jules4dee Posted July 7, 2013 ID:699672 Share Posted July 7, 2013 I guess I have a trojan agent on my laptop. Malwarebytes finds it, says it is" QUARANTINE"then I get, " Quarantine failed: SDKQuarantine failed with error code 2"This is all in the protection file.I'm not sure if I have a problem or if it is mistake. Thanks!! Here are my logs: 2013/07/06 03:53:25 -0500 LAPTOP MOM MESSAGE Executing scheduled update: Daily2013/07/06 03:54:21 -0500 LAPTOP MOM MESSAGE Scheduled update executed successfully: database updated from version v2013.07.04.10 to version v2013.07.06.032013/07/06 03:54:21 -0500 LAPTOP MOM MESSAGE Starting database refresh2013/07/06 03:54:21 -0500 LAPTOP MOM MESSAGE Stopping IP protection2013/07/06 03:54:22 -0500 LAPTOP MOM MESSAGE IP Protection stopped successfully2013/07/06 03:56:02 -0500 LAPTOP MOM MESSAGE Database refreshed successfully2013/07/06 03:56:02 -0500 LAPTOP MOM MESSAGE Starting IP protection2013/07/06 03:56:49 -0500 LAPTOP MOM MESSAGE IP Protection started successfully2013/07/06 09:38:01 -0500 LAPTOP MESSAGE Starting protection2013/07/06 09:38:01 -0500 LAPTOP MESSAGE Protection started successfully2013/07/06 09:38:01 -0500 LAPTOP MESSAGE Starting IP protection2013/07/06 09:40:50 -0500 LAPTOP MOM DETECTION C:\Documents and Settings\MOM\Local Settings\Temp\mc22.tmp Trojan.Agent QUARANTINE2013/07/06 09:40:51 -0500 LAPTOP MOM ERROR Quarantine failed: SDKQuarantine failed with error code 22013/07/06 09:42:29 -0500 LAPTOP MOM MESSAGE IP Protection started successfully ---------------------------------------------------------------------------------------------------------------------------------------------------- .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows XP ProfessionalBoot Device: \Device\HarddiskVolume1Install Date: 2/14/2006 11:54:59 PMSystem Uptime: 7/6/2013 9:35:29 AM (14 hours ago).Motherboard: Hewlett-Packard | | 30A4Processor: AMD Turion 64 Mobile Technology ML-40 | U23 | 2188/mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 74 GiB total, 14.248 GiB free.D: is CDROM (UDF).==== Disabled Device Manager Items =============.Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}Description: Broadcom 802.11b/g WLANDevice ID: PCI\VEN_14E4&DEV_4318&SUBSYS_1355103C&REV_02\4&13826118&1&10A4Manufacturer: BroadcomName: Broadcom 802.11b/g WLANPNP Device ID: PCI\VEN_14E4&DEV_4318&SUBSYS_1355103C&REV_02\4&13826118&1&10A4Service: BCM43XX.Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}Description: 1394 Net AdapterDevice ID: V1394\NIC1394\CE84407D613F0200Manufacturer: MicrosoftName: 1394 Net AdapterPNP Device ID: V1394\NIC1394\CE84407D613F0200Service: NIC1394.Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}Description: Photosmart C7200 seriesDevice ID: ROOT\MULTIFUNCTION\0000Manufacturer: HPName: Photosmart C7200 seriesPNP Device ID: ROOT\MULTIFUNCTION\0000Service:.Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}Description: Nokia Windows Portable Device DriverDevice ID: ROOT\WPD\0000Manufacturer: NokiaName: Nokia 6085PNP Device ID: ROOT\WPD\0000Service: WUDFRd.Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}Description: Nokia 6085Device ID: ROOT\WPD\0001Manufacturer: NokiaName: Nokia 6085PNP Device ID: ROOT\WPD\0001Service: WUDFRd.==== System Restore Points ===================.RP30: 4/10/2013 9:05:09 AM - SpeedyPC Pro BackupRP31: 4/13/2013 7:42:34 PM - SpeedyPC Pro BackupRP32: 4/16/2013 1:08:40 AM - Removed Evernote v. 4.6.2RP33: 4/16/2013 1:13:16 AM - Installed Evernote v. 4.6.4RP34: 4/20/2013 12:20:31 PM - SpeedyPC Pro BackupRP35: 5/1/2013 8:30:05 AM - SpeedyPC Pro BackupRP36: 5/3/2013 1:54:02 AM - Installed Samsung KiesRP37: 5/3/2013 2:22:50 AM - Installed Windows XP winusb0100.RP38: 5/4/2013 8:48:28 AM - SpeedyPC Pro BackupRP39: 5/8/2013 6:58:49 AM - SpeedyPC Pro BackupRP40: 5/14/2013 11:55:02 PM - System CheckpointRP41: 5/15/2013 2:54:30 AM - SpeedyPC Pro BackupRP42: 5/22/2013 11:07:47 PM - SpeedyPC Pro BackupRP43: 5/25/2013 8:45:00 AM - SpeedyPC Pro BackupRP44: 5/29/2013 11:39:39 PM - SpeedyPC Pro BackupRP45: 6/15/2013 7:25:18 PM - Removed Evernote v. 4.6.4RP46: 6/15/2013 7:26:23 PM - Installed Evernote v. 4.6.6RP47: 6/19/2013 10:07:18 AM - SpeedyPC Pro BackupRP48: 7/4/2013 4:49:03 AM - System CheckpointRP49: 7/5/2013 10:22:57 AM - System CheckpointRP50: 7/6/2013 9:32:49 AM - SpeedyPC Pro Backup.==== Installed Programs ======================.32 Bit HP CIO Components Installer7-Zip 9.20Acrobat.comAd-AwareAd-Aware Browsing ProtectionAdobe AIRAdobe Flash Player 10 ActiveXAdobe Flash Player 11 PluginAdobe Help Center 2.0Adobe Photoshop Elements 4.0Adobe Reader X (10.1.7)Advanced SystemCare 3AI RoboForm (All Users)AIO_ScanAOL Uninstaller (Choose which Products to Remove)Apple Application SupportApple Mobile Device SupportApple Software UpdateAthlon 64 Processor DriverATI - Software Uninstall UtilityATI Control PanelATI Display DriverAVG 2012AVG 2013BlackBerry App World Browser PluginBlackBerry Desktop Software 7.1BlackBerry Device Software UpdaterBroadcom 802.11 Wireless LAN AdapterBufferChmC7200C7200_doccdc7200_HelpCameraDriversCelestia 1.4.0Cisco Network MagicCompatibility Pack for the 2007 Office systemConexant AC-Link AudioCopyDannon Recipe Box 1.0.0.27Destination ComponentDeviceDiscoveryDocProcDocProcQFolderDrive ManagerDuplicate Photo CleanerDVD Shrink 3.2EdgeStreamClient 2.2.5.0Evernote v. 4.6.6FaxFLV PlayerForm Fill (Windows Live Toolbar)Gaps Solitaire 1.1.0getPlus® for AdobeGoogle Toolbar for Internet ExplorerGoogle Update HelperGoogle UpdaterHotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)Hotfix for Windows Media Player 10 (KB903157)Hotfix for Windows XP (KB954550-v5)HP BatteryCheck 1.00 A7HP Help and SupportHP Photosmart 330,380,420,470,7800,8000,8200 SeriesHP Photosmart Essential2.01HP Product AssistantHP Smart Web PrintingHP UpdateHP User Guides 0008HP Wireless Assistant 1.01 C1HP_Network_UserGuideHPProductAssistantHpSdpAppCoreAppHPSSupplyInterVideo WinDVDJava Auto UpdaterJava 6 Update 31Junk Mail filter updateJustCloud SetupLavasoft Personal Firewall 1.0Learn2 Player (Uninstall Only)LightScribe 1.4.105.1Malwarebytes Anti-Malware version 1.75.0.1300Map Button (Windows Live Toolbar)MarketResearchMaxtor ManagerMicrosoft .NET Framework 1.1Microsoft .NET Framework 1.1 Hotfix (KB928366)Microsoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 3.0 Service Pack 2Microsoft .NET Framework 3.5 SP1Microsoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft Application Error ReportingMicrosoft Choice GuardMicrosoft IntelliPoint 7.0Microsoft Location FinderMicrosoft Office 2007 Service Pack 2 (SP2)Microsoft Office Excel MUI (English) 2007Microsoft Office Home and Student 2007Microsoft Office Live Add-in 1.5Microsoft Office OneNote 2007Microsoft Office OneNote 2007 TrialMicrosoft Office OneNote MUI (English) 2007Microsoft Office Outlook 2007Microsoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Word MUI (English) 2007Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programsMicrosoft Search Enhancement PackMicrosoft SilverlightMicrosoft Software Update for Web Folders (English) 12Microsoft SQL Server 2005 Compact Edition [ENU]Microsoft Sync Framework Runtime Native v1.0 (x86)Microsoft Sync Framework Services Native v1.0 (x86)Microsoft VC9 runtime librariesMicrosoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Visual Studio 2005 Tools for Office RuntimeMicrosoft WorksMotorola Phone ToolsMove Networks Media Player for Internet ExplorerMozilla Firefox 17.0 (x86 en-US)Mozilla Maintenance ServiceMSNMSVC80_x86MSVCRTMSXML 4.0 SP2 (KB925672)MSXML 4.0 SP2 (KB927978)MSXML 4.0 SP2 (KB936181)MSXML 6.0 Parsermuvee autoProducer 4.0 - SEMyFreeCodecneroxmlNetDeviceManagerNetWaitingNetwork MagicNTI Backup Now EZOctoshape add-in for Adobe Flash PlayerOctoshape Streaming ServicesOneCare Advisor (Windows Live Toolbar)OpenOffice.org Installer 1.0OutlookTools 2PanoStandAlonePC Connectivity SolutionPC Pitstop Driver Alert2 2.0.0.0PC World ToolbarPicasa 3Popup Blocker (Windows Live Toolbar)Post-it® Software Notes LitePrint Screen DeluxePS_AIO_02_ProductContextPS_AIO_02_SoftwarePS_AIO_02_Software_minPS8200PSPrinters08PSSWCOREPSTAPluginPure Networks PlatformQuick Launch Buttons 5.20 G1QuickTimeRealNetworks - Microsoft Visual C++ 2008 RuntimeRealPlayerREALTEK Gigabit and Fast Ethernet NIC DriverRealUpgrade 1.1Rhapsody Player EngineSamsung KiesSAMSUNG USB Driver for Mobile PhonesScanSecurity Update for 2007 Microsoft Office System (KB2288621)Security Update for 2007 Microsoft Office System (KB2288931)Security Update for 2007 Microsoft Office System (KB2289158)Security Update for 2007 Microsoft Office System (KB2344875)Security Update for 2007 Microsoft Office System (KB2345043)Security Update for 2007 Microsoft Office System (KB969559)Security Update for 2007 Microsoft Office System (KB976321)Security Update for CAPICOM (KB931906)Security Update for Microsoft Office Excel 2007 (KB2345035)Security Update for Microsoft Office InfoPath 2007 (KB979441)Security Update for Microsoft Office PowerPoint 2007 (KB982158)Security Update for Microsoft Office PowerPoint Viewer (KB2413381)Security Update for Microsoft Office system 2007 (972581)Security Update for Microsoft Office system 2007 (KB974234)Security Update for Microsoft Office Visio Viewer 2007 (KB973709)Security Update for Microsoft Office Word 2007 (KB2344993)Segoe UISmart Menus (Windows Live Toolbar)SMS-it Outlook InterfaceSMS-it!Soft Data Fax Modem with SmartCPSolutionCenterSonic Audio ModuleSonic Copy ModuleSonic Data ModuleSonic Express LabelerSonic MyDVD PlusSonic Update ManagerSonicAC3EncoderSonicMPEGEncoderSpeedyPC ProSpybot - Search & DestroySpybot - Search & Destroy 1.5.2.20Spyware Doctor 3.2StatusTexas Instruments PCIxx21/x515/xx12 drivers.The Weather Channel AppTIPCIToolboxTrayAppTrillianU3LauncherUniblue RegistryBooster 2Unity Web PlayerUnix Utilities for Yahoo! WidgetsUnloadUnloadSupportUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft Office OneNote 2007 (KB980729)Update for Microsoft Office Outlook 2007 (KB2412171)Update for Outlook 2007 Junk Email Filter (KB2508979)Update Rollup 2 for Windows XP Media Center Edition 2005URGEVideoToolkit01Viewpoint Manager (Remove Only)Viewpoint Media PlayerViewpoint Toolbar V35 (Remove Only)Visual C++ 2008 x86 Runtime - (v9.0.30729)Visual C++ 2008 x86 Runtime - v9.0.30729.01Visual Studio 2005 Tools for Office Second Edition RuntimeWeatherBugWebEx Support Manager for Internet ExplorerWebFldrs XPWebRegWidevine Media Transformer Plugin 5.0.0Winamp (remove only)Windows Driver Package - Nokia Modem (03/05/2008 3.7)Windows Driver Package - Nokia Modem (03/13/2008 6.86.0.1)Windows Driver Package - Nokia Modem (05/22/2008 3.8)Windows Driver Package - Nokia Modem (05/22/2008 7.00.0.1)Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)Windows Genuine Advantage Notifications (KB905474)Windows Genuine Advantage Validation Tool (KB892130)Windows Internet Explorer 7Windows Internet Explorer 8Windows Live Communications PlatformWindows Live EssentialsWindows Live Family SafetyWindows Live Favorites for Windows Live ToolbarWindows Live ID Sign-in AssistantWindows Live MailWindows Live Outlook Toolbar (Windows Live Toolbar)Windows Live Photo GalleryWindows Live ToolbarWindows Live Toolbar Extension (Windows Live Toolbar)Windows Live Toolbar Feed Detector (Windows Live Toolbar)Windows Live Upload ToolWindows Live WriterWindows Media Format 11 runtimeWindows Media Player 11Windows Media Player Firefox PluginWireless Home Network SetupYahoo! WidgetsZinio Reader.==== Event Viewer Messages From Past Week ========.7/6/2013 9:40:04 AM, error: Service Control Manager [7000] - The Pure Networks Platform Service service failed to start due to the following error: The service did not respond to the start or control request in a timelyfashion.7/6/2013 9:40:03 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Pure Networks Platform Service service to connect.7/6/2013 11:13:51 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Dnscache service.7/2/2013 8:20:33 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the WPFFontCache_v0400 service.7/2/2013 8:20:33 AM, error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 4.0.0.0 service failed to start due to the following error: The service did not respond to the start orcontrol request in a timely fashion.7/2/2013 8:16:19 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)7/2/2013 12:46:02 AM, error: Service Control Manager [7034] - The vToolbarUpdater13.0.0 service terminated unexpectedly. It has done this 1 time(s).7/2/2013 12:46:02 AM, error: Service Control Manager [7034] - The SeaPort service terminated unexpectedly. It has done this 1 time(s).7/2/2013 12:46:01 AM, error: Service Control Manager [7034] - The WAN Miniport (ATW) Service service terminated unexpectedly. It has done this 1 time(s).7/2/2013 12:46:00 AM, error: Service Control Manager [7034] - The Media Center Scheduler Service service terminated unexpectedly. It has done this 1 time(s).7/2/2013 12:46:00 AM, error: Service Control Manager [7034] - The MBAMScheduler service terminated unexpectedly. It has done this 1 time(s).7/2/2013 12:46:00 AM, error: Service Control Manager [7034] - The LightScribeService Direct Disc Labeling Service service terminated unexpectedly. It has done this 1 time(s).7/2/2013 12:46:00 AM, error: Service Control Manager [7034] - The Basics Service service terminated unexpectedly. It has done this 1 time(s).7/2/2013 12:46:00 AM, error: Service Control Manager [7031] - The Media Center Receiver Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000milliseconds: Restart the service.7/2/2013 12:46:00 AM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds:Restart the service.7/2/2013 12:45:58 AM, error: Service Control Manager [7034] - The Ati HotKey Poller service terminated unexpectedly. It has done this 1 time(s).7/2/2013 12:45:58 AM, error: Service Control Manager [7034] - The AOL Connectivity Service service terminated unexpectedly. It has done this 1 time(s).7/2/2013 12:45:58 AM, error: Service Control Manager [7034] - The Adobe Active File Monitor V4 service terminated unexpectedly. It has done this 1 time(s).7/2/2013 12:45:58 AM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds:Restart the service.7/2/2013 10:52:11 PM, error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or controlrequest in a timely fashion.7/2/2013 10:52:06 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows Media Player Network Sharing Service service to connect.7/2/2013 10:51:10 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows Search service to connect.7/2/2013 10:51:10 PM, error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.7/2/2013 10:00:06 AM, error: Srv [2000] - The server's call to a system service failed unexpectedly.7/2/2013 1:09:03 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avgtp Lbd7/2/2013 1:09:03 AM, error: Service Control Manager [7022] - The Windows Search service hung on starting.7/2/2013 1:08:31 AM, error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.7/2/2013 1:06:51 AM, error: Service Control Manager [7000] - The Kodak Camera Connection Software service failed to start due to the following error: The system cannot find the file specified.7/2/2013 1:05:35 AM, error: DCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.7/1/2013 4:49:56 PM, error: Service Control Manager [7034] - The Updater Service for StartNow Toolbar service terminated unexpectedly. It has done this 1 time(s).7/1/2013 4:34:22 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AliIde avgtp IntelIde Lbd ViaIde7/1/2013 4:32:44 PM, error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).7/1/2013 3:11:00 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the avgwd service..==== End Of File =========================== DDS (Ver_2012-11-20.01) - NTFS_x86Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_31Run by MOM at 23:14:06 on 2013-07-06Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.134 [GMT -5:00].AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}.============== Running Processes ================.C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exeC:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\Program Files\Maxtor\Sync\SyncServices.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exeC:\WINDOWS\system32\Ati2evxx.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exeC:\WINDOWS\Explorer.EXEC:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZSvr.exeC:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exeC:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.0.0\ToolbarUpdater.exeC:\WINDOWS\wanmpsvc.exeC:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exeC:\Program Files\Pure Networks\Network Magic\nmapp.exeC:\hp\drivers\hplsbwatcher\lsburnwatcher.exeC:\WINDOWS\ehome\ehtray.exeC:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeC:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZtray.exeC:\Program Files\Samsung\Kies\KiesTrayAgent.exeC:\WINDOWS\eHome\ehmsas.exeC:\Program Files\Hp\HP Software Update\HPWuSchd2.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\PROGRA~1\SPYWAR~2\swdoctor.exeC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\system32\SearchIndexer.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\Program Files\Windows Media Player\WMPNSCFG.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\WINDOWS\system32\wscntfy.exeC:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exeC:\WINDOWS\ehome\mcrdsvc.exeC:\Program Files\Samsung\Kies\Kies.exeC:\Program Files\Samsung\Kies\KiesAirMessage.exeC:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exeC:\Program Files\Windows Media Player\WMPNetwk.exeC:\Program Files\Evernote\Evernote\EvernoteTray.exeC:\Program Files\Evernote\Evernote\Evernote.exeC:\WINDOWS\system32\dllhost.exeC:\WINDOWS\System32\alg.exeC:\Program Files\Evernote\Evernote\EvernoteClipper.exeC:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exeC:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Malwarebytes' Anti-Malware\mbam.exeC:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXEC:\WINDOWS\system32\NOTEPAD.EXEC:\WINDOWS\hh.exeC:\WINDOWS\system32\wbem\wmiprvse.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupC:\WINDOWS\system32\svchost.exe -k NetworkServiceC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\WINDOWS\system32\svchost.exe -k hpdevmgmtC:\WINDOWS\system32\svchost.exe -k HPServiceC:\WINDOWS\System32\svchost.exe -k HTTPFilterC:\WINDOWS\System32\svchost.exe -k HPZ12C:\WINDOWS\System32\svchost.exe -k HPZ12C:\WINDOWS\system32\svchost.exe -k LocalService.============== Pseudo HJT Report ===============.uProxyOverride = <local>uURLSearchHooks: {0A94B116-4504-4e26-AB05-E61E474AA38B} - <orphaned>uURLSearchHooks: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - <orphaned>dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hewlett-packard\smart web printing\hpswp_printenhancer.dllBHO: HP Print Clips: {053F9267-DC04-4294-A72C-58F732D338C0} - c:\program files\hewlett-packard\smart web printing\hpswp_framework.dllBHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dllBHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file>BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dllBHO: PCTools Site Guard: {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - c:\program files\spyware doctor\tools\iesdsg.dllBHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dllBHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - c:\program files\evernote\evernote\EvernoteIE.dllBHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\12.2.5.34\AVG Secure Search_toolbar.dllBHO: Viewpoint Toolbar BHO: {A7327C09-B521-4EDB-8509-7D2660C9EC98} - LocalServer32 - <no file>BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dllBHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dllBHO: PCTools Browser Monitor: {B56A7D7D-6927-48C8-A975-17DF180C71AC} - c:\program files\spyware doctor\tools\iesdpb.dllBHO: XBTP08998 Class: {B8FC7AE4-FD8B-477c-B1BD-DE14280DECAF} - LocalServer32 - <no file>BHO: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - LocalServer32 - <no file>BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dllBHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - c:\program files\windows live\toolbar\wltcore.dllBHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllTB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dllTB: AOL Toolbar: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - LocalServer32 - <no file>TB: &RoboForm: {724D43A0-0D85-11D4-9908-00400523E39A} - c:\program files\siber systems\ai roboform\roboform.dllTB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dllTB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>TB: AOL Toolbar: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - LocalServer32 - <no file>TB: Viewpoint Toolbar: {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - LocalServer32 - <no file>TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dllTB: FireShot: {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - LocalServer32 - <no file>TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dllTB: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - LocalServer32 - <no file>TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\12.2.5.34\AVG Secure Search_toolbar.dllTB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dllEB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - <orphaned>EB: &Research: {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\program files\microsoft office\office12\REFIEBAR.DLLEB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - <orphaned>uRun: [spyware Doctor] c:\progra~1\spywar~2\swdoctor.exe /QuRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exeuRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exeuRun: [uniblue RegistryBooster 2] c:\program files\uniblue\registrybooster 2\RegistryBooster.exe /SuRun: [Weather] c:\program files\aws\weatherbug\Weather.exe 1uRun: [DW7] "c:\program files\the weather channel\the weather channel app\TWCApp.exe"uRun: [KiesPreload] c:\program files\samsung\kies\Kies.exe /preloaduRun: [KiesAirMessage] c:\program files\samsung\kies\KiesAirMessage.exe -startupuRun: [] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exemRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe"mRun: [nmapp] "c:\program files\pure networks\network magic\nmapp.exe" -autorun -nosplashmRun: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exemRun: [ehTray] c:\windows\ehome\ehtray.exemRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exemRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLYmRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"mRun: [backupNowEZtray] "c:\program files\nti\nti backup now ez\BackupNowEZtray.exe" -kmRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exemRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exedRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"dRun: [swg] c:\program files\google\googletoolbarnotifier\1.2.1128.5462\GoogleToolbarNotifier.exedRunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /fdRunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /fStartupFolder: c:\docume~1\mom\startm~1\programs\startup\everno~1.lnk - c:\program files\evernote\evernote\EvernoteTray.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1mPolicies-Explorer: NoDriveTypeAutoRun = dword:145IE: &Viewpoint Search - c:\program files\viewpoint\viewpoint toolbar v35\ViewBar.dll/CXTSEARCH.HTMLIE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspxIE: Clip Image - c:\program files\evernote\evernote\\evernoteieres\Clip.html?clipAction=4IE: Clip selection - c:\program files\evernote\evernote\\evernoteieres\Clip.html?clipAction=3IE: Clip this page - c:\program files\evernote\evernote\\evernoteieres\Clip.html?clipAction=1IE: Clip URL - c:\program files\evernote\evernote\\evernoteieres\Clip.html?clipAction=0IE: Customize Menu - c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.htmlIE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000IE: Fill Forms - c:\program files\siber systems\ai roboform\RoboFormComFillForms.htmlIE: New Note - c:\program files\evernote\evernote\\evernoteieres\NewNote.htmlIE: RoboForm Toolbar - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.htmlIE: Save Forms - c:\program files\siber systems\ai roboform\RoboFormComSavePass.htmlIE: Yahoo! &SMS - /c:\program files\yahoo!\Common/ycsms.htmIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dllIE: {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - {A1EDC4A1-940F-48E0-8DFD-E38F1D501021} - c:\program files\spyware doctor\tools\iesdpb.dllIE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.htmlIE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.htmlIE: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - LocalServer32 - <no file>IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\program files\hewlett-packard\smart web printing\hpswp_extensions.dllIE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hewlett-packard\smart web printing\hpswp_extensions.dllIE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.htmlIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\program files\evernote\evernote\\evernoteieres\AddNote.htmlIE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dllIE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe.INFO: HKCU has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option...INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option..DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - <orphaned>Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dllHandler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\12.2.6\ViProtocol.dllNotify: AtiExtEvent - Ati2evxx.dllNotify: avgrsstarter - avgrsstx.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dllSEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dllLSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg.================= FIREFOX ===================.FF - ProfilePath - c:\documents and settings\mom\application data\mozilla\firefox\profiles\30qgon9z.default-1369715500859\FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dllFF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dllFF - plugin: c:\documents and settings\mom\application data\mozilla\plugins\npoctoshape.dllFF - plugin: c:\documents and settings\mom\local settings\application data\unity\webplayer\loader\npUnity3D32.dllFF - plugin: c:\progra~1\meadco~1\npmeadax.dllFF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dllFF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\13.0.0\npsitesafety.dllFF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dllFF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dllFF - plugin: c:\program files\google\picasa3\npPicasa3.dllFF - plugin: c:\program files\google\update\1.3.21.149\npGoogleUpdate3.dllFF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dllFF - plugin: c:\program files\microsoft silverlight\4.0.60129.0\npctrlui.dllFF - plugin: c:\program files\microsoft\office live\npOLW.dllFF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dllFF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dllFF - plugin: c:\program files\research in motion limited\blackberry app world browser plugin\npappworld.dllFF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dllFF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dllFF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dllFF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_224.dllFF - plugin: c:\windows\system32\npdeployJava1.dllFF - plugin: c:\windows\system32\npptools.dllFF - ExtSQL: 2013-07-06 10:11; {E0B8C461-F8FB-49b4-8373-FE32E9252800}; c:\documents and settings\mom\application data\mozilla\firefox\profiles\30qgon9z.default-1369715500859\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.============= SERVICES / DRIVERS ===============.R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 60216]R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-8-9 245048]R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 96568]R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 39224]R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 208184]R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 22328]R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 170808]R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-9 182072]R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-11-14 54760]R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [2005-8-22 231424]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-7-1 22856]R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-7-6 40776]S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-8-23 26984]S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-5-3 83864]S3 esgiguard;esgiguard;\??\c:\program files\enigma software group\spyhunter\esgiguard.sys --> c:\program files\enigma software group\spyhunter\esgiguard.sys [?]S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2010-4-26 19712]S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2010-4-26 8320]S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2010-4-26 42752]S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-5-3 181912].=============== Created Last 30 ================.2013-07-07 03:36:46 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys2013-07-01 19:48:11 -------- dc----w- c:\documents and settings\mom\application data\Malwarebytes2013-07-01 19:47:52 -------- dc----w- c:\documents and settings\all users\application data\Malwarebytes2013-07-01 19:47:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys2013-07-01 19:47:50 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware.==================== Find3M ====================.2013-06-12 03:31:03 692104 -c--a-w- c:\windows\system32\FlashPlayerApp.exe2013-06-12 03:31:02 71048 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2013-04-19 00:08:14 4659712 ----a-w- c:\windows\system32\Redemption.dll2013-04-19 00:07:00 90112 ----a-w- c:\windows\MAMCityDownload.ocx2013-04-19 00:07:00 330240 ----a-w- c:\windows\MASetupCaller.dll2013-04-19 00:07:00 30568 ----a-w- c:\windows\MusiccityDownload.exe.============= FINISH: 23:16:41.02 =============== Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 7, 2013 Root Admin ID:699699 Share Posted July 7, 2013 Hello and Please run the following and post back the logs. Its a bit late here for me now so I'll check back on you sometime tomorrow if I can. STEP 01 Backup the Registry: Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.Please download ERUNT from one of the following links: Link1 | Link2 | Link3ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.Double click on erunt-setup.exe to Install ERUNT by following the prompts.Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.Choose a location for the backup.Note: the default location is C:\Windows\ERDNT which is acceptable.Make sure that at least the first two check boxes are selected.Click on OKThen click on YES to create the folder.Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe STEP 02 Please download Malwarebytes Anti-Rootkit from HEREUnzip the contents to a folder in a convenient location.Open the folder where the contents were unzipped and run mbar.exeFollow the instructions in the wizard to update and allow the program to scan your computer for threats.Click on the Cleanup button to remove any threats and reboot if prompted to do so.Wait while the system shuts down and the cleanup process is performed.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txtSTEP 03 Please download Junkware Removal Tool to your desktop.Shutdown your antivirus to avoid any conflicts.Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.The tool will open and start scanning your system.Please be patient as this can take a while to complete.On completion, a log (JRT.txt) is saved to your desktop and will automatically open.Post the contents of JRT.txt into your next reply messageWhen completed make sure to re-enable your antivirusSTEP 04 Please download AdwCleaner by Xplode to your desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.If prompted by the User Account Control click Yes to allow it to run.Under Actions click on the Delete button.Click OK on all prompts.You will be prompted to restart your computer. A text file will open after the restart.Please post the entire contents of that logfile to your next reply.You can find the logfile at C:\AdwCleaner[s1].txt where the number in brackets indicates how often it was run.STEP 05 Please go here to run the online antivirus scannner from ESET.Turn off the real time scanner of any existing antivirus program while performing the online scanTick the box next to YES, I accept the Terms of Use.Click StartWhen asked, allow the activex control to installClick StartMake sure that the option Remove found threats is untickedClick on Advanced Settings and ensure these options are ticked:Scan for potentially unwanted applicationsScan for potentially unsafe applicationsEnable Anti-Stealth TechnologyClick ScanWait for the scan to finishIf any threats were found, click the 'List of found threats' , then click Export to text file....Save it to your desktop, then please copy and paste that log as a reply to this topic.Thanks Link to post Share on other sites More sharing options...
