcafee\SystemCore\mfefire.exe [7/3/2012 1:28 PM 169800]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [7/3/2012 1:22 PM 175480]
R2 TransferService;MR APP Transfer Service;c:\program files\MR APP\MRAPP.Transfer.Service.exe [12/17/2013 12:49 PM 31232]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [7/3/2012 1:28 PM 366248]
R3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\drivers\mfencbdc.sys [1/21/2014 3:48 AM 330248]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [12/17/2012 9:18 AM 85544]
S2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [10/29/2013 8:59 AM 2151200]
S2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [7/3/2012 1:28 PM 167784]
S2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [7/3/2012 1:28 PM 167784]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [7/3/2012 1:28 PM 61400]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [9/17/2013 5:04 PM 23456]
S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [12/11/2012 9:48 AM 147912]
S3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\drivers\mfencrk.sys [1/21/2014 3:49 AM 81264]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [12/17/2012 9:18 AM 85544]
.
Contents of the 'Scheduled Tasks' folder
.
2014-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-04-10 02:26]
.
2014-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-04-10 02:26]
.
2014-03-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-606747145-725345543-1003Core.job
- c:\documents and settings\Mike\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-04-05 05:02]
.
2014-03-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-606747145-725345543-1003UA.job
- c:\documents and settings\Mike\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-04-05 05:02]
.
.
------- Supplementary Scan -------
.
mSearch Bar = hxxp://rd.yahoo.com/customize/sbcydsl/defaults/sb/*http://www.yahoo.com/search/ie.html
uInternet Settings,ProxyOverride = <-loopback>;;view.truste.com
uSearchURL,(Default) = hxxp://rd.yahoo.com/customize/sbcydsl/defaults/su/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: $talisma_url$
Trusted Zone: starstable.com
Trusted Zone: xfire.com\secure
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\documents and settings\Mike\Application Data\Mozilla\Firefox\Profiles\6alscx3p.default-1391569677500\
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-MixPad - c:\program files\NCH Software\MixPad\mixpad.exe
AddRemove-Pixillion - c:\program files\NCH Software\Pixillion\pixillion.exe
AddRemove-VideoPad - c:\program files\NCH Software\VideoPad\videopad.exe
AddRemove-WavePad - c:\program files\NCH Software\WavePad\wavepad.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-03-19 20:46
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1960408961-606747145-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:14,ad,1d,81,4e,fa,fb,29,33,f8,04,a5,24,7e,3b,11,bf,e0,54,98,5c,
5f,94,87,89,cb,34,04,08,4f,78,cf,5b,c3,d9,ea,ca,43,87,d4,19,c8,50,7f,d8,0d,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_38_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_38_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3000)
c:\windows\system32\WININET.dll
c:\progra~1\mcafee\SITEAD~1\saHook.dll
c:\program files\Xfire\xfire_toucan_46139.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2014-03-19 20:50:08
ComboFix-quarantined-files.txt 2014-03-20 03:49
.
Pre-Run: 392,686,731,264 bytes free
Post-Run: 394,054,025,216 bytes free
.
- - End Of File - - 14ACF2F1C1E9F97CBBD3B061BC900C0B
8F558EB6672622401DA993E1E865C861
-
I do open them in notepad. I dont see what the problem you are having trying to read them. I can attach them if you want.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01
Ran by Mike (administrator) on TRON33 on 17-03-2014 09:56:37
Running from C:\Documents and Settings\Mike\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: NormalThe only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Digital Market Research Apps Pty Ltd) C:\Program Files\MR APP\MRAPP.Event.Service.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
(Xfire Inc.) C:\Program Files\Xfire\Xfire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(Apache Software Foundation) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Apache Software Foundation) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
(McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\WINDOWS\system32\PnkBstrA.exe
(Digital Market Research Apps Pty Ltd) C:\Program Files\MR APP\MRAPP.Transfer.Service.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
() C:\WINDOWS\system32\PnkBstrB.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [16005120 2006-02-27] (Realtek Semiconductor Corp.)
HKLM\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [517392 2014-01-28] (McAfee, Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [15677728 2013-06-21] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] - C:\WINDOWS\system32\NvMcTray.dll [223008 2013-06-21] (NVIDIA Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [517392 2014-01-28] (McAfee, Inc.)
HKU\S-1-5-21-1960408961-606747145-725345543-1003\...\Run: [Google Update] - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [116648 2012-04-04] (Google Inc.)
Startup: C:\Documents and Settings\Mike\Start Menu\Programs\Startup\Xfire.lnk
ShortcutTarget: Xfire.lnk -> C:\Program Files\Xfire\Xfire.exe (Xfire Inc.)==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/customize/sbcydsl/defaults/sb/*http://www.yahoo.com/search/ie.html
URLSearchHook: HKCU - Default Value = {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {F6DEA26D-6B54-4791-9B02-ACE45D39F09C} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {4EA46B1B-D008-4CB3-8769-40A8C130D9CC} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
BHO: Yahoo! Companion BHO - {13F537F0-AF09-11d6-9029-0002B31F9E59} - C:\Program Files\Yahoo!\Common\ycomp5,0,8,0.dll (Yahoo! Inc.)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {26CF0ECA-50B9-411D-BA37-86BD6AD53382} http://www.starstable.com/plugin/PXStudioRuntimeAX.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} http://download.yahoo.com/dl/installs/ymail/ymmapi.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254FireFox:
========
FF ProfilePath: C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\6alscx3p.default-1391569677500
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @Motive.com/NpMotive,version=1.0 - C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\Documents and Settings\All Users\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor [2012-07-03]Chrome:
=======
CHR DefaultSearchKeyword: bing.com
CHR DefaultSearchProvider: Bing
CHR DefaultSearchURL: http://www.bing.com/search?setmkt=en-US&q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (YouTube) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-04]
CHR Extension: (Google Search) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-04]
CHR Extension: (SiteAdvisor) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2012-04-06]
CHR Extension: (Ads Removal) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod [2013-12-13]
CHR Extension: (Amazing Coupons) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mjildcbkilmkddbbpbjljljdmmlfeppl [2013-02-28]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-01-24]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-01]
CHR Extension: (Gmail) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-04]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx [2012-07-03]
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\Application\chrome.exe========================== Services (Whitelisted) =================
R2 EventService; C:\Program Files\MR APP\MRAPP.Event.Service.exe [31744 2013-12-17] (Digital Market Research Apps Pty Ltd)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe [143360 2006-03-30] ()
R2 ForcewareWebInterface; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [20543 2006-02-07] (Apache Software Foundation)
R2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [145568 2014-01-28] (McAfee, Inc.)
U2 mcbootdelaystartsvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [279048 2012-11-16] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [644088 2014-01-21] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169800 2014-01-27] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [175480 2014-01-27] (McAfee, Inc.)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [131131 2006-03-30] (NVIDIA Corporation)
R2 nSvcLog; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [65599 2006-03-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76888 2012-05-18] ()
R2 PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [281872 2014-03-17] ()
R2 TransferService; C:\Program Files\MR APP\MRAPP.Transfer.Service.exe [31232 2013-12-17] (Digital Market Research Apps Pty Ltd)==================== Drivers (Whitelisted) ====================
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [36864 2013-12-24] (Advanced Micro Devices)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [61400 2014-01-27] (McAfee, Inc.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [147912 2013-09-23] (McAfee, Inc.)
R2 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [134568 2014-01-27] (McAfee, Inc.)
R2 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [236480 2014-01-27] (McAfee, Inc.)
S3 mfebopk; C:\WINDOWS\System32\drivers\mfebopk.sys [66408 2014-01-27] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [366248 2014-01-27] (McAfee, Inc.)
R2 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [573840 2014-01-27] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [330248 2014-01-21] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [81264 2014-01-21] (McAfee, Inc.)
S3 mfendisk; C:\WINDOWS\System32\DRIVERS\mfendisk.sys [85544 2014-01-27] (McAfee, Inc.)
R3 mfendiskmp; C:\WINDOWS\System32\DRIVERS\mfendisk.sys [85544 2014-01-27] (McAfee, Inc.)
R1 mfetdi2k; C:\WINDOWS\System32\drivers\mfetdi2k.sys [92216 2014-01-27] (McAfee, Inc.)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2011-09-09] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2011-09-09] (Printing Communications Assoc., Inc. (PCAUSA))
R0 nvata; C:\WINDOWS\System32\DRIVERS\nvata.sys [100736 2006-04-24] (NVIDIA Corporation)
S0 nvatabus; C:\WINDOWS\system32\Drivers\nvatabus.sys [99840 2006-03-16] (NVIDIA Corporation)
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [54784 2013-10-29] (NVIDIA Corporation)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [128672 2013-02-24] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [22016 2013-10-29] (NVIDIA Corporation)
S1 NVTCP; C:\WINDOWS\System32\DRIVERS\NVTcp.sys [109568 2006-03-22] (NVIDIA Corporation)
R3 PnkBstrK; C:\WINDOWS\system32\drivers\PnkBstrK.sys [139280 2014-03-17] ()
S4 IntelIde; No ImagePath
U2 mfewfpk;
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-17 09:31 - 2014-03-17 09:56 - 00017172 _____ () C:\Documents and Settings\Mike\Desktop\FRST.txt
2014-03-17 09:31 - 2014-03-17 09:56 - 00000000 ____D () C:\FRST
2014-03-17 09:31 - 2014-03-17 09:31 - 01145856 _____ (Farbar) C:\Documents and Settings\Mike\Desktop\FRST.exe
2014-03-17 07:59 - 2014-03-17 07:59 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
2014-03-14 09:59 - 2014-03-14 09:59 - 00011201 _____ () C:\WINDOWS\KB2925418-IE8.log
2014-03-14 09:59 - 2014-03-14 09:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-14 09:59 - 2014-03-14 09:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-14 09:36 - 2014-03-14 09:59 - 00009734 _____ () C:\WINDOWS\KB2930275.log
2014-03-14 09:36 - 2014-03-14 09:59 - 00008512 _____ () C:\WINDOWS\KB2929961.log
2014-03-10 10:27 - 2014-03-10 10:27 - 00001862 _____ () C:\Documents and Settings\All Users\Desktop\Windows 7 Upgrade Advisor.lnk
2014-03-06 08:40 - 2014-03-11 18:29 - 00000806 _____ () C:\WINDOWS\wmsetup.log==================== One Month Modified Files and Folders =======
2014-03-17 09:56 - 2014-03-17 09:31 - 00017172 _____ () C:\Documents and Settings\Mike\Desktop\FRST.txt
2014-03-17 09:56 - 2014-03-17 09:31 - 00000000 ____D () C:\FRST
2014-03-17 09:56 - 2012-04-04 22:02 - 00000974 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-606747145-725345543-1003UA.job
2014-03-17 09:52 - 2012-04-04 21:23 - 01733895 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-17 09:31 - 2014-03-17 09:31 - 01145856 _____ (Farbar) C:\Documents and Settings\Mike\Desktop\FRST.exe
2014-03-17 09:30 - 2013-02-26 08:50 - 00013776 _____ () C:\WINDOWS\system32\nvAppTimestamps
2014-03-17 09:29 - 2012-04-09 19:26 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-17 08:31 - 2012-04-05 09:06 - 00139280 _____ () C:\WINDOWS\system32\Drivers\PnkBstrK.sys
2014-03-17 08:30 - 2012-04-06 10:22 - 00281872 _____ () C:\WINDOWS\system32\PnkBstrB.xtr
2014-03-17 08:30 - 2012-04-05 09:06 - 00281872 _____ () C:\WINDOWS\system32\PnkBstrB.exe
2014-03-17 08:03 - 2012-04-05 01:11 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\McAfee
2014-03-17 07:59 - 2014-03-17 07:59 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
2014-03-17 07:58 - 2012-04-04 22:41 - 00000716 _____ () C:\WINDOWS\system32\nmp.log
2014-03-17 07:58 - 2005-08-31 08:59 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-03-17 07:56 - 2014-01-22 17:23 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-17 07:56 - 2014-01-22 17:23 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-03-17 07:55 - 2012-04-09 19:26 - 00000878 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-17 07:55 - 2012-04-05 00:28 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975560$
2014-03-17 07:55 - 2012-04-04 21:42 - 00000000 ____D () C:\WINDOWS\system32\Lang
2014-03-17 07:55 - 2012-04-04 21:27 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-17 07:54 - 2014-01-22 17:22 - 00032560 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-17 07:54 - 2012-04-04 21:28 - 00000178 ___SH () C:\Documents and Settings\Mike\ntuser.ini
2014-03-17 07:12 - 2012-07-03 13:28 - 00000000 ____D () C:\Program Files\McAfee
2014-03-17 07:06 - 2012-07-03 13:28 - 00000000 ____D () C:\Program Files\Common Files\Mcafee
