Jump to content

Recommended Posts

I guess I have a trojan agent on my laptop. Malwarebytes finds it, says it is" QUARANTINE"
then I get,  " Quarantine failed:  SDKQuarantine failed with error code 2"
This is all in the protection file.

I'm not sure if I have a problem or if it is mistake.

 

Thanks!!

 

 

Here are my logs:

 

 

 

2013/07/06 03:53:25 -0500    LAPTOP    MOM    MESSAGE    Executing scheduled update:  Daily
2013/07/06 03:54:21 -0500    LAPTOP    MOM    MESSAGE    Scheduled update executed successfully:  database updated from version v2013.07.04.10 to version v2013.07.06.03
2013/07/06 03:54:21 -0500    LAPTOP    MOM    MESSAGE    Starting database refresh
2013/07/06 03:54:21 -0500    LAPTOP    MOM    MESSAGE    Stopping IP protection
2013/07/06 03:54:22 -0500    LAPTOP    MOM    MESSAGE    IP Protection stopped successfully
2013/07/06 03:56:02 -0500    LAPTOP    MOM    MESSAGE    Database refreshed successfully
2013/07/06 03:56:02 -0500    LAPTOP    MOM    MESSAGE    Starting IP protection
2013/07/06 03:56:49 -0500    LAPTOP    MOM    MESSAGE    IP Protection started successfully
2013/07/06 09:38:01 -0500    LAPTOP        MESSAGE    Starting protection
2013/07/06 09:38:01 -0500    LAPTOP        MESSAGE    Protection started successfully
2013/07/06 09:38:01 -0500    LAPTOP        MESSAGE    Starting IP protection
2013/07/06 09:40:50 -0500    LAPTOP    MOM    DETECTION    C:\Documents and Settings\MOM\Local Settings\Temp\mc22.tmp    Trojan.Agent    QUARANTINE
2013/07/06 09:40:51 -0500    LAPTOP    MOM    ERROR    Quarantine failed:  SDKQuarantine failed with error code 2
2013/07/06 09:42:29 -0500    LAPTOP    MOM    MESSAGE    IP Protection started successfully

 

 

----------------------------------------------------------------------------------------------------------------------------------------------------