jules4dee Posted July 11, 2013 Author ID:701486 Share Posted July 11, 2013 Thanks for reopening this!Here are the logs from step 2: Malwarebytes Anti-Rootkit BETA 1.06.0.1004www.malwarebytes.orgDatabase version: v2013.07.10.08Windows XP Service Pack 3 x86 NTFSInternet Explorer 8.0.6001.18702MOM :: LAPTOP [administrator]7/10/2013 5:42:13 PMmbar-log-2013-07-10 (17-42-13).txtScan type: Quick scanScan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2PScan options disabled: PUPObjects scanned: 256060Time elapsed: 38 minute(s), 5 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)Physical Sectors Detected: 0(No malicious items detected)(end) ---------------------------------------Malwarebytes Anti-Rootkit BETA 1.06.0.1004© Malwarebytes Corporation 2011-2012OS version: 5.1.2600 Windows XP Service Pack 3 x86Account is AdministrativeInternet Explorer version: 8.0.6001.18702Java version: 1.6.0_31File system is: NTFSDisk drives: C:\ DRIVE_FIXEDCPU speed: 2.188000 GHzMemory total: 1071824896, free: 138047488Downloaded database version: v2013.07.10.08Initializing...------------ Kernel report ------------ 07/10/2013 17:41:58------------ Loaded modules -----------\WINDOWS\system32\ntkrnlpa.exe\WINDOWS\system32\hal.dll\WINDOWS\system32\KDCOM.DLL\WINDOWS\system32\BOOTVID.dllACPI.sys\WINDOWS\system32\DRIVERS\WMILIB.SYSpci.sysisapnp.syscompbatt.sys\WINDOWS\system32\DRIVERS\BATTC.SYSpciide.sys\WINDOWS\system32\DRIVERS\PCIIDEX.SYSintelide.sysviaide.sysaliide.syspcmcia.sysMountMgr.sysftdisk.sysdmload.sysdmio.sysACPIEC.sys\WINDOWS\system32\DRIVERS\OPRGHDLR.SYSPartMgr.sysVolSnap.sysatapi.sysdisk.sys\WINDOWS\system32\DRIVERS\CLASSPNP.SYSfltmgr.syssr.sysPxHelp20.sysKSecDD.sysWudfPf.sysNtfs.sysNDIS.sysohci1394.sys\WINDOWS\system32\DRIVERS\1394BUS.SYSMup.sysavgrkx86.sysavglogx.sysavgmfx86.sysavgidshx.sys\SystemRoot\system32\DRIVERS\AmdK8.sys\SystemRoot\system32\DRIVERS\wmiacpi.sys\SystemRoot\system32\DRIVERS\ati2mtag.sys\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS\SystemRoot\system32\DRIVERS\usbohci.sys\SystemRoot\system32\DRIVERS\USBPORT.SYS\SystemRoot\system32\DRIVERS\usbehci.sys\SystemRoot\system32\DRIVERS\imapi.sys\??\C:\WINDOWS\system32\drivers\UBHelper.sys\SystemRoot\system32\DRIVERS\cdrom.sys\SystemRoot\system32\DRIVERS\redbook.sys\SystemRoot\system32\DRIVERS\ks.sys\??\C:\WINDOWS\system32\drivers\NTIDrvr.sys\SystemRoot\SYSTEM32\DRIVERS\GEARAspiWDM.sys\SystemRoot\system32\DRIVERS\i8042prt.sys\SystemRoot\system32\DRIVERS\kbdclass.sys\SystemRoot\system32\DRIVERS\mouclass.sys\SystemRoot\system32\DRIVERS\CmBatt.sys\SystemRoot\system32\DRIVERS\bcmwl5.sys\SystemRoot\system32\drivers\tifm21.sys\SystemRoot\system32\DRIVERS\sdbus.sys\SystemRoot\system32\DRIVERS\Rtnicxp.sys\SystemRoot\system32\drivers\camc6hal.sys\SystemRoot\system32\drivers\camc6aud.sys\SystemRoot\system32\drivers\portcls.sys\SystemRoot\system32\drivers\drmk.sys\SystemRoot\system32\DRIVERS\HSFHWATI.sys\SystemRoot\system32\DRIVERS\HSF_DPV.sys\SystemRoot\system32\DRIVERS\HSF_CNXT.sys\SystemRoot\System32\Drivers\Modem.SYS\SystemRoot\system32\DRIVERS\audstub.sys\SystemRoot\System32\Drivers\RootMdm.sys\SystemRoot\system32\DRIVERS\rasl2tp.sys\SystemRoot\system32\DRIVERS\ndistapi.sys\SystemRoot\system32\DRIVERS\ndiswan.sys\SystemRoot\system32\DRIVERS\raspppoe.sys\SystemRoot\system32\DRIVERS\raspptp.sys\SystemRoot\system32\DRIVERS\TDI.SYS\SystemRoot\system32\DRIVERS\psched.sys\SystemRoot\system32\DRIVERS\msgpc.sys\SystemRoot\system32\DRIVERS\ptilink.sys\SystemRoot\system32\DRIVERS\raspti.sys\SystemRoot\system32\DRIVERS\wanatw4.sys\SystemRoot\System32\Drivers\pcouffin.sys\SystemRoot\system32\DRIVERS\RimSerial.sys\SystemRoot\system32\DRIVERS\WDFLDR.SYS\SystemRoot\system32\DRIVERS\Wdf01000.sys\SystemRoot\system32\DRIVERS\rdpdr.sys\SystemRoot\system32\DRIVERS\termdd.sys\SystemRoot\system32\DRIVERS\swenum.sys\SystemRoot\system32\DRIVERS\update.sys\SystemRoot\system32\DRIVERS\mssmbios.sys\SystemRoot\System32\Drivers\NDProxy.SYS\SystemRoot\system32\DRIVERS\usbhub.sys\SystemRoot\system32\DRIVERS\USBD.SYS\SystemRoot\System32\Drivers\Fs_Rec.SYS\SystemRoot\System32\Drivers\Null.SYS\SystemRoot\System32\Drivers\Beep.SYS\SystemRoot\system32\DRIVERS\HIDPARSE.SYS\SystemRoot\System32\drivers\vga.sys\SystemRoot\System32\Drivers\mnmdd.SYS\SystemRoot\System32\DRIVERS\RDPCDD.sys\SystemRoot\System32\Drivers\Msfs.SYS\SystemRoot\System32\Drivers\Npfs.SYS\SystemRoot\system32\DRIVERS\rasacd.sys\SystemRoot\system32\DRIVERS\ipsec.sys\SystemRoot\system32\DRIVERS\tcpip.sys\SystemRoot\system32\DRIVERS\avgtdix.sys\SystemRoot\system32\DRIVERS\ipnat.sys\SystemRoot\system32\DRIVERS\wanarp.sys\SystemRoot\system32\DRIVERS\netbt.sys\SystemRoot\System32\drivers\afd.sys\SystemRoot\system32\DRIVERS\netbios.sys\SystemRoot\system32\DRIVERS\rdbss.sys\SystemRoot\system32\DRIVERS\mrxsmb.sys\SystemRoot\System32\Drivers\Fips.SYS\??\C:\WINDOWS\system32\drivers\EABFiltr.sys\SystemRoot\system32\DRIVERS\avgldx86.sys\SystemRoot\system32\DRIVERS\avgidsshimx.sys\SystemRoot\system32\DRIVERS\avgidsdriverx.sys\SystemRoot\System32\Drivers\Udfs.SYS\SystemRoot\System32\win32k.sys\SystemRoot\System32\drivers\Dxapi.sys\SystemRoot\System32\watchdog.sys\SystemRoot\System32\drivers\dxg.sys\SystemRoot\System32\drivers\dxgthk.sys\SystemRoot\System32\ati2dvag.dll\SystemRoot\System32\ati2cqag.dll\SystemRoot\System32\atikvmag.dll\SystemRoot\System32\ati3duag.dll\SystemRoot\System32\ativvaxx.dll\??\C:\WINDOWS\system32\drivers\mbam.sys\SystemRoot\System32\ATMFD.DLL\SystemRoot\system32\DRIVERS\fssfltr_tdi.sys\SystemRoot\system32\DRIVERS\ndisuio.sys\SystemRoot\system32\DRIVERS\pnarp.sys\SystemRoot\system32\DRIVERS\purendis.sys\SystemRoot\system32\DRIVERS\mrxdav.sys\SystemRoot\system32\drivers\wdmaud.sys\SystemRoot\system32\drivers\sysaudio.sys\SystemRoot\System32\Drivers\HTTP.sys\SystemRoot\system32\DRIVERS\srv.sys\SystemRoot\System32\Drivers\MCSTRM.SYS\SystemRoot\system32\DRIVERS\mdmxsdk.sys\SystemRoot\system32\DRIVERS\hidusb.sys\SystemRoot\system32\DRIVERS\HIDCLASS.SYS\SystemRoot\system32\DRIVERS\mouhid.sys\SystemRoot\system32\DRIVERS\ipfltdrv.sys\SystemRoot\system32\DRIVERS\asyncmac.sys\SystemRoot\system32\DRIVERS\ssudbus.sys\SystemRoot\system32\DRIVERS\wpdusb.sys\SystemRoot\system32\DRIVERS\wudfrd.sys\SystemRoot\system32\DRIVERS\ssudmdm.sys\SystemRoot\system32\DRIVERS\WinUSB.sys\SystemRoot\system32\drivers\kmixer.sys\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys\WINDOWS\system32\ntdll.dll----------- End -----------Done!<<<1>>>Upper Device Name: \Device\Harddisk0\DR0Upper Device Object: 0xffffffff87165ab8Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-3\Lower Device Object: 0xffffffff87130940Lower Device Driver Name: \Driver\atapi\<<<2>>>Device number: 0, partition: 1Physical Sector Size: 512Drive: 0, DevicePointer: 0xffffffff87165ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xffffffff8712f930, DeviceName: Unknown, DriverName: \Driver\PartMgr\DevicePointer: 0xffffffff87165ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\DevicePointer: 0xffffffff871d69e8, DeviceName: \Device\00000086\, DriverName: \Driver\ACPI\DevicePointer: 0xffffffff87130940, DeviceName: \Device\Ide\IdeDeviceP0T0L0-3\, DriverName: \Driver\atapi\------------ End ----------Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\Upper DeviceData: 0x0, 0x0, 0x0Lower DeviceData: 0x0, 0x0, 0x0<<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes<<<2>>>Device number: 0, partition: 1<<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesScanning drivers directory: C:\WINDOWS\system32\drivers...<<<2>>>Device number: 0, partition: 1<<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesThe directory C:\WINDOWS\system32\drivers seems inaccessible or encrypted.Drivers scan is aborted.Done!Drive 0Scanning MBR on drive 0...Inspecting partition table:MBR Signature: 55AADisk Signature: 16351635Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 63 Numsec = 155862567 Partition file system is NTFS Partition is bootable Partition 1 type is Other (0x88) Partition is NOT ACTIVE. Partition starts at LBA: 155878695 Numsec = 417690 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0Disk Size: 80026361856 bytesSector size: 512 bytesScanning physical sectors of unpartitioned space on drive 0 (1-62-156281488-156301488)...Done!Scan finished=======================================Removal queue found; removal startedRemoving c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...Removing c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\bootstrap_0_0_63_i.mbam...Removing c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...Removal finished And from step 3: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 5.0.5 (07.10.2013:2)OS: Microsoft Windows XP x86Ran by MOM on Wed 07/10/2013 at 20:33:59.67~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services~~~ Registry ValuesSuccessfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\dw7Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uniblue registrybooster 2Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{5911488E-9D1E-40ec-8CBB-06B231CC153F}Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayNameSuccessfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URLSuccessfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\TabsSuccessfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F4D76F09-7896-458A-890F-E1F05C46069F}~~~ Registry KeysSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escort.dllSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escortapp.dllSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escorteng.dllSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escortlbr.dllSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\esrv.exeSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\scripthelper.exeSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\secman.dllSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\toolbar.dllSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\viprotocol.dllSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{09c554c3-109b-483c-a06b-f14172f1a947}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{1fdff5a2-7bb1-48e1-8081-7236812b12b2}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{35c1605e-438b-4d64-aab1-8885f097a9b1}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{4d076ab4-7562-427a-b5d2-bd96e19dee56}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{4e1e9d45-8bf9-4139-915c-9f83cc3d5921}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{b12e99ed-69bd-437c-86be-c862b9e5444d}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{bb711cb0-c70b-482e-9852-ec05ebd71dbb}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{d7ee8177-d51e-4f89-92b6-83ea2ec40800}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{4e92db5f-aad9-49d3-8eab-b40cbe5b1ff7}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{66eef543-a9ac-4a9d-aa3c-1ed148ac8eee}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{826d7151-8d99-434b-8540-082b8c2ae556}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{b658800c-f66e-4ef3-ab85-6c0c227862a9}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{cc5ad34c-6f10-4cb3-b74a-c2dd4d5060a3}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{de9028d0-5ffa-4e69-94e3-89ee8741f468}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{f25af245-4a81-40dc-92f9-e9021f207706}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{03e2a1f3-4402-4121-8b35-733216d61217}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{4e92db5f-aad9-49d3-8eab-b40cbe5b1ff7}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{66eef543-a9ac-4a9d-aa3c-1ed148ac8eee}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{9e3b11f6-4179-4603-a71b-a55f4bcb0bec}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{c401d2ce-dc27-45c7-bc0c-8e6ea7f085d6}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{11549fe4-7c5a-4c17-9fc3-56fc5162a994}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{1ea4dbf0-3c3b-11cf-810c-00aa00389b71}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{74fb6afd-dd77-4ceb-83bd-ab2b63e63c93}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{9c049ba6-ea47-4ac3-aed6-a66d8dc9e1d8}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{c2ac8a0e-e48e-484b-a71c-c7a937faab94}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduitSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonicSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\startnow toolbarSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\startnow toolbarSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\zugoSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{6c97a91e-4524-4019-86af-2aa2d567bf5c}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{95b7759c-8c7f-4bf1-b163-73684a933233}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{02478d38-c3f9-4efb-9b51-7695eca05670}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{6c97a91e-4524-4019-86af-2aa2d567bf5c}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{95b7759c-8c7f-4bf1-b163-73684a933233}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{f25af245-4a81-40dc-92f9-e9021f207706}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctl.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondarySuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondary.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\imside1egate.application.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.capSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocolSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapiSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar.bandobjectSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar.bandobject.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar.toolbarhelperobjectSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar.toolbarhelperobject.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocololeSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\active setup\installed components\{03f998b2-0e00-11d3-a498-00104b6eb52e}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\active setup\installed components\{1b00725b-c455-4de6-bfb6-ad540ad427cd}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\windows\currentversion\ext\preapproved\{c6fdd0c3-266a-4dc3-b459-28c697c44cdc}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\windows\currentversion\ext\preapproved\{f25af245-4a81-40dc-92f9-e9021f207706}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{73ADCAE4-C933-4BB3-9D00-B66D84125A5E}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F4D76F01-7896-458A-890F-E1F05C46069F}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F4D76F09-7896-458A-890F-E1F05C46069F}~~~ FilesSuccessfully deleted: [File] C:\eula.1028.txtSuccessfully deleted: [File] C:\eula.1031.txtSuccessfully deleted: [File] C:\eula.1033.txtSuccessfully deleted: [File] C:\eula.1036.txtSuccessfully deleted: [File] C:\eula.1040.txtSuccessfully deleted: [File] C:\eula.1041.txtSuccessfully deleted: [File] C:\eula.1042.txtSuccessfully deleted: [File] C:\eula.2052.txtSuccessfully deleted: [File] C:\install.res.1028.dllSuccessfully deleted: [File] C:\install.res.1031.dllSuccessfully deleted: [File] C:\install.res.1033.dllSuccessfully deleted: [File] C:\install.res.1036.dllSuccessfully deleted: [File] C:\install.res.1040.dllSuccessfully deleted: [File] C:\install.res.1041.dllSuccessfully deleted: [File] C:\install.res.1042.dllSuccessfully deleted: [File] C:\install.res.2052.dllSuccessfully deleted: [File] C:\install.res.3082.dllSuccessfully deleted: [File] "C:\Documents and Settings\MOM\desktop\speedypc pro.lnk"~~~ FoldersSuccessfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\speedypc software"Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\viewpoint"Successfully deleted: [Folder] "C:\Documents and Settings\MOM\Application Data\drivercure"Successfully deleted: [Folder] "C:\Documents and Settings\MOM\Application Data\speedypc software"Successfully deleted: [Folder] "C:\Documents and Settings\MOM\Application Data\viewpoint"Successfully deleted: [Folder] "C:\Program Files\coupons"Successfully deleted: [Folder] "C:\Program Files\freeze.com"Successfully deleted: [Folder] "C:\Program Files\speedypc software"Successfully deleted: [Folder] "C:\Program Files\startnow toolbar"Successfully deleted: [Folder] "C:\Program Files\viewpoint"Successfully deleted: [Folder] "C:\Program Files\Common Files\speedypc software"Successfully deleted: [Folder] "C:\Documents and Settings\MOM\start menu\programs\speedypc software"Successfully deleted: [Folder] "C:\Program Files\AskPBar"~~~ FireFoxSuccessfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\adawaretb.xml"Successfully deleted the following from C:\Documents and Settings\MOM\Application Data\mozilla\firefox\profiles\30qgon9z.default-1369715500859\prefs.jsuser_pref("services.sync.client.syncID", "eJKV94ph-WMx");~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Wed 07/10/2013 at 20:50:46.06End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ I am working on doing step 4 now and will post those when done, unless you want me to do something else! Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 11, 2013 Root Admin ID:701499 Share Posted July 11, 2013 No, please continue doing the requested steps. Link to post Share on other sites More sharing options...
jules4dee Posted July 11, 2013 Author ID:701506 Share Posted July 11, 2013 How long does the AdwCleaner take to delete? It has been at work 7 bars for more than an hour. Is this normal? Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 11, 2013 Root Admin ID:701516 Share Posted July 11, 2013 Not normally. Most times it runs in less than 10 minutes. Might need to try to see if you can stop it unless it's already completed in which case go ahead and ATTACH the log please. Link to post Share on other sites More sharing options...
jules4dee Posted July 11, 2013 Author ID:701527 Share Posted July 11, 2013 step 4 log: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 5.0.5 (07.10.2013:2)OS: Microsoft Windows XP x86Ran by MOM on Wed 07/10/2013 at 20:33:59.67~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services~~~ Registry ValuesSuccessfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\dw7Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uniblue registrybooster 2Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{5911488E-9D1E-40ec-8CBB-06B231CC153F}Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayNameSuccessfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URLSuccessfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\TabsSuccessfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F4D76F09-7896-458A-890F-E1F05C46069F}~~~ Registry KeysSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escort.dllSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escortapp.dllSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escorteng.dllSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escortlbr.dllSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\esrv.exeSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\scripthelper.exeSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\secman.dllSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\toolbar.dllSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\viprotocol.dllSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{09c554c3-109b-483c-a06b-f14172f1a947}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{1fdff5a2-7bb1-48e1-8081-7236812b12b2}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{35c1605e-438b-4d64-aab1-8885f097a9b1}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{4d076ab4-7562-427a-b5d2-bd96e19dee56}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{4e1e9d45-8bf9-4139-915c-9f83cc3d5921}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{b12e99ed-69bd-437c-86be-c862b9e5444d}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{bb711cb0-c70b-482e-9852-ec05ebd71dbb}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{d7ee8177-d51e-4f89-92b6-83ea2ec40800}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{4e92db5f-aad9-49d3-8eab-b40cbe5b1ff7}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{66eef543-a9ac-4a9d-aa3c-1ed148ac8eee}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{826d7151-8d99-434b-8540-082b8c2ae556}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{b658800c-f66e-4ef3-ab85-6c0c227862a9}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{cc5ad34c-6f10-4cb3-b74a-c2dd4d5060a3}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{de9028d0-5ffa-4e69-94e3-89ee8741f468}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{f25af245-4a81-40dc-92f9-e9021f207706}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{03e2a1f3-4402-4121-8b35-733216d61217}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{4e92db5f-aad9-49d3-8eab-b40cbe5b1ff7}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{66eef543-a9ac-4a9d-aa3c-1ed148ac8eee}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{9e3b11f6-4179-4603-a71b-a55f4bcb0bec}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{c401d2ce-dc27-45c7-bc0c-8e6ea7f085d6}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{11549fe4-7c5a-4c17-9fc3-56fc5162a994}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{1ea4dbf0-3c3b-11cf-810c-00aa00389b71}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{74fb6afd-dd77-4ceb-83bd-ab2b63e63c93}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{9c049ba6-ea47-4ac3-aed6-a66d8dc9e1d8}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{c2ac8a0e-e48e-484b-a71c-c7a937faab94}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduitSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonicSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\startnow toolbarSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\startnow toolbarSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\zugoSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{6c97a91e-4524-4019-86af-2aa2d567bf5c}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{95b7759c-8c7f-4bf1-b163-73684a933233}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{02478d38-c3f9-4efb-9b51-7695eca05670}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{6c97a91e-4524-4019-86af-2aa2d567bf5c}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{95b7759c-8c7f-4bf1-b163-73684a933233}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{f25af245-4a81-40dc-92f9-e9021f207706}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctl.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondarySuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondary.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\imside1egate.application.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.capSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocolSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapiSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar.bandobjectSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar.bandobject.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar.toolbarhelperobjectSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar.toolbarhelperobject.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocololeSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\active setup\installed components\{03f998b2-0e00-11d3-a498-00104b6eb52e}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\active setup\installed components\{1b00725b-c455-4de6-bfb6-ad540ad427cd}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\windows\currentversion\ext\preapproved\{c6fdd0c3-266a-4dc3-b459-28c697c44cdc}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\windows\currentversion\ext\preapproved\{f25af245-4a81-40dc-92f9-e9021f207706}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{73ADCAE4-C933-4BB3-9D00-B66D84125A5E}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F4D76F01-7896-458A-890F-E1F05C46069F}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F4D76F09-7896-458A-890F-E1F05C46069F}~~~ FilesSuccessfully deleted: [File] C:\eula.1028.txtSuccessfully deleted: [File] C:\eula.1031.txtSuccessfully deleted: [File] C:\eula.1033.txtSuccessfully deleted: [File] C:\eula.1036.txtSuccessfully deleted: [File] C:\eula.1040.txtSuccessfully deleted: [File] C:\eula.1041.txtSuccessfully deleted: [File] C:\eula.1042.txtSuccessfully deleted: [File] C:\eula.2052.txtSuccessfully deleted: [File] C:\install.res.1028.dllSuccessfully deleted: [File] C:\install.res.1031.dllSuccessfully deleted: [File] C:\install.res.1033.dllSuccessfully deleted: [File] C:\install.res.1036.dllSuccessfully deleted: [File] C:\install.res.1040.dllSuccessfully deleted: [File] C:\install.res.1041.dllSuccessfully deleted: [File] C:\install.res.1042.dllSuccessfully deleted: [File] C:\install.res.2052.dllSuccessfully deleted: [File] C:\install.res.3082.dllSuccessfully deleted: [File] "C:\Documents and Settings\MOM\desktop\speedypc pro.lnk"~~~ FoldersSuccessfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\speedypc software"Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\viewpoint"Successfully deleted: [Folder] "C:\Documents and Settings\MOM\Application Data\drivercure"Successfully deleted: [Folder] "C:\Documents and Settings\MOM\Application Data\speedypc software"Successfully deleted: [Folder] "C:\Documents and Settings\MOM\Application Data\viewpoint"Successfully deleted: [Folder] "C:\Program Files\coupons"Successfully deleted: [Folder] "C:\Program Files\freeze.com"Successfully deleted: [Folder] "C:\Program Files\speedypc software"Successfully deleted: [Folder] "C:\Program Files\startnow toolbar"Successfully deleted: [Folder] "C:\Program Files\viewpoint"Successfully deleted: [Folder] "C:\Program Files\Common Files\speedypc software"Successfully deleted: [Folder] "C:\Documents and Settings\MOM\start menu\programs\speedypc software"Successfully deleted: [Folder] "C:\Program Files\AskPBar"~~~ FireFoxSuccessfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\adawaretb.xml"Successfully deleted the following from C:\Documents and Settings\MOM\Application Data\mozilla\firefox\profiles\30qgon9z.default-1369715500859\prefs.jsuser_pref("services.sync.client.syncID", "eJKV94ph-WMx");~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Wed 07/10/2013 at 20:50:46.06End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Link to post Share on other sites More sharing options...
jules4dee Posted July 11, 2013 Author ID:701528 Share Posted July 11, 2013 I did stop the delete process but, could only do it by a hard shut down. My computer was completely frozen. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 11, 2013 Root Admin ID:701544 Share Posted July 11, 2013 Okay, please run the following then and post back the log as an ATTACHMENT by clicking the More Reply Options button. Please download Farbar Recovery Scan Tool and save it to your desktop.Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.Double-click to run it. When the tool opens click Yes to disclaimer. Press Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply. Link to post Share on other sites More sharing options...
jules4dee Posted July 11, 2013 Author ID:701608 Share Posted July 11, 2013 Step 5 log: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\E5PYE3VH\updater-startnow-200-2.5-g[1].exe a variant of Win32/Toolbar.Zugo applicationC:\Documents and Settings\MOM\Desktop\SPY STUFF\cnet_501_b073_multilanguage_exe.exe a variant of Win32/InstallCore.D applicationC:\Documents and Settings\MOM\Desktop\SPY STUFF\INSTALL EXES\Nero-8.3.2.1_eng_trial.exe Win32/Toolbar.AskSBar applicationC:\Documents and Settings\MOM\My Documents\downloads\cbsidlm-tr1_13-Gaps_Solitaire-SEO-10967808.exe Win32/DownloadAdmin.G applicationC:\Program Files\AWS\WeatherBug\Local\askToolbarInstaller-1.9.1.0.exe a variant of Win32/Bundled.Toolbar.Ask application Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 11, 2013 Root Admin ID:701746 Share Posted July 11, 2013 The items in the ESET scan log install adware toolbars if you're not careful and why they're flagged. You can keep them if you want but choose custom anytime you install something and don't allow other add-ons to be installed. Please run the FRST scan above and post that log. Link to post Share on other sites More sharing options...