2014-03-17 07:05 - 2013-02-28 23:04 - 00507014 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1960408961-606747145-725345543-1003-0.dat
2014-03-17 07:05 - 2013-02-28 23:04 - 00160782 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-03-17 07:03 - 2014-02-02 09:09 - 00115756 _____ () C:\WINDOWS\setupapi.log
2014-03-16 09:06 - 2012-04-05 09:06 - 00281872 _____ () C:\WINDOWS\system32\PnkBstrB.ex0
2014-03-15 15:45 - 2012-08-23 17:42 - 00000000 ____D () C:\Documents and Settings\Mike\Desktop\Wizard101
2014-03-15 11:56 - 2012-04-04 22:02 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-606747145-725345543-1003Core.job
2014-03-14 15:28 - 2013-08-20 15:40 - 00000116 _____ () C:\Documents and Settings\Mike\Desktop\Survey passcode.txt
2014-03-14 15:08 - 2012-04-04 14:18 - 00152384 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-14 09:59 - 2014-03-14 09:59 - 00011201 _____ () C:\WINDOWS\KB2925418-IE8.log
2014-03-14 09:59 - 2014-03-14 09:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-14 09:59 - 2014-03-14 09:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-14 09:59 - 2014-03-14 09:36 - 00009734 _____ () C:\WINDOWS\KB2930275.log
2014-03-14 09:59 - 2014-03-14 09:36 - 00008512 _____ () C:\WINDOWS\KB2929961.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00040098 _____ () C:\WINDOWS\iis6.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00037100 _____ () C:\WINDOWS\FaxSetup.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00017736 _____ () C:\WINDOWS\ocgen.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00016927 _____ () C:\WINDOWS\tsoc.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00012366 _____ () C:\WINDOWS\comsetup.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00011320 _____ () C:\WINDOWS\msmqinst.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00007488 _____ () C:\WINDOWS\ntdtcsetup.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00006498 _____ () C:\WINDOWS\netfxocm.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00006354 _____ () C:\WINDOWS\updspapi.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00002550 _____ () C:\WINDOWS\MedCtrOC.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00002052 _____ () C:\WINDOWS\ocmsn.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00001866 _____ () C:\WINDOWS\tabletoc.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00001854 _____ () C:\WINDOWS\msgsocm.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-03-14 09:59 - 2012-04-05 00:34 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-03-11 18:29 - 2014-03-06 08:40 - 00000806 _____ () C:\WINDOWS\wmsetup.log
2014-03-11 18:07 - 2012-04-12 05:40 - 00000000 ____D () C:\Program Files\Xfire
2014-03-10 10:27 - 2014-03-10 10:27 - 00001862 _____ () C:\Documents and Settings\All Users\Desktop\Windows 7 Upgrade Advisor.lnk
2014-03-10 10:27 - 2013-04-16 19:08 - 00001868 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Windows 7 Upgrade Advisor.lnk
2014-03-10 10:27 - 2013-04-16 19:08 - 00000000 ____D () C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2014-03-09 06:46 - 2012-04-04 14:19 - 00634032 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-08 08:45 - 2012-04-28 06:46 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CanonIJPLM
2014-03-07 07:29 - 2012-12-17 09:19 - 00001024 ____H () C:\WINDOWS\system32\config\ELAM.LOG
2014-02-24 16:24 - 2005-08-31 08:57 - 00174592 ____N (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-24 16:24 - 2005-08-31 08:57 - 00174592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ie4uinit.exe
2014-02-24 04:46 - 2012-04-05 00:34 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2014-02-24 04:46 - 2012-04-04 21:22 - 00759296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 06022144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 01216000 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00920064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00611840 ____N (Microsoft Corporation) C:\WINDOWS\system32\mstime.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00611840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstime.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00206848 ____N (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00206848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00105984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00067072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtmled.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-02-24 04:45 - 2012-06-13 07:52 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2014-02-24 04:45 - 2012-04-05 00:34 - 11113472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2014-02-24 04:45 - 2012-04-05 00:34 - 02006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2014-02-24 04:45 - 2012-04-05 00:34 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2014-02-24 04:45 - 2012-04-05 00:34 - 00630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2014-02-24 04:45 - 2012-04-05 00:34 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2014-02-24 04:45 - 2012-04-05 00:34 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2014-02-24 04:45 - 2009-03-08 04:39 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-24 04:45 - 2009-03-08 04:32 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-24 04:45 - 2009-03-08 04:32 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-24 04:45 - 2009-03-08 04:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-02-24 04:45 - 2005-08-31 08:58 - 00043520 ____N (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-02-24 04:45 - 2005-08-31 08:58 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licmgr10.dll
2014-02-24 04:45 - 2005-08-31 08:57 - 01469440 ____N (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-24 04:45 - 2005-08-31 08:57 - 01469440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl
2014-02-24 04:45 - 2005-08-31 08:57 - 00387584 ____N (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-02-24 04:45 - 2005-08-31 08:57 - 00387584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedkcs32.dll
2014-02-24 04:45 - 2005-08-31 08:57 - 00184320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll
2014-02-24 04:45 - 2005-08-31 08:57 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-02-24 04:45 - 2005-08-31 08:57 - 00025600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsproxy.dll
2014-02-24 04:45 - 2005-08-31 08:57 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-24 04:45 - 2005-08-31 08:57 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\corpol.dll
2014-02-24 04:45 - 2005-08-31 08:57 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\corpol.dll
2014-02-24 03:54 - 2005-08-31 08:57 - 00385024 ____N (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-02-23 00:45 - 2012-04-26 12:58 - 00000116 _____ () C:\WINDOWS\NeroDigital.ini
2014-02-21 18:04 - 2012-04-04 21:28 - 00000000 ____D () C:\Documents and Settings\Mike
2014-02-17 10:52 - 2012-04-14 08:52 - 00000000 ____D () C:\Documents and Settings\Mike\Application Data\XfireSome content of TEMP:
====================
C:\Documents and Settings\Mike\Local Settings\temp\hcuninstaller_20140203_072758_1832.exe
C:\Documents and Settings\Mike\Local Settings\temp\ICReinstall_FirefoxSetup[1].exe
C:\Documents and Settings\Mike\Local Settings\temp\promote-upx.exe
C:\Documents and Settings\Mike\Local Settings\temp\Quarantine.exe==================== Bamital & volsnap Check =================
C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit==================== End Of Log ============================
Addition txt:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014 01
Ran by Mike at 2014-03-17 09:56:56
Running from C:\Documents and Settings\Mike\Desktop
Boot Mode: Normal
============================================================================== Security Center ========================
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall (Disabled) {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
FW: ActiveArmor Firewall (Disabled) {EDC10449-64D1-46c7-A59A-EC20D662F26D}==================== Installed Programs ======================
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.38 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
att.net Internet Mail (HKLM\...\Yahoo! Mail) (Version: - )
Audio MP3 Editor 5.80 (HKLM\...\Audio MP3 Editor_is1) (Version: - audio2x.com)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty® - World at War (HKLM\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.7 - Activision)
Call of Duty® - World at War (Version: 1.0 - Activision) Hidden
Call of Duty® - World at War 1.2 Patch (Version: - ) Hidden
Call of Duty® - World at War 1.2 Patch (Version: 1.2 - Activision) Hidden
Call of Duty® - World at War 1.3 Patch (Version: - ) Hidden
Call of Duty® - World at War 1.3 Patch (Version: 1.3 - Activision) Hidden
Call of Duty® - World at War 1.4 Patch (Version: - ) Hidden
Call of Duty® - World at War 1.4 Patch (Version: 1.4 - Activision) Hidden
Call of Duty® - World at War 1.5 Patch (Version: - ) Hidden
Call of Duty® - World at War 1.5 Patch (Version: 1.5 - Activision) Hidden
Call of Duty® - World at War 1.6 Patch (Version: - ) Hidden
Call of Duty® - World at War 1.6 Patch (Version: 1.6 - Activision) Hidden
Call of Duty® - World at War 1.7 Patch (Version: - ) Hidden
Call of Duty® - World at War 1.7 Patch (Version: 1.7 - Activision) Hidden
Canon MP Navigator EX 4.1 (HKLM\...\MP Navigator EX 4.1) (Version: - )
Canon MX410 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series) (Version: - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Disney's Stanley Tiger Tales (HKLM\...\{75C139EF-A37B-11D5-B232-0050DACD394D}) (Version: - )
e-Rewards Notify (HKLM\...\{54AA8284-7213-4D3E-9186-9DB50AFF600D}) (Version: 1.1.0.181 - e-Rewards Opinion Panel)
Eye Candy 4000 (HKLM\...\Eye Candy 4000) (Version: - )
Flvto Youtube Downloader (HKLM\...\Flvto Youtube Downloader) (Version: 0.5.0 - Hotger)
FormatFactory 3.0.1 (HKLM\...\FormatFactory) (Version: 3.0.1 - Free Time)
Google Chrome (HKCU\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
HandBrake 0.9.8 (HKLM\...\HandBrake) (Version: 0.9.8 - )
Happy Cloud Client (HKCU\...\HappyCloud) (Version: 1.386 - Happy Cloud, Inc.)
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
iTunes (HKLM\...\{9B486871-27EB-49A5-8832-77176E63333C}) (Version: 11.0.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
LightScribe 1.4.124.1 (Version: 1.4.124.1 - http://www.lightscribe.com) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee SecurityCenter (HKLM\...\MSC) (Version: 12.8.934 - McAfee, Inc.)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MixPad (HKLM\...\MixPad) (Version: - NCH Software)
Mozilla Firefox 27.0 (x86 en-US) (HKLM\...\Mozilla Firefox 27.0 (x86 en-US)) (Version: 27.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0 - Mozilla)
Nero 7 Essentials (HKLM\...\{18039280-98B7-4C5E-AAC0-10EBC9731033}) (Version: 7.02.4457 - Nero AG)
NVIDIA Control Panel 320.49 (Version: 320.49 - NVIDIA Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM\...\InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}) (Version: 2.03.5523 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (Version: 2.03.5523 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.124.810 - NVIDIA Corporation) Hidden
NVIDIA nView 140.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.62 - NVIDIA Corporation)
NVIDIA PhysX (Version: 9.13.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Update 4.11.9 (Version: 4.11.9 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 4.11.9 - NVIDIA Corporation) Hidden
Paint Shop Pro 7 ESD (HKLM\...\{D6DE02C7-1F47-11D4-9515-00105AE4B89A}) (Version: 7.0.0.0000 - Jasc Software Inc)
Pirate101 (HKLM\...\{662140BE-138C-4DC1-B4CD-B62C6C855A25}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
Pixillion Image Converter (HKLM\...\Pixillion) (Version: 2.72 - NCH Software)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )
Prime World version 9.8.6 (HKLM\...\{F6F3C462-2729-4555-8A95-CC317A90F8FF}_is1) (Version: 9.8.6 - Nival)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Pyware iPAS (HKLM\...\Pyware iPAS) (Version: 1.0.0.0 - Pygraphics)
QuickTime (HKLM\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 2.04 - Realtek Semiconductor Corp.)
Rose Online (HKLM\...\{2C3BC4D9-2CDB-4EFB-8CB9-323D032D5FF5}) (Version: 1.0.483.1 - Gravity Interactive, Inc.)
SAMSUNG Intelli-studio (HKLM\...\Intelli-studio) (Version: 3.1.32.1 - Samsung Electronics Co., Ltd.)
Shared C Run-time for x86 (Version: 10.0.0 - McAfee) Hidden
Shockwave (HKLM\...\Shockwave) (Version: - )
SPORE™ (HKLM\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.6 - TeamSpeak Systems GmbH)
The Mighty Quest For Epic Loot version 1.219367 (HKLM\...\The Mighty Quest For Epic Loot_is1) (Version: 1.219367 - )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2492386) (HKLM\...\KB2492386) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2808679) (HKLM\...\KB2808679) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VideoPad Video Editor (HKLM\...\VideoPad) (Version: - NCH Software)
WavePad Sound Editor (HKLM\...\WavePad) (Version: - NCH Software)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0) (HKLM\...\9E140F48C9836B9B78539C08FB2B17146BDB3F65) (Version: 04/28/2006 1.3.1.0 - Advanced Micro Devices)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Media Player 11 (Version: - Microsoft Corporation) Hidden
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
Wizard101 (HKLM\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
Xfire (remove only) (HKLM\...\Xfire) (Version: - )
Yahoo! Login (HKLM\...\Yahoo! Login) (Version: - )
Yahoo! Messenger Explorer Bar (HKLM\...\Yahoo! Messenger Explorer Bar) (Version: - )==================== Restore Points =========================
04-02-2014 17:54:42 System Checkpoint
04-02-2014 17:54:42 System Checkpoint
04-02-2014 17:54:42 System Checkpoint
04-02-2014 17:54:43 Software Distribution Service 3.0
04-02-2014 17:54:43 System Checkpoint
04-02-2014 17:54:43 System Checkpoint
04-02-2014 17:54:44 Installed Java 7 Update 45
04-02-2014 17:54:45 System Checkpoint
04-02-2014 17:54:46 Installed %1 %2.