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 2/14/2006 11:54:59 PM
System Uptime: 7/6/2013 9:35:29 AM (14 hours ago)
.
Motherboard: Hewlett-Packard  |  | 30A4
Processor: AMD Turion 64 Mobile Technology ML-40 | U23 | 2188/mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 74 GiB total, 14.248 GiB free.
D: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Broadcom 802.11b/g WLAN
Device ID: PCI\VEN_14E4&DEV_4318&SUBSYS_1355103C&REV_02\4&13826118&1&10A4
Manufacturer: Broadcom
Name: Broadcom 802.11b/g WLAN
PNP Device ID: PCI\VEN_14E4&DEV_4318&SUBSYS_1355103C&REV_02\4&13826118&1&10A4
Service: BCM43XX
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\CE84407D613F0200
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\CE84407D613F0200
Service: NIC1394
.
Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}
Description: Photosmart C7200 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart C7200 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia Windows Portable Device Driver
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: Nokia 6085
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd
.
Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia 6085
Device ID: ROOT\WPD\0001
Manufacturer: Nokia
Name: Nokia 6085
PNP Device ID: ROOT\WPD\0001
Service: WUDFRd
.
==== System Restore Points ===================
.
RP30: 4/10/2013 9:05:09 AM - SpeedyPC Pro Backup
RP31: 4/13/2013 7:42:34 PM - SpeedyPC Pro Backup
RP32: 4/16/2013 1:08:40 AM - Removed Evernote v. 4.6.2
RP33: 4/16/2013 1:13:16 AM - Installed Evernote v. 4.6.4
RP34: 4/20/2013 12:20:31 PM - SpeedyPC Pro Backup
RP35: 5/1/2013 8:30:05 AM - SpeedyPC Pro Backup
RP36: 5/3/2013 1:54:02 AM - Installed Samsung Kies
RP37: 5/3/2013 2:22:50 AM - Installed Windows XP winusb0100.
RP38: 5/4/2013 8:48:28 AM - SpeedyPC Pro Backup
RP39: 5/8/2013 6:58:49 AM - SpeedyPC Pro Backup
RP40: 5/14/2013 11:55:02 PM - System Checkpoint
RP41: 5/15/2013 2:54:30 AM - SpeedyPC Pro Backup
RP42: 5/22/2013 11:07:47 PM - SpeedyPC Pro Backup
RP43: 5/25/2013 8:45:00 AM - SpeedyPC Pro Backup
RP44: 5/29/2013 11:39:39 PM - SpeedyPC Pro Backup
RP45: 6/15/2013 7:25:18 PM - Removed Evernote v. 4.6.4
RP46: 6/15/2013 7:26:23 PM - Installed Evernote v. 4.6.6
RP47: 6/19/2013 10:07:18 AM - SpeedyPC Pro Backup
RP48: 7/4/2013 4:49:03 AM - System Checkpoint
RP49: 7/5/2013 10:22:57 AM - System Checkpoint
RP50: 7/6/2013 9:32:49 AM - SpeedyPC Pro Backup
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
7-Zip 9.20
Acrobat.com
Ad-Aware
Ad-Aware Browsing Protection
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Help Center 2.0
Adobe Photoshop Elements 4.0
Adobe Reader X (10.1.7)
Advanced SystemCare 3
AI RoboForm (All Users)
AIO_Scan
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Athlon 64 Processor Driver
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
AVG 2012
AVG 2013
BlackBerry App World Browser Plugin
BlackBerry Desktop Software 7.1
BlackBerry Device Software Updater
Broadcom 802.11 Wireless LAN Adapter
BufferChm
C7200
C7200_doccd
c7200_Help
CameraDrivers
Celestia 1.4.0
Cisco Network Magic
Compatibility Pack for the 2007 Office system
Conexant AC-Link Audio
Copy
Dannon Recipe Box 1.0.0.27
Destination Component
DeviceDiscovery
DocProc
DocProcQFolder
Drive Manager
Duplicate Photo Cleaner
DVD Shrink 3.2
EdgeStreamClient 2.2.5.0
Evernote v. 4.6.6
Fax
FLV Player
Form Fill (Windows Live Toolbar)
Gaps Solitaire 1.1.0
getPlus® for Adobe
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB954550-v5)
HP BatteryCheck 1.00 A7
HP Help and Support
HP Photosmart 330,380,420,470,7800,8000,8200 Series
HP Photosmart Essential2.01
HP Product Assistant
HP Smart Web Printing
HP Update
HP User Guides 0008
HP Wireless Assistant 1.01 C1
HP_Network_UserGuide
HPProductAssistant
HpSdpAppCoreApp
HPSSupply
InterVideo WinDVD
Java Auto Updater
Java 6 Update 31
Junk Mail filter update
JustCloud Setup
Lavasoft Personal Firewall 1.0
Learn2 Player (Uninstall Only)
LightScribe  1.4.105.1
Malwarebytes Anti-Malware version 1.75.0.1300
Map Button (Windows Live Toolbar)
MarketResearch
Maxtor Manager
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft IntelliPoint 7.0
Microsoft Location Finder
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote 2007
Microsoft Office OneNote 2007 Trial
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Software Update for Web Folders  (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Works
Motorola Phone Tools
Move Networks Media Player for Internet Explorer
Mozilla Firefox 17.0 (x86 en-US)
Mozilla Maintenance Service
MSN
MSVC80_x86
MSVCRT
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 6.0 Parser
muvee autoProducer 4.0 - SE
MyFreeCodec
neroxml
NetDeviceManager
NetWaiting
Network Magic
NTI Backup Now EZ
Octoshape add-in for Adobe Flash Player
Octoshape Streaming Services
OneCare Advisor (Windows Live Toolbar)
OpenOffice.org Installer 1.0
OutlookTools 2
PanoStandAlone
PC Connectivity Solution
PC Pitstop Driver Alert2 2.0.0.0
PC World Toolbar
Picasa 3
Popup Blocker (Windows Live Toolbar)
Post-it® Software Notes Lite
Print Screen Deluxe
PS_AIO_02_ProductContext
PS_AIO_02_Software
PS_AIO_02_Software_min
PS8200
PSPrinters08
PSSWCORE
PSTAPlugin
Pure Networks Platform
Quick Launch Buttons 5.20 G1
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
REALTEK Gigabit and Fast Ethernet NIC Driver
RealUpgrade 1.1
Rhapsody Player Engine
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Scan
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Segoe UI
Smart Menus (Windows Live Toolbar)
SMS-it Outlook Interface
SMS-it!
Soft Data Fax Modem with SmartCP
SolutionCenter
Sonic Audio Module
Sonic Copy Module
Sonic Data Module
Sonic Express Labeler
Sonic MyDVD Plus
Sonic Update Manager
SonicAC3Encoder
SonicMPEGEncoder
SpeedyPC Pro
Spybot - Search & Destroy
Spybot - Search & Destroy 1.5.2.20
Spyware Doctor 3.2
Status
Texas Instruments PCIxx21/x515/xx12 drivers.
The Weather Channel App
TIPCI
Toolbox
TrayApp
Trillian
U3Launcher
Uniblue RegistryBooster 2
Unity Web Player
Unix Utilities for Yahoo! Widgets
Unload
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Outlook 2007 Junk Email Filter (KB2508979)
Update Rollup 2 for Windows XP Media Center Edition 2005
URGE
VideoToolkit01
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Viewpoint Toolbar V35 (Remove Only)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual Studio 2005 Tools for Office Second Edition Runtime
WeatherBug
WebEx Support Manager for Internet Explorer
WebFldrs XP
WebReg
Widevine Media Transformer Plugin 5.0.0
Winamp (remove only)
Windows Driver Package - Nokia Modem  (03/05/2008 3.7)
Windows Driver Package - Nokia Modem  (03/13/2008 6.86.0.1)
Windows Driver Package - Nokia Modem  (05/22/2008 3.8)
Windows Driver Package - Nokia Modem  (05/22/2008 7.00.0.1)
Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Favorites for Windows Live Toolbar
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Outlook Toolbar (Windows Live Toolbar)
Windows Live Photo Gallery
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Toolbar Feed Detector (Windows Live Toolbar)
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Wireless Home Network Setup
Yahoo! Widgets
Zinio Reader
.
==== Event Viewer Messages From Past Week ========
.
7/6/2013 9:40:04 AM, error: Service Control Manager [7000]  - The Pure Networks Platform Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely

fashion.
7/6/2013 9:40:03 AM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the Pure Networks Platform Service service to connect.
7/6/2013 11:13:51 PM, error: Service Control Manager [7011]  - Timeout (30000 milliseconds) waiting for a transaction response from the Dnscache service.
7/2/2013 8:20:33 AM, error: Service Control Manager [7011]  - Timeout (30000 milliseconds) waiting for a transaction response from the WPFFontCache_v0400 service.
7/2/2013 8:20:33 AM, error: Service Control Manager [7000]  - The Windows Presentation Foundation Font Cache 4.0.0.0 service failed to start due to the following error:  The service did not respond to the start or

control request in a timely fashion.
7/2/2013 8:16:19 AM, error: W32Time [17]  - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15

minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
7/2/2013 12:46:02 AM, error: Service Control Manager [7034]  - The vToolbarUpdater13.0.0 service terminated unexpectedly.  It has done this 1 time(s).
7/2/2013 12:46:02 AM, error: Service Control Manager [7034]  - The SeaPort service terminated unexpectedly.  It has done this 1 time(s).
7/2/2013 12:46:01 AM, error: Service Control Manager [7034]  - The WAN Miniport (ATW) Service service terminated unexpectedly.  It has done this 1 time(s).
7/2/2013 12:46:00 AM, error: Service Control Manager [7034]  - The Media Center Scheduler Service service terminated unexpectedly.  It has done this 1 time(s).
7/2/2013 12:46:00 AM, error: Service Control Manager [7034]  - The MBAMScheduler service terminated unexpectedly.  It has done this 1 time(s).
7/2/2013 12:46:00 AM, error: Service Control Manager [7034]  - The LightScribeService Direct Disc Labeling Service service terminated unexpectedly.  It has done this 1 time(s).
7/2/2013 12:46:00 AM, error: Service Control Manager [7034]  - The Basics Service service terminated unexpectedly.  It has done this 1 time(s).
7/2/2013 12:46:00 AM, error: Service Control Manager [7031]  - The Media Center Receiver Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000