jules4dee Posted July 11, 2013 Author ID:701761 Share Posted July 11, 2013 Here are the scans from FARBAR: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-07-2013 02Ran by MOM (administrator) on 11-07-2013 17:03:20Running from C:\Documents and Settings\MOM\My Documents\downloadsMicrosoft Windows XP Professional Service Pack 3, v.3264 (X86) OS Language: English(US)Internet Explorer Version 8Boot Mode: Normal==================== Processes (Whitelisted) ===================(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe() C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe(AOL LLC) C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgwdsvc.exe(Seagate Technology LLC) C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe(Microsoft Corporation) C:\WINDOWS\eHome\ehRecvr.exe(Microsoft Corporation) C:\WINDOWS\eHome\ehSched.exe(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe(Seagate Technology LLC) C:\Program Files\Maxtor\Sync\SyncServices.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe(NTI Corporation) C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.0.0\ToolbarUpdater.exe(America Online, Inc.) C:\WINDOWS\wanmpsvc.exe(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe(Cisco Systems, Inc.) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe(Cisco Systems, Inc.) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe(Cisco Systems, Inc.) C:\Program Files\Pure Networks\Network Magic\nmapp.exe(Hewlett-Packard Company) C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe(Microsoft Corporation) C:\WINDOWS\eHome\ehmsas.exe(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgui.exe(ATI Technologies, Inc.) C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe(NTI Corporation) C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZtray.exe(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe(Hewlett-Packard) C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPNSCFG.exe(Samsung) C:\Program Files\Samsung\Kies\Kies.exe(Samsung Electronics) C:\Program Files\Samsung\Kies\KiesAirMessage.exe(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files\Evernote\Evernote\EvernoteTray.exe(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files\Evernote\Evernote\Evernote.exe(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files\Evernote\Evernote\EvernoteClipper.exe(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgidsagent.exe(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgnsx.exe(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgrsx.exe(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgcsrvx.exe(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe==================== Registry (Whitelisted) ==================HKLM\...\Run: [nmctxth] - "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [647216 2009-07-07] (Cisco Systems, Inc.)HKLM\...\Run: [nmapp] - "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash [472112 2010-01-27] (Cisco Systems, Inc.)HKLM\...\Run: [LSBWatcher] - c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [253952 2004-10-14] (Hewlett-Packard Company)HKLM\...\Run: [ehTray] - C:\WINDOWS\ehome\ehtray.exe [64512 2005-08-05] (Microsoft Corporation)HKLM\...\Run: [Cpqset] - C:\Program Files\HPQ\Default Settings\cpqset.exe [233534 2005-08-01] ()HKLM\...\Run: [AVG_UI] - "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY [4408368 2013-04-29] (AVG Technologies CZ, s.r.o.)HKLM\...\Run: [ATIPTA] - "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [344064 2005-12-01] (ATI Technologies, Inc.)HKLM\...\Run: [Adobe ARM] - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)HKLM\...\Run: [backupNowEZtray] - "C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZtray.exe" -k [580672 2012-07-23] (NTI Corporation)HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)HKLM\...\Run: [HP Software Update] - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)Winlogon\Notify\AtiExtEvent: Ati2evxx.dll (ATI Technologies Inc.)Winlogon\Notify\avgrsstarter: avgrsstx.dll [X]Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)HKCU\...\Run: [spyware Doctor] - C:\PROGRA~1\SPYWAR~2\swdoctor.exe /Q [1506544 2005-05-26] (PCTools)HKCU\...\Run: [spybotSD TeaTimer] - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [204288 2006-10-18] (Microsoft Corporation)HKCU\...\Run: [Weather] - C:\Program Files\AWS\WeatherBug\Weather.exe 1 [1652736 2010-10-29] (AWS Convergence Technologies, Inc.)HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe /preload [1561968 2013-04-23] (Samsung)HKCU\...\Run: [KiesAirMessage] - C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup [578560 2013-04-18] (Samsung Electronics)HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844168 2013-05-15] (Samsung)HKCU\...\Policies\system: [DisableRegistryTools] 0HKCU\...\Policies\system: [DisableTaskMgr] 0MountPoints2: {2d656f6e-7cad-11e2-944c-00038a000015} - E:\restore\restorestarter.exeMountPoints2: {cd2533f6-ad93-11df-9378-00038a000015} - E:\Setup_FlipShare.exeMountPoints2: {d168c7c8-2989-11db-91eb-00038a000015} - E:\LaunchU3.exeMountPoints2: {d168c7c9-2989-11db-91eb-00038a000015} - F:\PortableApps\PortableAppsMenu\PortableAppsMenu.exeMountPoints2: {de7fff13-12b8-11de-9301-00038a000015} - G:\LaunchU3.exe -aMountPoints2: {e8ccd5a3-71f9-11df-9364-00038a000015} - E:\KODAK_Software_Downloader.exeHKU\Administrator\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" [x]HKU\Administrator\...\RunOnce: [spchecker] - "C:\Program Files\AVG\AVG10\Notification\SPCheckerTE.exe" [x]HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" [x]Startup: C:\Documents and Settings\MOM\Start Menu\Programs\Startup\ERUNT AutoBackup.lnkShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files\ERUNT\AUTOBACK.EXE ()Startup: C:\Documents and Settings\MOM\Start Menu\Programs\Startup\EvernoteTray.lnkShortcutTarget: EvernoteTray.lnk -> C:\Program Files\Evernote\Evernote\EvernoteTray.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll (Microsoft Corporation)BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart==================== Internet (Whitelisted) ====================HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ieHKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.comURLSearchHook: (No Name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - No FileURLSearchHook: (No Name) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - No FileStartMenuInternet: IEXPLORE.EXE - iexplore.exeSearchScopes: HKCU - {70D46D94-BF1E-45ED-B567-48701376298E} URL = http://127.0.0.1:4664/search&s=jucO2fYK0MlZZD22vPitNtyiJyI?q={searchTerms}SearchScopes: HKCU - {B3FFF406-BFAB-4CAA-860B-3B02B85CB42E} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=ie8BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)BHO: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No FileBHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll (PC Tools)BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)BHO: No Name - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - No FileBHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll (GuideWorks Pty. Ltd.)BHO: XBTP08998 Class - {B8FC7AE4-FD8B-477c-B1BD-DE14280DECAF} - No FileBHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - No FileBHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)Toolbar: HKLM - AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No FileToolbar: HKLM - Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - No FileToolbar: HKLM - &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)Toolbar: HKLM - FireShot - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - No FileToolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No FileToolbar: HKLM - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No FileToolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)Toolbar: HKCU -Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No FileToolbar: HKCU -No Name - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No FileToolbar: HKCU -AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No FileToolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)Toolbar: HKCU -&RoboForm - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)Toolbar: HKCU -No Name - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No FileToolbar: HKCU -No Name - {C17590D2-ECB4-4B15-8820-F58798DCC118} - No FileToolbar: HKCU -No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No FileToolbar: HKCU -No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No FileToolbar: HKCU -No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No FileToolbar: HKCU -&Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)Toolbar: HKCU -No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No FileToolbar: HKCU -No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No FileDPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/betapit/PCPitStop.CABDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cabDPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cabDPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cabDPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/da2/PCPitStop2.cabHandler: ipp - No CLSID Value -Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No FileHandler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)Handler: msdaipp - No CLSID Value -Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - No FileShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [294400 2007-02-05] (Microsoft Corporation)Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txtTcpip\Parameters: [DhcpNameServer] 192.168.0.1FireFox:========FF ProfilePath: C:\Documents and Settings\MOM\Application Data\Mozilla\Firefox\Profiles\30qgon9z.defaultFF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.0.0\\npsitesafety.dll ()FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)FF Plugin: @meadco.com/neptune plugin,version=2.0.0.29 - C:\PROGRA~1\MEADCO~1\npmeadax.dll (MeadCo Corp.)FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)FF Plugin: @real.com/nppl3260;version=15.0.0.198 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)FF Plugin: @real.com/nprjplug;version=15.0.0.198 - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.0.198 - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)FF Plugin: @real.com/nprphtml5videoshim;version=15.0.0.198 - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)FF Plugin: @real.com/nprpjplug;version=15.0.0.198 - c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)FF Plugin: @real.com/RhapsodyPlayerEngine,version=1.0 - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)FF Plugin: @real.com/RhapsodyPlayerEngine,version=1.1 - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)FF Plugin: @rim.com/npappworld - C:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll ()FF Plugin: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)FF Plugin: @viewpoint.com/VMP - C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll No FileFF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)FF Plugin HKCU: @octoshape.com/Octoshape Streaming Services,version=1.0 - C:\Documents and Settings\MOM\Application Data\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\MOM\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xmlFF Extension: No Name - C:\Documents and Settings\MOM\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\inspector@mozilla.orgFF Extension: Google Toolbar for Firefox - C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\FF HKLM\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] C:\Program Files\Siber Systems\AI RoboForm\FirefoxFF Extension: AI Roboform Toolbar for Firefox - C:\Program Files\Siber Systems\AI RoboForm\FirefoxFF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\ExtFF Extension: RealPlayer Browser Record Plugin - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\ExtFF HKLM\...\Firefox\Extensions: [avg@toolbar] C:\Documents and Settings\All Users\Application Data\AVG Secure Search\12.2.5.34\FF Extension: AVG Security Toolbar - C:\Documents and Settings\All Users\Application Data\AVG Secure Search\12.2.5.34\FF HKLM\...\Firefox\Extensions: [jqs@sun.com] C:\Program Files\Java\jre6\lib\deploy\jqs\ffFF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ffChrome:=======CHR RestoreOnStartup: "urls_to_restore_on_startup": [ ]========================== Services (Whitelisted) =================R2 AdobeActiveFileMonitor4.0; C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe [102400 2005-09-09] ()R2 AOL ACS; C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe [46640 2006-10-23] (AOL LLC)R2 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144672 2009-08-28] (Apple Inc.)S3 AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [947528 2011-03-18] ()R2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4937264 2013-05-14] (AVG Technologies CZ, s.r.o.)R2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-04-18] (AVG Technologies CZ, s.r.o.)R2 Basics Service; C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe [124280 2007-10-09] (Seagate Technology LLC)S3 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [68000 2010-03-29] (NOS Microsystems Ltd.)R3 hpqcxs08; C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll [217088 2008-10-16] (Hewlett-Packard Co.)R2 hpqddsvc; C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll [135168 2008-03-25] (Hewlett-Packard Co.)S3 hpqwmi; C:\Program Files\HPQ\SHARED\HPQWMI.exe [102400 2005-10-11] (Hewlett-Packard Development Company, L.P.)R2 HPSLPSVC; C:\Program Files\Hewlett-Packard\Digital Imaging\bin\HPSLPSVC32.DLL [602112 2007-05-16] (Hewlett-Packard Co.)R2 Maxtor Sync Service; C:\Program Files\Maxtor\Sync\SyncServices.exe [193888 2008-07-21] (Seagate Technology LLC)R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)R2 nmservice; C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe [647216 2012-05-06] (Cisco Systems, Inc.)R2 NTI BackupNowEZSvr; C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe [45592 2011-09-23] (NTI Corporation)S4 PCPitstop Scheduling; C:\Program Files\PCPitstop\PCPitstopScheduleService.exe [85504 2009-06-26] (PC Pitstop LLC)R2 vToolbarUpdater13.0.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.0.0\ToolbarUpdater.exe [711112 2012-09-27] ()R2 WANMiniportService; C:\WINDOWS\wanmpsvc.exe [65536 2003-08-27] (America Online, Inc.)S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [x]S3 GoogleDesktopManager-093009-130223; "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [x]R2 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" [x]S2 KodakCCS; %SystemRoot%\system32\drivers\KodakCCS.exe [x]==================== Drivers (Whitelisted) ====================R1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [36352 2005-03-09] (Advanced Micro Devices)R3 ati2mtag; C:\Windows\System32\DRIVERS\ati2mtag.sys [1412608 2005-12-01] (ATI Technologies Inc.)R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208184 2013-03-29] (AVG Technologies CZ, s.r.o.)R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [60216 2013-02-08] (AVG Technologies CZ, s.r.o.)R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22328 2013-03-01] (AVG Technologies CZ, s.r.o.)R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [170808 2013-02-08] (AVG Technologies CZ, s.r.o.)R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [245048 2013-02-08] (AVG Technologies CZ, s.r.o.)R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [96568 2013-02-08] (AVG Technologies CZ, s.r.o.)R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [39224 2013-02-08] (AVG Technologies CZ, s.r.o.)R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [182072 2013-03-21] (AVG Technologies CZ, s.r.o.)S1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [26984 2012-09-27] ()R3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl5.sys [376320 2005-09-28] (Broadcom Corporation)S3 BTWUSB; C:\Windows\System32\Drivers\btwusb.sys [56648 2005-08-18] (Broadcom Corporation.)R1 eabfiltr; C:\WINDOWS\system32\drivers\EABFiltr.sys [7936 2005-05-05] (Hewlett-Packard Development Company, L.P.)S3 eabusb; C:\WINDOWS\system32\drivers\eabusb.sys [5760 2005-05-05] (Hewlett-Packard Development Company, L.P.)R2 fssfltr; C:\Windows\System32\DRIVERS\fssfltr_tdi.sys [54760 2010-04-28] (Microsoft Corporation)S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2007-03-07] (HP)S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2007-03-07] (HP)S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2007-03-07] (HP)R3 HSFHWATI; C:\Windows\System32\DRIVERS\HSFHWATI.sys [231424 2005-08-22] (Conexant Systems, Inc.)R3 HSF_DPV; C:\Windows\System32\DRIVERS\HSF_DPV.sys [1035008 2005-08-22] (Conexant Systems, Inc.)R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)R2 MCSTRM; C:\Windows\System32\Drivers\MCSTRM.sys [8413 2006-11-15] (RealNetworks, Inc.)S3 MotDev; C:\Windows\System32\DRIVERS\motodrv.sys [42752 2009-05-08] (Motorola Inc)S3 MXOPSWD; C:\Windows\System32\DRIVERS\mxopswd.sys [22152 2007-05-03] (Maxtor Corp.)S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)R2 pnarp; C:\Windows\System32\DRIVERS\pnarp.sys [25392 2009-07-07] (Cisco Systems, Inc.)R2 purendis; C:\Windows\System32\DRIVERS\purendis.sys [26672 2009-07-07] (Cisco Systems, Inc.)S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-04] (Realtek Semiconductor Corporation)S3 TVICHW32; C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [23600 2006-09-21] (EnTech Taiwan)R3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)S1 wceusbsh; C:\Windows\System32\DRIVERS\wceusbsh.sys [31744 2007-11-30] (Microsoft Corporation)S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]S3 Lavasoft Kernexplorer; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [x]S0 Lbd; system32\DRIVERS\Lbd.sys [x]U4 mchInjDrv; \??\C:\DOCUME~1\MOM\LOCALS~1\Temp\mc211.tmp [x]S3 slabbus; system32\DRIVERS\slabbus.sys [x]S3 slabser; system32\DRIVERS\slabser.sys [x]S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [x]U1 WS2IFSL;==================== NetSvcs (Whitelisted) ===================NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)==================== One Month Created Files and Folders ========2013-07-11 17:00 - 2013-07-11 17:00 - 00000000 ___DC C:\FRST2013-07-11 09:34 - 2013-07-11 09:34 - 00000689 ___AC C:\Documents and Settings\MOM\Desktop\eset.txt2013-07-11 09:27 - 2013-07-11 09:27 - 00000000 ___DC C:\Documents and Settings\MOM\My Documents\New Folder2013-07-11 02:59 - 2013-07-11 02:59 - 00000000 ___DC C:\Program Files\ESET2013-07-11 00:32 - 2013-07-11 00:34 - 00000388 ___AC C:\AdwCleaner[s4].txt2013-07-11 00:31 - 2013-07-11 00:31 - 00008124 ___AC C:\AdwCleaner[R3].txt2013-07-10 20:50 - 2013-07-10 20:50 - 00012541 ___AC C:\Documents and Settings\MOM\Desktop\JRT.txt2013-07-10 20:33 - 2013-07-10 20:33 - 00000000 ____D C:\WINDOWS\ERUNT2013-07-10 17:41 - 2013-07-10 19:20 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)2013-07-10 17:32 - 2013-07-11 02:44 - 00000000 ____D C:\WINDOWS\ERDNT2013-07-10 17:31 - 2013-07-10 17:31 - 00000645 ___AC C:\Documents and Settings\MOM\Desktop\NTREGOPT.lnk2013-07-10 17:31 - 2013-07-10 17:31 - 00000626 ___AC C:\Documents and Settings\MOM\Desktop\ERUNT.lnk2013-07-10 17:31 - 2013-04-20 20:10 - 00000985 ____A C:\WINDOWS\win.tmp2013-07-10 17:31 - 2013-02-13 17:07 - 00000227 ____A C:\WINDOWS\system.tmp2013-07-10 17:30 - 2013-07-10 17:31 - 00000000 ___DC C:\Program Files\ERUNT2013-07-06 23:16 - 2013-07-06 23:16 - 00021303 ___AC C:\Documents and Settings\MOM\Desktop\dds.txt2013-07-06 23:16 - 2013-07-06 23:16 - 00017580 ___AC C:\Documents and Settings\MOM\Desktop\attach.txt2013-07-06 09:50 - 2013-07-06 23:19 - 00002318 ____A C:\WINDOWS\setupapi.log2013-07-03 09:32 - 2013-07-06 09:33 - 00000000 ___DC C:\Program Files\Mozilla Firefox2013-07-02 08:35 - 2013-07-02 08:35 - 00000385 ___AC C:\AdwCleaner[s3].txt2013-07-02 01:22 - 2013-07-02 01:22 - 00000385 ___AC C:\AdwCleaner[s2].txt2013-07-02 01:20 - 2013-07-02 01:21 - 00014915 ___AC C:\AdwCleaner[R2].txt2013-07-02 00:45 - 2013-07-02 00:46 - 00000490 ___AC C:\AdwCleaner[s1].txt2013-07-02 00:42 - 2013-07-02 00:42 - 00014876 ___AC C:\AdwCleaner[R1].txt2013-07-01 14:48 - 2013-07-01 14:48 - 00000000 ___DC C:\Documents and Settings\MOM\Application Data\Malwarebytes2013-07-01 14:47 - 2013-07-01 14:48 - 00000000 ___DC C:\Program Files\Malwarebytes' Anti-Malware2013-07-01 14:47 - 2013-07-01 14:47 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\Malwarebytes2013-07-01 14:47 - 2013-04-04 14:50 - 00022856 ____A (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys==================== One Month Modified Files and Folders =======2013-07-11 17:04 - 2013-05-15 02:56 - 02033213 ____A C:\WINDOWS\WindowsUpdate.log2013-07-11 17:00 - 2013-07-11 17:00 - 00000000 ___DC C:\FRST2013-07-11 16:59 - 2010-10-26 08:19 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\MFAData2013-07-11 16:58 - 2008-10-29 22:26 - 00000418 __AHC C:\WINDOWS\Tasks\User_Feed_Synchronization-{B7099585-5F74-4162-8AB5-AF79FCB27C1C}.job2013-07-11 10:23 - 2009-11-06 23:13 - 00000880 ___AC C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job2013-07-11 09:34 - 2013-07-11 09:34 - 00000689 ___AC C:\Documents and Settings\MOM\Desktop\eset.txt2013-07-11 09:29 - 2012-04-10 20:04 - 00000830 ___AC C:\WINDOWS\Tasks\Adobe Flash Player Updater.job2013-07-11 09:27 - 2013-07-11 09:27 - 00000000 ___DC C:\Documents and Settings\MOM\My Documents\New Folder2013-07-11 02:59 - 2013-07-11 02:59 - 00000000 ___DC C:\Program Files\ESET2013-07-11 02:44 - 2013-07-10 17:32 - 00000000 ____D C:\WINDOWS\ERDNT2013-07-11 02:43 - 2005-11-29 00:12 - 00000000 ____D C:\WINDOWS\Registration2013-07-11 02:43 - 2005-08-17 12:39 - 00001158 ___AC C:\WINDOWS\system32\wpa.dbl2013-07-11 02:40 - 2006-02-15 00:56 - 00000062 _ASHC C:\Documents and Settings\MOM\Local Settings\desktop.ini2013-07-11 02:40 - 2005-11-29 00:17 - 00000062 _ASHC C:\Documents and Settings\NetworkService\Local Settings\desktop.ini2013-07-11 02:40 - 2005-11-29 00:17 - 00000062 _ASHC C:\Documents and Settings\LocalService\Local Settings\desktop.ini2013-07-11 02:40 - 2005-08-17 12:39 - 00000006 __AHC C:\WINDOWS\Tasks\SA.DAT2013-07-11 00:34 - 2013-07-11 00:32 - 00000388 ___AC C:\AdwCleaner[s4].txt2013-07-11 00:31 - 2013-07-11 00:31 - 00008124 ___AC C:\AdwCleaner[R3].txt2013-07-10 20:50 - 2013-07-10 20:50 - 00012541 ___AC C:\Documents and Settings\MOM\Desktop\JRT.txt2013-07-10 20:33 - 2013-07-10 20:33 - 00000000 ____D C:\WINDOWS\ERUNT2013-07-10 19:20 - 2013-07-10 17:41 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)2013-07-10 18:00 - 2012-10-12 01:56 - 00000464 ____A C:\WINDOWS\Tasks\SpeedyPC Registration3.job2013-07-10 17:31 - 2013-07-10 17:31 - 00000645 ___AC C:\Documents and Settings\MOM\Desktop\NTREGOPT.lnk2013-07-10 17:31 - 2013-07-10 17:31 - 00000626 ___AC C:\Documents and Settings\MOM\Desktop\ERUNT.lnk2013-07-10 17:31 - 2013-07-10 17:30 - 00000000 ___DC C:\Program Files\ERUNT2013-07-10 17:08 - 2012-02-28 21:34 - 00000284 ___AC C:\WINDOWS\Tasks\AppleSoftwareUpdate.job2013-07-10 13:31 - 2010-05-05 08:26 - 00000820 ___AC C:\WINDOWS\Tasks\Google Software Updater.job2013-07-10 09:04 - 2012-10-12 01:55 - 00000436 ____A C:\WINDOWS\Tasks\SpeedyPC Update Version3.job2013-07-10 09:04 - 2012-10-12 01:54 - 00000392 ____A C:\WINDOWS\Tasks\SpeedyPC Pro.job2013-07-10 07:23 - 2005-08-17 12:39 - 00032540 ____A C:\WINDOWS\SchedLgU.Txt2013-07-10 01:23 - 2009-11-06 23:13 - 00000876 ___AC C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job2013-07-08 23:45 - 2010-08-24 09:03 - 00000000 ___DC C:\Documents and Settings\MOM\Local Settings\Application Data\WeatherBug2013-07-08 13:31 - 2013-01-05 22:10 - 00334810 ___AC C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat2013-07-08 13:31 - 2006-02-15 00:56 - 00000278 __SHC C:\Documents and Settings\MOM\ntuser.ini2013-07-08 13:31 - 2006-02-15 00:56 - 00000000 ___DC C:\Documents and Settings\MOM2013-07-08 09:53 - 2012-10-06 15:05 - 00000736 ___AC C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk2013-07-07 21:43 - 2011-02-04 14:46 - 00000282 ____A C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-820892040-1120259444-1739031538-1005.job2013-07-07 07:10 - 2010-07-13 13:58 - 00000000 ___AC C:\Documents and Settings\MOM\Local Settings\Application Data\prvlcl.dat2013-07-06 23:19 - 2013-07-06 09:50 - 00002318 ____A C:\WINDOWS\setupapi.log2013-07-06 23:16 - 2013-07-06 23:16 - 00021303 ___AC C:\Documents and Settings\MOM\Desktop\dds.txt2013-07-06 23:16 - 2013-07-06 23:16 - 00017580 ___AC C:\Documents and Settings\MOM\Desktop\attach.txt2013-07-06 09:40 - 2005-11-29 00:12 - 00000000 ___DC C:\Documents and Settings\Administrator2013-07-06 09:36 - 2012-11-26 09:12 - 00000000 ___DC C:\Program Files\Mozilla Maintenance Service2013-07-06 09:33 - 2013-07-03 09:32 - 00000000 ___DC C:\Program Files\Mozilla Firefox2013-07-02 08:35 - 2013-07-02 08:35 - 00000385 ___AC C:\AdwCleaner[s3].txt2013-07-02 01:22 - 2013-07-02 01:22 - 00000385 ___AC C:\AdwCleaner[s2].txt2013-07-02 01:21 - 2013-07-02 01:20 - 00014915 ___AC C:\AdwCleaner[R2].txt2013-07-02 00:46 - 2013-07-02 00:45 - 00000490 ___AC C:\AdwCleaner[s1].txt2013-07-02 00:42 - 2013-07-02 00:42 - 00014876 ___AC C:\AdwCleaner[R1].txt2013-07-01 16:42 - 2005-08-17 12:21 - 00656224 ___AC C:\WINDOWS\system32\PerfStringBackup.INI2013-07-01 16:29 - 2006-02-16 21:55 - 00000000 ____D C:\WINDOWS\OPTIONS2013-07-01 14:48 - 2013-07-01 14:48 - 00000000 ___DC C:\Documents and Settings\MOM\Application Data\Malwarebytes2013-07-01 14:48 - 2013-07-01 14:47 - 00000000 ___DC C:\Program Files\Malwarebytes' Anti-Malware2013-07-01 14:47 - 2013-07-01 14:47 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\Malwarebytes2013-06-21 03:15 - 2012-12-23 00:49 - 00000000 ___DC C:\Documents and Settings\MOM\Application Data\HpUpdate2013-06-17 13:56 - 2006-04-15 16:41 - 00000000 ___DC C:\Documents and Settings\MOM\Desktop\Unused Desktop Shortcuts2013-06-17 13:07 - 2013-05-03 02:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallwinusb0100$2013-06-17 13:07 - 2011-10-05 15:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$2013-06-17 13:07 - 2009-06-01 21:11 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01007$2013-06-17 13:07 - 2008-06-06 22:01 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01005$2013-06-17 13:07 - 2007-03-24 22:55 - 00000000 __HDC C:\WINDOWS\$NtUninstallWIC$2013-06-17 13:07 - 2006-12-23 22:52 - 00000000 __HDC C:\WINDOWS\$NtUninstallMSCompPackV1$2013-06-17 13:07 - 2006-12-23 22:50 - 00000000 __HDC C:\WINDOWS\$NtUninstallWudf01000$2013-06-17 13:07 - 2006-12-23 22:50 - 00000000 __HDC C:\WINDOWS\$NtUninstallWMFDist11$2013-06-17 13:07 - 2006-11-29 15:35 - 00000000 __HDC C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$2013-06-17 13:07 - 2006-11-29 15:35 - 00000000 __HDC C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$2013-06-17 11:23 - 2013-01-11 11:05 - 01091565 ___AC C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-820892040-1120259444-1739031538-1005-0.dat2013-06-11 22:31 - 2012-04-10 20:04 - 00692104 ___AC (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe2013-06-11 22:31 - 2011-05-14 23:07 - 00071048 ___AC (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl==================== Bamital & volsnap Check =================C:\Windows\explorer.exe[2004-08-10 10:00] - [2007-12-01 01:26] - 1033728 ____A (Microsoft Corporation) e0ee428f4777a3cd8760bad61f87abedC:\Windows\System32\winlogon.exe[2004-08-10 10:00] - [2007-12-01 01:26] - 0507904 ____A (Microsoft Corporation) 45ffe966290b9c4ba659325561de4830C:\Windows\System32\svchost.exe[2004-08-10 10:00] - [2007-12-01 01:26] - 0014336 ____A (Microsoft Corporation) 0c82b0ae50bb2bc8a96a753f4edc495fC:\Windows\System32\services.exe[2004-08-10 10:00] - [2007-12-01 01:26] - 0108544 ____A (Microsoft Corporation) 76727219614a50b2db29bd0cda4260d5C:\Windows\System32\User32.dll[2004-08-10 10:00] - [2007-12-01 01:26] - 0578560 ____A (Microsoft Corporation) 6c74c62ecdc3981a7f1f8f1656b27871C:\Windows\System32\userinit.exe[2004-08-10 10:00] - [2012-04-10 20:04] - 0026112 ___AC (Microsoft Corporation) 813b2e9c4caea05fba51a442fab7a95dC:\Windows\System32\Drivers\volsnap.sys[2004-08-10 10:00] - [2007-11-30 18:25] - 0052352 ___AC (Microsoft Corporation) 2abf037f9d447424b58d73706b55b762==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-07-2013 02Ran by MOM at 2013-07-11 17:04:54Running from C:\Documents and Settings\MOM\My Documents\downloadsBoot Mode: Normal==========================================================32 Bit HP CIO Components Installer (Version: 2.1.5)7-Zip 9.20Acrobat.com (Version: 2.1.0)Acrobat.com (Version: 2.1.0.0)Ad-Aware (Version: 8.0.0)Ad-Aware Browsing Protection (Version: 0.9.0.3)Adobe AIR (Version: 1.5.3.9130)Adobe Flash Player 10 ActiveX (Version: 10.0.22.87)Adobe Flash Player 11 Plugin (Version: 11.7.700.224)Adobe Help Center 2.0 (Version: 2.0.0)Adobe Photoshop Elements 4.0 (Version: 4.0)Adobe Reader X (10.1.7) (Version: 10.1.7)Advanced SystemCare 3 (Version: 3.4.1)AI RoboForm (All Users)AIO_Scan (Version: 90.0.189.000)AOL Uninstaller (Choose which Products to Remove)Apple Application Support (Version: 2.1.5)Apple Mobile Device Support (Version: 2.6.0.32)Apple Software Update (Version: 2.1.3.127)Athlon 64 Processor Driver (Version: 1.2.2.2)ATI - Software Uninstall Utility (Version: 6.14.10.1014)ATI Control Panel (Version: 6.14.10.5173)ATI Display Driver (Version: 8.202-051201a2-029034C-HP)AVG 2012 (Version: 12.0.1913)AVG 2012 (Version: 