04-02-2014 17:54:46 Installed %1 %2.
04-02-2014 17:54:46 Installed Windows XP KB2808679.
04-02-2014 17:54:47 System Checkpoint
04-02-2014 17:54:47 System Checkpoint
04-02-2014 17:54:47 System Checkpoint
04-02-2014 17:54:48 System Checkpoint
04-02-2014 17:54:48 System Checkpoint
04-02-2014 17:54:49 System Checkpoint
04-02-2014 17:54:49 System Checkpoint
04-02-2014 17:54:49 System Checkpoint
04-02-2014 17:54:50 System Checkpoint
04-02-2014 17:54:50 System Checkpoint
04-02-2014 17:54:50 System Checkpoint
04-02-2014 17:54:51 System Checkpoint
04-02-2014 17:54:51 Software Distribution Service 3.0
04-02-2014 17:54:51 Software Distribution Service 3.0
04-02-2014 17:54:51 System Checkpoint
04-02-2014 17:54:52 System Checkpoint
04-02-2014 17:54:52 System Checkpoint
04-02-2014 17:54:53 System Checkpoint
04-02-2014 17:54:53 System Checkpoint
04-02-2014 17:54:54 Driver Booster : NVIDIA GeForce GTX 650
04-02-2014 17:54:54 System Checkpoint
04-02-2014 17:54:54 System Checkpoint
04-02-2014 17:54:55 System Checkpoint
04-02-2014 17:54:55 System Checkpoint
04-02-2014 17:54:55 System Checkpoint
04-02-2014 17:54:56 System Checkpoint
04-02-2014 17:54:56 System Checkpoint
04-02-2014 17:54:57 System Checkpoint
04-02-2014 17:54:57 System Checkpoint
04-02-2014 17:54:58 System Checkpoint
04-02-2014 17:54:58 System Checkpoint
04-02-2014 17:54:58 Software Distribution Service 3.0
04-02-2014 17:54:59 System Checkpoint
04-02-2014 17:55:00 System Checkpoint
04-02-2014 17:55:00 System Checkpoint
04-02-2014 17:55:00 System Checkpoint
04-02-2014 17:55:01 Installed Java 7 Update 51
04-02-2014 17:55:01 System Checkpoint
04-02-2014 17:55:03 System Checkpoint
04-02-2014 17:55:03 System Checkpoint
04-02-2014 17:55:04 System Checkpoint
04-02-2014 17:55:05 System Checkpoint
04-02-2014 17:55:05 System Checkpoint
04-02-2014 17:55:05 System Checkpoint
04-02-2014 17:55:05 System Checkpoint
04-02-2014 17:55:08 End of disinfection
05-02-2014 19:13:08 System Checkpoint
06-02-2014 20:39:34 System Checkpoint
08-02-2014 17:46:33 System Checkpoint
10-02-2014 02:19:46 System Checkpoint
12-02-2014 00:55:01 System Checkpoint
12-02-2014 23:39:39 Software Distribution Service 3.0
14-02-2014 00:36:45 System Checkpoint
15-02-2014 01:19:53 System Checkpoint
16-02-2014 17:03:50 System Checkpoint
18-02-2014 01:16:31 System Checkpoint
19-02-2014 01:25:00 System Checkpoint
20-02-2014 01:40:39 System Checkpoint
21-02-2014 01:53:11 System Checkpoint
24-02-2014 01:17:02 System Checkpoint
25-02-2014 17:25:31 System Checkpoint
26-02-2014 17:26:52 System Checkpoint
27-02-2014 17:45:01 System Checkpoint
28-02-2014 18:07:11 System Checkpoint
01-03-2014 21:29:23 System Checkpoint
02-03-2014 23:32:44 System Checkpoint
04-03-2014 04:45:21 System Checkpoint
05-03-2014 14:50:56 System Checkpoint
06-03-2014 17:49:05 System Checkpoint
08-03-2014 01:38:11 System Checkpoint
09-03-2014 14:11:26 System Checkpoint
10-03-2014 16:17:14 System Checkpoint
12-03-2014 14:26:51 System Checkpoint
13-03-2014 16:31:56 System Checkpoint
14-03-2014 16:59:27 Software Distribution Service 3.0
17-03-2014 13:39:47 System Checkpoint==================== Hosts content: ==========================
2005-08-31 08:57 - 2013-03-10 07:55 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost==================== Scheduled Tasks (whitelisted) =============
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-606747145-725345543-1003Core.job => C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-606747145-725345543-1003UA.job => C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MixPadReminder.job => C:\Program Files\NCH Software\MixPad\mixpad.exe
Task: C:\WINDOWS\Tasks\PixillionSevenDays.job => C:\Program Files\NCH Software\Pixillion\pixillion.exe==================== Loaded Modules (whitelisted) =============
2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2005-08-31 08:57 - 2008-04-13 17:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2005-08-31 08:58 - 2008-04-13 17:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2006-02-07 00:13 - 2006-02-07 00:13 - 00024691 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_auth.so
2006-02-07 00:13 - 2006-02-07 00:13 - 00159744 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\SSLEAY32.dll
2006-02-07 00:13 - 2006-02-07 00:13 - 00876544 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\LIBEAY32.dll
2012-04-05 09:06 - 2012-05-18 11:04 - 00076888 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2006-03-30 14:58 - 2006-03-30 14:58 - 00143360 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
2012-04-05 09:06 - 2014-03-17 08:30 - 00281872 _____ () C:\WINDOWS\system32\PnkBstrB.exe==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: Google Update => "C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\qttask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl => "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/17/2014 07:03:21 AM) (Source: Application Error) (User: )
Description: Fault bucket -1068817231.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.Error: (03/17/2014 07:03:10 AM) (Source: Application Error) (User: )
Description: Faulting application McSvHost.exe, version 2.6.259.0, faulting module msvcr100.dll, version 10.0.40219.325, fault address 0x0008d6fd.
Processing media-specific event for [McSvHost.exe!ws!]Error: (03/17/2014 07:02:30 AM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: 1Error: (03/17/2014 06:12:34 AM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: 1Error: (03/16/2014 09:40:44 PM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: 1Error: (03/16/2014 08:43:15 AM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: 1Error: (03/13/2014 08:28:54 AM) (Source: Application Hang) (User: )
Description: Hanging application CoDWaWmp.exe, version 1.7.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.Error: (03/11/2014 06:13:25 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.Error: (03/10/2014 10:12:30 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.Error: (03/06/2014 09:41:23 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.23562, fault address 0x000ddc85.
Processing media-specific event for [iexplore.exe!ws!]System errors:
=============
Error: (03/17/2014 09:21:16 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {DC7EF8E1-824F-4110-AB43-1604DA9B4F40} did not register with DCOM within the required timeout.Error: (03/17/2014 09:20:45 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {395633B1-EED9-4DFC-B67F-9788B51C9F06} did not register with DCOM within the required timeout.Error: (03/17/2014 09:20:15 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {395633B1-EED9-4DFC-B67F-9788B51C9F06} did not register with DCOM within the required timeout.Error: (03/17/2014 08:10:46 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {DC7EF8E1-824F-4110-AB43-1604DA9B4F40} did not register with DCOM within the required timeout.Error: (03/17/2014 08:10:15 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {395633B1-EED9-4DFC-B67F-9788B51C9F06} did not register with DCOM within the required timeout.Error: (03/17/2014 08:09:45 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {395633B1-EED9-4DFC-B67F-9788B51C9F06} did not register with DCOM within the required timeout.Error: (03/17/2014 08:08:32 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {DC7EF8E1-824F-4110-AB43-1604DA9B4F40} did not register with DCOM within the required timeout.Error: (03/17/2014 08:08:01 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {395633B1-EED9-4DFC-B67F-9788B51C9F06} did not register with DCOM within the required timeout.Error: (03/17/2014 08:07:31 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {395633B1-EED9-4DFC-B67F-9788B51C9F06} did not register with DCOM within the required timeout.Error: (03/17/2014 08:04:04 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {DC7EF8E1-824F-4110-AB43-1604DA9B4F40} did not register with DCOM within the required timeout.Microsoft Office Sessions:
============================================= Memory info ===========================
Percentage of memory in use: 35%
Total physical RAM: 2815.48 MB
Available physical RAM: 1808.96 MB
Total Pagefile: 4702.89 MB
Available Pagefile: 3649.65 MB
Total Virtual: 2047.88 MB
Available Virtual: 1931.62 MB==================== Drives ================================
Drive c: () (Fixed) (Total:465.75 GB) (Free:366.89 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (CODWAW) (CDROM) (Total:6.95 GB) (Free:0 GB) UDF
Drive e: (Storage) (Fixed) (Total:465.76 GB) (Free:414.69 GB) NTFS==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: D4920F58)Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: A8EDA8ED)Partition: GPT Partition Type.
==================== End Of Log ============================
-
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-03-18 15:46:19
-----------------------------
15:46:19.109 OS Version: Windows 5.1.2600 Service Pack 3
15:46:19.125 Number of processors: 2 586 0x4302
15:46:19.125 ComputerName: TRON33 UserName: Mike
15:46:21.218 Initialize success
15:51:10.671 AVAST engine defs: 14031802
16:00:29.796 Disk 0 \Device\Harddisk0\DR0 -> \Device\00000073
16:00:29.796 Disk 0 Vendor: ST3500418AS CC38 Size: 476940MB BusType: 3
16:00:29.796 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\00000074
16:00:29.796 Disk 1 Vendor: ST500DM002-1BD142 KC45 Size: 476940MB BusType: 3
16:00:29.937 Disk 1 MBR read successfully
16:00:29.937 Disk 1 MBR scan
16:00:29.968 Disk 1 Windows XP default MBR code
16:00:29.968 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476929 MB offset 63
16:00:29.968 Disk 1 scanning sectors +976752000
16:00:30.000 Disk 1 scanning C:\WINDOWS\system32\drivers
16:00:41.515 Service scanning
16:01:04.609 Modules scanning
16:01:12.109 Disk 1 trace - called modules:
16:01:12.140 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll nvata.sys
16:01:12.140 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x8aea0ab8]
16:01:12.140 3 CLASSPNP.SYS[b8108fd7] -> nt!IofCallDriver -> \Device\00000076[0x8af01b70]
16:01:12.140 5 ACPI.sys[b7f7f620] -> nt!IofCallDriver -> \Device\00000074[0x8ae9e030]
16:01:16.015 AVAST engine scan C:\WINDOWS
16:01:27.625 AVAST engine scan C:\WINDOWS\system32
16:05:21.687 AVAST engine scan C:\WINDOWS\system32\drivers
16:05:53.031 AVAST engine scan C:\Documents and Settings\Mike
16:19:27.859 Disk 1 MBR has been saved successfully to "C:\Documents and Settings\Mike\Desktop\MBR.dat"
16:19:27.859 The log file has been saved successfully to "C:\Documents and Settings\Mike\Desktop\aswMBR.txt" -
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01
Ran by Mike (administrator) on TRON33 on 17-03-2014 09:56:37
Running from C:\Documents and Settings\Mike\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: NormalThe only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Digital Market Research Apps Pty Ltd) C:\Program Files\MR APP\MRAPP.Event.Service.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
(Xfire Inc.) C:\Program Files\Xfire\Xfire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(Apache Software Foundation) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Apache Software Foundation) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
(McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\WINDOWS\system32\PnkBstrA.exe
(Digital Market Research Apps Pty Ltd) C:\Program Files\MR APP\MRAPP.Transfer.Service.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
() C:\WINDOWS\system32\PnkBstrB.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe==================== Registry (Whitelisted) ==================HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [16005120 2006-02-27] (Realtek Semiconductor Corp.)
HKLM\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [517392 2014-01-28] (McAfee, Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [15677728 2013-06-21] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] - C:\WINDOWS\system32\NvMcTray.dll [223008 2013-06-21] (NVIDIA Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [517392 2014-01-28] (McAfee, Inc.)
HKU\S-1-5-21-1960408961-606747145-725345543-1003\...\Run: [Google Update] - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [116648 2012-04-04] (Google Inc.)