milliseconds: Restart the service.
7/2/2013 12:46:00 AM, error: Service Control Manager [7031]  - The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds:

Restart the service.
7/2/2013 12:45:58 AM, error: Service Control Manager [7034]  - The Ati HotKey Poller service terminated unexpectedly.  It has done this 1 time(s).
7/2/2013 12:45:58 AM, error: Service Control Manager [7034]  - The AOL Connectivity Service service terminated unexpectedly.  It has done this 1 time(s).
7/2/2013 12:45:58 AM, error: Service Control Manager [7034]  - The Adobe Active File Monitor V4 service terminated unexpectedly.  It has done this 1 time(s).
7/2/2013 12:45:58 AM, error: Service Control Manager [7031]  - The Print Spooler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds:

Restart the service.
7/2/2013 10:52:11 PM, error: Service Control Manager [7000]  - The Windows Media Player Network Sharing Service service failed to start due to the following error:  The service did not respond to the start or control

request in a timely fashion.
7/2/2013 10:52:06 PM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the Windows Media Player Network Sharing Service service to connect.
7/2/2013 10:51:10 PM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the Windows Search service to connect.
7/2/2013 10:51:10 PM, error: Service Control Manager [7000]  - The Windows Search service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
7/2/2013 10:00:06 AM, error: Srv [2000]  - The server's call to a system service failed unexpectedly.
7/2/2013 1:09:03 AM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  avgtp Lbd
7/2/2013 1:09:03 AM, error: Service Control Manager [7022]  - The Windows Search service hung on starting.
7/2/2013 1:08:31 AM, error: Service Control Manager [7022]  - The HP CUE DeviceDiscovery Service service hung on starting.
7/2/2013 1:06:51 AM, error: Service Control Manager [7000]  - The Kodak Camera Connection Software service failed to start due to the following error:  The system cannot find the file specified.
7/2/2013 1:05:35 AM, error: DCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {DCBCA92E-7DBE-4EDA-8B7B-

3AAEA4DD412B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18).  This security permission can be modified using the Component Services administrative tool.
7/1/2013 4:49:56 PM, error: Service Control Manager [7034]  - The Updater Service for StartNow Toolbar service terminated unexpectedly.  It has done this 1 time(s).
7/1/2013 4:34:22 PM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AliIde avgtp IntelIde Lbd ViaIde
7/1/2013 4:32:44 PM, error: Service Control Manager [7024]  - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).
7/1/2013 3:11:00 AM, error: Service Control Manager [7011]  - Timeout (30000 milliseconds) waiting for a transaction response from the avgwd service.
.
==== End Of File ===========================

 

 

 

 

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 1.6.0_31
Run by MOM at 23:14:06 on 2013-07-06
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1022.134 [GMT -5:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.0.0\ToolbarUpdater.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZtray.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\PROGRA~1\SPYWAR~2\swdoctor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\Samsung\Kies\KiesAirMessage.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Evernote\Evernote\EvernoteTray.exe
C:\Program Files\Evernote\Evernote\Evernote.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\hh.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\system32\svchost.exe -k HPService
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.