12.0.2171)AVG 2012 (Version: 12.0.2433)AVG 2013 (Version: 13.0.3204)AVG 2013 (Version: 13.0.3349)AVG 2013 (Version: 2013.0.3349)BlackBerry App World Browser Plugin (Version: 3.1.1.4)BlackBerry Desktop Software 7.1 (Version: 7.1.0.32)BlackBerry Device Software Updater (Version: 6.0.1.37)Broadcom 802.11 Wireless LAN Adapter (Version: 4.100.15.5)BufferChm (Version: 90.0.146.000)C7200 (Version: 90.0.189.000)C7200_doccd (Version: 90.0.189.000)c7200_Help (Version: 90.0.189.000)CameraDrivers (Version: 5.0.0.328)Celestia 1.4.0Cisco Network Magic (Version: 5.5.09195.0)Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)Conexant AC-Link AudioCopy (Version: 90.0.146.000)Dannon Recipe Box 1.0.0.27Destination Component (Version: 090.000.091.086)DeviceDiscovery (Version: 110.0.180.000)DocProc (Version: 9.0.0.0)DocProcQFolder (Version: 1.00.0000)Drive Manager (Version: 1.00.0012)Duplicate Photo CleanerDVD Shrink 3.2EdgeStreamClient 2.2.5.0ERUNT 1.1jESET Online Scanner v3Evernote v. 4.6.6 (Version: 4.6.6.8360)Fax (Version: 120.0.194.000)FLV PlayerForm Fill (Windows Live Toolbar) (Version: 03.01.0146)Gaps Solitaire 1.1.0 (Version: 1.1.0)getPlus® for Adobe (Version: 1.5.2.35)Google Toolbar for Internet Explorer (Version: 1.0.0)Google Toolbar for Internet Explorer (Version: 7.5.4209.2358)Google Update Helper (Version: 1.3.21.149)Google Updater (Version: 2.4.2432.1652)HP BatteryCheck 1.00 A7 (Version: 1.00 A7)HP Help and Support (Version: 4.1.0008)HP Photosmart 330,380,420,470,7800,8000,8200 Series (Version: 8.1)HP Photosmart Essential2.01 (Version: 1.01.0000)HP Product Assistant (Version: 100.000.001.000)HP Smart Web Printing (Version: 2.15.7.0)HP Update (Version: 5.003.001.001)HP User Guides 0008 (Version: 1.05.0000)HP Wireless Assistant 1.01 C1 (Version: 1.01 C1)HP_Network_UserGuide (Version: 1.00.0000)HPProductAssistant (Version: 90.0.146.000)HpSdpAppCoreApp (Version: 3.00.0000)HPSSupply (Version: 2.2.0.0000)InterVideo WinDVD (Version: 5.0-B11.662)Java Auto Updater (Version: 2.1.9.0)Java 6 Update 31 (Version: 6.0.310)Junk Mail filter update (Version: 14.0.8117.416)JustCloud Setup (Version: 1.0.0.08)Lavasoft Personal Firewall 1.0 (Version: 1.0)Learn2 Player (Uninstall Only)LightScribe 1.4.105.1 (Version: 1.4.105.1)Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)Map Button (Windows Live Toolbar) (Version: 03.01.0146)MarketResearch (Version: 90.0.146.000)Maxtor Manager (Version: 4.01.0303)Microsoft .NET Framework 1.1 (Version: 1.1.4322)Microsoft .NET Framework 1.1 Hotfix (KB928366)Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)Microsoft .NET Framework 3.5 SP1Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)Microsoft .NET Framework 4 Extended (Version: 4.0.30320)Microsoft Application Error Reporting (Version: 12.0.6012.5000)Microsoft Choice Guard (Version: 2.0.48.0)Microsoft IntelliPoint 7.0 (Version: 7.0.260.0)Microsoft Location Finder (Version: 3.0)Microsoft Office 2007 Service Pack 2 (SP2)Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)Microsoft Office OneNote 2007 (Version: 12.0.6425.1000)Microsoft Office OneNote 2007 Trial (Version: 12.0.6425.1000)Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)Microsoft Office Outlook 2007 (Version: 12.0.6425.1000)Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (Version: 12.0.4518.1014)Microsoft Search Enhancement Pack (Version: 3.0.127.0)Microsoft Silverlight (Version: 4.0.60129.0)Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6425.1000)Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)Microsoft VC9 runtime libraries (Version: 1.0.0)Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60816.0)Microsoft Works (Version: 08.04.0623)Motorola Phone Tools (Version: 4.30)Motorola Phone Tools (Version: 5.00)Move Networks Media Player for Internet ExplorerMozilla Firefox 17.0 (x86 en-US) (Version: 17.0)Mozilla Maintenance Service (Version: 22.0)MSNMSVC80_x86 (Version: 1.0.1.0)MSVCRT (Version: 14.0.1468.721)MSXML 4.0 SP2 (KB925672) (Version: 4.20.9839.0)MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)MSXML 6.0 Parser (Version: 6.10.1129.0)muvee autoProducer 4.0 - SE (Version: 4.00.050)MyFreeCodecneroxml (Version: 1.0.0)NetDeviceManager (Version: 90.0.146.000)NetDeviceManager (Version: 90.0.192.000)NetWaiting (Version: 2.5.25)Network Magic (Version: 5.5.9195.0)NTI Backup Now EZ (Version: 2.5.2.56)Octoshape add-in for Adobe Flash PlayerOctoshape Streaming ServicesOneCare Advisor (Windows Live Toolbar) (Version: 03.01.0159.04)OpenOffice.org Installer 1.0 (Version: 1.0.9221)OutlookTools 2 (Version: 2.1.0)PanoStandAlone (Version: 90.0.146.000)PC Connectivity Solution (Version: 9.13.1.0)PC Pitstop Driver Alert2 2.0.0.0 (Version: 2.0.0.0)PC World ToolbarPicasa 3 (Version: 3.9)Popup Blocker (Windows Live Toolbar) (Version: 03.01.0146)Post-it® Software Notes LitePrint Screen DeluxePS_AIO_02_ProductContext (Version: 90.0.189.000)PS_AIO_02_Software (Version: 90.0.189.000)PS_AIO_02_Software_min (Version: 90.0.189.000)PS8200 (Version: 8.01.0000)PSPrinters08 (Version: 8.01.0000)PSSWCORE (Version: 2.01.0000)PSTAPlugin (Version: 8.01.0000)Pure Networks Platform (Version: 11.2.09195.1)Quick Launch Buttons 5.20 G1 (Version: 5.20 G1)QuickTime (Version: 7.71.80.42)RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)RealPlayerREALTEK Gigabit and Fast Ethernet NIC Driver (Version: 1.80)RealUpgrade 1.1 (Version: 1.1.0)Rhapsody Player Engine (Version: 1.0.604)Rhapsody Player Engine (Version: 1.1.0)Samsung Kies (Version: 2.5.3.13043_14)SAMSUNG USB Driver for Mobile Phones (Version: 1.5.23.0)Scan (Version: 9.0.0.0)Segoe UI (Version: 14.0.4327.805)Smart Menus (Windows Live Toolbar) (Version: 03.01.0146)SMS-it Outlook InterfaceSMS-it!Soft Data Fax Modem with SmartCPSolutionCenter (Version: 90.0.146.000)Sonic Audio Module (Version: 2.0.0.1)Sonic Copy Module (Version: 2.0.0.1)Sonic Data Module (Version: 2.0.0.1)Sonic Express Labeler (Version: 2.0.0)Sonic MyDVD Plus (Version: 6.1.3)Sonic Update Manager (Version: 3.0.0)SonicAC3Encoder (Version: 1.00.0000)SonicMPEGEncoder (Version: 1.00.0000)SpeedyPC Pro (Version: 3.1.10.0)Spybot - Search & Destroy (Version: 1.6.2)Spybot - Search & Destroy 1.5.2.20Spyware Doctor 3.2 (Version: 3.2)Status (Version: 110.0.180.000)Texas Instruments PCIxx21/x515/xx12 drivers. (Version: 1.20.0000)The Weather Channel AppTIPCI (Version: 1.20.0000)Toolbox (Version: 90.0.146.000)TrayApp (Version: 110.0.180.000)TrillianU3Launcher (Version: 1.0.0)Uniblue RegistryBooster 2Unity Web Player (HKCU Version: )Unix Utilities for Yahoo! WidgetsUnload (Version: 5.0.0)UnloadSupport (Version: 9.0.0)Update for 2007 Microsoft Office System (KB967642)Update for Microsoft Office OneNote 2007 (KB980729)Update for Microsoft Office Outlook 2007 (KB2412171)Update for Outlook 2007 Junk Email Filter (KB2508979)Update Rollup 2 for Windows XP Media Center Edition 2005URGE (Version: 1.1.8115.0)VideoToolkit01 (Version: 90.0.146.000)Viewpoint Manager (Remove Only)Viewpoint Media PlayerViewpoint Toolbar V35 (Remove Only)Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)Visual Studio 2005 Tools for Office Second Edition RuntimeWeatherBug (Version: 7.0.0.7)WebEx Support Manager for Internet Explorer (Version: 6.5.4917)WebFldrs XP (Version: 9.50.7523)WebReg (Version: 90.0.146.000)Widevine Media Transformer Plugin 5.0.0 (Version: 5.0.0.4679)Winamp (remove only)Windows Driver Package - Nokia Modem (03/05/2008 3.7) (Version: 03/05/2008 3.7)Windows Driver Package - Nokia Modem (03/13/2008 6.86.0.1) (Version: 03/13/2008 6.86.0.1)Windows Driver Package - Nokia Modem (05/22/2008 3.8) (Version: 05/22/2008 3.8)Windows Driver Package - Nokia Modem (05/22/2008 7.00.0.1) (Version: 05/22/2008 7.00.0.1)Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0018.5)Windows Genuine Advantage Validation Tool (KB892130)Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0036.0)Windows Internet Explorer 7 (Version: 20061107.210142)Windows Internet Explorer 8 (Version: 20090308.140743)Windows Live Communications Platform (Version: 14.0.8117.416)Windows Live Essentials (Version: 14.0.8117.0416)Windows Live Essentials (Version: 14.0.8117.416)Windows Live Family Safety (Version: 14.0.8118.427)Windows Live Favorites for Windows Live Toolbar (Version: 03.01.0130)Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)Windows Live Mail (Version: 14.0.8117.0416)Windows Live Outlook Toolbar (Windows Live Toolbar) (Version: 03.01.0146)Windows Live Photo Gallery (Version: 14.0.8117.416)Windows Live Toolbar (Version: 14.0.8117.416)Windows Live Toolbar Extension (Windows Live Toolbar) (Version: 03.01.0146)Windows Live Toolbar Feed Detector (Windows Live Toolbar) (Version: 03.01.0146)Windows Live Upload Tool (Version: 14.0.8014.1029)Windows Live Writer (Version: 14.0.8117.0416)Windows Media Format 11 runtimeWindows Media Player 11Windows Media Player Firefox Plugin (Version: 1.0.0.8)Wireless Home Network Setup (Version: 1.1.154.1)Yahoo! Widgets (Version: 4.5.2.0)Zinio Reader ==================== Restore Points =========================14-04-2013 00:42:34 SpeedyPC Pro Backup16-04-2013 06:08:40 Removed Evernote v. 4.6.216-04-2013 06:13:16 Installed Evernote v. 4.6.420-04-2013 17:20:31 SpeedyPC Pro Backup01-05-2013 13:30:05 SpeedyPC Pro Backup03-05-2013 06:54:02 Installed Samsung Kies03-05-2013 07:22:50 Installed Windows XP winusb0100.04-05-2013 13:48:28 SpeedyPC Pro Backup08-05-2013 11:58:49 SpeedyPC Pro Backup15-05-2013 04:55:02 System Checkpoint15-05-2013 07:54:30 SpeedyPC Pro Backup23-05-2013 04:07:47 SpeedyPC Pro Backup25-05-2013 13:45:00 SpeedyPC Pro Backup30-05-2013 04:39:39 SpeedyPC Pro Backup16-06-2013 00:25:18 Removed Evernote v. 4.6.416-06-2013 00:26:23 Installed Evernote v. 4.6.619-06-2013 15:07:18 SpeedyPC Pro Backup04-07-2013 09:49:03 System Checkpoint05-07-2013 15:22:57 System Checkpoint06-07-2013 14:32:49 SpeedyPC Pro Backup11-07-2013 10:54:27 System Checkpoint==================== Hosts content: ==========================2004-08-10 10:00 - 2008-02-15 09:20 - 00224678 ____C C:\WINDOWS\system32\Drivers\etc\hosts127.0.0.1 localhost127.0.0.1 www.007guard.com127.0.0.1 007guard.com127.0.0.1 008i.com127.0.0.1 www.008k.com127.0.0.1 008k.com127.0.0.1 www.00hq.com127.0.0.1 00hq.com127.0.0.1 010402.com127.0.0.1 www.032439.com127.0.0.1 032439.com127.0.0.1 www.1001-search.info127.0.0.1 1001-search.info127.0.0.1 www.100888290cs.com127.0.0.1 100888290cs.com127.0.0.1 www.100sexlinks.com127.0.0.1 100sexlinks.com127.0.0.1 www.10sek.com127.0.0.1 10sek.com127.0.0.1 www.123topsearch.com127.0.0.1 123topsearch.com127.0.0.1 www.132.com127.0.0.1 132.com127.0.0.1 www.136136.net127.0.0.1 136136.net127.0.0.1 www.139mm.com127.0.0.1 139mm.com127.0.0.1 www.163ns.com127.0.0.1 163ns.comThere are 1000 more lines.==================== Scheduled Tasks (whitelisted) =============Task: C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job => ?Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exeTask: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_rundll32_exe.job => C:\WINDOWS\system32\rundll32.exeTask: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-820892040-1120259444-1739031538-1005.job => C:\Program Files\Real\RealUpgrade\realupgrade.exeTask: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-820892040-1120259444-1739031538-1005.job => C:\Program Files\Real\RealUpgrade\realupgrade.exeTask: C:\WINDOWS\Tasks\SpeedyPC Pro.job => C:\Program Files\SpeedyPC Software\SpeedyPC\SpeedyPC.exeTask: C:\WINDOWS\Tasks\SpeedyPC Registration3.job => C:\WINDOWS\system32\rundll32.exeTask: C:\WINDOWS\Tasks\SpeedyPC Update Version3 Startup Task.job => C:\Program Files\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exeTask: C:\WINDOWS\Tasks\SpeedyPC Update Version3.job => C:\Program Files\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exeTask: C:\WINDOWS\Tasks\User_Feed_Synchronization-{B7099585-5F74-4162-8AB5-AF79FCB27C1C}.job => C:\WINDOWS\system32\msfeedssync.exe==================== Faulty Device Manager Devices =============Name: 1394 Net AdapterDescription: 1394 Net AdapterClass Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: NIC1394Problem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.Name: Photosmart C7200 seriesDescription: Photosmart C7200 seriesClass Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}Manufacturer: HPService:Problem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.Name: Nokia 6085Description: Nokia Windows Portable Device DriverClass Guid: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}Manufacturer: NokiaService: WUDFRdProblem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.Name: Nokia 6085Description: Nokia 6085Class Guid: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}Manufacturer: NokiaService: WUDFRdProblem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.==================== Event log errors: =========================Application errors:==================Error: (07/09/2013 00:35:48 AM) (Source: Windows Search Service) (User: )Description: 10x80070002Error: (07/09/2013 00:31:22 AM) (Source: Windows Search Service) (User: )Description: 10x80070002Error: (07/09/2013 00:29:01 AM) (Source: Windows Search Service) (User: )Description: 10x80070002Error: (07/09/2013 00:28:00 AM) (Source: Windows Search Service) (User: )Description: 10x80070002Error: (07/09/2013 00:27:26 AM) (Source: Windows Search Service) (User: )Description: 10x80070002Error: (07/09/2013 00:27:09 AM) (Source: Windows Search Service) (User: )Description: 10x80070002Error: (07/06/2013 09:39:26 AM) (Source: Windows Search Service) (User: )Description: 10x80070002Error: (07/04/2013 11:33:42 PM) (Source: Windows Search Service) (User: )Description: 10x80070002Error: (07/04/2013 08:17:55 AM) (Source: Windows Search Service) (User: )Description: 10x80070002Error: (07/04/2013 08:13:51 AM) (Source: Windows Search Service) (User: )Description: 10x80070002System errors:=============Error: (07/11/2013 02:46:17 AM) (Source: DCOM) (User: NT AUTHORITY)Description: The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register with DCOM within the required timeout.Error: (07/11/2013 02:43:45 AM) (Source: DCOM) (User: NT AUTHORITY)Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.Error: (07/11/2013 02:43:18 AM) (Source: Service Control Manager) (User: )Description: The following boot-start or system-start driver(s) failed to load:avgtpLbdError: (07/11/2013 02:43:18 AM) (Source: Service Control Manager) (User: )Description: The HP CUE DeviceDiscovery Service service hung on starting.Error: (07/11/2013 02:41:32 AM) (Source: Service Control Manager) (User: )Description: The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).Error: (07/11/2013 02:41:32 AM) (Source: Service Control Manager) (User: )Description: The Kodak Camera Connection Software service failed to start due to the following error:%%2Error: (07/11/2013 02:40:13 AM) (Source: DCOM) (User: NT AUTHORITY)Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.Error: (07/11/2013 01:00:22 AM) (Source: BROWSER) (User: )Description: The browser was unable to update the service status bits. The data is the error.Error: (07/09/2013 11:13:45 PM) (Source: WPDMTPDriver) (User: )Description: MTP WPD Driver has failed to start. Error 0x8007048f.Error: (07/09/2013 11:13:42 PM) (Source: Service Control Manager) (User: )Description: The Pure Networks Platform Service service terminated unexpectedly. It has done this 1 time(s).Microsoft Office Sessions:=========================Error: (02/25/2012 11:47:11 PM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 2180 seconds with 1440 seconds of active time. This session ended with a crash.Error: (08/16/2011 10:08:20 PM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 335 seconds with 240 seconds of active time. This session ended with a crash.Error: (02/15/2011 09:29:06 AM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1730 seconds with 420 seconds of active time. This session ended with a crash.Error: (12/28/2010 08:33:33 PM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6548.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 31632 seconds with 2040 seconds of active time. This session ended with a crash.Error: (11/25/2010 00:10:52 AM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 830 seconds with 300 seconds of active time. This session ended with a crash.Error: (09/15/2010 03:50:10 PM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 33 seconds with 0 seconds of active time. This session ended with a crash.Error: (09/11/2010 00:01:36 AM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 891 seconds with 480 seconds of active time. This session ended with a crash.Error: (06/14/2010 07:42:22 PM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 20021 seconds with 1680 seconds of active time. This session ended with a crash.Error: (02/24/2010 10:03:05 AM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 56 seconds with 0 seconds of active time. This session ended with a crash.Error: (02/24/2010 10:01:29 AM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2902 seconds with 1500 seconds of active time. This session ended with a crash.==================== Memory info ===========================Percentage of memory in use: 88%Total physical RAM: 1022.17 MBAvailable physical RAM: 115.13 MBTotal Pagefile: 2459.48 MBAvailable Pagefile: 1369.39 MBTotal Virtual: 2047.88 MBAvailable Virtual: 1952.35 MB==================== Drives ================================Drive c: () (Fixed) (Total:74.32 GB) (Free:13.8 GB) NTFS ==>[Drive with boot components (Windows XP)]Drive d: (Under the Horse) (CDROM) (Total:1.85 GB) (Free:0 GB) UDF==================== MBR & Partition Table ==========================================================================Disk: 0 (Size: 75 GB) (Disk ID: 16351635)Partition 1: (Active) - (Size=74 GB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=204 MB) - (Type=88)==================== End Of Log ============================ Link to post Share on other sites More sharing options...
jules4dee Posted July 13, 2013 Author ID:702241 Share Posted July 13, 2013 Is there anything else I need to do? I have completed all the scans you wanted! Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 13, 2013 Root Admin ID:702254 Share Posted July 13, 2013 Please uninstall the following software. Once done if you want to install the latest versions you can.If any of them require a license or registration please ensure you have that before removing.Go to your Control Panel, Programs, Add/RemoveAd-AwareAd-Aware Browsing ProtectionAOL ToolbarAVG Secure SearchGoogle Toolbar for Internet ExplorerPC World ToolbarSpeedyPC ProSpybot - Search & Destroy (Version: 1.6.2)Spybot - Search & Destroy 1.5.2.20Spyware Doctor 3.2 (Version: 3.2)Viewpoint ToolbarWindows Live ToolbarYahoo! ToolbarESET Online Scanner v3MyFreeCodecThese programs are old and are exploited you need to uninstall them and if possible simply don't use Java.Java Auto UpdaterJava™ 6 Update 31Your version of Mozilla Firefox 17.0 is out of date. You need to update it.This software is pretty much Snake Oil and can cause more harm to your computer than good. You should uninstall it.Uniblue RegistryBooster 2Do I need a Windows Registry Cleaner?Advanced SystemCare 3The company behind this product was found to be stealing our database.Personally I would not trust installing any software from a company that resorts to stealing someone's technology to sell their product.Please see the following links and make up your own mind if you want to keep this on your system. If needed I can help you remove it.IOBit Steals Malwarebytes' Intellectual PropertyIOBit's Denial of Theft UnconvincingIOBit Theft ConclusionIObit: Trusting Your Antivirus VendorMalwarebytes: IObit Stole Our Signatures DatabaseIObit accused of stealing from Malwarebytes Once you've removed all of these programs then please run the following.Please download the attached fixlist.txt file and save it to the Desktop.NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.Run FRST or FRST64 and press the Fix button just once and wait.If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.Note: If the tool warned you about an outdated version please download and run the updated version. Then reboot the computer and let me know how it's running now and if there are still any signs of an infection or other issue Thanks fixlist.txt Link to post Share on other sites More sharing options...
jules4dee Posted July 14, 2013 Author ID:702546 Share Posted July 14, 2013 I think I removed everything on the list. I forgot to restart the computer before I ran the fix so, I ran it a second time after the restart. Hope that doesn't matter. I also removed the items in the step 5 log, as you suggested.Here is the FRST log: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 14-07-2013Ran by MOM at 2013-07-14 00:15:37 Run:2Running from C:\Documents and Settings\MOM\DesktopBoot Mode: Normal==============================================HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{0A94B116-4504-4e26-AB05-E61E474AA38B} => Value not found.HKCR\CLSID\{0A94B116-4504-4e26-AB05-E61E474AA38B} => Key not found.HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} => Key not found.HKCR\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E} => Key not found.HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B3FFF406-BFAB-4CAA-860B-3B02B85CB42E} => Key not found.HKCR\CLSID\{B3FFF406-BFAB-4CAA-860B-3B02B85CB42E} => Key not found.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => Key not found.HKCR\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => Key not found.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} => Key not found.HKCR\CLSID\{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} => Key not found.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7327C09-B521-4EDB-8509-7D2660C9EC98} => Key not found.HKCR\CLSID\{A7327C09-B521-4EDB-8509-7D2660C9EC98} => Key not found.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B56A7D7D-6927-48C8-A975-17DF180C71AC} => Key not found.HKCR\CLSID\{B56A7D7D-6927-48C8-A975-17DF180C71AC} => Key not found.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B8FC7AE4-FD8B-477c-B1BD-DE14280DECAF} => Key not found.HKCR\CLSID\{B8FC7AE4-FD8B-477c-B1BD-DE14280DECAF} => Key not found.HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{4982D40A-C53B-4615-B15B-B5B5E98D167C} => Value not found.HKCR\CLSID\{4982D40A-C53B-4615-B15B-B5B5E98D167C} => Key not found.HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{F8AD5AA5-D966-4667-9DAF-2561D68B2012} => Value not found.HKCR\CLSID\{F8AD5AA5-D966-4667-9DAF-2561D68B2012} => Key not found.HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Value not found.HKCR\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Key not found.HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} => Value not found.HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Value not found.HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Key not found.HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value not found.HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} => Value not found.HKCR\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} => Key not found.HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4982D40A-C53B-4615-B15B-B5B5E98D167C} => Value not found.HKCR\CLSID\{4982D40A-C53B-4615-B15B-B5B5E98D167C} => Key not found.HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} => Value not found.HKCR\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} => Key not found.HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4982D40A-C53B-4615-B15B-B5B5E98D167C} => Value not found.HKCR\CLSID\{4982D40A-C53B-4615-B15B-B5B5E98D167C} => Key not found.HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} => Value not found.HKCR\CLSID\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} => Key not found.HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} => Value not found.HKCR\CLSID\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} => Key not found.HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} => Value not found.HKCR\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} => Key not found.HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => Value not found.HKCR\CLSID\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => Key not found.HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value not found.HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Value not found.HKCR\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Key not found.HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Value not found.HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Key not found.HKCR\CLSID\{0E5F0222-96B9-11D3-8997-00104BD12D94} => Key not found.HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93} => Key deleted successfully.HKCR\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} => Key not found.HKCR\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} => Key deleted successfully.HKCR\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} => Key deleted successfully.HKCR\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} => Key not found.HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => Key deleted successfully.HKCR\CLSID\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C} => Key not found.HKCR\CLSID\{FFB3A759-98B1-446F-BDA9-909C6EB18CC7} => Key not found.HKCR\PROTOCOLS\Handler\linkscanner => Key not found.HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => Key not found.HKCR\PROTOCOLS\Filter\x-sdch => Key not found.HKCR\CLSID\{B1759355-3EEC-4C1E-B0F1-B719FE26E377} => Key not found.AVG Security Toolbar Service => Service not found.vToolbarUpdater13.0.0 => Service not found.JavaQuickStarterService => Service not found."C:\WINDOWS\Tasks\User_Feed_Synchronization-{B7099585-5F74-4162-8AB5-AF79FCB27C1C}.job" => File/Directory not found."C:\AdwCleaner[s4].txt" => File/Directory not found."C:\AdwCleaner[R3].txt" => File/Directory not found."C:\AdwCleaner[s3].txt" => File/Directory not found."C:\AdwCleaner[s2].txt" => File/Directory not found."C:\AdwCleaner[R2].txt" => File/Directory not found."C:\AdwCleaner[s1].txt" => File/Directory not found."C:\AdwCleaner[R1].txt" => File/Directory not found."C:\AdwCleaner[s4].txt" => File/Directory not found."C:\AdwCleaner[R3].txt" => File/Directory not found.C:\WINDOWS\Tasks\Google Software Updater.job => Moved successfully."C:\WINDOWS\Tasks\SpeedyPC Update Version3.job" => File/Directory not found."C:\WINDOWS\Tasks\SpeedyPC Pro.job" => File/Directory not found."C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job" => File/Directory not found."C:\WINDOWS\Tasks\SpeedyPC Update Version3.job" => File/Directory not found."C:\WINDOWS\Tasks\SpeedyPC Pro.job" => File/Directory not found."C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job" => File/Directory not found.C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job not found.C:\WINDOWS\Tasks\Google Software Updater.job not found.C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job not found.C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job not found.C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_rundll32_exe.job not found.C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-820892040-1120259444-1739031538-1005.job not found.C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-820892040-1120259444-1739031538-1005.job not found.C:\WINDOWS\Tasks\SpeedyPC Pro.job not found.C:\WINDOWS\Tasks\SpeedyPC Registration3.job not found.C:\WINDOWS\Tasks\SpeedyPC Update Version3 Startup Task.job not found.C:\WINDOWS\Tasks\SpeedyPC Update Version3.job not found.C:\WINDOWS\Tasks\User_Feed_Synchronization-{B7099585-5F74-4162-8AB5-AF79FCB27C1C}.job not found.==== End of Fixlog ==== Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 15, 2013 Root Admin ID:702837 Share Posted July 15, 2013 Looks good. Okay, please run the following items and post back new logs. Please run the following scanner and send back the logs.Download DDS from one of the locations below and save to your Desktopdds.scrdds.comTemporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware ProgramsOnce downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.Then double click dds.scr or dds.com to run the tool.Click the Run button if prompted with an Open File - Security Warning dialog box.A black DOS console should open and run for a moment. When done, DDS will open two (2) logs:DDS.txt Attach.txtSave both reports to your desktop Please include the following logs in your next reply as an attachment: DDS.txt and Attach.txtYou can ignore the note about zipping the Attach.txt file Next, Please download MiniToolBox save it to your desktop and run it.Checkmark the following check-boxes:Flush DNS Report IE Proxy Settings Reset IE Proxy Settings Report FF Proxy Settings Reset FF Proxy Settings List content of Hosts List IP configuration List Winsock Entries List last 10 Event Viewer log List Installed Programs List Devices List Users, Partitions and Memory size. List Minidump FilesClick Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using Reset FF Proxy Settings option Firefox should be closed. Next, download Security Check from here or here.Save it to your Desktop. Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document. Thanks Link to post Share on other sites More sharing options...