Startup: C:\Documents and Settings\Mike\Start Menu\Programs\Startup\Xfire.lnk
ShortcutTarget: Xfire.lnk -> C:\Program Files\Xfire\Xfire.exe (Xfire Inc.)==================== Internet (Whitelisted) ====================HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/customize/sbcydsl/defaults/sb/*http://www.yahoo.com/search/ie.html
URLSearchHook: HKCU - Default Value = {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {F6DEA26D-6B54-4791-9B02-ACE45D39F09C} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {4EA46B1B-D008-4CB3-8769-40A8C130D9CC} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
BHO: Yahoo! Companion BHO - {13F537F0-AF09-11d6-9029-0002B31F9E59} - C:\Program Files\Yahoo!\Common\ycomp5,0,8,0.dll (Yahoo! Inc.)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {26CF0ECA-50B9-411D-BA37-86BD6AD53382} http://www.starstable.com/plugin/PXStudioRuntimeAX.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} http://download.yahoo.com/dl/installs/ymail/ymmapi.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254FireFox:
========
FF ProfilePath: C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\6alscx3p.default-1391569677500
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @Motive.com/NpMotive,version=1.0 - C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\Documents and Settings\All Users\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor [2012-07-03]Chrome:
=======
CHR DefaultSearchKeyword: bing.com
CHR DefaultSearchProvider: Bing
CHR DefaultSearchURL: http://www.bing.com/search?setmkt=en-US&q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (YouTube) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-04]
CHR Extension: (Google Search) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-04]
CHR Extension: (SiteAdvisor) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2012-04-06]
CHR Extension: (Ads Removal) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod [2013-12-13]
CHR Extension: (Amazing Coupons) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mjildcbkilmkddbbpbjljljdmmlfeppl [2013-02-28]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-01-24]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-01]
CHR Extension: (Gmail) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-04]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx [2012-07-03]
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\Application\chrome.exe========================== Services (Whitelisted) =================R2 EventService; C:\Program Files\MR APP\MRAPP.Event.Service.exe [31744 2013-12-17] (Digital Market Research Apps Pty Ltd)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe [143360 2006-03-30] ()
R2 ForcewareWebInterface; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [20543 2006-02-07] (Apache Software Foundation)
R2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [145568 2014-01-28] (McAfee, Inc.)
U2 mcbootdelaystartsvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [279048 2012-11-16] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [644088 2014-01-21] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169800 2014-01-27] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [175480 2014-01-27] (McAfee, Inc.)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [131131 2006-03-30] (NVIDIA Corporation)
R2 nSvcLog; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [65599 2006-03-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76888 2012-05-18] ()
R2 PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [281872 2014-03-17] ()
R2 TransferService; C:\Program Files\MR APP\MRAPP.Transfer.Service.exe [31232 2013-12-17] (Digital Market Research Apps Pty Ltd)==================== Drivers (Whitelisted) ====================R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [36864 2013-12-24] (Advanced Micro Devices)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [61400 2014-01-27] (McAfee, Inc.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [147912 2013-09-23] (McAfee, Inc.)
R2 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [134568 2014-01-27] (McAfee, Inc.)
R2 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [236480 2014-01-27] (McAfee, Inc.)
S3 mfebopk; C:\WINDOWS\System32\drivers\mfebopk.sys [66408 2014-01-27] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [366248 2014-01-27] (McAfee, Inc.)
R2 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [573840 2014-01-27] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [330248 2014-01-21] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [81264 2014-01-21] (McAfee, Inc.)
S3 mfendisk; C:\WINDOWS\System32\DRIVERS\mfendisk.sys [85544 2014-01-27] (McAfee, Inc.)
R3 mfendiskmp; C:\WINDOWS\System32\DRIVERS\mfendisk.sys [85544 2014-01-27] (McAfee, Inc.)
R1 mfetdi2k; C:\WINDOWS\System32\drivers\mfetdi2k.sys [92216 2014-01-27] (McAfee, Inc.)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2011-09-09] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2011-09-09] (Printing Communications Assoc., Inc. (PCAUSA))
R0 nvata; C:\WINDOWS\System32\DRIVERS\nvata.sys [100736 2006-04-24] (NVIDIA Corporation)
S0 nvatabus; C:\WINDOWS\system32\Drivers\nvatabus.sys [99840 2006-03-16] (NVIDIA Corporation)
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [54784 2013-10-29] (NVIDIA Corporation)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [128672 2013-02-24] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [22016 2013-10-29] (NVIDIA Corporation)
S1 NVTCP; C:\WINDOWS\System32\DRIVERS\NVTcp.sys [109568 2006-03-22] (NVIDIA Corporation)
R3 PnkBstrK; C:\WINDOWS\system32\drivers\PnkBstrK.sys [139280 2014-03-17] ()
S4 IntelIde; No ImagePath
U2 mfewfpk;
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)==================== NetSvcs (Whitelisted) ======================================= One Month Created Files and Folders ========2014-03-17 09:31 - 2014-03-17 09:56 - 00017172 _____ () C:\Documents and Settings\Mike\Desktop\FRST.txt
2014-03-17 09:31 - 2014-03-17 09:56 - 00000000 ____D () C:\FRST
2014-03-17 09:31 - 2014-03-17 09:31 - 01145856 _____ (Farbar) C:\Documents and Settings\Mike\Desktop\FRST.exe
2014-03-17 07:59 - 2014-03-17 07:59 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
2014-03-14 09:59 - 2014-03-14 09:59 - 00011201 _____ () C:\WINDOWS\KB2925418-IE8.log
2014-03-14 09:59 - 2014-03-14 09:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-14 09:59 - 2014-03-14 09:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-14 09:36 - 2014-03-14 09:59 - 00009734 _____ () C:\WINDOWS\KB2930275.log
2014-03-14 09:36 - 2014-03-14 09:59 - 00008512 _____ () C:\WINDOWS\KB2929961.log
2014-03-10 10:27 - 2014-03-10 10:27 - 00001862 _____ () C:\Documents and Settings\All Users\Desktop\Windows 7 Upgrade Advisor.lnk
2014-03-06 08:40 - 2014-03-11 18:29 - 00000806 _____ () C:\WINDOWS\wmsetup.log==================== One Month Modified Files and Folders =======2014-03-17 09:56 - 2014-03-17 09:31 - 00017172 _____ () C:\Documents and Settings\Mike\Desktop\FRST.txt
2014-03-17 09:56 - 2014-03-17 09:31 - 00000000 ____D () C:\FRST
2014-03-17 09:56 - 2012-04-04 22:02 - 00000974 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-606747145-725345543-1003UA.job
2014-03-17 09:52 - 2012-04-04 21:23 - 01733895 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-17 09:31 - 2014-03-17 09:31 - 01145856 _____ (Farbar) C:\Documents and Settings\Mike\Desktop\FRST.exe
2014-03-17 09:30 - 2013-02-26 08:50 - 00013776 _____ () C:\WINDOWS\system32\nvAppTimestamps
2014-03-17 09:29 - 2012-04-09 19:26 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-17 08:31 - 2012-04-05 09:06 - 00139280 _____ () C:\WINDOWS\system32\Drivers\PnkBstrK.sys
2014-03-17 08:30 - 2012-04-06 10:22 - 00281872 _____ () C:\WINDOWS\system32\PnkBstrB.xtr
2014-03-17 08:30 - 2012-04-05 09:06 - 00281872 _____ () C:\WINDOWS\system32\PnkBstrB.exe
2014-03-17 08:03 - 2012-04-05 01:11 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\McAfee
2014-03-17 07:59 - 2014-03-17 07:59 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
2014-03-17 07:58 - 2012-04-04 22:41 - 00000716 _____ () C:\WINDOWS\system32\nmp.log
2014-03-17 07:58 - 2005-08-31 08:59 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-03-17 07:56 - 2014-01-22 17:23 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-17 07:56 - 2014-01-22 17:23 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-03-17 07:55 - 2012-04-09 19:26 - 00000878 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-17 07:55 - 2012-04-05 00:28 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975560$
2014-03-17 07:55 - 2012-04-04 21:42 - 00000000 ____D () C:\WINDOWS\system32\Lang
2014-03-17 07:55 - 2012-04-04 21:27 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-17 07:54 - 2014-01-22 17:22 - 00032560 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-17 07:54 - 2012-04-04 21:28 - 00000178 ___SH () C:\Documents and Settings\Mike\ntuser.ini
2014-03-17 07:12 - 2012-07-03 13:28 - 00000000 ____D () C:\Program Files\McAfee
2014-03-17 07:06 - 2012-07-03 13:28 - 00000000 ____D () C:\Program Files\Common Files\Mcafee
2014-03-17 07:05 - 2013-02-28 23:04 - 00507014 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1960408961-606747145-725345543-1003-0.dat
2014-03-17 07:05 - 2013-02-28 23:04 - 00160782 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-03-17 07:03 - 2014-02-02 09:09 - 00115756 _____ () C:\WINDOWS\setupapi.log
2014-03-16 09:06 - 2012-04-05 09:06 - 00281872 _____ () C:\WINDOWS\system32\PnkBstrB.ex0
2014-03-15 15:45 - 2012-08-23 17:42 - 00000000 ____D () C:\Documents and Settings\Mike\Desktop\Wizard101
2014-03-15 11:56 - 2012-04-04 22:02 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-606747145-725345543-1003Core.job
2014-03-14 15:28 - 2013-08-20 15:40 - 00000116 _____ () C:\Documents and Settings\Mike\Desktop\Survey passcode.txt
2014-03-14 15:08 - 2012-04-04 14:18 - 00152384 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-14 09:59 - 2014-03-14 09:59 - 00011201 _____ () C:\WINDOWS\KB2925418-IE8.log
2014-03-14 09:59 - 2014-03-14 09:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-14 09:59 - 2014-03-14 09:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-14 09:59 - 2014-03-14 09:36 - 00009734 _____ () C:\WINDOWS\KB2930275.log
2014-03-14 09:59 - 2014-03-14 09:36 - 00008512 _____ () C:\WINDOWS\KB2929961.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00040098 _____ () C:\WINDOWS\iis6.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00037100 _____ () C:\WINDOWS\FaxSetup.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00017736 _____ () C:\WINDOWS\ocgen.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00016927 _____ () C:\WINDOWS\tsoc.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00012366 _____ () C:\WINDOWS\comsetup.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00011320 _____ () C:\WINDOWS\msmqinst.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00007488 _____ () C:\WINDOWS\ntdtcsetup.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00006498 _____ () C:\WINDOWS\netfxocm.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00006354 _____ () C:\WINDOWS\updspapi.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00002550 _____ () C:\WINDOWS\MedCtrOC.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00002052 _____ () C:\WINDOWS\ocmsn.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00001866 _____ () C:\WINDOWS\tabletoc.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00001854 _____ () C:\WINDOWS\msgsocm.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-03-14 09:59 - 2012-04-05 00:34 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-03-11 18:29 - 2014-03-06 08:40 - 00000806 _____ () C:\WINDOWS\wmsetup.log
2014-03-11 18:07 - 2012-04-12 05:40 - 00000000 ____D () C:\Program Files\Xfire
2014-03-10 10:27 - 2014-03-10 10:27 - 00001862 _____ () C:\Documents and Settings\All Users\Desktop\Windows 7 Upgrade Advisor.lnk
2014-03-10 10:27 - 2013-04-16 19:08 - 00001868 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Windows 7 Upgrade Advisor.lnk
2014-03-10 10:27 - 2013-04-16 19:08 - 00000000 ____D () C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2014-03-09 06:46 - 2012-04-04 14:19 - 00634032 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-08 08:45 - 2012-04-28 06:46 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CanonIJPLM
2014-03-07 07:29 - 2012-12-17 09:19 - 00001024 ____H () C:\WINDOWS\system32\config\ELAM.LOG
2014-02-24 16:24 - 2005-08-31 08:57 - 00174592 ____N (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-24 16:24 - 2005-08-31 08:57 - 00174592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ie4uinit.exe
2014-02-24 04:46 - 2012-04-05 00:34 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2014-02-24 04:46 - 2012-04-04 21:22 - 00759296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 06022144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 01216000 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00920064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00611840 ____N (Microsoft Corporation) C:\WINDOWS\system32\mstime.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00611840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstime.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00206848 ____N (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00206848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00105984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00067072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtmled.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-02-24 04:45 - 2012-06-13 07:52 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2014-02-24 04:45 - 2012-04-05 00:34 - 11113472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2014-02-24 04:45 - 2012-04-05 00:34 - 02006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2014-02-24 04:45 - 2012-04-05 00:34 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2014-02-24 04:45 - 2012-04-05 00:34 - 00630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2014-02-24 04:45 - 2012-04-05 00:34 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2014-02-24 04:45 - 2012-04-05 00:34 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2014-02-24 04:45 - 2009-03-08 04:39 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-24 04:45 - 2009-03-08 04:32 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-24 04:45 - 2009-03-08 04:32 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-24 04:45 - 2009-03-08 04:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-02-24 04:45 - 2005-08-31 08:58 - 00043520 ____N (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-02-24 04:45 - 2005-08-31 08:58 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licmgr10.dll