jules4dee Posted July 16, 2013 Author ID:703626 Share Posted July 16, 2013 Ok, Here we go: attach.txt .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows XP ProfessionalBoot Device: \Device\HarddiskVolume1Install Date: 2/14/2006 11:54:59 PMSystem Uptime: 7/14/2013 5:05:42 AM (58 hours ago).Motherboard: Hewlett-Packard | | 30A4Processor: AMD Turion 64 Mobile Technology ML-40 | U23 | 1575/mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 74 GiB total, 13.982 GiB free.D: is CDROM (UDF).==== Disabled Device Manager Items =============.Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}Description: 1394 Net AdapterDevice ID: V1394\NIC1394\CE84407D613F0200Manufacturer: MicrosoftName: 1394 Net AdapterPNP Device ID: V1394\NIC1394\CE84407D613F0200Service: NIC1394.Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}Description: Photosmart C7200 seriesDevice ID: ROOT\MULTIFUNCTION\0000Manufacturer: HPName: Photosmart C7200 seriesPNP Device ID: ROOT\MULTIFUNCTION\0000Service:.Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}Description: Nokia Windows Portable Device DriverDevice ID: ROOT\WPD\0000Manufacturer: NokiaName: Nokia 6085PNP Device ID: ROOT\WPD\0000Service: WUDFRd.Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}Description: Nokia 6085Device ID: ROOT\WPD\0001Manufacturer: NokiaName: Nokia 6085PNP Device ID: ROOT\WPD\0001Service: WUDFRd.==== System Restore Points ===================.RP34: 4/20/2013 12:20:31 PM - SpeedyPC Pro BackupRP35: 5/1/2013 8:30:05 AM - SpeedyPC Pro BackupRP36: 5/3/2013 1:54:02 AM - Installed Samsung KiesRP37: 5/3/2013 2:22:50 AM - Installed Windows XP winusb0100.RP38: 5/4/2013 8:48:28 AM - SpeedyPC Pro BackupRP39: 5/8/2013 6:58:49 AM - SpeedyPC Pro BackupRP40: 5/14/2013 11:55:02 PM - System CheckpointRP41: 5/15/2013 2:54:30 AM - SpeedyPC Pro BackupRP42: 5/22/2013 11:07:47 PM - SpeedyPC Pro BackupRP43: 5/25/2013 8:45:00 AM - SpeedyPC Pro BackupRP44: 5/29/2013 11:39:39 PM - SpeedyPC Pro BackupRP45: 6/15/2013 7:25:18 PM - Removed Evernote v. 4.6.4RP46: 6/15/2013 7:26:23 PM - Installed Evernote v. 4.6.6RP47: 6/19/2013 10:07:18 AM - SpeedyPC Pro BackupRP48: 7/4/2013 4:49:03 AM - System CheckpointRP49: 7/5/2013 10:22:57 AM - System CheckpointRP50: 7/6/2013 9:32:49 AM - SpeedyPC Pro BackupRP51: 7/11/2013 5:54:27 AM - System CheckpointRP52: 7/13/2013 2:29:36 AM - Removed Windows Live Upload ToolRP53: 7/13/2013 2:30:03 AM - Removed Windows Live Favorites for Windows Live ToolbarRP54: 7/13/2013 5:34:42 PM - Removed WeatherBugRP55: 7/14/2013 6:15:18 PM - System CheckpointRP56: 7/15/2013 6:31:41 PM - System Checkpoint.==== Installed Programs ======================.32 Bit HP CIO Components Installer7-Zip 9.20Acrobat.comAd-AwareAdobe AIRAdobe Flash Player 10 ActiveXAdobe Flash Player 11 PluginAdobe Help Center 2.0Adobe Photoshop Elements 4.0Adobe Reader XI (11.0.03)AI RoboForm (All Users)AIO_ScanApple Application SupportApple Mobile Device SupportApple Software UpdateAthlon 64 Processor DriverATI - Software Uninstall UtilityATI Control PanelATI Display DriverAVG 2012AVG 2013BlackBerry App World Browser PluginBlackBerry Desktop Software 7.1BlackBerry Device Software UpdaterBroadcom 802.11 Wireless LAN AdapterBufferChmC7200C7200_doccdc7200_HelpCameraDriversCelestia 1.4.0Cisco Network MagicCompatibility Pack for the 2007 Office systemConexant AC-Link AudioCopyDannon Recipe Box 1.0.0.27Destination ComponentDeviceDiscoveryDocProcDocProcQFolderDrive ManagerDuplicate Photo CleanerDVD Shrink 3.2EdgeStreamClient 2.2.5.0ERUNT 1.1jEvernote v. 4.6.6FaxFLV PlayerForm Fill (Windows Live Toolbar)getPlus® for AdobeGoogle Toolbar for Internet ExplorerGoogle Update HelperGoogle UpdaterHotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)Hotfix for Windows Media Player 10 (KB903157)Hotfix for Windows XP (KB954550-v5)HP BatteryCheck 1.00 A7HP Help and SupportHP Photosmart 330,380,420,470,7800,8000,8200 SeriesHP Photosmart Essential2.01HP Product AssistantHP Smart Web PrintingHP UpdateHP User Guides 0008HP Wireless Assistant 1.01 C1HP_Network_UserGuideHPProductAssistantHpSdpAppCoreAppHPSSupplyInterVideo WinDVDJava Auto UpdaterJava 6 Update 31Junk Mail filter updateJustCloud SetupLavasoft Personal Firewall 1.0Learn2 Player (Uninstall Only)LightScribe 1.4.105.1Malwarebytes Anti-Malware version 1.75.0.1300Map Button (Windows Live Toolbar)MarketResearchMaxtor ManagerMicrosoft .NET Framework 1.1Microsoft .NET Framework 1.1 Hotfix (KB928366)Microsoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 3.0 Service Pack 2Microsoft .NET Framework 3.5 SP1Microsoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft Application Error ReportingMicrosoft Choice GuardMicrosoft IntelliPoint 7.0Microsoft Location FinderMicrosoft Office 2007 Service Pack 2 (SP2)Microsoft Office Excel MUI (English) 2007Microsoft Office Home and Student 2007Microsoft Office Live Add-in 1.5Microsoft Office OneNote 2007Microsoft Office OneNote 2007 TrialMicrosoft Office OneNote MUI (English) 2007Microsoft Office Outlook 2007Microsoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Word MUI (English) 2007Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programsMicrosoft Search Enhancement PackMicrosoft SilverlightMicrosoft Software Update for Web Folders (English) 12Microsoft SQL Server 2005 Compact Edition [ENU]Microsoft Sync Framework Runtime Native v1.0 (x86)Microsoft Sync Framework Services Native v1.0 (x86)Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Visual Studio 2005 Tools for Office RuntimeMicrosoft WorksMotorola Phone ToolsMove Networks Media Player for Internet ExplorerMozilla Firefox 17.0 (x86 en-US)Mozilla Maintenance ServiceMSNMSVC80_x86MSVCRTMSXML 4.0 SP2 (KB925672)MSXML 4.0 SP2 (KB927978)MSXML 4.0 SP2 (KB936181)MSXML 6.0 Parsermuvee autoProducer 4.0 - SEneroxmlNetDeviceManagerNetWaitingNetwork MagicNTI Backup Now EZOctoshape add-in for Adobe Flash PlayerOctoshape Streaming ServicesOneCare Advisor (Windows Live Toolbar)OpenOffice.org Installer 1.0OutlookTools 2PanoStandAlonePC Connectivity SolutionPC World ToolbarPicasa 3Popup Blocker (Windows Live Toolbar)Post-it® Software Notes LitePrint Screen DeluxePS_AIO_02_ProductContextPS_AIO_02_SoftwarePS_AIO_02_Software_minPS8200PSPrinters08PSSWCOREPSTAPluginPure Networks PlatformQuick Launch Buttons 5.20 G1QuickTimeRealNetworks - Microsoft Visual C++ 2008 RuntimeRealPlayerREALTEK Gigabit and Fast Ethernet NIC DriverRealUpgrade 1.1Rhapsody Player EngineSamsung KiesSAMSUNG USB Driver for Mobile PhonesScanSecurity Update for 2007 Microsoft Office System (KB2288621)Security Update for 2007 Microsoft Office System (KB2288931)Security Update for 2007 Microsoft Office System (KB2289158)Security Update for 2007 Microsoft Office System (KB2344875)Security Update for 2007 Microsoft Office System (KB2345043)Security Update for 2007 Microsoft Office System (KB969559)Security Update for 2007 Microsoft Office System (KB976321)Security Update for CAPICOM (KB931906)Security Update for Microsoft Office Excel 2007 (KB2345035)Security Update for Microsoft Office InfoPath 2007 (KB979441)Security Update for Microsoft Office PowerPoint 2007 (KB982158)Security Update for Microsoft Office PowerPoint Viewer (KB2413381)Security Update for Microsoft Office system 2007 (972581)Security Update for Microsoft Office system 2007 (KB974234)Security Update for Microsoft Office Visio Viewer 2007 (KB973709)Security Update for Microsoft Office Word 2007 (KB2344993)Segoe UISmart Menus (Windows Live Toolbar)SMS-it Outlook InterfaceSMS-it!Soft Data Fax Modem with SmartCPSolutionCenterSonic Audio ModuleSonic Copy ModuleSonic Data ModuleSonic Express LabelerSonic MyDVD PlusSonic Update ManagerSonicAC3EncoderSonicMPEGEncoderStatusTexas Instruments PCIxx21/x515/xx12 drivers.The Weather Channel AppTIPCIToolboxTrayAppTrillianU3LauncherUnity Web PlayerUnloadUnloadSupportUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft Office OneNote 2007 (KB980729)Update for Microsoft Office Outlook 2007 (KB2412171)Update for Outlook 2007 Junk Email Filter (KB2508979)Update Rollup 2 for Windows XP Media Center Edition 2005URGEVideoToolkit01Viewpoint Media PlayerVisual C++ 2008 x86 Runtime - (v9.0.30729)Visual C++ 2008 x86 Runtime - v9.0.30729.01Visual Studio 2005 Tools for Office Second Edition RuntimeWebEx Support Manager for Internet ExplorerWebFldrs XPWebRegWidevine Media Transformer Plugin 5.0.0Winamp (remove only)Windows Driver Package - Nokia Modem (03/05/2008 3.7)Windows Driver Package - Nokia Modem (03/13/2008 6.86.0.1)Windows Driver Package - Nokia Modem (05/22/2008 3.8)Windows Driver Package - Nokia Modem (05/22/2008 7.00.0.1)Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)Windows Genuine Advantage Notifications (KB905474)Windows Genuine Advantage Validation Tool (KB892130)Windows Internet Explorer 7Windows Internet Explorer 8Windows Live Communications PlatformWindows Live EssentialsWindows Live Family SafetyWindows Live ID Sign-in AssistantWindows Live MailWindows Live Outlook Toolbar (Windows Live Toolbar)Windows Live Photo GalleryWindows Live ToolbarWindows Live Toolbar Extension (Windows Live Toolbar)Windows Live Toolbar Feed Detector (Windows Live Toolbar)Windows Live WriterWindows Media Format 11 runtimeWindows Media Player 11Windows Media Player Firefox PluginWireless Home Network SetupZinio Reader.==== Event Viewer Messages From Past Week ========.7/9/2013 11:13:45 PM, error: WPDMTPDriver [15300] - MTP WPD Driver has failed to start. Error 0x8007048f.7/9/2013 11:13:42 PM, error: Service Control Manager [7034] - The Pure Networks Platform Service service terminated unexpectedly. It has done this 1 time(s).7/13/2013 9:40:07 AM, error: Dhcp [1002] - The IP address lease 192.168.0.101 for the Network Card with network address 0014A569E70F has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).7/13/2013 12:16:06 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the COM+ System Application service to connect.7/13/2013 12:16:06 AM, error: Service Control Manager [7000] - The COM+ System Application service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.7/13/2013 12:16:06 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service COMSysApp with arguments "" in order to run the server: {ECABAFBC-7F19-11D2-978E-0000F8757E2A}7/13/2013 12:15:29 AM, error: Service Control Manager [7022] - The Windows Search service hung on starting.7/13/2013 12:14:11 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)7/11/2013 2:43:45 AM, error: DCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.7/11/2013 2:43:18 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avgtp Lbd7/11/2013 2:43:18 AM, error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.7/11/2013 2:41:32 AM, error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).7/11/2013 2:41:32 AM, error: Service Control Manager [7000] - The Kodak Camera Connection Software service failed to start due to the following error: The system cannot find the file specified.7/11/2013 1:00:22 AM, error: BROWSER [8007] - The browser was unable to update the service status bits. The data is the error..==== End Of File =========================== dds.txt DDS (Ver_2012-11-20.01) - NTFS_x86Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_31Run by MOM at 15:45:13 on 2013-07-16Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.459 [GMT -5:00].AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}.============== Running Processes ================.C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\AVG\AVG2013\avgwdsvc.exeC:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Google\Update\GoogleUpdate.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\Program Files\Maxtor\Sync\SyncServices.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZSvr.exeC:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exeC:\Program Files\Pure Networks\Network Magic\nmapp.exeC:\hp\drivers\hplsbwatcher\lsburnwatcher.exeC:\WINDOWS\ehome\ehtray.exeC:\Program Files\AVG\AVG2013\avgui.exeC:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeC:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZtray.exeC:\Program Files\Samsung\Kies\KiesTrayAgent.exeC:\Program Files\Hp\HP Software Update\HPWuSchd2.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Windows Media Player\WMPNSCFG.exeC:\Program Files\Samsung\Kies\Kies.exeC:\Program Files\Samsung\Kies\KiesAirMessage.exeC:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exeC:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\WINDOWS\eHome\ehmsas.exeC:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exeC:\WINDOWS\ehome\mcrdsvc.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\WINDOWS\system32\wscntfy.exeC:\Program Files\Windows Media Player\WMPNetwk.exeC:\WINDOWS\system32\dllhost.exeC:\WINDOWS\System32\alg.exeC:\WINDOWS\system32\SearchIndexer.exeC:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exeC:\WINDOWS\system32\wbem\wmiprvse.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupC:\WINDOWS\system32\svchost.exe -k NetworkServiceC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\WINDOWS\system32\svchost.exe -k hpdevmgmtC:\WINDOWS\system32\svchost.exe -k HPServiceC:\WINDOWS\System32\svchost.exe -k HTTPFilterC:\WINDOWS\system32\svchost.exe -k LocalService.============== Pseudo HJT Report ===============.uProxyOverride = <local>uURLSearchHooks: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - <orphaned>dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hewlett-packard\smart web printing\hpswp_printenhancer.dllBHO: HP Print Clips: {053F9267-DC04-4294-A72C-58F732D338C0} - c:\program files\hewlett-packard\smart web printing\hpswp_framework.dllBHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dllBHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dllBHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - c:\program files\evernote\evernote\EvernoteIE.dllBHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dllBHO: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - LocalServer32 - <no file>BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dllBHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - c:\program files\windows live\toolbar\wltcore.dllBHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllTB: &RoboForm: {724D43A0-0D85-11D4-9908-00400523E39A} - c:\program files\siber systems\ai roboform\roboform.dllTB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dllTB: FireShot: {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - LocalServer32 - <no file>EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - <orphaned>EB: &Research: {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\program files\microsoft office\office12\REFIEBAR.DLLEB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - <orphaned>uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exeuRun: [KiesPreload] c:\program files\samsung\kies\Kies.exe /preloaduRun: [KiesAirMessage] c:\program files\samsung\kies\KiesAirMessage.exe -startupuRun: [] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exeuRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe"mRun: [nmapp] "c:\program files\pure networks\network magic\nmapp.exe" -autorun -nosplashmRun: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exemRun: [ehTray] c:\windows\ehome\ehtray.exemRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exemRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLYmRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"mRun: [backupNowEZtray] "c:\program files\nti\nti backup now ez\BackupNowEZtray.exe" -kmRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exemRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exemRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"dRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"dRun: [swg] c:\program files\google\googletoolbarnotifier\1.2.1128.5462\GoogleToolbarNotifier.exedRunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /fdRunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /fStartupFolder: c:\docume~1\mom\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXEStartupFolder: c:\docume~1\mom\startm~1\programs\startup\everno~1.lnk - c:\program files\evernote\evernote\EvernoteTray.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1mPolicies-Explorer: NoDriveTypeAutoRun = dword:145IE: &Viewpoint Search - c:\program files\viewpoint\viewpoint toolbar v35\ViewBar.dll/CXTSEARCH.HTMLIE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200IE: Clip Image - c:\program files\evernote\evernote\\evernoteieres\Clip.html?clipAction=4IE: Clip selection - c:\program files\evernote\evernote\\evernoteieres\Clip.html?clipAction=3IE: Clip this page - c:\program files\evernote\evernote\\evernoteieres\Clip.html?clipAction=1IE: Clip URL - c:\program files\evernote\evernote\\evernoteieres\Clip.html?clipAction=0IE: Customize Menu - c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.htmlIE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000IE: Fill Forms - c:\program files\siber systems\ai roboform\RoboFormComFillForms.htmlIE: New Note - c:\program files\evernote\evernote\\evernoteieres\NewNote.htmlIE: RoboForm Toolbar - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.htmlIE: Save Forms - c:\program files\siber systems\ai roboform\RoboFormComSavePass.htmlIE: Yahoo! &SMS - /c:\program files\yahoo!\Common/ycsms.htmIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dllIE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.htmlIE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.htmlIE: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - <orphaned>IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\program files\hewlett-packard\smart web printing\hpswp_extensions.dllIE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hewlett-packard\smart web printing\hpswp_extensions.dllIE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.htmlIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\program files\evernote\evernote\\evernoteieres\AddNote.htmlIE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe.INFO: HKCU has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option...INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option..DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -TCP: NameServer = 192.168.0.1TCP: Interfaces\{26D9CED9-63C5-4B17-902B-BAD4671EC5BB} : DHCPNameServer = 192.168.0.1Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dllNotify: AtiExtEvent - Ati2evxx.dllNotify: avgrsstarter - avgrsstx.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dllSEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dllLSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg.================= FIREFOX ===================.FF - ProfilePath - c:\documents and settings\mom\application data\mozilla\firefox\profiles\30qgon9z.default-1369715500859\FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dllFF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dllFF - plugin: c:\documents and settings\mom\application data\mozilla\plugins\npoctoshape.dllFF - plugin: c:\documents and settings\mom\local settings\application data\unity\webplayer\loader\npUnity3D32.dllFF - plugin: c:\progra~1\meadco~1\npmeadax.dllFF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dllFF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\13.0.0\npsitesafety.dllFF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dllFF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dllFF - plugin: c:\program files\google\picasa3\npPicasa3.dllFF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dllFF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dllFF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dllFF - plugin: c:\program files\microsoft\office live\npOLW.dllFF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dllFF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dllFF - plugin: c:\program files\research in motion limited\blackberry app world browser plugin\npappworld.dllFF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dllFF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dllFF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_224.dllFF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_94.dllFF - plugin: c:\windows\system32\npdeployJava1.dllFF - plugin: c:\windows\system32\npptools.dllFF - ExtSQL: 2013-07-06 10:11; {E0B8C461-F8FB-49b4-8373-FE32E9252800}; c:\documents and settings\mom\application data\mozilla\firefox\profiles\30qgon9z.default-1369715500859\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.============= SERVICES / DRIVERS ===============.R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 60216]R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-8-9 245048]R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 96568]R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 39224]R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 208184]R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 22328]R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 170808]R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-9 182072]R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-4-18 283136]R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-11-14 54760]R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-7-1 418376]R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-7-1 701512]R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]R2 NTI BackupNowEZSvr;NTI BackupNowEZSvr;c:\program files\nti\nti backup now ez\BackupNowEZSvr.exe [2011-9-23 45592]R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [2005-8-22 231424]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-7-1 22856]S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-8-23 26984]S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-5-14 4937264]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-5-3 83864]S3 esgiguard;esgiguard;\??\c:\program files\enigma software group\spyhunter\esgiguard.sys --> c:\program files\enigma software group\spyhunter\esgiguard.sys [?]S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]S3 GoogleDesktopManager-093009-130223;Google Desktop Manager 5.9.909.30391;"c:\program files\google\google desktop search\googledesktop.exe" --> c:\program files\google\google desktop search\GoogleDesktop.exe [?]S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2010-4-26 19712]S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2010-4-26 8320]S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2010-4-26 42752]S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2004-8-10 14336]S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-5-3 181912]S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]S4 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\pcpitstop\PCPitstopScheduleService.exe [2013-3-24 85504].=============== Created Last 30 ================.2013-07-11 22:00:41 -------- dc----w- C:\FRST2013-07-11 01:33:33 -------- d-----w- c:\windows\ERUNT2013-07-10 22:41:58 -------- dc----w- c:\documents and settings\all users\application data\Malwarebytes' Anti-Malware (portable)2013-07-10 22:31:30 985 ----a-w- c:\windows\win.tmp2013-07-10 22:31:30 227 ----a-w- c:\windows\system.tmp2013-07-01 19:48:11 -------- dc----w- c:\documents and settings\mom\application data\Malwarebytes2013-07-01 19:47:52 -------- dc----w- c:\documents and settings\all users\application data\Malwarebytes2013-07-01 19:47:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys2013-07-01 19:47:50 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware.==================== Find3M ====================.2013-07-14 22:49:10 71048 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2013-07-14 22:49:10 692104 -c--a-w- c:\windows\system32\FlashPlayerApp.exe2013-04-19 00:08:14 4659712 ----a-w- c:\windows\system32\Redemption.dll2013-04-19 00:07:00 90112 ----a-w- c:\windows\MAMCityDownload.ocx2013-04-19 00:07:00 330240 ----a-w- c:\windows\MASetupCaller.dll2013-04-19 00:07:00 30568 ----a-w- c:\windows\MusiccityDownload.exe.============= FINISH: 15:46:29.07 =============== result.txt MiniToolBox by Farbar Version: 13-07-2013Ran by MOM (administrator) on 16-07-2013 at 15:55:27Running from "C:\Documents and Settings\MOM\Desktop"Microsoft Windows XP Professional Service Pack 3, v.3264 (X86)Boot Mode: Normal***************************************************************************========================= Flush DNS: ===================================Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.========================= IE Proxy Settings: ==============================Proxy is not enabled.No Proxy Server is set."Reset IE Proxy Settings": IE Proxy Settings were reset.========================= FF Proxy Settings: =============================="Reset FF Proxy Settings": Firefox Proxy settings were reset.========================= Hosts content: =================================127.0.0.1 localhost127.0.0.1 www.007guard.com127.0.0.1 007guard.com127.0.0.1 008i.com127.0.0.1 www.008k.com127.0.0.1 008k.com127.0.0.1 www.00hq.com127.0.0.1 00hq.com127.0.0.1 010402.com127.0.0.1 www.032439.com127.0.0.1 032439.com127.0.0.1 www.1001-search.info127.0.0.1 1001-search.info127.0.0.1 www.100888290cs.com127.0.0.1 100888290cs.com127.0.0.1 www.100sexlinks.com127.0.0.1 100sexlinks.com127.0.0.1 www.10sek.com127.0.0.1 10sek.comThere are 7888 more lines starting with "127.0.0.1"========================= IP Configuration: ================================1394 Net Adapter = 1394 Connection (Disconnected)Broadcom 802.11b/g WLAN = Wireless Network Connection 2 (Connected)Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Media disconnected)# ----------------------------------# Interface IP Configuration # ----------------------------------pushd interface ip# Interface IP Configuration for "Local Area Connection"set address name="Local Area Connection" source=dhcpset dns name="Local Area Connection" source=dhcp register=PRIMARYset wins name="Local Area Connection" source=dhcp# Interface IP Configuration for "Wireless Network Connection 2"set address name="Wireless Network Connection 2" source=dhcpset dns name="Wireless Network Connection 2" source=dhcp register=PRIMARYset wins name="Wireless Network Connection 2" source=dhcppopd# End of interface IP configurationWindows IP Configuration Host Name . . . . . . . . . . . . : LAPTOP Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Broadcast IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : ap41.cspk.wrx.illicom.netEthernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC Physical Address. . . . . . . . . : 00-0F-B0-C2-02-43Ethernet adapter Wireless Network Connection 2: Connection-specific DNS Suffix . : ap41.cspk.wrx.illicom.net Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN Physical Address. . . . . . . . . : 00-14-A5-69-E7-0F Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.0.101 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.0.1 DHCP Server . . . . . . . . . . . : 192.168.0.1 DNS Servers . . . . . . . . . . . : 192.168.0.1 Lease Obtained. . . . . . . . . . : Tuesday, July 16, 2013 3:51:27 PM Lease Expires . . . . . . . . . . : Tuesday, July 23, 2013 3:51:27 PM1.0.168.192.in-addr.arpa primary name server = localhost responsible mail addr = nobody.invalid serial = 1 refresh = 600 (10 mins) retry = 1200 (20 mins) expire = 604800 (7 days) default TTL = 10800 (3 hours)Server: UnKnownAddress: 192.168.0.1Name: google.com.ap41.cspk.wrx.illicom.netAddress: 67.215.65.145Pinging google.com [74.125.225.64] with 32 bytes of data:Reply from 74.125.225.64: bytes=32 time=14ms TTL=54Reply from 74.125.225.64: bytes=32 time=16ms TTL=54Ping statistics for 74.125.225.64: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 14ms, Maximum = 16ms, Average = 15msServer: UnKnownAddress: 192.168.0.1Name: yahoo.com.ap41.cspk.wrx.illicom.netAddress: 67.215.65.145Pinging yahoo.com [98.139.183.24] with 32 bytes of data:Reply from 98.139.183.24: bytes=32 time=70ms TTL=45Reply from 98.139.183.24: bytes=32 time=72ms TTL=44Ping statistics for 98.139.183.24: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 70ms, Maximum = 72ms, Average = 71msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=64Reply from 127.0.0.1: bytes=32 time<1ms TTL=64Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================Interface List0x1 ........................... MS TCP Loopback interface0x2 ...00 0f b0 c2 02 43 ...... Realtek RTL8139/810x Family Fast Ethernet NIC - Packet Scheduler Miniport0x3 ...00 14 a5 69 e7 0f ...... Broadcom 802.11b/g WLAN - Packet Scheduler Miniport======================================================================================================================================================Active Routes:Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.101 25 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 192.168.0.0 255.255.255.0 192.168.0.101 192.168.0.101 25 192.168.0.101 255.255.255.255 127.0.0.1 127.0.0.1 25 192.168.0.255 255.255.255.255 192.168.0.101 192.168.0.101 25 224.0.0.0 240.0.0.0 192.168.0.101 192.168.0.101 25 255.255.255.255 255.255.255.255 192.168.0.101 2 1 255.255.255.255 255.255.255.255 192.168.0.101 192.168.0.101 1Default Gateway: 192.168.0.1===========================================================================Persistent Routes: None========================= Winsock entries =====================================Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 18 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 19 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)========================= Event log errors: ===============================Application errors:==================Error: (07/13/2013 11:47:40 PM) (Source: Windows Search Service) (User: )Description: 10x80070002Error: (07/13/2013 11:46:36 PM) (Source: Windows Search Service) (User: )Description: 10x80070002Error: (07/13/2013 11:45:57 PM) (Source: Windows Search Service) (User: )Description: 10x80070002Error: (07/13/2013 11:45:47 PM) (Source: Windows Search Service) (User: )Description: 10x80070002Error: (07/13/2013 07:30:43 PM) (Source: crypt32) (User: )Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolvedError: (07/13/2013 07:28:25 PM) (Source: Windows Search Service) (User: )Description: 10x80070002Error: (07/13/2013 00:12:33 AM) (Source: Windows Search Service) (User: )Description: 10x80070002Error: (07/12/2013 06:26:15 PM) (Source: Windows Search Service) (User: )Description: 10x80070002Error: (07/12/2013 00:37:17 AM) (Source: Windows Search Service) (User: )Description: 10x80070002Error: (07/09/2013 00:35:48 AM) (Source: Windows Search Service) (User: )Description: 10x80070002System errors:=============Error: (07/15/2013 11:23:23 PM) (Source: Service Control Manager) (User: )Description: The Pure Networks Platform Service service terminated unexpectedly. It has done this 1 time(s).Error: (07/13/2013 11:46:36 PM) (Source: Service Control Manager) (User: )Description: The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).Error: (07/13/2013 11:45:57 PM) (Source: Service Control Manager) (User: )Description: The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).Error: (07/13/2013 11:45:47 PM) (Source: Service Control Manager) (User: )Description: The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).Error: (07/13/2013 07:30:40 PM) (Source: DCOM) (User: NT AUTHORITY)Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.Error: (07/13/2013 07:30:18 PM) (Source: Service Control Manager) (User: )Description: The following boot-start or system-start driver(s) failed to load:avgtpLbdError: (07/13/2013 07:30:18 PM) (Source: Service Control Manager) (User: )Description: The HP CUE DeviceDiscovery Service service hung on starting.Error: (07/13/2013 07:28:26 PM) (Source: Service Control Manager) (User: )Description: The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).Error: (07/13/2013 07:28:26 PM) (Source: Service Control Manager) (User: )Description: The Kodak Camera Connection Software service failed to start due to the following error:%%2Error: (07/13/2013 07:26:17 PM) (Source: DCOM) (User: NT AUTHORITY)Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.Microsoft Office Sessions:=========================Error: (02/25/2012 11:47:11 PM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 2180 seconds with 1440 seconds of active time. This session ended with a crash.Error: (08/16/2011 10:08:20 PM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 335 seconds with 240 seconds of active time. This session ended with a crash.Error: (02/15/2011 09:29:06 AM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1730 seconds with 420 seconds of active time. This session ended with a crash.Error: (12/28/2010 08:33:33 PM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6548.