2014-02-24 04:45 - 2005-08-31 08:57 - 01469440 ____N (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-24 04:45 - 2005-08-31 08:57 - 01469440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl
2014-02-24 04:45 - 2005-08-31 08:57 - 00387584 ____N (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-02-24 04:45 - 2005-08-31 08:57 - 00387584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedkcs32.dll
2014-02-24 04:45 - 2005-08-31 08:57 - 00184320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll
2014-02-24 04:45 - 2005-08-31 08:57 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-02-24 04:45 - 2005-08-31 08:57 - 00025600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsproxy.dll
2014-02-24 04:45 - 2005-08-31 08:57 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-24 04:45 - 2005-08-31 08:57 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\corpol.dll
2014-02-24 04:45 - 2005-08-31 08:57 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\corpol.dll
2014-02-24 03:54 - 2005-08-31 08:57 - 00385024 ____N (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-02-23 00:45 - 2012-04-26 12:58 - 00000116 _____ () C:\WINDOWS\NeroDigital.ini
2014-02-21 18:04 - 2012-04-04 21:28 - 00000000 ____D () C:\Documents and Settings\Mike
2014-02-17 10:52 - 2012-04-14 08:52 - 00000000 ____D () C:\Documents and Settings\Mike\Application Data\XfireSome content of TEMP:
====================
C:\Documents and Settings\Mike\Local Settings\temp\hcuninstaller_20140203_072758_1832.exe
C:\Documents and Settings\Mike\Local Settings\temp\ICReinstall_FirefoxSetup[1].exe
C:\Documents and Settings\Mike\Local Settings\temp\promote-upx.exe
C:\Documents and Settings\Mike\Local Settings\temp\Quarantine.exe==================== Bamital & volsnap Check =================C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit==================== End Of Log ============================Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014 01
Ran by Mike at 2014-03-17 09:56:56
Running from C:\Documents and Settings\Mike\Desktop
Boot Mode: Normal
============================================================================== Security Center ========================AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall (Disabled) {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
FW: ActiveArmor Firewall (Disabled) {EDC10449-64D1-46c7-A59A-EC20D662F26D}==================== Installed Programs ======================Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.38 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
att.net Internet Mail (HKLM\...\Yahoo! Mail) (Version: - )
Audio MP3 Editor 5.80 (HKLM\...\Audio MP3 Editor_is1) (Version: - audio2x.com)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty® - World at War (HKLM\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.7 - Activision)
Call of Duty® - World at War (Version: 1.0 - Activision) Hidden
Call of Duty® - World at War 1.2 Patch (Version: - ) Hidden
Call of Duty® - World at War 1.2 Patch (Version: 1.2 - Activision) Hidden
Call of Duty® - World at War 1.3 Patch (Version: - ) Hidden
Call of Duty® - World at War 1.3 Patch (Version: 1.3 - Activision) Hidden
Call of Duty® - World at War 1.4 Patch (Version: - ) Hidden
Call of Duty® - World at War 1.4 Patch (Version: 1.4 - Activision) Hidden
Call of Duty® - World at War 1.5 Patch (Version: - ) Hidden
Call of Duty® - World at War 1.5 Patch (Version: 1.5 - Activision) Hidden
Call of Duty® - World at War 1.6 Patch (Version: - ) Hidden
Call of Duty® - World at War 1.6 Patch (Version: 1.6 - Activision) Hidden
Call of Duty® - World at War 1.7 Patch (Version: - ) Hidden
Call of Duty® - World at War 1.7 Patch (Version: 1.7 - Activision) Hidden
Canon MP Navigator EX 4.1 (HKLM\...\MP Navigator EX 4.1) (Version: - )
Canon MX410 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series) (Version: - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Disney's Stanley Tiger Tales (HKLM\...\{75C139EF-A37B-11D5-B232-0050DACD394D}) (Version: - )
e-Rewards Notify (HKLM\...\{54AA8284-7213-4D3E-9186-9DB50AFF600D}) (Version: 1.1.0.181 - e-Rewards Opinion Panel)
Eye Candy 4000 (HKLM\...\Eye Candy 4000) (Version: - )
Flvto Youtube Downloader (HKLM\...\Flvto Youtube Downloader) (Version: 0.5.0 - Hotger)
FormatFactory 3.0.1 (HKLM\...\FormatFactory) (Version: 3.0.1 - Free Time)
Google Chrome (HKCU\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
HandBrake 0.9.8 (HKLM\...\HandBrake) (Version: 0.9.8 - )
Happy Cloud Client (HKCU\...\HappyCloud) (Version: 1.386 - Happy Cloud, Inc.)
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
iTunes (HKLM\...\{9B486871-27EB-49A5-8832-77176E63333C}) (Version: 11.0.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
LightScribe 1.4.124.1 (Version: 1.4.124.1 - http://www.lightscribe.com) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee SecurityCenter (HKLM\...\MSC) (Version: 12.8.934 - McAfee, Inc.)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MixPad (HKLM\...\MixPad) (Version: - NCH Software)
Mozilla Firefox 27.0 (x86 en-US) (HKLM\...\Mozilla Firefox 27.0 (x86 en-US)) (Version: 27.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0 - Mozilla)
Nero 7 Essentials (HKLM\...\{18039280-98B7-4C5E-AAC0-10EBC9731033}) (Version: 7.02.4457 - Nero AG)
NVIDIA Control Panel 320.49 (Version: 320.49 - NVIDIA Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM\...\InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}) (Version: 2.03.5523 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (Version: 2.03.5523 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.124.810 - NVIDIA Corporation) Hidden
NVIDIA nView 140.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.62 - NVIDIA Corporation)
NVIDIA PhysX (Version: 9.13.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Update 4.11.9 (Version: 4.11.9 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 4.11.9 - NVIDIA Corporation) Hidden
Paint Shop Pro 7 ESD (HKLM\...\{D6DE02C7-1F47-11D4-9515-00105AE4B89A}) (Version: 7.0.0.0000 - Jasc Software Inc)
Pirate101 (HKLM\...\{662140BE-138C-4DC1-B4CD-B62C6C855A25}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
Pixillion Image Converter (HKLM\...\Pixillion) (Version: 2.72 - NCH Software)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )
Prime World version 9.8.6 (HKLM\...\{F6F3C462-2729-4555-8A95-CC317A90F8FF}_is1) (Version: 9.8.6 - Nival)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Pyware iPAS (HKLM\...\Pyware iPAS) (Version: 1.0.0.0 - Pygraphics)
QuickTime (HKLM\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 2.04 - Realtek Semiconductor Corp.)
Rose Online (HKLM\...\{2C3BC4D9-2CDB-4EFB-8CB9-323D032D5FF5}) (Version: 1.0.483.1 - Gravity Interactive, Inc.)
SAMSUNG Intelli-studio (HKLM\...\Intelli-studio) (Version: 3.1.32.1 - Samsung Electronics Co., Ltd.)
Shared C Run-time for x86 (Version: 10.0.0 - McAfee) Hidden
Shockwave (HKLM\...\Shockwave) (Version: - )
SPORE™ (HKLM\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.6 - TeamSpeak Systems GmbH)
The Mighty Quest For Epic Loot version 1.219367 (HKLM\...\The Mighty Quest For Epic Loot_is1) (Version: 1.219367 - )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2492386) (HKLM\...\KB2492386) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2808679) (HKLM\...\KB2808679) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VideoPad Video Editor (HKLM\...\VideoPad) (Version: - NCH Software)
WavePad Sound Editor (HKLM\...\WavePad) (Version: - NCH Software)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0) (HKLM\...\9E140F48C9836B9B78539C08FB2B17146BDB3F65) (Version: 04/28/2006 1.3.1.0 - Advanced Micro Devices)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Media Player 11 (Version: - Microsoft Corporation) Hidden
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
Wizard101 (HKLM\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
Xfire (remove only) (HKLM\...\Xfire) (Version: - )
Yahoo! Login (HKLM\...\Yahoo! Login) (Version: - )
Yahoo! Messenger Explorer Bar (HKLM\...\Yahoo! Messenger Explorer Bar) (Version: - )==================== Restore Points =========================04-02-2014 17:54:42 System Checkpoint
04-02-2014 17:54:42 System Checkpoint
04-02-2014 17:54:42 System Checkpoint
04-02-2014 17:54:43 Software Distribution Service 3.0
04-02-2014 17:54:43 System Checkpoint
04-02-2014 17:54:43 System Checkpoint
04-02-2014 17:54:44 Installed Java 7 Update 45
04-02-2014 17:54:45 System Checkpoint
04-02-2014 17:54:46 Installed %1 %2.
04-02-2014 17:54:46 Installed %1 %2.
04-02-2014 17:54:46 Installed Windows XP KB2808679.
04-02-2014 17:54:47 System Checkpoint
04-02-2014 17:54:47 System Checkpoint
04-02-2014 17:54:47 System Checkpoint
04-02-2014 17:54:48 System Checkpoint
04-02-2014 17:54:48 System Checkpoint
04-02-2014 17:54:49 System Checkpoint
04-02-2014 17:54:49 System Checkpoint
04-02-2014 17:54:49 System Checkpoint
04-02-2014 17:54:50 System Checkpoint
04-02-2014 17:54:50 System Checkpoint
04-02-2014 17:54:50 System Checkpoint
04-02-2014 17:54:51 System Checkpoint
04-02-2014 17:54:51 Software Distribution Service 3.0
04-02-2014 17:54:51 Software Distribution Service 3.0
04-02-2014 17:54:51 System Checkpoint
04-02-2014 17:54:52 System Checkpoint
04-02-2014 17:54:52 System Checkpoint
04-02-2014 17:54:53 System Checkpoint
04-02-2014 17:54:53 System Checkpoint
04-02-2014 17:54:54 Driver Booster : NVIDIA GeForce GTX 650
04-02-2014 17:54:54 System Checkpoint
04-02-2014 17:54:54 System Checkpoint
04-02-2014 17:54:55 System Checkpoint
04-02-2014 17:54:55 System Checkpoint
04-02-2014 17:54:55 System Checkpoint
04-02-2014 17:54:56 System Checkpoint
04-02-2014 17:54:56 System Checkpoint
04-02-2014 17:54:57 System Checkpoint
04-02-2014 17:54:57 System Checkpoint
04-02-2014 17:54:58 System Checkpoint
04-02-2014 17:54:58 System Checkpoint
04-02-2014 17:54:58 Software Distribution Service 3.0
04-02-2014 17:54:59 System Checkpoint
04-02-2014 17:55:00 System Checkpoint
04-02-2014 17:55:00 System Checkpoint
04-02-2014 17:55:00 System Checkpoint
04-02-2014 17:55:01 Installed Java 7 Update 51
04-02-2014 17:55:01 System Checkpoint
04-02-2014 17:55:03 System Checkpoint
04-02-2014 17:55:03 System Checkpoint
04-02-2014 17:55:04 System Checkpoint
04-02-2014 17:55:05 System Checkpoint
04-02-2014 17:55:05 System Checkpoint
04-02-2014 17:55:05 System Checkpoint
04-02-2014 17:55:05 System Checkpoint
04-02-2014 17:55:08 End of disinfection
05-02-2014 19:13:08 System Checkpoint
06-02-2014 20:39:34 System Checkpoint
08-02-2014 17:46:33 System Checkpoint
10-02-2014 02:19:46 System Checkpoint
12-02-2014 00:55:01 System Checkpoint
12-02-2014 23:39:39 Software Distribution Service 3.0
14-02-2014 00:36:45 System Checkpoint
15-02-2014 01:19:53 System Checkpoint
16-02-2014 17:03:50 System Checkpoint
18-02-2014 01:16:31 System Checkpoint
19-02-2014 01:25:00 System Checkpoint
20-02-2014 01:40:39 System Checkpoint
21-02-2014 01:53:11 System Checkpoint
24-02-2014 01:17:02 System Checkpoint
25-02-2014 17:25:31 System Checkpoint
26-02-2014 17:26:52 System Checkpoint
27-02-2014 17:45:01 System Checkpoint
28-02-2014 18:07:11 System Checkpoint
01-03-2014 21:29:23 System Checkpoint
02-03-2014 23:32:44 System Checkpoint
04-03-2014 04:45:21 System Checkpoint
05-03-2014 14:50:56 System Checkpoint
06-03-2014 17:49:05 System Checkpoint
08-03-2014 01:38:11 System Checkpoint
09-03-2014 14:11:26 System Checkpoint
10-03-2014 16:17:14 System Checkpoint
12-03-2014 14:26:51 System Checkpoint
13-03-2014 16:31:56 System Checkpoint
14-03-2014 16:59:27 Software Distribution Service 3.0
17-03-2014 13:39:47 System Checkpoint==================== Hosts content: ==========================2005-08-31 08:57 - 2013-03-10 07:55 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost==================== Scheduled Tasks (whitelisted) =============Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-606747145-725345543-1003Core.job => C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-606747145-725345543-1003UA.job => C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MixPadReminder.job => C:\Program Files\NCH Software\MixPad\mixpad.exe
Task: C:\WINDOWS\Tasks\PixillionSevenDays.job => C:\Program Files\NCH Software\Pixillion\pixillion.exe==================== Loaded Modules (whitelisted) =============2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2005-08-31 08:57 - 2008-04-13 17:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2005-08-31 08:58 - 2008-04-13 17:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2006-02-07 00:13 - 2006-02-07 00:13 - 00024691 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_auth.so
2006-02-07 00:13 - 2006-02-07 00:13 - 00159744 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\SSLEAY32.dll
2006-02-07 00:13 - 2006-02-07 00:13 - 00876544 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\LIBEAY32.dll
2012-04-05 09:06 - 2012-05-18 11:04 - 00076888 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2006-03-30 14:58 - 2006-03-30 14:58 - 00143360 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
2012-04-05 09:06 - 2014-03-17 08:30 - 00281872 _____ () C:\WINDOWS\system32\PnkBstrB.exe==================== Alternate Data Streams (whitelisted) ============================= Safe Mode (whitelisted) ===================HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"==================== Disabled items from MSCONFIG ==============MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: Google Update => "C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\qttask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl => "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"==================== Faulty Device Manager Devices ================================= Event log errors: =========================Application errors:
==================
Error: (03/17/2014 07:03:21 AM) (Source: Application Error) (User: )
Description: Fault bucket -1068817231.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.Error: (03/17/2014 07:03:10 AM) (Source: Application Error) (User: )
Description: Faulting application McSvHost.exe, version 2.6.259.0, faulting module msvcr100.dll, version 10.0.40219.325, fault address 0x0008d6fd.
Processing media-specific event for [McSvHost.exe!ws!]Error: (03/17/2014 07:02:30 AM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: 1Error: (03/17/2014 06:12:34 AM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: 1Error: (03/16/2014 09:40:44 PM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: 1Error: (03/16/2014 08:43:15 AM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: 1Error: (03/13/2014 08:28:54 AM) (Source: Application Hang) (User: )
Description: Hanging application CoDWaWmp.exe, version 1.7.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.Error: (03/11/2014 06:13:25 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.Error: (03/10/2014 10:12:30 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.Error: (03/06/2014 09:41:23 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.23562, fault address 0x000ddc85.
Processing media-specific event for [iexplore.exe!ws!]System errors:
=============
Error: (03/17/2014 09:21:16 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {DC7EF8E1-824F-4110-AB43-1604DA9B4F40} did not register with DCOM within the required timeout.Error: (03/17/2014 09:20:45 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {395633B1-EED9-4DFC-B67F-9788B51C9F06} did not register with DCOM within the required timeout.Error: (03/17/2014 09:20:15 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {395633B1-EED9-4DFC-B67F-9788B51C9F06} did not register with DCOM within the required timeout.Error: (03/17/2014 08:10:46 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {DC7EF8E1-824F-4110-AB43-1604DA9B4F40} did not register with DCOM within the required timeout.Error: (03/17/2014 08:10:15 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {395633B1-EED9-4DFC-B67F-9788B51C9F06} did not register with DCOM within the required timeout.Error: (03/17/2014 08:09:45 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {395633B1-EED9-4DFC-B67F-9788B51C9F06} did not register with DCOM within the required timeout.Error: (03/17/2014 08:08:32 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {DC7EF8E1-824F-4110-AB43-1604DA9B4F40} did not register with DCOM within the required timeout.Error: (03/17/2014 08:08:01 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {395633B1-EED9-4DFC-B67F-9788B51C9F06} did not register with DCOM within the required timeout.Error: (03/17/2014 08:07:31 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {395633B1-EED9-4DFC-B67F-9788B51C9F06} did not register with DCOM within the required timeout.Error: (03/17/2014 08:04:04 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {DC7EF8E1-824F-4110-AB43-1604DA9B4F40} did not register with DCOM within the required timeout.Microsoft Office Sessions:
============================================= Memory info ===========================Percentage of memory in use: 35%
Total physical RAM: 2815.48 MB
Available physical RAM: 1808.96 MB
Total Pagefile: 4702.89 MB
Available Pagefile: 3649.65 MB
Total Virtual: 2047.88 MB
Available Virtual: 1931.62 MB==================== Drives ================================Drive c: () (Fixed) (Total:465.75 GB) (Free:366.89 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (CODWAW) (CDROM) (Total:6.95 GB) (Free:0 GB) UDF
Drive e: (Storage) (Fixed) (Total:465.76 GB) (Free:414.69 GB) NTFS==================== MBR & Partition Table ==========================================================================
Disk: 0 (Size: 466 GB) (Disk ID: D4920F58)Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: A8EDA8ED)Partition: GPT Partition Type.
==================== End Of Log ============================
I have disabled pop up blocker, but it still doesnt allow me to download the TDSSkiller.
-
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01
Ran by Mike (administrator) on TRON33 on 17-03-2014 09:56:37
Running from C:\Documents and Settings\Mike\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: NormalThe only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Digital Market Research Apps Pty Ltd) C:\Program Files\MR APP\MRAPP.Event.Service.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
(Xfire Inc.) C:\Program Files\Xfire\Xfire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(Apache Software Foundation) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Apache Software Foundation) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
(McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\WINDOWS\system32\PnkBstrA.exe
(Digital Market Research Apps Pty Ltd) C:\Program Files\MR APP\MRAPP.Transfer.Service.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
() C:\WINDOWS\system32\PnkBstrB.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [16005120 2006-02-27] (Realtek Semiconductor Corp.)
HKLM\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [517392 2014-01-28] (McAfee, Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [15677728 2013-06-21] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] - C:\WINDOWS\system32\NvMcTray.dll [223008 2013-06-21] (NVIDIA Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [517392 2014-01-28] (McAfee, Inc.)
HKU\S-1-5-21-1960408961-606747145-725345543-1003\...\Run: [Google Update] - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [116648 2012-04-04] (Google Inc.)
Startup: C:\Documents and Settings\Mike\Start Menu\Programs\Startup\Xfire.lnk
ShortcutTarget: Xfire.lnk -> C:\Program Files\Xfire\Xfire.exe (Xfire Inc.)==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/customize/sbcydsl/defaults/sb/*http://www.yahoo.com/search/ie.html
URLSearchHook: HKCU - Default Value = {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {F6DEA26D-6B54-4791-9B02-ACE45D39F09C} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {4EA46B1B-D008-4CB3-8769-40A8C130D9CC} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
BHO: Yahoo! Companion BHO - {13F537F0-AF09-11d6-9029-0002B31F9E59} - C:\Program Files\Yahoo!\Common\ycomp5,0,8,0.dll (Yahoo! Inc.)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {26CF0ECA-50B9-411D-BA37-86BD6AD53382} http://www.starstable.com/plugin/PXStudioRuntimeAX.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} http://download.yahoo.com/dl/installs/ymail/ymmapi.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254FireFox:
========
FF ProfilePath: C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\6alscx3p.default-1391569677500
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @Motive.com/NpMotive,version=1.0 - C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\Documents and Settings\All Users\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor [2012-07-03]Chrome:
=======
CHR DefaultSearchKeyword: bing.com
CHR DefaultSearchProvider: Bing
CHR DefaultSearchURL: http://www.bing.com/search?setmkt=en-US&q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (YouTube) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-04]
CHR Extension: (Google Search) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-04]
CHR Extension: (SiteAdvisor) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2012-04-06]
CHR Extension: (Ads Removal) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod [2013-12-13]
CHR Extension: (Amazing Coupons) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mjildcbkilmkddbbpbjljljdmmlfeppl [2013-02-28]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-01-24]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-01]
CHR Extension: (Gmail) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-04]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx [2012-07-03]
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\Application\chrome.exe========================== Services (Whitelisted) =================
R2 EventService; C:\Program Files\MR APP\MRAPP.Event.Service.exe [31744 2013-12-17] (Digital Market Research Apps Pty Ltd)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe [143360 2006-03-30] ()
R2 ForcewareWebInterface; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [20543 2006-02-07] (Apache Software Foundation)
R2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [145568 2014-01-28] (McAfee, Inc.)
U2 mcbootdelaystartsvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [279048 2012-11-16] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [644088 2014-01-21] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169800 2014-01-27] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [175480 2014-01-27] (McAfee, Inc.)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [131131 2006-03-30] (NVIDIA Corporation)
R2 nSvcLog; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [65599 2006-03-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76888 2012-05-18] ()
R2 PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [281872 2014-03-17] ()
R2 TransferService; C:\Program Files\MR APP\MRAPP.Transfer.Service.exe [31232 2013-12-17] (Digital Market Research Apps Pty Ltd)==================== Drivers (Whitelisted) ====================
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [36864 2013-12-24] (Advanced Micro Devices)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [61400 2014-01-27] (McAfee, Inc.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [147912 2013-09-23] (McAfee, Inc.)
R2 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [134568 2014-01-27] (McAfee, Inc.)
R2 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [236480 2014-01-27] (McAfee, Inc.)
S3 mfebopk; C:\WINDOWS\System32\drivers\mfebopk.sys [66408 2014-01-27] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [366248 2014-01-27] (McAfee, Inc.)
R2 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [573840 2014-01-27] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [330248 2014-01-21] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [81264 2014-01-21] (McAfee, Inc.)
S3 mfendisk; C:\WINDOWS\System32\DRIVERS\mfendisk.sys [85544 2014-01-27] (McAfee, Inc.)
R3 mfendiskmp; C:\WINDOWS\System32\DRIVERS\mfendisk.sys [85544 2014-01-27] (McAfee, Inc.)