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 31632 seconds with 2040 seconds of active time. This session ended with a crash.Error: (11/25/2010 00:10:52 AM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 830 seconds with 300 seconds of active time. This session ended with a crash.Error: (09/15/2010 03:50:10 PM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 33 seconds with 0 seconds of active time. This session ended with a crash.Error: (09/11/2010 00:01:36 AM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 891 seconds with 480 seconds of active time. This session ended with a crash.Error: (06/14/2010 07:42:22 PM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 20021 seconds with 1680 seconds of active time. This session ended with a crash.Error: (02/24/2010 10:03:05 AM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 56 seconds with 0 seconds of active time. This session ended with a crash.Error: (02/24/2010 10:01:29 AM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2902 seconds with 1500 seconds of active time. This session ended with a crash.=========================== Installed Programs ============================32 Bit HP CIO Components Installer (Version: 2.1.5)7-Zip 9.20Acrobat.com (Version: 2.1.0)Acrobat.com (Version: 2.1.0.0)Ad-Aware (Version: 8.0.0)Adobe AIR (Version: 1.5.3.9130)Adobe Flash Player 10 ActiveX (Version: 10.0.22.87)Adobe Flash Player 11 Plugin (Version: 11.8.800.94)Adobe Help Center 2.0 (Version: 2.0.0)Adobe Photoshop Elements 4.0 (Version: 4.0)Adobe Reader XI (11.0.03) (Version: 11.0.03)AI RoboForm (All Users)AIO_Scan (Version: 90.0.189.000)Apple Application Support (Version: 2.1.5)Apple Mobile Device Support (Version: 2.6.0.32)Apple Software Update (Version: 2.1.3.127)Athlon 64 Processor Driver (Version: 1.2.2.2)ATI - Software Uninstall Utility (Version: 6.14.10.1014)ATI Control Panel (Version: 6.14.10.5173)ATI Display Driver (Version: 8.202-051201a2-029034C-HP)AVG 2012 (Version: 12.0.1913)AVG 2012 (Version: 12.0.2171)AVG 2012 (Version: 12.0.2433)AVG 2013 (Version: 13.0.3204)AVG 2013 (Version: 13.0.3349)AVG 2013 (Version: 2013.0.3349)BlackBerry App World Browser Plugin (Version: 3.1.1.4)BlackBerry Desktop Software 7.1 (Version: 7.1.0.32)BlackBerry Device Software Updater (Version: 6.0.1.37)Broadcom 802.11 Wireless LAN Adapter (Version: 4.100.15.5)BufferChm (Version: 90.0.146.000)C7200 (Version: 90.0.189.000)C7200_doccd (Version: 90.0.189.000)c7200_Help (Version: 90.0.189.000)CameraDrivers (Version: 5.0.0.328)Celestia 1.4.0Cisco Network Magic (Version: 5.5.09195.0)Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)Conexant AC-Link AudioCopy (Version: 90.0.146.000)Dannon Recipe Box 1.0.0.27Destination Component (Version: 090.000.091.086)DeviceDiscovery (Version: 110.0.180.000)DocProc (Version: 9.0.0.0)DocProcQFolder (Version: 1.00.0000)Drive Manager (Version: 1.00.0012)Duplicate Photo CleanerDVD Shrink 3.2EdgeStreamClient 2.2.5.0ERUNT 1.1jEvernote v. 4.6.6 (Version: 4.6.6.8360)Fax (Version: 120.0.194.000)FLV PlayerForm Fill (Windows Live Toolbar) (Version: 03.01.0146)getPlus® for Adobe (Version: 1.5.2.35)Google Toolbar for Internet Explorer (Version: 1.0.0)Google Update Helper (Version: 1.3.21.153)Google Updater (Version: 2.4.2432.1652)HP BatteryCheck 1.00 A7 (Version: 1.00 A7)HP Help and Support (Version: 4.1.0008)HP Photosmart 330,380,420,470,7800,8000,8200 Series (Version: 8.1)HP Photosmart Essential2.01 (Version: 1.01.0000)HP Product Assistant (Version: 100.000.001.000)HP Smart Web Printing (Version: 2.15.7.0)HP Update (Version: 5.003.001.001)HP User Guides 0008 (Version: 1.05.0000)HP Wireless Assistant 1.01 C1 (Version: 1.01 C1)HP_Network_UserGuide (Version: 1.00.0000)HPProductAssistant (Version: 90.0.146.000)HpSdpAppCoreApp (Version: 3.00.0000)HPSSupply (Version: 2.2.0.0000)InterVideo WinDVD (Version: 5.0-B11.662)Java Auto Updater (Version: 2.1.9.0)Java 6 Update 31 (Version: 6.0.310)Junk Mail filter update (Version: 14.0.8117.416)JustCloud Setup (Version: 1.0.0.08)Lavasoft Personal Firewall 1.0 (Version: 1.0)Learn2 Player (Uninstall Only)LightScribe 1.4.105.1 (Version: 1.4.105.1)Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)Map Button (Windows Live Toolbar) (Version: 03.01.0146)MarketResearch (Version: 90.0.146.000)Maxtor Manager (Version: 4.01.0303)Microsoft .NET Framework 1.1 (Version: 1.1.4322)Microsoft .NET Framework 1.1 Hotfix (KB928366)Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)Microsoft .NET Framework 3.5 SP1Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)Microsoft .NET Framework 4 Extended (Version: 4.0.30320)Microsoft Application Error Reporting (Version: 12.0.6012.5000)Microsoft Choice Guard (Version: 2.0.48.0)Microsoft IntelliPoint 7.0 (Version: 7.0.260.0)Microsoft Location Finder (Version: 3.0)Microsoft Office 2007 Service Pack 2 (SP2)Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)Microsoft Office OneNote 2007 (Version: 12.0.6425.1000)Microsoft Office OneNote 2007 Trial (Version: 12.0.6425.1000)Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)Microsoft Office Outlook 2007 (Version: 12.0.6425.1000)Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (Version: 12.0.4518.1014)Microsoft Search Enhancement Pack (Version: 3.0.127.0)Microsoft Silverlight (Version: 5.1.20513.0)Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6425.1000)Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60816.0)Microsoft Works (Version: 08.04.0623)Motorola Phone Tools (Version: 4.30)Motorola Phone Tools (Version: 5.00)Move Networks Media Player for Internet ExplorerMozilla Firefox 17.0 (x86 en-US) (Version: 17.0)Mozilla Maintenance Service (Version: 22.0)MSNMSVC80_x86 (Version: 1.0.1.0)MSVCRT (Version: 14.0.1468.721)MSXML 4.0 SP2 (KB925672) (Version: 4.20.9839.0)MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)MSXML 6.0 Parser (Version: 6.10.1129.0)muvee autoProducer 4.0 - SE (Version: 4.00.050)neroxml (Version: 1.0.0)NetDeviceManager (Version: 90.0.146.000)NetDeviceManager (Version: 90.0.192.000)NetWaiting (Version: 2.5.25)Network Magic (Version: 5.5.9195.0)NTI Backup Now EZ (Version: 2.5.2.56)Octoshape add-in for Adobe Flash PlayerOctoshape Streaming ServicesOneCare Advisor (Windows Live Toolbar) (Version: 03.01.0159.04)OpenOffice.org Installer 1.0 (Version: 1.0.9221)OutlookTools 2 (Version: 2.1.0)PanoStandAlone (Version: 90.0.146.000)PC Connectivity Solution (Version: 9.13.1.0)PC World ToolbarPicasa 3 (Version: 3.9)Popup Blocker (Windows Live Toolbar) (Version: 03.01.0146)Post-it® Software Notes LitePrint Screen DeluxePS_AIO_02_ProductContext (Version: 90.0.189.000)PS_AIO_02_Software (Version: 90.0.189.000)PS_AIO_02_Software_min (Version: 90.0.189.000)PS8200 (Version: 8.01.0000)PSPrinters08 (Version: 8.01.0000)PSSWCORE (Version: 2.01.0000)PSTAPlugin (Version: 8.01.0000)Pure Networks Platform (Version: 11.2.09195.1)Quick Launch Buttons 5.20 G1 (Version: 5.20 G1)QuickTime (Version: 7.71.80.42)RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)RealPlayerREALTEK Gigabit and Fast Ethernet NIC Driver (Version: 1.80)RealUpgrade 1.1 (Version: 1.1.0)Rhapsody Player Engine (Version: 1.0.604)Rhapsody Player Engine (Version: 1.1.0)Samsung Kies (Version: 2.5.3.13043_14)SAMSUNG USB Driver for Mobile Phones (Version: 1.5.23.0)Scan (Version: 9.0.0.0)Segoe UI (Version: 14.0.4327.805)Smart Menus (Windows Live Toolbar) (Version: 03.01.0146)SMS-it Outlook InterfaceSMS-it!Soft Data Fax Modem with SmartCPSolutionCenter (Version: 90.0.146.000)Sonic Audio Module (Version: 2.0.0.1)Sonic Copy Module (Version: 2.0.0.1)Sonic Data Module (Version: 2.0.0.1)Sonic Express Labeler (Version: 2.0.0)Sonic MyDVD Plus (Version: 6.1.3)Sonic Update Manager (Version: 3.0.0)SonicAC3Encoder (Version: 1.00.0000)SonicMPEGEncoder (Version: 1.00.0000)Status (Version: 110.0.180.000)Texas Instruments PCIxx21/x515/xx12 drivers. (Version: 1.20.0000)The Weather Channel AppTIPCI (Version: 1.20.0000)Toolbox (Version: 90.0.146.000)TrayApp (Version: 110.0.180.000)TrillianU3Launcher (Version: 1.0.0)Unity Web Player (Version: )Unload (Version: 5.0.0)UnloadSupport (Version: 9.0.0)Update for 2007 Microsoft Office System (KB967642)Update for Microsoft Office OneNote 2007 (KB980729)Update for Microsoft Office Outlook 2007 (KB2412171)Update for Outlook 2007 Junk Email Filter (KB2508979)Update Rollup 2 for Windows XP Media Center Edition 2005URGE (Version: 1.1.8115.0)VideoToolkit01 (Version: 90.0.146.000)Viewpoint Media PlayerVisual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)Visual Studio 2005 Tools for Office Second Edition RuntimeWebEx Support Manager for Internet Explorer (Version: 6.5.4917)WebFldrs XP (Version: 9.50.7523)WebReg (Version: 90.0.146.000)Widevine Media Transformer Plugin 5.0.0 (Version: 5.0.0.4679)Winamp (remove only)Windows Driver Package - Nokia Modem (03/05/2008 3.7) (Version: 03/05/2008 3.7)Windows Driver Package - Nokia Modem (03/13/2008 6.86.0.1) (Version: 03/13/2008 6.86.0.1)Windows Driver Package - Nokia Modem (05/22/2008 3.8) (Version: 05/22/2008 3.8)Windows Driver Package - Nokia Modem (05/22/2008 7.00.0.1) (Version: 05/22/2008 7.00.0.1)Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0018.5)Windows Genuine Advantage Validation Tool (KB892130)Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0036.0)Windows Internet Explorer 7 (Version: 20061107.210142)Windows Internet Explorer 8 (Version: 20090308.140743)Windows Live Communications Platform (Version: 14.0.8117.416)Windows Live Essentials (Version: 14.0.8117.0416)Windows Live Essentials (Version: 14.0.8117.416)Windows Live Family Safety (Version: 14.0.8118.427)Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)Windows Live Mail (Version: 14.0.8117.0416)Windows Live Outlook Toolbar (Windows Live Toolbar) (Version: 03.01.0146)Windows Live Photo Gallery (Version: 14.0.8117.416)Windows Live Toolbar (Version: 14.0.8117.416)Windows Live Toolbar Extension (Windows Live Toolbar) (Version: 03.01.0146)Windows Live Toolbar Feed Detector (Windows Live Toolbar) (Version: 03.01.0146)Windows Live Writer (Version: 14.0.8117.0416)Windows Media Format 11 runtimeWindows Media Player 11Windows Media Player Firefox Plugin (Version: 1.0.0.8)Wireless Home Network Setup (Version: 1.1.154.1)Zinio Reader========================= Devices: ================================Name: ACPI Uniprocessor PCDescription: ACPI Uniprocessor PCClass Guid: {4D36E966-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard computers)Service: \Driver\ACPI_HALName: Microsoft ACPI-Compliant SystemDescription: Microsoft ACPI-Compliant SystemClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: ACPIName: AMD Turion 64 Mobile Technology ML-40Description: AMD K8 ProcessorClass Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}Manufacturer: Advanced Micro DevicesService: AmdK8Name: ACPI LidDescription: ACPI LidClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: ACPI Power ButtonDescription: ACPI Power ButtonClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: Microsoft Windows Management Interface for ACPIDescription: Microsoft Windows Management Interface for ACPIClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: WmiAcpiName: PCI busDescription: PCI busClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: pciName: PCI standard host CPU bridgeDescription: PCI standard host CPU bridgeClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: PCI standard PCI-to-PCI bridgeDescription: PCI standard PCI-to-PCI bridgeClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: pciName: ATI MOBILITY RADEON Xpress 200 SeriesDescription: ATI MOBILITY RADEON Xpress 200 SeriesClass Guid: {4D36E968-E325-11CE-BFC1-08002BE10318}Manufacturer: ATI Technologies Inc.Service: ati2mtagName: Generic TelevisionDescription: Generic TelevisionClass Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard monitor types)Service:Name: Plug and Play MonitorDescription: Plug and Play MonitorClass Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard monitor types)Service:Name: Default MonitorDescription: Default MonitorClass Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard monitor types)Service:Name: PCI standard PCI-to-PCI bridgeDescription: PCI standard PCI-to-PCI bridgeClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: pciName: Standard OpenHCD USB Host ControllerDescription: Standard OpenHCD USB Host ControllerClass Guid: {36FC9E60-C465-11CF-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbohciName: USB Root HubDescription: USB Root HubClass Guid: {36FC9E60-C465-11CF-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbhubName: USB Human Interface DeviceDescription: USB Human Interface DeviceClass Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}Manufacturer: (Standard system devices)Service: HidUsbName: HID-compliant mouseDescription: HID-compliant mouseClass Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: mouhidName: HID-compliant deviceDescription: HID-compliant deviceClass Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}Manufacturer: (Standard system devices)Service:Name: Standard OpenHCD USB Host ControllerDescription: Standard OpenHCD USB Host ControllerClass Guid: {36FC9E60-C465-11CF-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbohciName: USB Root HubDescription: USB Root HubClass Guid: {36FC9E60-C465-11CF-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbhubName: Standard Enhanced PCI to USB Host ControllerDescription: Standard Enhanced PCI to USB Host ControllerClass Guid: {36FC9E60-C465-11CF-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbehciName: USB Root HubDescription: USB Root HubClass Guid: {36FC9E60-C465-11CF-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbhubName: ATI SMBusDescription: ATI SMBusClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: ATI Technologies IncService:Name: Standard Dual Channel PCI IDE ControllerDescription: Standard Dual Channel PCI IDE ControllerClass Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard IDE ATA/ATAPI controllers)Service: pciideName: Primary IDE ChannelDescription: Primary IDE ChannelClass Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard IDE ATA/ATAPI controllers)Service: atapiName: FUJITSU MHV2080AHDescription: Disk driveClass Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard disk drives)Service: diskName: Secondary IDE ChannelDescription: Secondary IDE ChannelClass Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard IDE ATA/ATAPI controllers)Service: atapiName: TSSTcorp CD/DVDW TS-L532MDescription: CD-ROM DriveClass Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard CD-ROM drives)Service: cdromName: PCI standard ISA bridgeDescription: PCI standard ISA bridgeClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: isapnpName: ISAPNP Read Data PortDescription: ISAPNP Read Data PortClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: Direct memory access controllerDescription: Direct memory access controllerClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: Numeric data processorDescription: Numeric data processorClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: Programmable interrupt controllerDescription: Programmable interrupt controllerClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: System CMOS/real time clockDescription: System CMOS/real time clockClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: System speakerDescription: System speakerClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: System timerDescription: System timerClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: Quick Launch ButtonsDescription: Quick Launch ButtonsClass Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}Manufacturer: Hewlett-PackardService: i8042prtName: PS/2 Compatible MouseDescription: PS/2 Compatible MouseClass Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: i8042prtName: Motherboard resourcesDescription: Motherboard resourcesClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: System boardDescription: System boardClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: Microsoft ACPI-Compliant Embedded ControllerDescription: Microsoft ACPI-Compliant Embedded ControllerClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: ACPIECName: Microsoft ACPI-Compliant Control Method BatteryDescription: Microsoft ACPI-Compliant Control Method BatteryClass Guid: {72631E54-78A4-11D0-BCF7-00AA00B7B32A}Manufacturer: MicrosoftService: CmBattName: Microsoft AC AdapterDescription: Microsoft AC AdapterClass Guid: {72631E54-78A4-11D0-BCF7-00AA00B7B32A}Manufacturer: MicrosoftService: CmBattName: PCI standard PCI-to-PCI bridgeDescription: PCI standard PCI-to-PCI bridgeClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: pciName: Broadcom 802.11b/g WLANDescription: Broadcom 802.11b/g WLANClass Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: BroadcomService: BCM43XXName: Texas Instruments PCIxx21 Cardbus ControllerDescription: Generic CardBus ControllerClass Guid: {4D36E977-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: pcmciaName: Texas Instruments OHCI Compliant IEEE 1394 Host ControllerDescription: Texas Instruments OHCI Compliant IEEE 1394 Host ControllerClass Guid: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F}Manufacturer: Texas InstrumentsService: ohci1394Name: 1394 Net AdapterDescription: 1394 Net AdapterClass Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: NIC1394Problem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.Name: Texas Instruments PCIxx21 Integrated FlashMedia ControllerDescription: Texas Instruments PCIxx21 Integrated FlashMedia ControllerClass Guid: {4D36E970-E325-11CE-BFC1-08002BE10318}Manufacturer: Texas Instruments IncService: tifm21Name: SDA Standard Compliant SD Host ControllerDescription: SDA Standard Compliant SD Host ControllerClass Guid: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6}Manufacturer: SDA Standard Compliant SD Host Controller VendorService: sdbusName: Realtek RTL8139/810x Family Fast Ethernet NICDescription: Realtek RTL8139/810x Family Fast Ethernet NICClass Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: Realtek Semiconductor Corp.Service: RTL8023xpName: Conexant AC-Link AudioDescription: Conexant AC-Link AudioClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: ConexantService: CAMCAUDName: AC97 Soft Data Fax Modem with SmartCPDescription: AC97 Soft Data Fax Modem with SmartCPClass Guid: {4D36E96D-E325-11CE-BFC1-08002BE10318}Manufacturer: CXTService: ModemName: PCI standard host CPU bridgeDescription: PCI standard host CPU bridgeClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: PCI standard host CPU bridgeDescription: PCI standard host CPU bridgeClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: PCI standard host CPU bridgeDescription: PCI standard host CPU bridgeClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: PCI standard host CPU bridgeDescription: PCI standard host CPU bridgeClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: Motherboard resourcesDescription: Motherboard resourcesClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: ACPI Thermal ZoneDescription: ACPI Thermal ZoneClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: ACPI Fixed Feature ButtonDescription: ACPI Fixed Feature ButtonClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: Microsoft Composite BatteryDescription: Microsoft Composite BatteryClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: CompbattName: Logical Disk ManagerDescription: Logical Disk ManagerClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: dmioName: Volume ManagerDescription: Volume ManagerClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: ftdiskName: Generic volumeDescription: Generic volumeClass Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}Manufacturer: MicrosoftService:Name: Generic volumeDescription: Generic volumeClass Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}Manufacturer: MicrosoftService:Name: AFDDescription: AFDClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: AFDName: AliIdeDescription: AliIdeClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: AliIdeName: 1394 ARP Client ProtocolDescription: 1394 ARP Client ProtocolClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: Arp1394Name: AVGIDSDriverDescription: AVGIDSDriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: AVGIDSDriverName: AVGIDSHXDescription: AVGIDSHXClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: AVGIDSHXName: AVGIDSShimDescription: AVGIDSShimClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: AVGIDSShimName: AVG Free AVI Loader Driver x86Description: AVG Free AVI Loader Driver x86Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: AvgLdx86Name: AVG Logging DriverDescription: AVG Logging DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: AvglogxName: AVG Network RedirectorDescription: AVG Network RedirectorClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: AvgTdiXName: BeepDescription: BeepClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: BeepName: dmbootDescription: dmbootClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: dmbootName: dmloadDescription: dmloadClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: dmloadName: EABFiltrDescription: EABFiltrClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: EABFiltrName: esgiguardDescription: esgiguardClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: esgiguardName: FipsDescription: FipsClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: FipsName: FssFltrDescription: FssFltrClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: fssfltrName: Generic Packet ClassifierDescription: Generic Packet ClassifierClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: GpcName: HTTPDescription: HTTPClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: HTTPName: IntelIdeDescription: IntelIdeClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: IntelIdeName: IP Traffic Filter DriverDescription: IP Traffic Filter DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: IpFilterDriverName: IP Network Address TranslatorDescription: IP Network Address TranslatorClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: IpNatName: IPSEC driverDescription: IPSEC driverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: IPSecName: ksecddDescription: ksecddClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: ksecddName: Lavasoft helper driverDescription: Lavasoft helper driverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: Lavasoft KernexplorerName: mchInjDrvDescription: mchInjDrvClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: mchInjDrvName: MCSTRMDescription: MCSTRMClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: MCSTRMName: mdmxsdkDescription: mdmxsdkClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: mdmxsdkName: mnmddDescription: mnmddClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: mnmddName: mountmgrDescription: mountmgrClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: mountmgrName: NDIS System DriverDescription: NDIS System DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NDISName: Remote Access NDIS TAPI DriverDescription: Remote Access NDIS TAPI DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NdisTapiName: NDIS Usermode I/O ProtocolDescription: NDIS Usermode I/O ProtocolClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NdisuioName: NDProxyDescription: NDProxyClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NDProxyName: NetBios over TcpipDescription: NetBios over TcpipClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NetBTName: NullDescription: NullClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NullName: PartMgrDescription: PartMgrClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: PartMgrName: ParVdmDescription: ParVdmClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: ParVdmName: Pure Networks Device Discovery DriverDescription: Pure Networks Device Discovery DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: pnarpName: Pure Networks Wireless DriverDescription: Pure Networks Wireless DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: purendisName: Remote Access Auto Connection DriverDescription: Remote Access Auto Connection DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: RasAcdName: RDPCDDDescription: RDPCDDClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: RDPCDDName: TCP/IP Protocol DriverDescription: TCP/IP Protocol DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: TcpipName: TVICHW32Description: TVICHW32Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: TVICHW32Name: VgaSaveDescription: VgaSaveClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: VgaSaveName: ViaIdeDescription: ViaIdeClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: ViaIdeName: VolSnapDescription: VolSnapClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: VolSnapName: Remote Access IP ARP DriverDescription: Remote Access IP ARP DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: WanarpName: Wdf01000Description: Wdf01000Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: Wdf01000Name: Windows Driver Foundation - User-mode Driver Framework Platform DriverDescription: Windows Driver Foundation - User-mode Driver Framework Platform DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: WudfPfName: Audio CodecsDescription: Audio CodecsClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: audstubName: Legacy Audio DriversDescription: Legacy Audio DriversClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: audstubName: Media Control DevicesDescription: Media Control DevicesClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: audstubName: Legacy Video Capture DevicesDescription: Legacy Video Capture DevicesClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: audstubName: Video CodecsDescription: Video CodecsClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: audstubName: Standard ModemDescription: Standard ModemClass Guid: {4D36E96D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard Modem Types)Service: ModemName: WAN Miniport (L2TP)Description: WAN Miniport (L2TP)Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: Rasl2tpName: WAN Miniport (IP)Description: WAN Miniport (IP)Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: NdisWanName: WAN Miniport (PPPOE)Description: WAN Miniport (PPPOE)Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: RasPppoeName: WAN Miniport (PPTP)Description: WAN Miniport (PPTP)Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: PptpMiniportName: Realtek RTL8139/810x Family Fast Ethernet NIC - Packet Scheduler MiniportDescription: Packet Scheduler MiniportClass Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: PSchedName: WAN Miniport (IP) - Packet Scheduler MiniportDescription: Packet Scheduler MiniportClass Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: PSchedName: Broadcom 802.11b/g WLAN - Packet Scheduler MiniportDescription: Packet Scheduler MiniportClass Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: PSchedName: Direct ParallelDescription: Direct ParallelClass Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: RasptiName: Photosmart C7200 seriesDescription: Photosmart C7200 seriesClass Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}Manufacturer: HPService:Problem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.Name: pcouffin device for 32 bits systemsDescription: pcouffin device for 32 bits systemsClass Guid: {FF646F80-8DEF-11D2-9449-00105A075F6B}Manufacturer: VSO SoftwareService: pcouffinName: RIM Virtual Serial Port v2 (COM5)Description: RIM Virtual Serial Port v2Class Guid: {4D36E978-E325-11CE-BFC1-08002BE10318}Manufacturer: RIM Virtual Serial PortsService: RimVSerPortName: RIM Virtual Serial Port v2 (COM6)Description: RIM Virtual Serial Port v2Class Guid: {4D36E978-E325-11CE-BFC1-08002BE10318}Manufacturer: RIM Virtual Serial PortsService: RimVSerPortName: Terminal Server Device RedirectorDescription: Terminal Server Device RedirectorClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: rdpdrName: Terminal Server Keyboard DriverDescription: Terminal Server Keyboard DriverClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: TermDDName: Terminal Server Mouse DriverDescription: Terminal Server Mouse DriverClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: TermDDName: Plug and Play Software Device EnumeratorDescription: Plug and Play Software Device EnumeratorClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: swenumName: Microsoft WINMM WDM Audio Compatibility DriverDescription: Microsoft WINMM WDM Audio Compatibility DriverClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: wdmaudName: Microsoft Kernel System Audio DeviceDescription: Microsoft Kernel System Audio DeviceClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: sysaudioName: RAS Async AdapterDescription: RAS Async AdapterClass Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: AsyncMacName: Microsoft Kernel Wave Audio MixerDescription: Microsoft Kernel Wave Audio MixerClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: kmixerName: Microcode Update DeviceDescription: Microcode Update DeviceClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: updateName: Microsoft System Management BIOS DriverDescription: Microsoft System Management BIOS DriverClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: mssmbiosName: Nokia 6085Description: Nokia Windows Portable Device DriverClass Guid: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}Manufacturer: NokiaService: WUDFRdProblem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.Name: Nokia 6085Description: Nokia 6085Class Guid: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}Manufacturer: NokiaService: WUDFRdProblem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.========================= Memory info: ===================================Percentage of memory in use: 58%Total physical RAM: 1022.17 MBAvailable physical RAM: 423.19 MBTotal Pagefile: 2459.48 MBAvailable Pagefile: 1635.61 MBTotal Virtual: 2047.88 MBAvailable Virtual: 1968.45 MB========================= Partitions: =====================================1 Drive c: () (Fixed) (Total:74.32 GB) (Free:13.98 GB) NTFS2 Drive d: (Under the Horse) (CDROM) (Total:1.85 GB) (Free:0 GB) UDF========================= Users: ========================================User accounts for \\LAPTOPAdministrator ASPNET Guest HelpAssistant MOM SUPPORT_388945a0 ========================= Minidump Files ==================================No minidump file found**** End of log **** Checkup.txt Results of screen317's Security Check version 0.99.69 Windows XP Service Pack 4 x86 Out of date service pack!!``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! AVG AntiVirus Free Edition 2013 Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Ad-Aware Malwarebytes Anti-Malware version 1.75.0.1300 Java 6 Update 31 Java version out of Date! Adobe Flash Player 10 Flash Player out of Date! Adobe Flash Player 11.8.800.94 Adobe Reader XI Mozilla Firefox 17.0 Firefox out of Date! ````````Process Check: objlist.exe by Laurent```````` Ad-Aware AAWService.exe is disabled! Ad-Aware AAWTray.exe is disabled! Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe AVG avgwdsvc.exe AVG avgrsx.exe AVG avgnsx.exe AVG avgemc.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: 21% Defragment your hard drive soon! (Do NOT defrag if SSD!)````````````````````End of Log`````````````````````` There ya go! What's next! I am definitely seeing improvement in the computer!! Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 16, 2013 Root Admin ID:703698 Share Posted July 16, 2013 Yes, but it's still having a lot of issue according to the logs. Please try again and remove ALL versions of Java. For now I think you need to temporarily uninstall the following software. Ad-AwareAVG 2013PC Pitstop Then for now so that you still have an antivirus install Microsoft Security Essentials. http://windows.microsoft.com/en-us/windows/security-essentials-download Update it and do a Full System scan and let me know what it finds. Link to post Share on other sites More sharing options...