R1 mfetdi2k; C:\WINDOWS\System32\drivers\mfetdi2k.sys [92216 2014-01-27] (McAfee, Inc.)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2011-09-09] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2011-09-09] (Printing Communications Assoc., Inc. (PCAUSA))
R0 nvata; C:\WINDOWS\System32\DRIVERS\nvata.sys [100736 2006-04-24] (NVIDIA Corporation)
S0 nvatabus; C:\WINDOWS\system32\Drivers\nvatabus.sys [99840 2006-03-16] (NVIDIA Corporation)
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [54784 2013-10-29] (NVIDIA Corporation)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [128672 2013-02-24] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [22016 2013-10-29] (NVIDIA Corporation)
S1 NVTCP; C:\WINDOWS\System32\DRIVERS\NVTcp.sys [109568 2006-03-22] (NVIDIA Corporation)
R3 PnkBstrK; C:\WINDOWS\system32\drivers\PnkBstrK.sys [139280 2014-03-17] ()
S4 IntelIde; No ImagePath
U2 mfewfpk;
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-17 09:31 - 2014-03-17 09:56 - 00017172 _____ () C:\Documents and Settings\Mike\Desktop\FRST.txt
2014-03-17 09:31 - 2014-03-17 09:56 - 00000000 ____D () C:\FRST
2014-03-17 09:31 - 2014-03-17 09:31 - 01145856 _____ (Farbar) C:\Documents and Settings\Mike\Desktop\FRST.exe
2014-03-17 07:59 - 2014-03-17 07:59 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
2014-03-14 09:59 - 2014-03-14 09:59 - 00011201 _____ () C:\WINDOWS\KB2925418-IE8.log
2014-03-14 09:59 - 2014-03-14 09:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-14 09:59 - 2014-03-14 09:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-14 09:36 - 2014-03-14 09:59 - 00009734 _____ () C:\WINDOWS\KB2930275.log
2014-03-14 09:36 - 2014-03-14 09:59 - 00008512 _____ () C:\WINDOWS\KB2929961.log
2014-03-10 10:27 - 2014-03-10 10:27 - 00001862 _____ () C:\Documents and Settings\All Users\Desktop\Windows 7 Upgrade Advisor.lnk
2014-03-06 08:40 - 2014-03-11 18:29 - 00000806 _____ () C:\WINDOWS\wmsetup.log==================== One Month Modified Files and Folders =======
2014-03-17 09:56 - 2014-03-17 09:31 - 00017172 _____ () C:\Documents and Settings\Mike\Desktop\FRST.txt
2014-03-17 09:56 - 2014-03-17 09:31 - 00000000 ____D () C:\FRST
2014-03-17 09:56 - 2012-04-04 22:02 - 00000974 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-606747145-725345543-1003UA.job
2014-03-17 09:52 - 2012-04-04 21:23 - 01733895 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-17 09:31 - 2014-03-17 09:31 - 01145856 _____ (Farbar) C:\Documents and Settings\Mike\Desktop\FRST.exe
2014-03-17 09:30 - 2013-02-26 08:50 - 00013776 _____ () C:\WINDOWS\system32\nvAppTimestamps
2014-03-17 09:29 - 2012-04-09 19:26 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-17 08:31 - 2012-04-05 09:06 - 00139280 _____ () C:\WINDOWS\system32\Drivers\PnkBstrK.sys
2014-03-17 08:30 - 2012-04-06 10:22 - 00281872 _____ () C:\WINDOWS\system32\PnkBstrB.xtr
2014-03-17 08:30 - 2012-04-05 09:06 - 00281872 _____ () C:\WINDOWS\system32\PnkBstrB.exe
2014-03-17 08:03 - 2012-04-05 01:11 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\McAfee
2014-03-17 07:59 - 2014-03-17 07:59 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
2014-03-17 07:58 - 2012-04-04 22:41 - 00000716 _____ () C:\WINDOWS\system32\nmp.log
2014-03-17 07:58 - 2005-08-31 08:59 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-03-17 07:56 - 2014-01-22 17:23 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-17 07:56 - 2014-01-22 17:23 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-03-17 07:55 - 2012-04-09 19:26 - 00000878 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-17 07:55 - 2012-04-05 00:28 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975560$
2014-03-17 07:55 - 2012-04-04 21:42 - 00000000 ____D () C:\WINDOWS\system32\Lang
2014-03-17 07:55 - 2012-04-04 21:27 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-17 07:54 - 2014-01-22 17:22 - 00032560 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-17 07:54 - 2012-04-04 21:28 - 00000178 ___SH () C:\Documents and Settings\Mike\ntuser.ini
2014-03-17 07:12 - 2012-07-03 13:28 - 00000000 ____D () C:\Program Files\McAfee
2014-03-17 07:06 - 2012-07-03 13:28 - 00000000 ____D () C:\Program Files\Common Files\Mcafee
2014-03-17 07:05 - 2013-02-28 23:04 - 00507014 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1960408961-606747145-725345543-1003-0.dat
2014-03-17 07:05 - 2013-02-28 23:04 - 00160782 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-03-17 07:03 - 2014-02-02 09:09 - 00115756 _____ () C:\WINDOWS\setupapi.log
2014-03-16 09:06 - 2012-04-05 09:06 - 00281872 _____ () C:\WINDOWS\system32\PnkBstrB.ex0
2014-03-15 15:45 - 2012-08-23 17:42 - 00000000 ____D () C:\Documents and Settings\Mike\Desktop\Wizard101
2014-03-15 11:56 - 2012-04-04 22:02 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-606747145-725345543-1003Core.job
2014-03-14 15:28 - 2013-08-20 15:40 - 00000116 _____ () C:\Documents and Settings\Mike\Desktop\Survey passcode.txt
2014-03-14 15:08 - 2012-04-04 14:18 - 00152384 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-14 09:59 - 2014-03-14 09:59 - 00011201 _____ () C:\WINDOWS\KB2925418-IE8.log
2014-03-14 09:59 - 2014-03-14 09:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-14 09:59 - 2014-03-14 09:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-14 09:59 - 2014-03-14 09:36 - 00009734 _____ () C:\WINDOWS\KB2930275.log
2014-03-14 09:59 - 2014-03-14 09:36 - 00008512 _____ () C:\WINDOWS\KB2929961.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00040098 _____ () C:\WINDOWS\iis6.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00037100 _____ () C:\WINDOWS\FaxSetup.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00017736 _____ () C:\WINDOWS\ocgen.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00016927 _____ () C:\WINDOWS\tsoc.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00012366 _____ () C:\WINDOWS\comsetup.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00011320 _____ () C:\WINDOWS\msmqinst.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00007488 _____ () C:\WINDOWS\ntdtcsetup.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00006498 _____ () C:\WINDOWS\netfxocm.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00006354 _____ () C:\WINDOWS\updspapi.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00002550 _____ () C:\WINDOWS\MedCtrOC.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00002052 _____ () C:\WINDOWS\ocmsn.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00001866 _____ () C:\WINDOWS\tabletoc.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00001854 _____ () C:\WINDOWS\msgsocm.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-03-14 09:59 - 2014-02-12 16:42 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-03-14 09:59 - 2012-04-05 00:34 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-03-11 18:29 - 2014-03-06 08:40 - 00000806 _____ () C:\WINDOWS\wmsetup.log
2014-03-11 18:07 - 2012-04-12 05:40 - 00000000 ____D () C:\Program Files\Xfire
2014-03-10 10:27 - 2014-03-10 10:27 - 00001862 _____ () C:\Documents and Settings\All Users\Desktop\Windows 7 Upgrade Advisor.lnk
2014-03-10 10:27 - 2013-04-16 19:08 - 00001868 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Windows 7 Upgrade Advisor.lnk
2014-03-10 10:27 - 2013-04-16 19:08 - 00000000 ____D () C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2014-03-09 06:46 - 2012-04-04 14:19 - 00634032 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-08 08:45 - 2012-04-28 06:46 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CanonIJPLM
2014-03-07 07:29 - 2012-12-17 09:19 - 00001024 ____H () C:\WINDOWS\system32\config\ELAM.LOG
2014-02-24 16:24 - 2005-08-31 08:57 - 00174592 ____N (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-24 16:24 - 2005-08-31 08:57 - 00174592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ie4uinit.exe
2014-02-24 04:46 - 2012-04-05 00:34 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2014-02-24 04:46 - 2012-04-04 21:22 - 00759296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 06022144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 01216000 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00920064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00611840 ____N (Microsoft Corporation) C:\WINDOWS\system32\mstime.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00611840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstime.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00206848 ____N (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00206848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00105984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00067072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtmled.dll
2014-02-24 04:46 - 2005-08-31 08:58 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-02-24 04:45 - 2012-06-13 07:52 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2014-02-24 04:45 - 2012-04-05 00:34 - 11113472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2014-02-24 04:45 - 2012-04-05 00:34 - 02006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2014-02-24 04:45 - 2012-04-05 00:34 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2014-02-24 04:45 - 2012-04-05 00:34 - 00630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2014-02-24 04:45 - 2012-04-05 00:34 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2014-02-24 04:45 - 2012-04-05 00:34 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2014-02-24 04:45 - 2009-03-08 04:39 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-24 04:45 - 2009-03-08 04:32 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-24 04:45 - 2009-03-08 04:32 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-24 04:45 - 2009-03-08 04:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-02-24 04:45 - 2005-08-31 08:58 - 00043520 ____N (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-02-24 04:45 - 2005-08-31 08:58 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licmgr10.dll
2014-02-24 04:45 - 2005-08-31 08:57 - 01469440 ____N (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-24 04:45 - 2005-08-31 08:57 - 01469440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl
2014-02-24 04:45 - 2005-08-31 08:57 - 00387584 ____N (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-02-24 04:45 - 2005-08-31 08:57 - 00387584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedkcs32.dll
2014-02-24 04:45 - 2005-08-31 08:57 - 00184320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll
2014-02-24 04:45 - 2005-08-31 08:57 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-02-24 04:45 - 2005-08-31 08:57 - 00025600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsproxy.dll
2014-02-24 04:45 - 2005-08-31 08:57 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-24 04:45 - 2005-08-31 08:57 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\corpol.dll
2014-02-24 04:45 - 2005-08-31 08:57 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\corpol.dll
2014-02-24 03:54 - 2005-08-31 08:57 - 00385024 ____N (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-02-23 00:45 - 2012-04-26 12:58 - 00000116 _____ () C:\WINDOWS\NeroDigital.ini
2014-02-21 18:04 - 2012-04-04 21:28 - 00000000 ____D () C:\Documents and Settings\Mike
2014-02-17 10:52 - 2012-04-14 08:52 - 00000000 ____D () C:\Documents and Settings\Mike\Application Data\XfireSome content of TEMP:
====================
C:\Documents and Settings\Mike\Local Settings\temp\hcuninstaller_20140203_072758_1832.exe
C:\Documents and Settings\Mike\Local Settings\temp\ICReinstall_FirefoxSetup[1].exe
C:\Documents and Settings\Mike\Local Settings\temp\promote-upx.exe
C:\Documents and Settings\Mike\Local Settings\temp\Quarantine.exe==================== Bamital & volsnap Check =================
C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legitAdditional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014 01
Ran by Mike at 2014-03-17 09:56:56
Running from C:\Documents and Settings\Mike\Desktop
Boot Mode: Normal
============================================================================== Security Center ========================
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall (Disabled) {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
FW: ActiveArmor Firewall (Disabled) {EDC10449-64D1-46c7-A59A-EC20D662F26D}==================== Installed Programs ======================
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.38 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
att.net Internet Mail (HKLM\...\Yahoo! Mail) (Version: - )
Audio MP3 Editor 5.80 (HKLM\...\Audio MP3 Editor_is1) (Version: - audio2x.com)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty® - World at War (HKLM\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.7 - Activision)
Call of Duty® - World at War (Version: 1.0 - Activision) Hidden
Call of Duty® - World at War 1.2 Patch (Version: - ) Hidden
Call of Duty® - World at War 1.2 Patch (Version: 1.2 - Activision) Hidden
Call of Duty® - World at War 1.3 Patch (Version: - ) Hidden
Call of Duty® - World at War 1.3 Patch (Version: 1.3 - Activision) Hidden
Call of Duty® - World at War 1.4 Patch (Version: - ) Hidden
Call of Duty® - World at War 1.4 Patch (Version: 1.4 - Activision) Hidden
Call of Duty® - World at War 1.5 Patch (Version: - ) Hidden
Call of Duty® - World at War 1.5 Patch (Version: 1.5 - Activision) Hidden
Call of Duty® - World at War 1.6 Patch (Version: - ) Hidden
Call of Duty® - World at War 1.6 Patch (Version: 1.6 - Activision) Hidden
Call of Duty® - World at War 1.7 Patch (Version: - ) Hidden
Call of Duty® - World at War 1.7 Patch (Version: 1.7 - Activision) Hidden
Canon MP Navigator EX 4.1 (HKLM\...\MP Navigator EX 4.1) (Version: - )
Canon MX410 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series) (Version: - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Disney's Stanley Tiger Tales (HKLM\...\{75C139EF-A37B-11D5-B232-0050DACD394D}) (Version: - )
e-Rewards Notify (HKLM\...\{54AA8284-7213-4D3E-9186-9DB50AFF600D}) (Version: 1.1.0.181 - e-Rewards Opinion Panel)
Eye Candy 4000 (HKLM\...\Eye Candy 4000) (Version: - )
Flvto Youtube Downloader (HKLM\...\Flvto Youtube Downloader) (Version: 0.5.0 - Hotger)
FormatFactory 3.0.1 (HKLM\...\FormatFactory) (Version: 3.0.1 - Free Time)
Google Chrome (HKCU\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
HandBrake 0.9.8 (HKLM\...\HandBrake) (Version: 0.9.8 - )
Happy Cloud Client (HKCU\...\HappyCloud) (Version: 1.386 - Happy Cloud, Inc.)
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
iTunes (HKLM\...\{9B486871-27EB-49A5-8832-77176E63333C}) (Version: 11.0.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
LightScribe 1.4.124.1 (Version: 1.4.124.1 - http://www.lightscribe.com) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee SecurityCenter (HKLM\...\MSC) (Version: 12.8.934 - McAfee, Inc.)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MixPad (HKLM\...\MixPad) (Version: - NCH Software)
Mozilla Firefox 27.0 (x86 en-US) (HKLM\...\Mozilla Firefox 27.0 (x86 en-US)) (Version: 27.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0 - Mozilla)
Nero 7 Essentials (HKLM\...\{18039280-98B7-4C5E-AAC0-10EBC9731033}) (Version: 7.02.4457 - Nero AG)
NVIDIA Control Panel 320.49 (Version: 320.49 - NVIDIA Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM\...\InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}) (Version: 2.03.5523 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (Version: 2.03.5523 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.124.810 - NVIDIA Corporation) Hidden
NVIDIA nView 140.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.62 - NVIDIA Corporation)
NVIDIA PhysX (Version: 9.13.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Update 4.11.9 (Version: 4.11.9 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 4.11.9 - NVIDIA Corporation) Hidden
Paint Shop Pro 7 ESD (HKLM\...\{D6DE02C7-1F47-11D4-9515-00105AE4B89A}) (Version: 7.0.0.0000 - Jasc Software Inc)
Pirate101 (HKLM\...\{662140BE-138C-4DC1-B4CD-B62C6C855A25}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
Pixillion Image Converter (HKLM\...\Pixillion) (Version: 2.72 - NCH Software)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )
Prime World version 9.8.6 (HKLM\...\{F6F3C462-2729-4555-8A95-CC317A90F8FF}_is1) (Version: 9.8.6 - Nival)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Pyware iPAS (HKLM\...\Pyware iPAS) (Version: 1.0.0.0 - Pygraphics)
QuickTime (HKLM\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 2.04 - Realtek Semiconductor Corp.)