jules4dee Posted July 18, 2013 Author ID:704262 Share Posted July 18, 2013 Ok, Removed the programs you suggested.Finally was able to run the scan, nothing was found! However, I had a lot of trouble getting the program to update! I had to got to Microsoft website and find an answer for an error code, updated and ran the scan.I was going to update and run once more, just because I was not here while it ran, but now it won't update again and gives me the same error code. Tells me I have no internet connection, but, my internet is working like it always does.So, I'm not entirely sure the scan is correct but, that's what I have!What, if anything is next? Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 18, 2013 Root Admin ID:704267 Share Posted July 18, 2013 Please try to run this Microsoft Fixit for the Windows Desktop SearchThen do the following.Reset Default Permissions:Please download ResetDefaultPerms from here and save it to your desktopClose any open programs and save anything you were working onDouble click on restoredefaultperms.exe to run itOnce it completes it will restart your computerThen reboot the computer and run a new MiniToolBox scan and post back that log. Please download MiniToolBox save it to your desktop and run it.Checkmark the following check-boxes:Flush DNSReport IE Proxy SettingsReset IE Proxy SettingsReport FF Proxy SettingsReset FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList DevicesList Users, Partitions and Memory size.List Minidump FilesClick Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.Note: When using Reset FF Proxy Settings option Firefox should be closed. Link to post Share on other sites More sharing options...
jules4dee Posted July 18, 2013 Author ID:704315 Share Posted July 18, 2013 Result.txt MiniToolBox by Farbar Version: 13-07-2013Ran by MOM (administrator) on 18-07-2013 at 01:37:56Running from "C:\Documents and Settings\MOM\Desktop"Microsoft Windows XP Professional Service Pack 3, v.3264 (X86)Boot Mode: Normal***************************************************************************========================= Flush DNS: ===================================Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.========================= IE Proxy Settings: ==============================Proxy is not enabled.No Proxy Server is set."Reset IE Proxy Settings": IE Proxy Settings were reset.========================= FF Proxy Settings: =============================="Reset FF Proxy Settings": Firefox Proxy settings were reset.========================= Hosts content: =================================127.0.0.1 localhost127.0.0.1 www.007guard.com127.0.0.1 007guard.com127.0.0.1 008i.com127.0.0.1 www.008k.com127.0.0.1 008k.com127.0.0.1 www.00hq.com127.0.0.1 00hq.com127.0.0.1 010402.com127.0.0.1 www.032439.com127.0.0.1 032439.com127.0.0.1 www.1001-search.info127.0.0.1 1001-search.info127.0.0.1 www.100888290cs.com127.0.0.1 100888290cs.com127.0.0.1 www.100sexlinks.com127.0.0.1 100sexlinks.com127.0.0.1 www.10sek.com127.0.0.1 10sek.comThere are 7888 more lines starting with "127.0.0.1"========================= IP Configuration: ================================1394 Net Adapter = 1394 Connection (Disconnected)Broadcom 802.11b/g WLAN = Wireless Network Connection 2 (Connected)Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Media disconnected)# ----------------------------------# Interface IP Configuration # ----------------------------------pushd interface ip# Interface IP Configuration for "Local Area Connection"set address name="Local Area Connection" source=dhcpset dns name="Local Area Connection" source=dhcp register=PRIMARYset wins name="Local Area Connection" source=dhcp# Interface IP Configuration for "Wireless Network Connection 2"set address name="Wireless Network Connection 2" source=dhcpset dns name="Wireless Network Connection 2" source=dhcp register=PRIMARYset wins name="Wireless Network Connection 2" source=dhcppopd# End of interface IP configurationWindows IP Configuration Host Name . . . . . . . . . . . . : LAPTOP Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Broadcast IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : ap41.cspk.wrx.illicom.netEthernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC Physical Address. . . . . . . . . : 00-0F-B0-C2-02-43Ethernet adapter Wireless Network Connection 2: Connection-specific DNS Suffix . : ap41.cspk.wrx.illicom.net Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN Physical Address. . . . . . . . . : 00-14-A5-69-E7-0F Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.0.101 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.0.1 DHCP Server . . . . . . . . . . . : 192.168.0.1 DNS Servers . . . . . . . . . . . : 192.168.0.1 Lease Obtained. . . . . . . . . . : Thursday, July 18, 2013 1:31:20 AM Lease Expires . . . . . . . . . . : Thursday, July 25, 2013 1:31:20 AM1.0.168.192.in-addr.arpa primary name server = localhost responsible mail addr = nobody.invalid serial = 1 refresh = 600 (10 mins) retry = 1200 (20 mins) expire = 604800 (7 days) default TTL = 10800 (3 hours)Server: UnKnownAddress: 192.168.0.1Name: google.com.ap41.cspk.wrx.illicom.netAddress: 67.215.65.145Pinging google.com [74.125.225.103] with 32 bytes of data:Reply from 74.125.225.103: bytes=32 time=20ms TTL=54Reply from 74.125.225.103: bytes=32 time=17ms TTL=54Ping statistics for 74.125.225.103: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 17ms, Maximum = 20ms, Average = 18msServer: UnKnownAddress: 192.168.0.1Name: yahoo.com.ap41.cspk.wrx.illicom.netAddress: 67.215.65.145Pinging yahoo.com [206.190.36.45] with 32 bytes of data:Reply from 206.190.36.45: bytes=32 time=88ms TTL=44Reply from 206.190.36.45: bytes=32 time=90ms TTL=45Ping statistics for 206.190.36.45: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 88ms, Maximum = 90ms, Average = 89msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================Interface List0x1 ........................... MS TCP Loopback interface0x10003 ...00 0f b0 c2 02 43 ...... Realtek RTL8139/810x Family Fast Ethernet NIC0x10004 ...00 14 a5 69 e7 0f ...... Broadcom 802.11b/g WLAN======================================================================================================================================================Active Routes:Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.101 25 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 192.168.0.0 255.255.255.0 192.168.0.101 192.168.0.101 25 192.168.0.101 255.255.255.255 127.0.0.1 127.0.0.1 25 192.168.0.255 255.255.255.255 192.168.0.101 192.168.0.101 25 224.0.0.0 240.0.0.0 192.168.0.101 192.168.0.101 25 255.255.255.255 255.255.255.255 192.168.0.101 10003 1 255.255.255.255 255.255.255.255 192.168.0.101 192.168.0.101 1Default Gateway: 192.168.0.1===========================================================================Persistent Routes: None========================= Winsock entries =====================================Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 18 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)Catalog9 19 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)========================= Event log errors: ===============================Application errors:==================Error: (07/18/2013 01:31:17 AM) (Source: Windows Search Service) (User: )Description: 10x80070002Error: (07/17/2013 11:48:59 PM) (Source: Microsoft Security Client) (User: )Description: mssecurityclientmsseces.exe4.2.223.00x80070424updatecmainwindow__onsignatureupdatestatus0security essentialsNILNILNILError: (07/17/2013 11:44:23 PM) (Source: Microsoft Security Client) (User: )Description: mssecurityclientmsseces.exe4.2.223.00x80070424updatecmainwindow__onsignatureupdatestatus0security essentialsNILNILNILError: (07/17/2013 09:53:25 AM) (Source: Microsoft Security Client) (User: )Description: mssecurityclientmsseces.exe4.2.223.00x80070424updatecmainwindow__onsignatureupdatestatus0security essentialsNILNILNILError: (07/17/2013 09:34:10 AM) (Source: Microsoft Security Client) (User: )Description: mssecurityclientmsseces.exe4.2.223.00x80070424updatecmainwindow__onsignatureupdatestatus0security essentialsNILNILNILError: (07/17/2013 09:30:41 AM) (Source: Microsoft Security Client) (User: )Description: mssecurityclientmsseces.exe4.2.223.00x80070424updatecmainwindow__onsignatureupdatestatus0security essentialsNILNILNILError: (07/17/2013 01:56:16 AM) (Source: MPSampleSubmission) (User: )Description: EventType mptelemetry, P1 0x8050a003, P2 mpupdateengine, P3 am fe, P4 11.1.4406.0, P5 mpsigstub.exe, P6 4.2.223.0, P7 microsoft security essentials, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.Error: (07/17/2013 01:30:21 AM) (Source: Microsoft Security Client) (User: )Description: mssecurityclientmsseces.exe4.2.223.00x80070424updatecmainwindow__onsignatureupdatestatus0security essentialsNILNILNILError: (07/17/2013 01:13:01 AM) (Source: Windows Search Service) (User: )Description: 10x80070002Error: (07/17/2013 01:07:41 AM) (Source: Microsoft Security Client) (User: )Description: mssecurityclientmsseces.exe4.2.223.00x80070424updatecmainwindow__onsignatureupdatestatus0security essentialsNILNILNILSystem errors:=============Error: (07/18/2013 01:33:05 AM) (Source: DCOM) (User: NT AUTHORITY)Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.Error: (07/18/2013 01:32:53 AM) (Source: Service Control Manager) (User: )Description: The following boot-start or system-start driver(s) failed to load:LbdError: (07/18/2013 01:32:53 AM) (Source: Service Control Manager) (User: )Description: The HP CUE DeviceDiscovery Service service hung on starting.Error: (07/18/2013 01:31:18 AM) (Source: Service Control Manager) (User: )Description: The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).Error: (07/18/2013 01:30:45 AM) (Source: Service Control Manager) (User: )Description: The Kodak Camera Connection Software service failed to start due to the following error:%%2Error: (07/18/2013 01:30:13 AM) (Source: DCOM) (User: NT AUTHORITY)Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.Error: (07/17/2013 11:48:48 PM) (Source: Microsoft Antimalware) (User: )Description: %NT AUTHORITY60 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.155.146.0 Update Source: %NT AUTHORITY59 Update Stage: 4.2.0223.00 Source Path: 4.2.0223.01 Signature Type: %NT AUTHORITY602 Update Type: %NT AUTHORITY604 User: NT AUTHORITY\SYSTEM Current Engine Version: %NT AUTHORITY605 Previous Engine Version: %NT AUTHORITY606 Error code: %NT AUTHORITY607 Error description: %NT AUTHORITY608Error: (07/17/2013 11:44:09 PM) (Source: Microsoft Antimalware) (User: )Description: %NT AUTHORITY60 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.155.146.0 Update Source: %NT AUTHORITY59 Update Stage: 4.2.0223.00 Source Path: 4.2.0223.01 Signature Type: %NT AUTHORITY602 Update Type: %NT AUTHORITY604 User: NT AUTHORITY\SYSTEM Current Engine Version: %NT AUTHORITY605 Previous Engine Version: %NT AUTHORITY606 Error code: %NT AUTHORITY607 Error description: %NT AUTHORITY608Error: (07/17/2013 09:37:34 AM) (Source: Microsoft Antimalware) (User: )Description: %NT AUTHORITY60 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.155.146.0 Update Source: %NT AUTHORITY59 Update Stage: 4.2.0223.00 Source Path: 4.2.0223.01 Signature Type: %NT AUTHORITY602 Update Type: %NT AUTHORITY604 User: NT AUTHORITY\SYSTEM Current Engine Version: %NT AUTHORITY605 Previous Engine Version: %NT AUTHORITY606 Error code: %NT AUTHORITY607 Error description: %NT AUTHORITY608Error: (07/17/2013 09:33:53 AM) (Source: Microsoft Antimalware) (User: )Description: %NT AUTHORITY60 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.155.146.0 Update Source: %NT AUTHORITY59 Update Stage: 4.2.0223.00 Source Path: 4.2.0223.01 Signature Type: %NT AUTHORITY602 Update Type: %NT AUTHORITY604 User: NT AUTHORITY\SYSTEM Current Engine Version: %NT AUTHORITY605 Previous Engine Version: %NT AUTHORITY606 Error code: %NT AUTHORITY607 Error description: %NT AUTHORITY608Microsoft Office Sessions:=========================Error: (02/25/2012 11:47:11 PM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 2180 seconds with 1440 seconds of active time. This session ended with a crash.Error: (08/16/2011 10:08:20 PM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 335 seconds with 240 seconds of active time. This session ended with a crash.Error: (02/15/2011 09:29:06 AM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1730 seconds with 420 seconds of active time. This session ended with a crash.Error: (12/28/2010 08:33:33 PM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6548.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 31632 seconds with 2040 seconds of active time. This session ended with a crash.Error: (11/25/2010 00:10:52 AM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 830 seconds with 300 seconds of active time. This session ended with a crash.Error: (09/15/2010 03:50:10 PM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 33 seconds with 0 seconds of active time. This session ended with a crash.Error: (09/11/2010 00:01:36 AM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 891 seconds with 480 seconds of active time. This session ended with a crash.Error: (06/14/2010 07:42:22 PM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 20021 seconds with 1680 seconds of active time. This session ended with a crash.Error: (02/24/2010 10:03:05 AM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 56 seconds with 0 seconds of active time. This session ended with a crash.Error: (02/24/2010 10:01:29 AM) (Source: Microsoft Office 12 Sessions)(User: )Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2902 seconds with 1500 seconds of active time. This session ended with a crash.=========================== Installed Programs ============================32 Bit HP CIO Components Installer (Version: 2.1.5)7-Zip 9.20Acrobat.com (Version: 2.1.0)Acrobat.com (Version: 2.1.0.0)Ad-Aware (Version: 8.0.0)Adobe AIR (Version: 1.5.3.9130)Adobe Flash Player 10 ActiveX (Version: 10.0.22.87)Adobe Flash Player 11 Plugin (Version: 11.8.800.94)Adobe Help Center 2.0 (Version: 2.0.0)Adobe Photoshop Elements 4.0 (Version: 4.0)Adobe Reader XI (11.0.03) (Version: 11.0.03)AI RoboForm (All Users)AIO_Scan (Version: 90.0.189.000)Apple Application Support (Version: 2.1.5)Apple Mobile Device Support (Version: 2.6.0.32)Apple Software Update (Version: 2.1.3.127)Athlon 64 Processor Driver (Version: 1.2.2.2)ATI - Software Uninstall Utility (Version: 6.14.10.1014)ATI Control Panel (Version: 6.14.10.5173)ATI Display Driver (Version: 8.202-051201a2-029034C-HP)AVG 2012 (Version: 12.0.1913)AVG 2012 (Version: 12.0.2171)AVG 2012 (Version: 12.0.2433)AVG 2013 (Version: 2013.0.3349)AVG Security Toolbar (Version: 12.2.5.34)BlackBerry App World Browser Plugin (Version: 3.1.1.4)BlackBerry Desktop Software 7.1 (Version: 7.1.0.32)BlackBerry Device Software Updater (Version: 6.0.1.37)Broadcom 802.11 Wireless LAN Adapter (Version: 4.100.15.5)BufferChm (Version: 90.0.146.000)C7200 (Version: 90.0.189.000)C7200_doccd (Version: 90.0.189.000)c7200_Help (Version: 90.0.189.000)CameraDrivers (Version: 5.0.0.328)Celestia 1.4.0Cisco Network Magic (Version: 5.5.09195.0)Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)Conexant AC-Link AudioCopy (Version: 90.0.146.000)Dannon Recipe Box 1.0.0.27Destination Component (Version: 090.000.091.086)DeviceDiscovery (Version: 110.0.180.000)DocProc (Version: 9.0.0.0)DocProcQFolder (Version: 1.00.0000)Drive Manager (Version: 1.00.0012)Duplicate Photo CleanerDVD Shrink 3.2EdgeStreamClient 2.2.5.0ERUNT 1.1jEvernote v. 4.6.6 (Version: 4.6.6.8360)Fax (Version: 120.0.194.000)FLV PlayerForm Fill (Windows Live Toolbar) (Version: 03.01.0146)getPlus® for Adobe (Version: 1.5.2.35)Google Toolbar for Internet Explorer (Version: 1.0.0)Google Update Helper (Version: 1.3.21.153)HP BatteryCheck 1.00 A7 (Version: 1.00 A7)HP Help and Support (Version: 4.1.0008)HP Photosmart 330,380,420,470,7800,8000,8200 Series (Version: 8.1)HP Photosmart Essential2.01 (Version: 1.01.0000)HP Product Assistant (Version: 100.000.001.000)HP Smart Web Printing (Version: 2.15.7.0)HP Update (Version: 5.003.001.001)HP User Guides 0008 (Version: 1.05.0000)HP Wireless Assistant 1.01 C1 (Version: 1.01 C1)HP_Network_UserGuide (Version: 1.00.0000)HPProductAssistant (Version: 90.0.146.000)HpSdpAppCoreApp (Version: 3.00.0000)HPSSupply (Version: 2.2.0.0000)InterVideo WinDVD (Version: 5.0-B11.662)Java Auto Updater (Version: 2.1.9.0)Java 6 Update 31 (Version: 6.0.310)Junk Mail filter update (Version: 14.0.8117.416)JustCloud Setup (Version: 1.0.0.08)Lavasoft Personal Firewall 1.0 (Version: 1.0)Learn2 Player (Uninstall Only)LightScribe 1.4.105.1 (Version: 1.4.105.1)Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)Map Button (Windows Live Toolbar) (Version: 03.01.0146)MarketResearch (Version: 90.0.146.000)Maxtor Manager (Version: 4.01.0303)Microsoft .NET Framework 1.1 (Version: 1.1.4322)Microsoft .NET Framework 1.1 Hotfix (KB928366)Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)Microsoft .NET Framework 3.5 SP1Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)Microsoft .NET Framework 4 Extended (Version: 4.0.30320)Microsoft Application Error Reporting (Version: 12.0.6012.5000)Microsoft Choice Guard (Version: 2.0.48.0)Microsoft IntelliPoint 7.0 (Version: 7.0.260.0)Microsoft Location Finder (Version: 3.0)Microsoft Office 2007 Service Pack 2 (SP2)Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)Microsoft Office OneNote 2007 (Version: 12.0.6425.1000)Microsoft Office OneNote 2007 Trial (Version: 12.0.6425.1000)Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)Microsoft Office Outlook 2007 (Version: 12.0.6425.1000)Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (Version: 12.0.4518.1014)Microsoft Search Enhancement Pack (Version: 3.0.127.0)Microsoft Security Client (Version: 4.2.0223.1)Microsoft Security Essentials (Version: 4.2.223.1)Microsoft Silverlight (Version: 5.1.20513.0)Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6425.1000)Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60816.0)Microsoft Works (Version: 08.04.0623)Motorola Phone Tools (Version: 4.30)Motorola Phone Tools (Version: 5.00)Move Networks Media Player for Internet ExplorerMozilla Firefox 17.0 (x86 en-US) (Version: 17.0)Mozilla Maintenance Service (Version: 22.0)MSNMSVC80_x86 (Version: 1.0.1.0)MSVCRT (Version: 14.0.1468.721)MSXML 4.0 SP2 (KB925672) (Version: 4.20.9839.0)MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)MSXML 6.0 Parser (Version: 6.10.1129.0)muvee autoProducer 4.0 - SE (Version: 4.00.050)neroxml (Version: 1.0.0)NetDeviceManager (Version: 90.0.146.000)NetDeviceManager (Version: 90.0.192.000)NetWaiting (Version: 2.5.25)Network Magic (Version: 5.5.9195.0)NTI Backup Now EZ (Version: 2.5.2.56)Octoshape add-in for Adobe Flash PlayerOctoshape Streaming ServicesOneCare Advisor (Windows Live Toolbar) (Version: 03.01.0159.04)OpenOffice.org Installer 1.0 (Version: 1.0.9221)OutlookTools 2 (Version: 2.1.0)PanoStandAlone (Version: 90.0.146.000)PC Connectivity Solution (Version: 9.13.1.0)PC World ToolbarPicasa 3 (Version: 3.9)Popup Blocker (Windows Live Toolbar) (Version: 03.01.0146)Post-it® Software Notes LitePrint Screen DeluxePS_AIO_02_ProductContext (Version: 90.0.189.000)PS_AIO_02_Software (Version: 90.0.189.000)PS_AIO_02_Software_min (Version: 90.0.189.000)PS8200 (Version: 8.01.0000)PSPrinters08 (Version: 8.01.0000)PSSWCORE (Version: 2.01.0000)PSTAPlugin (Version: 8.01.0000)Pure Networks Platform (Version: 11.2.09195.1)Quick Launch Buttons 5.20 G1 (Version: 5.20 G1)QuickTime (Version: 7.71.80.42)RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)RealPlayerREALTEK Gigabit and Fast Ethernet NIC Driver (Version: 1.80)RealUpgrade 1.1 (Version: 1.1.0)Rhapsody Player Engine (Version: 1.0.604)Rhapsody Player Engine (Version: 1.1.0)Samsung Kies (Version: 2.5.3.13043_14)SAMSUNG USB Driver for Mobile Phones (Version: 1.5.23.0)Scan (Version: 9.0.0.0)Segoe UI (Version: 14.0.4327.805)Smart Menus (Windows Live Toolbar) (Version: 03.01.0146)SMS-it Outlook InterfaceSMS-it!Soft Data Fax Modem with SmartCPSolutionCenter (Version: 90.0.146.000)Sonic Audio Module (Version: 2.0.0.1)Sonic Copy Module (Version: 2.0.0.1)Sonic Data Module (Version: 2.0.0.1)Sonic Express Labeler (Version: 2.0.0)Sonic MyDVD Plus (Version: 6.1.3)Sonic Update Manager (Version: 3.0.0)SonicAC3Encoder (Version: 1.00.0000)SonicMPEGEncoder (Version: 1.00.0000)Status (Version: 110.0.180.000)Texas Instruments PCIxx21/x515/xx12 drivers. (Version: 1.20.0000)The Weather Channel AppTIPCI (Version: 1.20.0000)Toolbox (Version: 90.0.146.000)TrayApp (Version: 110.0.180.000)TrillianU3Launcher (Version: 1.0.0)Unity Web Player (Version: )Unload (Version: 5.0.0)UnloadSupport (Version: 9.0.0)Update for 2007 Microsoft Office System (KB967642)Update for Microsoft Office OneNote 2007 (KB980729)Update for Microsoft Office Outlook 2007 (KB2412171)Update for Outlook 2007 Junk Email Filter (KB2508979)Update Rollup 2 for Windows XP Media Center Edition 2005URGE (Version: 1.1.8115.0)VideoToolkit01 (Version: 90.0.146.000)Viewpoint Media PlayerVisual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)Visual Studio 2005 Tools for Office Second Edition RuntimeWebEx Support Manager for Internet Explorer (Version: 6.5.4917)WebFldrs XP (Version: 9.50.7523)WebReg (Version: 90.0.146.000)Widevine Media Transformer Plugin 5.0.0 (Version: 5.0.0.4679)Winamp (remove only)Windows Driver Package - Nokia Modem (03/05/2008 3.7) (Version: 03/05/2008 3.7)Windows Driver Package - Nokia Modem (03/13/2008 6.86.0.1) (Version: 03/13/2008 6.86.0.1)Windows Driver Package - Nokia Modem (05/22/2008 3.8) (Version: 05/22/2008 3.8)Windows Driver Package - Nokia Modem (05/22/2008 7.00.0.1) (Version: 05/22/2008 7.00.0.1)Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0018.5)Windows Genuine Advantage Validation Tool (KB892130)Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0036.0)Windows Internet Explorer 7 (Version: 20061107.210142)Windows Internet Explorer 8 (Version: 20090308.140743)Windows Live Communications Platform (Version: 14.0.8117.416)Windows Live Essentials (Version: 14.0.8117.0416)Windows Live Essentials (Version: 14.0.8117.416)Windows Live Family Safety (Version: 14.0.8118.427)Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)Windows Live Mail (Version: 14.0.8117.0416)Windows Live Outlook Toolbar (Windows Live Toolbar) (Version: 03.01.0146)Windows Live Photo Gallery (Version: 14.0.8117.416)Windows Live Toolbar (Version: 14.0.8117.416)Windows Live Toolbar Extension (Windows Live Toolbar) (Version: 03.01.0146)Windows Live Toolbar Feed Detector (Windows Live Toolbar) (Version: 03.01.0146)Windows Live Writer (Version: 14.0.8117.0416)Windows Media Format 11 runtimeWindows Media Player 11Windows Media Player Firefox Plugin (Version: 1.0.0.8)Wireless Home Network Setup (Version: 1.1.154.1)Zinio Reader========================= Devices: ================================Name: ACPI Uniprocessor PCDescription: ACPI Uniprocessor PCClass Guid: {4D36E966-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard computers)Service: \Driver\ACPI_HALName: Microsoft ACPI-Compliant SystemDescription: Microsoft ACPI-Compliant SystemClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: ACPIName: AMD Turion 64 Mobile Technology ML-40Description: AMD K8 ProcessorClass Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}Manufacturer: Advanced Micro DevicesService: AmdK8Name: ACPI LidDescription: ACPI LidClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: ACPI Power ButtonDescription: ACPI Power ButtonClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: Microsoft Windows Management Interface for ACPIDescription: Microsoft Windows Management Interface for ACPIClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: WmiAcpiName: PCI busDescription: PCI busClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: pciName: PCI standard host CPU bridgeDescription: PCI standard host CPU bridgeClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: PCI standard PCI-to-PCI bridgeDescription: PCI standard PCI-to-PCI bridgeClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: pciName: ATI MOBILITY RADEON Xpress 200 SeriesDescription: ATI MOBILITY RADEON Xpress 200 SeriesClass Guid: {4D36E968-E325-11CE-BFC1-08002BE10318}Manufacturer: ATI Technologies Inc.Service: ati2mtagName: Generic TelevisionDescription: Generic TelevisionClass Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard monitor types)Service:Name: Plug and Play MonitorDescription: Plug and Play MonitorClass Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard monitor types)Service:Name: Default MonitorDescription: Default MonitorClass Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard monitor types)Service:Name: PCI standard PCI-to-PCI bridgeDescription: PCI standard PCI-to-PCI bridgeClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: pciName: Standard OpenHCD USB Host ControllerDescription: Standard OpenHCD USB Host ControllerClass Guid: {36FC9E60-C465-11CF-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbohciName: USB Root HubDescription: USB Root HubClass Guid: {36FC9E60-C465-11CF-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbhubName: USB Human Interface DeviceDescription: USB Human Interface DeviceClass Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}Manufacturer: (Standard system devices)Service: HidUsbName: HID-compliant mouseDescription: HID-compliant mouseClass Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: mouhidName: HID-compliant deviceDescription: HID-compliant deviceClass Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}Manufacturer: (Standard system devices)Service:Name: Standard OpenHCD USB Host ControllerDescription: Standard OpenHCD USB Host ControllerClass Guid: {36FC9E60-C465-11CF-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbohciName: USB Root HubDescription: USB Root HubClass Guid: {36FC9E60-C465-11CF-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbhubName: Standard Enhanced PCI to USB Host ControllerDescription: Standard Enhanced PCI to USB Host ControllerClass Guid: {36FC9E60-C465-11CF-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbehciName: USB Root HubDescription: USB Root HubClass Guid: {36FC9E60-C465-11CF-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbhubName: ATI SMBusDescription: ATI SMBusClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: ATI Technologies IncService:Name: Standard Dual Channel PCI IDE ControllerDescription: Standard Dual Channel PCI IDE ControllerClass Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard IDE ATA/ATAPI controllers)Service: pciideName: Primary IDE ChannelDescription: Primary IDE ChannelClass Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard IDE ATA/ATAPI controllers)Service: atapiName: FUJITSU MHV2080AHDescription: Disk driveClass Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard disk drives)Service: diskName: Secondary IDE ChannelDescription: Secondary IDE ChannelClass Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard IDE ATA/ATAPI controllers)Service: atapiName: TSSTcorp CD/DVDW TS-L532MDescription: CD-ROM DriveClass Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard CD-ROM drives)Service: cdromName: PCI standard ISA bridgeDescription: PCI standard ISA bridgeClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: isapnpName: ISAPNP Read Data PortDescription: ISAPNP Read Data PortClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: Direct memory access controllerDescription: Direct memory access controllerClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: Numeric data processorDescription: Numeric data processorClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: Programmable interrupt controllerDescription: Programmable interrupt controllerClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: System CMOS/real time clockDescription: System CMOS/real time clockClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: System speakerDescription: System speakerClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: System timerDescription: System timerClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: Quick Launch ButtonsDescription: Quick Launch ButtonsClass Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}Manufacturer: Hewlett-PackardService: i8042prtName: PS/2 Compatible MouseDescription: PS/2 Compatible MouseClass Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: i8042prtName: Motherboard resourcesDescription: Motherboard resourcesClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: System boardDescription: System boardClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: Microsoft ACPI-Compliant Embedded ControllerDescription: Microsoft ACPI-Compliant Embedded ControllerClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: ACPIECName: Microsoft ACPI-Compliant Control Method BatteryDescription: Microsoft ACPI-Compliant Control Method BatteryClass Guid: {72631E54-78A4-11D0-BCF7-00AA00B7B32A}Manufacturer: MicrosoftService: CmBattName: Microsoft AC AdapterDescription: Microsoft AC AdapterClass Guid: {72631E54-78A4-11D0-BCF7-00AA00B7B32A}Manufacturer: MicrosoftService: CmBattName: PCI standard PCI-to-PCI bridgeDescription: PCI standard PCI-to-PCI bridgeClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: pciName: Broadcom 802.11b/g WLANDescription: Broadcom 802.11b/g WLANClass Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: BroadcomService: BCM43XXName: Texas Instruments PCIxx21 Cardbus ControllerDescription: Generic CardBus ControllerClass Guid: {4D36E977-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: pcmciaName: Texas Instruments OHCI Compliant IEEE 1394 Host ControllerDescription: Texas Instruments OHCI Compliant IEEE 1394 Host ControllerClass Guid: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F}Manufacturer: Texas InstrumentsService: ohci1394Name: 1394 Net AdapterDescription: 1394 Net AdapterClass Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: NIC1394Problem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.Name: Texas Instruments PCIxx21 Integrated FlashMedia ControllerDescription: Texas Instruments PCIxx21 Integrated FlashMedia ControllerClass Guid: {4D36E970-E325-11CE-BFC1-08002BE10318}Manufacturer: Texas Instruments IncService: tifm21Name: SDA Standard Compliant SD Host ControllerDescription: SDA Standard Compliant SD Host ControllerClass Guid: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6}Manufacturer: SDA Standard Compliant SD Host Controller VendorService: sdbusName: Realtek RTL8139/810x Family Fast Ethernet NICDescription: Realtek RTL8139/810x Family Fast Ethernet NICClass Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: Realtek Semiconductor Corp.Service: RTL8023xpName: Conexant AC-Link AudioDescription: Conexant AC-Link AudioClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: ConexantService: CAMCAUDName: AC97 Soft Data Fax Modem with SmartCPDescription: AC97 Soft Data Fax Modem with SmartCPClass Guid: {4D36E96D-E325-11CE-BFC1-08002BE10318}Manufacturer: CXTService: ModemName: PCI standard host CPU bridgeDescription: PCI standard host CPU bridgeClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: PCI standard host CPU bridgeDescription: PCI standard host CPU bridgeClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: PCI standard host CPU bridgeDescription: PCI standard host CPU bridgeClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: PCI standard host CPU bridgeDescription: PCI standard host CPU bridgeClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: Motherboard resourcesDescription: Motherboard resourcesClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: ACPI Thermal ZoneDescription: ACPI Thermal ZoneClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: ACPI Fixed Feature ButtonDescription: ACPI Fixed Feature ButtonClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service:Name: Microsoft Composite BatteryDescription: Microsoft Composite BatteryClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: CompbattName: Logical Disk ManagerDescription: Logical Disk ManagerClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: dmioName: Volume ManagerDescription: Volume ManagerClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: ftdiskName: Generic volumeDescription: Generic volumeClass Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}Manufacturer: MicrosoftService:Name: Generic volumeDescription: Generic volumeClass Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}Manufacturer: MicrosoftService:Name: AFDDescription: AFDClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: AFDName: AliIdeDescription: AliIdeClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: AliIdeName: 1394 ARP Client ProtocolDescription: 1394 ARP Client ProtocolClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: Arp1394Name: BeepDescription: BeepClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: BeepName: dmbootDescription: dmbootClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: dmbootName: dmloadDescription: dmloadClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: dmloadName: EABFiltrDescription: EABFiltrClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: EABFiltrName: esgiguardDescription: esgiguardClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: esgiguardName: FipsDescription: FipsClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: FipsName: FssFltrDescription: FssFltrClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: fssfltrName: Generic Packet ClassifierDescription: Generic Packet ClassifierClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: GpcName: HTTPDescription: HTTPClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: HTTPName: IntelIdeDescription: IntelIdeClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: IntelIdeName: IP Traffic Filter DriverDescription: IP Traffic Filter DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: IpFilterDriverName: IP Network Address TranslatorDescription: IP Network Address TranslatorClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: IpNatName: IPSEC driverDescription: IPSEC driverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: IPSecName: ksecddDescription: ksecddClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: ksecddName: Lavasoft helper driverDescription: Lavasoft helper driverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: Lavasoft KernexplorerName: MCSTRMDescription: MCSTRMClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: MCSTRMName: mdmxsdkDescription: mdmxsdkClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: mdmxsdkName: mnmddDescription: mnmddClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: mnmddName: mountmgrDescription: mountmgrClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: mountmgrName: NDIS System DriverDescription: NDIS System DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NDISName: Remote Access NDIS TAPI DriverDescription: Remote Access NDIS TAPI DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NdisTapiName: NDIS Usermode I/O ProtocolDescription: NDIS Usermode I/O ProtocolClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NdisuioName: NDProxyDescription: NDProxyClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NDProxyName: NetBios over TcpipDescription: NetBios over TcpipClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NetBTName: NullDescription: NullClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NullName: PartMgrDescription: PartMgrClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: PartMgrName: ParVdmDescription: ParVdmClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: ParVdmName: Pure Networks Device Discovery DriverDescription: Pure Networks Device Discovery DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: pnarpName: Pure Networks Wireless DriverDescription: Pure Networks Wireless DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: purendisName: Remote Access Auto Connection DriverDescription: Remote Access Auto Connection DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: RasAcdName: RDPCDDDescription: RDPCDDClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: RDPCDDName: TCP/IP Protocol DriverDescription: TCP/IP Protocol DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: TcpipName: TVICHW32Description: TVICHW32Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: TVICHW32Name: VgaSaveDescription: VgaSaveClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: VgaSaveName: ViaIdeDescription: ViaIdeClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: ViaIdeName: VolSnapDescription: VolSnapClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: VolSnapName: Remote Access IP ARP DriverDescription: Remote Access IP ARP DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: WanarpName: Wdf01000Description: Wdf01000Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: Wdf01000Name: Windows Driver Foundation - User-mode Driver Framework Platform DriverDescription: Windows Driver Foundation - User-mode Driver Framework Platform DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: WudfPfName: Audio CodecsDescription: Audio CodecsClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: audstubName: Legacy Audio DriversDescription: Legacy Audio DriversClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: audstubName: Media Control DevicesDescription: Media Control DevicesClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: audstubName: Legacy Video Capture DevicesDescription: Legacy Video Capture DevicesClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: audstubName: Video CodecsDescription: Video CodecsClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: audstubName: Standard ModemDescription: Standard ModemClass Guid: {4D36E96D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard Modem Types)Service: ModemName: WAN Miniport (L2TP)Description: WAN Miniport (L2TP)Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: Rasl2tpName: WAN Miniport (IP)Description: WAN Miniport (IP)Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: NdisWanName: WAN Miniport (PPPOE)Description: WAN Miniport (PPPOE)Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: RasPppoeName: WAN Miniport (PPTP)Description: WAN Miniport (PPTP)Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: PptpMiniportName: Realtek RTL8139/810x Family Fast Ethernet NIC - Packet Scheduler MiniportDescription: Packet Scheduler MiniportClass Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: PSchedName: WAN Miniport (IP) - Packet Scheduler MiniportDescription: Packet Scheduler MiniportClass Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: PSchedName: Broadcom 802.11b/g WLAN - Packet Scheduler MiniportDescription: Packet Scheduler MiniportClass Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: PSchedName: Direct ParallelDescription: Direct ParallelClass Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: RasptiName: Photosmart C7200 seriesDescription: Photosmart C7200 seriesClass Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}Manufacturer: HPService:Problem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.Name: pcouffin device for 32 bits systemsDescription: pcouffin device for 32 bits systemsClass Guid: {FF646F80-8DEF-11D2-9449-00105A075F6B}Manufacturer: VSO SoftwareService: pcouffinName: RIM Virtual Serial Port v2 (COM5)Description: RIM Virtual Serial Port v2Class Guid: {4D36E978-E325-11CE-BFC1-08002BE10318}Manufacturer: RIM Virtual Serial PortsService: RimVSerPortName: RIM Virtual Serial Port v2 (COM6)Description: RIM Virtual Serial Port v2Class Guid: {4D36E978-E325-11CE-BFC1-08002BE10318}Manufacturer: RIM Virtual Serial PortsService: RimVSerPortName: Terminal Server Device RedirectorDescription: Terminal Server Device RedirectorClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: rdpdrName: Terminal Server Keyboard DriverDescription: Terminal Server Keyboard DriverClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: TermDDName: Terminal Server Mouse DriverDescription: Terminal Server Mouse DriverClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: TermDDName: Plug and Play Software Device EnumeratorDescription: Plug and Play Software Device EnumeratorClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: swenumName: Microsoft WINMM WDM Audio Compatibility DriverDescription: Microsoft WINMM WDM Audio Compatibility DriverClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: wdmaudName: Microsoft Kernel System Audio DeviceDescription: Microsoft Kernel System Audio DeviceClass Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}Manufacturer: MicrosoftService: sysaudioName: Microcode Update DeviceDescription: Microcode Update DeviceClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: updateName: Microsoft System Management BIOS DriverDescription: Microsoft System Management BIOS DriverClass Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}Manufacturer: (Standard system devices)Service: mssmbiosName: Nokia 6085Description: Nokia Windows Portable Device DriverClass Guid: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}Manufacturer: NokiaService: WUDFRdProblem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.Name: Nokia 6085Description: Nokia 6085Class Guid: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}Manufacturer: NokiaService: WUDFRdProblem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.========================= Memory info: ===================================Percentage of memory in use: 64%Total physical RAM: 1022.17 MBAvailable physical RAM: 362.82 MBTotal Pagefile: 2459.74 MBAvailable Pagefile: 1658.32 MBTotal Virtual: 2047.88 MBAvailable Virtual: 1968.45 MB========================= Partitions: =====================================1 Drive c: () (Fixed) (Total:74.32 GB) (Free:13.85 GB) NTFS2 Drive d: (Under the Horse) (CDROM) (Total:1.85 GB) (Free:0 GB) UDF========================= Users: ========================================User accounts for \\LAPTOPAdministrator ASPNET Guest HelpAssistant MOM SUPPORT_388945a0 ========================= Minidump Files ==================================No minidump file found**** End of log **** Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 18, 2013 Root Admin ID:704322 Share Posted July 18, 2013 Please see if you can uninstall both of these or not or if it gives you an error trying to uninstall them. First try to remove them from the Control Panel, Add/Remove and if that does not work then try this. Microsoft Security ClientMicrosoft Security EssentialsMicrosoft Security Essentials Removal Tool Let me know how that works out. Link to post Share on other sites More sharing options...
jules4dee Posted July 19, 2013 Author ID:704705 Share Posted July 19, 2013 I was able to uninstall Microsoft Security Essentials but could not find or uninstall Microsoft Security Client. I used the link provided which took me to Microsoft fix it, it says "processing" then "this Microsoft fix it has been processed" and I get a window that gives me options for "tell us what you think", "get help online now", and "read more about fix it".I'm not sure where you want me to go from here! I did search the "get help online now" but all I can find is how to uninstall Essentials but nothing about Client. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 19, 2013 Root Admin ID:704767 Share Posted July 19, 2013 Please visit this webpage and read the ComboFix User's Guide: We'll use it to help us clean up any left over items of MSE too.Once you've read the article and are ready to use the program you can download it directly from the link below.Important! - Please make sure you save combofix to your desktop and do not run it from your browserDirect download link for: ComboFix.exePlease make sure you disable your security applications before running ComboFix.Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.Please attach that log file to your next reply.If needed the file can be located here: C:\combofix.txtNOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer. Link to post Share on other sites More sharing options...
jules4dee Posted July 19, 2013 Author ID:704780 Share Posted July 19, 2013 Here is the log from the last scan.I am having problems with my computer shutting down unexpectedly. It seems to be running very hot. I have 2 fans running on it to get the scan done. I'm not sure if it's something we have done here or if it's just because it is old. Maybe you can tell from the scans.I do not have anything on here for virus or malware protection, you had me uninstall everything. I there a free program you would suggest since, obviously what I had, wasn't working? ComboFix 13-07-18.04 - MOM 07/19/2013 2:20.2.1 - x86Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.320 [GMT -5:00]Running from: c:\documents and settings\MOM\Desktop\ComboFix.exeAV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..---- Previous Run -------.c:\documents and settings\All Users\Application Data\1jt85an2g145o0y0qqomr582hicxyqw1rs8c:\documents and settings\All Users\Application Data\TEMPc:\documents and settings\MOM\Application Data\inst.exec:\documents and settings\MOM\Local Settings\Application Data\1jt85an2g145o0y0qqomr582hicxyqw1rs8c:\documents and settings\MOM\Local Settings\Application Data\assembly\tmpc:\documents and settings\MOM\Templates\1jt85an2g145o0y0qqomr582hicxyqw1rs8c:\documents and settings\MOM\WINDOWSC:\install.exec:\windows\system32\AutoRun.infc:\windows\system32\azip32.dllc:\windows\system32\BSTIEPrintCtl1.dllc:\windows\system32\Cachec:\windows\system32\Cache\23bb55a8d32a3cf5.fbc:\windows\system32\Cache\272512937d9e61a4.fbc:\windows\system32\Cache\287204568329e189.fbc:\windows\system32\Cache\28bc8f716fd76a47.fbc:\windows\system32\Cache\2c53092c95605355.fbc:\windows\system32\Cache\31a0997e9a5b5eb3.fbc:\windows\system32\Cache\32c84fe32bb74d60.fbc:\windows\system32\Cache\3917078cb68ec657.fbc:\windows\system32\Cache\3b707e1113125f1a.fbc:\windows\system32\Cache\590ba23ce359fd0c.fbc:\windows\system32\Cache\610289e025a3ee9a.fbc:\windows\system32\Cache\651c5d3cdbfb8bd1.fbc:\windows\system32\Cache\6c59ac5e7e7a3ad0.fbc:\windows\system32\Cache\6d03dad1035885d3.fbc:\windows\system32\Cache\a8556537add6dfc5.fbc:\windows\system32\Cache\ad10a52aff5e038d.fbc:\windows\system32\Cache\b13f4065d2d36363.fbc:\windows\system32\Cache\b1e6e14a07e5eac2.fbc:\windows\system32\Cache\c1fa887b03019701.fbc:\windows\system32\Cache\c4d28dca2e7648be.fbc:\windows\system32\Cache\c9a92d386551a457.fbc:\windows\system32\Cache\d201ef9910cd39de.fbc:\windows\system32\Cache\d2e94710a5708128.fbc:\windows\system32\Cache\d79b9dfe81484ec4.fbc:\windows\system32\Cache\dac9f147750532fb.fbc:\windows\system32\Cache\e0de16f883bea794.fbc:\windows\system32\Cache\f998975c9cc711ee.fbc:\windows\system32\drivers\etc\hosts.icsc:\windows\system32\muzapp.exec:\windows\wininit.ini..((((((((((((((((((((((((( Files Created from 2013-06-19 to 2013-07-19 )))))))))))))))))))))))))))))))..2013-07-19 07:11 . 2013-07-19 07:12 -------- d-----w- c:\windows\LastGood2013-07-18 23:05 . 2013-07-19 01:31 2036 -c--a-w- C:\FixitRegBackup.reg2013-07-18 06:16 . 2004-06-11 21:33 290304 ----a-w- c:\windows\subinacl.exe2013-07-17 06:56 . 2013-05-02 07:06 238872 ------w- c:\windows\system32\MpSigStub.exe2013-07-11 22:00 . 2013-07-13 22:51 -------- dc----w- C:\FRST2013-07-11 01:33 . 2013-07-11 01:33 -------- d-----w- c:\windows\ERUNT2013-07-10 22:41 . 2013-07-11 00:20 -------- dc----w- c:\documents and settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)2013-07-10 22:31 . 2013-04-21 01:10 985 ----a-w- c:\windows\win.tmp2013-07-10 22:31 . 2013-02-13 22:07 227 ----a-w- c:\windows\system.tmp2013-07-10 22:30 . 2013-07-10 22:31 -------- dc----w- c:\program files\ERUNT2013-07-01 19:48 . 2013-07-01 19:48 -------- dc----w- c:\documents and settings\MOM\Application Data\Malwarebytes2013-07-01 19:47 . 2013-07-01 19:47 -------- dc----w- c:\documents and settings\All Users\Application Data\Malwarebytes2013-07-01 19:47 . 2013-07-01 19:48 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware2013-07-01 19:47 . 2013-04-04 19:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-07-14 22:49 . 2012-04-11 01:04 692104 -c--a-w- c:\windows\system32\FlashPlayerApp.exe2013-07-14 22:49 . 2011-05-15 04:07 71048 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-19 204288]"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2013-04-23 1561968]"KiesAirMessage"="c:\program files\Samsung\Kies\KiesAirMessage.exe" [2013-04-18 578560].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2009-07-07 647216]"nmapp"="c:\program files\Pure Networks\Network Magic\nmapp.exe" [2010-01-27 472112]"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952]"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-06 64512]"Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2005-08-01 233534]"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-12-02 344064]"BackupNowEZtray"="c:\program files\NTI\NTI Backup Now EZ\BackupNowEZtray.exe" [2012-07-23 580672]"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2013-04-23 311152]"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576].[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2010-10-02 160328]"swg"="c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [bU].[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]"adaware"="reg.exe delete HKCU\Software\AppDataLow\Software\adaware" [X]"adaware_XP"="reg.exe delete HKCU\Software\adaware" [X].c:\documents and settings\MOM\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE %SystemRoot%\ERDNT\AutoBackup\#Date# /noconfirmdelete /noprogresswindow [2005-10-20 38912]EvernoteTray.lnk - c:\program files\Evernote\Evernote\EvernoteTray.exe [2013-5-22 395104].[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400].[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]avgrsstx.dll [bU].[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]@="Driver".[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup.[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk]backup=c:\windows\pss\America Online 9.0 Tray Icon.lnkCommon Startup.[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup.[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnkbackup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup.[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^LaunchU3.exe.lnk]backup=c:\windows\pss\LaunchU3.exe.lnkCommon Startup.[HKLM\~\startupfolder\C:^Documents and Settings^MOM^Start Menu^Programs^Startup^AOL Desktop.lnk]path=c:\documents and settings\MOM\Start Menu\Programs\Startup\AOL Desktop.lnkbackup=c:\windows\pss\AOL Desktop.lnkStartup.[HKLM\~\startupfolder\C:^Documents and Settings^MOM^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup.[HKLM\~\startupfolder\C:^Documents and Settings^MOM^Start Menu^Programs^Startup^Webshots.lnk]backup=c:\windows\pss\Webshots.lnkStartupHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed LauncherHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAYHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FolderShareHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop SearchHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelperHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KodakShareButtonAppHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite TrayHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PhotoShow Deluxe Media ManagerHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media DetectorHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnhHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Live FolderShareHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinPatrol.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]2005-09-09 07:18 57344 -c----w- c:\program files\Adobe\Photoshop Elements 4.0\apdproxy.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]c:\program files\IObit\Advanced SystemCare 3\AWC.exe [bU].[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]c:\program files\Common Files\AOL\ACS\AOLDial.exe [bU].[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]c:\program files\Common Files\Symantec Shared\ccApp.exe [bU].[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DW7]2013-02-07 04:40 13102080 -c--a-w- c:\program files\The Weather Channel\The Weather Channel App\TWCApp.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]c:\program files\Common Files\AOL\1141165329\ee\AOLSoftware.exe [bU].[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]2005-05-04 18:59 794624 -c----w- c:\program files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]2009-05-26 19:16 1468296 -c--a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IS CfgWiz]c:\program files\Norton Internet Security\cfgwiz.exe [bU].[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]2007-12-01 06:26 1695232 -c----w- c:\program files\Messenger\msmsgs.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Octoshape Streaming Services]2009-01-12 13:42 70936 -c----w- c:\documents and settings\MOM\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]2012-04-19 01:56 421888 -c--a-w- c:\program files\QuickTime\QTTask.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]2011-12-01 09:10 499312 -c--a-w- c:\program files\Real\RealPlayer\realplay.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoboForm]2010-10-02 05:47 160328 -c--a-w- c:\program files\Siber Systems\AI RoboForm\robotaskbaricon.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt]c:\program files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe [bU].[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]2011-12-01 09:10 296056 -c--a-w- c:\program files\Real\RealPlayer\Update\realsched.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2]c:\program files\Uniblue\RegistryBooster 2\RegistryBooster.exe [bU].[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Weather]c:\program files\AWS\WeatherBug\Weather.exe [bU].[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]"iPodService"=3 (0x3).[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\Messenger\\msmsgs.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="c:\\Program Files\\Adobe\\Photoshop Elements 4.0\\AdobePhotoshopElementsMediaServer.exe"="c:\\Program Files\\Hp\\HPNetworkAssistant\\HPNetworkAssistant.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqste08.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpofxm08.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposfx08.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposid01.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqscnvw.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqkygrp.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpzwiz01.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqPhUnl.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqDIA.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpoews01.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqnrs08.exe"="c:\\Documents and Settings\\MOM\\Application Data\\Octoshape\\Octoshape Streaming Services\\OctoshapeClient.exe"="c:\\Program Files\\Mozilla Firefox\\firefox.exe"="c:\\Program Files\\Trillian\\trillian.exe"="c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe"= c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet,0.0.0.0/255.255.255.255:Enabled:Pure Networks Platform Service.[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]"67:UDP"= 67:UDP:DHCP Discovery Service"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009.R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [7/1/2013 2:47 PM 418376]R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7/1/2013 2:47 PM 701512]R2 NTI BackupNowEZSvr;NTI BackupNowEZSvr;c:\program files\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe [9/23/2011 10:51 PM 45592]R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [5/3/2013 2:06 AM 83864]R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [8/22/2005 4:06 AM 231424]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/1/2013 2:47 PM 22856]R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [6/1/2008 10:05 PM 47360]R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [5/3/2013 2:06 AM 181912]S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [8/23/2012 6:13 AM 26984]S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]S3 GoogleDesktopManager-093009-130223;Google Desktop Manager 5.9.909.30391;"c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" --> c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [?]S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [4/26/2010 6:03 PM 19712]S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [4/26/2010 6:03 PM 8320]S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [4/26/2010 6:03 PM 42752]S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [8/10/2004 10:00 AM 14336]S4 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\PCPitstop\PCPitstopScheduleService.exe --> c:\program files\PCPitstop\PCPitstopScheduleService.exe [?].--- Other Services/Drivers In Memory ---.*NewlyCreated* - WS2IFSL*NewlyCreated* - WUAUSERV.[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvcHPService REG_MULTI_SZ HPSLPSVCgetPlusHelper REG_MULTI_SZ getPlusHelpernosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper.Contents of the 'Scheduled Tasks' folder.2013-07-19 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 22:49].2013-07-17 c:\windows\Tasks\AppleSoftwareUpdate.job- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 23:57]..------- Supplementary Scan -------.uInternet Settings,ProxyOverride = <local>IE: &Viewpoint Search - c:\program files\Viewpoint\Viewpoint Toolbar V35\ViewBar.dll/CXTSEARCH.HTMLIE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200IE: Clip Image - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4IE: Clip selection - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3IE: Clip this page - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1IE: Clip URL - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000IE: New Note - c:\program files\Evernote\Evernote\\EvernoteIERes\NewNote.htmlTCP: DhcpNameServer = 192.168.0.1DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}FF - ProfilePath - c:\documents and settings\MOM\Application Data\Mozilla\Firefox\Profiles\30qgon9z.default-1369715500859\FF - ExtSQL: 2013-07-06 10:11; {E0B8C461-F8FB-49b4-8373-FE32E9252800}; c:\documents and settings\MOM\Application Data\Mozilla\Firefox\Profiles\30qgon9z.default-1369715500859\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.- - - - ORPHANS REMOVED - - - -.URLSearchHooks-{6c97a91e-4524-4019-86af-2aa2d567bf5c} - (no file)ShellIconOverlayIdentifiers-{04cd1f3e-81d5-4904-a3ab-e0f99a7d769d} - (no file)...**************************************************************************.catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2013-07-19 02:32Windows 5.1.2600 Service Pack 3, v.3264 NTFS.scanning hidden processes ... .scanning hidden autostart entries ....HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe??????????9?P??|?????? ???B?????????????hLC? ??????.scanning hidden files ... .scan completed successfullyhidden files: 0.**************************************************************************.--------------------- DLLs Loaded Under Running Processes ---------------------.- - - - - - - > 'winlogon.exe'(528)c:\windows\system32\Ati2evxx.dll.- - - - - - - > 'explorer.exe'(3500)c:\program files\NTI\NTI Backup Now EZ\Pehook.dllc:\windows\system32\ieframe.dllc:\windows\system32\webcheck.dllc:\windows\system32\dot3dlg.dllc:\windows\system32\WPDShServiceObj.dllc:\windows\system32\PortableDeviceTypes.dllc:\windows\system32\PortableDeviceApi.dll.Completion time: 2013-07-19 02:38:36ComboFix-quarantined-files.txt 2013-07-19 07:38.Pre-Run: 15,035,154,432 bytes freePost-Run: 15,034,724,352 bytes free.- - End Of File - - 148B67C1B39126C80BFEF9869C566EDE671B81004FDD1588FA9ED1331C9CECA9 Link to post Share on other sites More sharing options...
Recommended Posts