Rose Online (HKLM\...\{2C3BC4D9-2CDB-4EFB-8CB9-323D032D5FF5}) (Version: 1.0.483.1 - Gravity Interactive, Inc.)
SAMSUNG Intelli-studio (HKLM\...\Intelli-studio) (Version: 3.1.32.1 - Samsung Electronics Co., Ltd.)
Shared C Run-time for x86 (Version: 10.0.0 - McAfee) Hidden
Shockwave (HKLM\...\Shockwave) (Version: - )
SPORE™ (HKLM\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.6 - TeamSpeak Systems GmbH)
The Mighty Quest For Epic Loot version 1.219367 (HKLM\...\The Mighty Quest For Epic Loot_is1) (Version: 1.219367 - )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2492386) (HKLM\...\KB2492386) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2808679) (HKLM\...\KB2808679) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VideoPad Video Editor (HKLM\...\VideoPad) (Version: - NCH Software)
WavePad Sound Editor (HKLM\...\WavePad) (Version: - NCH Software)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0) (HKLM\...\9E140F48C9836B9B78539C08FB2B17146BDB3F65) (Version: 04/28/2006 1.3.1.0 - Advanced Micro Devices)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Media Player 11 (Version: - Microsoft Corporation) Hidden
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
Wizard101 (HKLM\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
Xfire (remove only) (HKLM\...\Xfire) (Version: - )
Yahoo! Login (HKLM\...\Yahoo! Login) (Version: - )
Yahoo! Messenger Explorer Bar (HKLM\...\Yahoo! Messenger Explorer Bar) (Version: - )==================== Restore Points =========================
04-02-2014 17:54:42 System Checkpoint
04-02-2014 17:54:42 System Checkpoint
04-02-2014 17:54:42 System Checkpoint
04-02-2014 17:54:43 Software Distribution Service 3.0
04-02-2014 17:54:43 System Checkpoint
04-02-2014 17:54:43 System Checkpoint
04-02-2014 17:54:44 Installed Java 7 Update 45
04-02-2014 17:54:45 System Checkpoint
04-02-2014 17:54:46 Installed %1 %2.
04-02-2014 17:54:46 Installed %1 %2.
04-02-2014 17:54:46 Installed Windows XP KB2808679.
04-02-2014 17:54:47 System Checkpoint
04-02-2014 17:54:47 System Checkpoint
04-02-2014 17:54:47 System Checkpoint
04-02-2014 17:54:48 System Checkpoint
04-02-2014 17:54:48 System Checkpoint
04-02-2014 17:54:49 System Checkpoint
04-02-2014 17:54:49 System Checkpoint
04-02-2014 17:54:49 System Checkpoint
04-02-2014 17:54:50 System Checkpoint
04-02-2014 17:54:50 System Checkpoint
04-02-2014 17:54:50 System Checkpoint
04-02-2014 17:54:51 System Checkpoint
04-02-2014 17:54:51 Software Distribution Service 3.0
04-02-2014 17:54:51 Software Distribution Service 3.0
04-02-2014 17:54:51 System Checkpoint
04-02-2014 17:54:52 System Checkpoint
04-02-2014 17:54:52 System Checkpoint
04-02-2014 17:54:53 System Checkpoint
04-02-2014 17:54:53 System Checkpoint
04-02-2014 17:54:54 Driver Booster : NVIDIA GeForce GTX 650
04-02-2014 17:54:54 System Checkpoint
04-02-2014 17:54:54 System Checkpoint
04-02-2014 17:54:55 System Checkpoint
04-02-2014 17:54:55 System Checkpoint
04-02-2014 17:54:55 System Checkpoint
04-02-2014 17:54:56 System Checkpoint
04-02-2014 17:54:56 System Checkpoint
04-02-2014 17:54:57 System Checkpoint
04-02-2014 17:54:57 System Checkpoint
04-02-2014 17:54:58 System Checkpoint
04-02-2014 17:54:58 System Checkpoint
04-02-2014 17:54:58 Software Distribution Service 3.0
04-02-2014 17:54:59 System Checkpoint
04-02-2014 17:55:00 System Checkpoint
04-02-2014 17:55:00 System Checkpoint
04-02-2014 17:55:00 System Checkpoint
04-02-2014 17:55:01 Installed Java 7 Update 51
04-02-2014 17:55:01 System Checkpoint
04-02-2014 17:55:03 System Checkpoint
04-02-2014 17:55:03 System Checkpoint
04-02-2014 17:55:04 System Checkpoint
04-02-2014 17:55:05 System Checkpoint
04-02-2014 17:55:05 System Checkpoint
04-02-2014 17:55:05 System Checkpoint
04-02-2014 17:55:05 System Checkpoint
04-02-2014 17:55:08 End of disinfection
05-02-2014 19:13:08 System Checkpoint
06-02-2014 20:39:34 System Checkpoint
08-02-2014 17:46:33 System Checkpoint
10-02-2014 02:19:46 System Checkpoint
12-02-2014 00:55:01 System Checkpoint
12-02-2014 23:39:39 Software Distribution Service 3.0
14-02-2014 00:36:45 System Checkpoint
15-02-2014 01:19:53 System Checkpoint
16-02-2014 17:03:50 System Checkpoint
18-02-2014 01:16:31 System Checkpoint
19-02-2014 01:25:00 System Checkpoint
20-02-2014 01:40:39 System Checkpoint
21-02-2014 01:53:11 System Checkpoint
24-02-2014 01:17:02 System Checkpoint
25-02-2014 17:25:31 System Checkpoint
26-02-2014 17:26:52 System Checkpoint
27-02-2014 17:45:01 System Checkpoint
28-02-2014 18:07:11 System Checkpoint
01-03-2014 21:29:23 System Checkpoint
02-03-2014 23:32:44 System Checkpoint
04-03-2014 04:45:21 System Checkpoint
05-03-2014 14:50:56 System Checkpoint
06-03-2014 17:49:05 System Checkpoint
08-03-2014 01:38:11 System Checkpoint
09-03-2014 14:11:26 System Checkpoint
10-03-2014 16:17:14 System Checkpoint
12-03-2014 14:26:51 System Checkpoint
13-03-2014 16:31:56 System Checkpoint
14-03-2014 16:59:27 Software Distribution Service 3.0
17-03-2014 13:39:47 System Checkpoint==================== Hosts content: ==========================
2005-08-31 08:57 - 2013-03-10 07:55 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost==================== Scheduled Tasks (whitelisted) =============
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-606747145-725345543-1003Core.job => C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-606747145-725345543-1003UA.job => C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MixPadReminder.job => C:\Program Files\NCH Software\MixPad\mixpad.exe
Task: C:\WINDOWS\Tasks\PixillionSevenDays.job => C:\Program Files\NCH Software\Pixillion\pixillion.exe==================== Loaded Modules (whitelisted) =============
2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2005-08-31 08:57 - 2008-04-13 17:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2005-08-31 08:58 - 2008-04-13 17:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2006-02-07 00:13 - 2006-02-07 00:13 - 00024691 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_auth.so
2006-02-07 00:13 - 2006-02-07 00:13 - 00159744 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\SSLEAY32.dll
2006-02-07 00:13 - 2006-02-07 00:13 - 00876544 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\LIBEAY32.dll
2012-04-05 09:06 - 2012-05-18 11:04 - 00076888 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2006-03-30 14:58 - 2006-03-30 14:58 - 00143360 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
2012-04-05 09:06 - 2014-03-17 08:30 - 00281872 _____ () C:\WINDOWS\system32\PnkBstrB.exe==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: Google Update => "C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\qttask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl => "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/17/2014 07:03:21 AM) (Source: Application Error) (User: )
Description: Fault bucket -1068817231.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.Error: (03/17/2014 07:03:10 AM) (Source: Application Error) (User: )
Description: Faulting application McSvHost.exe, version 2.6.259.0, faulting module msvcr100.dll, version 10.0.40219.325, fault address 0x0008d6fd.
Processing media-specific event for [McSvHost.exe!ws!]Error: (03/17/2014 07:02:30 AM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: 1Error: (03/17/2014 06:12:34 AM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: 1Error: (03/16/2014 09:40:44 PM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: 1Error: (03/16/2014 08:43:15 AM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: 1Error: (03/13/2014 08:28:54 AM) (Source: Application Hang) (User: )
Description: Hanging application CoDWaWmp.exe, version 1.7.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.Error: (03/11/2014 06:13:25 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.Error: (03/10/2014 10:12:30 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.Error: (03/06/2014 09:41:23 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.23562, fault address 0x000ddc85.
Processing media-specific event for [iexplore.exe!ws!]System errors:
=============
Error: (03/17/2014 09:21:16 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {DC7EF8E1-824F-4110-AB43-1604DA9B4F40} did not register with DCOM within the required timeout.Error: (03/17/2014 09:20:45 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {395633B1-EED9-4DFC-B67F-9788B51C9F06} did not register with DCOM within the required timeout.Error: (03/17/2014 09:20:15 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {395633B1-EED9-4DFC-B67F-9788B51C9F06} did not register with DCOM within the required timeout.Error: (03/17/2014 08:10:46 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {DC7EF8E1-824F-4110-AB43-1604DA9B4F40} did not register with DCOM within the required timeout.Error: (03/17/2014 08:10:15 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {395633B1-EED9-4DFC-B67F-9788B51C9F06} did not register with DCOM within the required timeout.Error: (03/17/2014 08:09:45 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {395633B1-EED9-4DFC-B67F-9788B51C9F06} did not register with DCOM within the required timeout.Error: (03/17/2014 08:08:32 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {DC7EF8E1-824F-4110-AB43-1604DA9B4F40} did not register with DCOM within the required timeout.Error: (03/17/2014 08:08:01 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {395633B1-EED9-4DFC-B67F-9788B51C9F06} did not register with DCOM within the required timeout.Error: (03/17/2014 08:07:31 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {395633B1-EED9-4DFC-B67F-9788B51C9F06} did not register with DCOM within the required timeout.Error: (03/17/2014 08:04:04 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {DC7EF8E1-824F-4110-AB43-1604DA9B4F40} did not register with DCOM within the required timeout.Microsoft Office Sessions:
============================================= Memory info ===========================
Percentage of memory in use: 35%
Total physical RAM: 2815.48 MB
Available physical RAM: 1808.96 MB
Total Pagefile: 4702.89 MB
Available Pagefile: 3649.65 MB
Total Virtual: 2047.88 MB
Available Virtual: 1931.62 MB==================== Drives ================================
Drive c: () (Fixed) (Total:465.75 GB) (Free:366.89 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (CODWAW) (CDROM) (Total:6.95 GB) (Free:0 GB) UDF
Drive e: (Storage) (Fixed) (Total:465.76 GB) (Free:414.69 GB) NTFS==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: D4920F58)Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: A8EDA8ED)Partition: GPT Partition Type.
==================== End Of Log ============================
Having trouble downloading the TDSSKIler. Pop up blocker stops the down load. I click on allow, and a blank page opens.
-
My anitvirus which is a McAfee bundle from ATT, shuts down. Says Real time scanning is off. I click on it to turn it back on, then i try to do a system scan. I get an error saying there is something wrong, to go back to the home page and try again. This doesnt help. I try to scan again and it gives me the same error. Then a few mins later, i get the warning that my real time scanning is off again.
-
Now do we clean up?
-
We are all good.
-
Yes, the images are the same as what i opened. I clicked on OK, and then went into Firefox and opened Facebook. It opened right up.
-
OK here is adware:
# AdwCleaner v3.018 - Report created 05/02/2014 at 08:56:57
# Updated 28/01/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Mike - TRON33
# Running from : C:\Documents and Settings\Mike\Desktop\AdwCleaner.exe
# Option : Clean***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v27.0 (en-US)
[ File : C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\6alscx3p.default-1391569677500\prefs.js ]
-\\ Google Chrome v
[ File : C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [958 octets] - [05/02/2014 08:54:39]
AdwCleaner[s0].txt - [880 octets] - [05/02/2014 08:56:57]########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [939 octets] ##########
Here is the Junk:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Microsoft Windows XP x86
Ran by Mike on Wed 02/05/2014 at 9:03:59.70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\domaiq uninstaller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111991162}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F6DEA26D-6B54-4791-9B02-ACE45D39F09C}~~~ Files
~~~ Folders
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 02/05/2014 at 9:08:16.85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -
-
i imported, but not everything came over, Facebook being one of them.
-
No, the import didnt take. I typed it in the address bar
-
its working fien with other sites. Wont open Google or Facebook, without showing that same warning.
-
Nope. just opened Firefox, and it is supposed to goto Mozilla homepage. If you look at the pic, in the address bar it shows the mozilla link.
punkbuster issues
in General Windows PC Help
Posted
I tried to copy paste both files. I get an error saying post too long. So i then tried to post just one log, still same error. Now i will try to attach them.
FRST.txtAddition.txt