uProxyOverride = <local>



uURLSearchHooks: {0A94B116-4504-4e26-AB05-E61E474AA38B} - <orphaned>
uURLSearchHooks: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - <orphaned>
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hewlett-packard\smart web printing\hpswp_printenhancer.dll
BHO: HP Print Clips: {053F9267-DC04-4294-A72C-58F732D338C0} - c:\program files\hewlett-packard\smart web printing\hpswp_framework.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file>
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: PCTools Site Guard: {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - c:\program files\spyware doctor\tools\iesdsg.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - c:\program files\evernote\evernote\EvernoteIE.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\12.2.5.34\AVG Secure Search_toolbar.dll
BHO: Viewpoint Toolbar BHO: {A7327C09-B521-4EDB-8509-7D2660C9EC98} - LocalServer32 - <no file>
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
BHO: PCTools Browser Monitor: {B56A7D7D-6927-48C8-A975-17DF180C71AC} - c:\program files\spyware doctor\tools\iesdpb.dll
BHO: XBTP08998 Class: {B8FC7AE4-FD8B-477c-B1BD-DE14280DECAF} - LocalServer32 - <no file>
BHO: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - LocalServer32 - <no file>
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: AOL Toolbar: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - LocalServer32 - <no file>
TB: &RoboForm: {724D43A0-0D85-11D4-9908-00400523E39A} - c:\program files\siber systems\ai roboform\roboform.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: AOL Toolbar: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - LocalServer32 - <no file>
TB: Viewpoint Toolbar: {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - LocalServer32 - <no file>
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: FireShot: {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - LocalServer32 - <no file>
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - LocalServer32 - <no file>
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\12.2.5.34\AVG Secure Search_toolbar.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - <orphaned>
EB: &Research: {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\program files\microsoft office\office12\REFIEBAR.DLL
EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - <orphaned>
uRun: [spyware Doctor] c:\progra~1\spywar~2\swdoctor.exe /Q
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [uniblue RegistryBooster 2] c:\program files\uniblue\registrybooster 2\RegistryBooster.exe /S
uRun: [Weather] c:\program files\aws\weatherbug\Weather.exe 1
uRun: [DW7] "c:\program files\the weather channel\the weather channel app\TWCApp.exe"
uRun: [KiesPreload] c:\program files\samsung\kies\Kies.exe /preload
uRun: [KiesAirMessage] c:\program files\samsung\kies\KiesAirMessage.exe -startup
uRun: [] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe"
mRun: [nmapp] "c:\program files\pure networks\network magic\nmapp.exe" -autorun -nosplash
mRun: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exe
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [backupNowEZtray] "c:\program files\nti\nti backup now ez\BackupNowEZtray.exe" -k
mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
dRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
dRun: [swg] c:\program files\google\googletoolbarnotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
dRunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f
dRunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f
StartupFolder: c:\docume~1\mom\startm~1\programs\startup\everno~1.lnk - c:\program files\evernote\evernote\EvernoteTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: &Viewpoint Search - c:\program files\viewpoint\viewpoint toolbar v35\ViewBar.dll/CXTSEARCH.HTML
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: Clip Image - c:\program files\evernote\evernote\\evernoteieres\Clip.html?clipAction=4
IE: Clip selection - c:\program files\evernote\evernote\\evernoteieres\Clip.html?clipAction=3
IE: Clip this page - c:\program files\evernote\evernote\\evernoteieres\Clip.html?clipAction=1
IE: Clip URL - c:\program files\evernote\evernote\\evernoteieres\Clip.html?clipAction=0
IE: Customize Menu - c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: Fill Forms - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: New Note - c:\program files\evernote\evernote\\evernoteieres\NewNote.html
IE: RoboForm Toolbar - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: Save Forms - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: Yahoo! &SMS - /c:\program files\yahoo!\Common/ycsms.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - {A1EDC4A1-940F-48E0-8DFD-E38F1D501021} - c:\program files\spyware doctor\tools\iesdpb.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - LocalServer32 - <no file>
IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\program files\hewlett-packard\smart web printing\hpswp_extensions.dll
IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hewlett-packard\smart web printing\hpswp_extensions.dll
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\program files\evernote\evernote\\evernoteieres\AddNote.html
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.






DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -

Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - <orphaned>
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\12.2.6\ViProtocol.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\mom\application data\mozilla\firefox\profiles\30qgon9z.default-1369715500859\

FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\mom\application data\mozilla\plugins\npoctoshape.dll
FF - plugin: c:\documents and settings\mom\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\progra~1\meadco~1\npmeadax.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\13.0.0\npsitesafety.dll
FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.149\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60129.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\research in motion limited\blackberry app world browser plugin\npappworld.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_224.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2013-07-06 10:11; {E0B8C461-F8FB-49b4-8373-FE32E9252800}; c:\documents and settings\mom\application data\mozilla\firefox\profiles\30qgon9z.default-1369715500859\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-8-9 245048]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 39224]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 170808]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-9 182072]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-11-14 54760]
R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [2005-8-22 231424]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-7-1 22856]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-7-6 40776]
S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-8-23 26984]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-5-3 83864]
S3 esgiguard;esgiguard;\??\c:\program files\enigma software group\spyhunter\esgiguard.sys --> c:\program files\enigma software group\spyhunter\esgiguard.sys [?]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2010-4-26 19712]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2010-4-26 8320]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2010-4-26 42752]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-5-3 181912]
.
=============== Created Last 30 ================
.
2013-07-07 03:36:46    40776    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2013-07-01 19:48:11    --------    dc----w-    c:\documents and settings\mom\application data\Malwarebytes
2013-07-01 19:47:52    --------    dc----w-    c:\documents and settings\all users\application data\Malwarebytes
2013-07-01 19:47:50    22856    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-07-01 19:47:50    --------    dc----w-    c:\program files\Malwarebytes' Anti-Malware
.
==================== Find3M  ====================
.
2013-06-12 03:31:03    692104    -c--a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-06-12 03:31:02    71048    -c--a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-19 00:08:14    4659712    ----a-w-    c:\windows\system32\Redemption.dll
2013-04-19 00:07:00    90112    ----a-w-    c:\windows\MAMCityDownload.ocx
2013-04-19 00:07:00    330240    ----a-w-    c:\windows\MASetupCaller.dll
2013-04-19 00:07:00    30568    ----a-w-    c:\windows\MusiccityDownload.exe
.
============= FINISH: 23:16:41.02 ===============
 

 

 

Link to post
Share on other sites

  • Replies 66
  • Created
  • Last Reply

Top Posters In This Topic

  • Root Admin

Hello and :welcome:

Please run the following and post back the logs. Its a bit late here for me now so I'll check back on you sometime tomorrow if I can.

STEP 01

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.
  • Make sure that at least the first two check boxes are selected.
  • Click on OK
  • Then click on YES to create the folder.
  • Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe

    STEP 02

    Please download Malwarebytes Anti-Rootkit from HERE

    • Unzip the contents to a folder in a convenient location.
    • Open the folder where the contents were unzipped and run mbar.exe
    • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
    • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
    • Wait while the system shuts down and the cleanup process is performed.
    • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
    • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt
    STEP 03

    Please download Junkware Removal Tool to your desktop.

    • Shutdown your antivirus to avoid any conflicts.
    • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next reply message
    • When completed make sure to re-enable your antivirus
    STEP 04

    Please download AdwCleaner by Xplode to your desktop.

    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • If prompted by the User Account Control click Yes to allow it to run.
    • Under Actions click on the Delete button.
    • Click OK on all prompts.
    • You will be prompted to restart your computer. A text file will open after the restart.
    • Please post the entire contents of that logfile to your next reply.
    • You can find the logfile at C:\AdwCleaner[s1].txt where the number in brackets indicates how often it was run.
    STEP 05

    button_eos.gif

    Please go here to run the online antivirus scannner from ESET.

    • Turn off the real time scanner of any existing antivirus program while performing the online scan
    • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
    • When asked, allow the activex control to install
    • Click Start
    • Make sure that the option Remove found threats is unticked
    • Click on Advanced Settings and ensure these options are ticked:
      • Scan for potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth Technology
    • Click Scan
    • Wait for the scan to finish
    • If any threats were found, click the 'List of found threats' , then click Export to text file....
    • Save it to your desktop, then please copy and paste that log as a reply to this topic.
    Thanks
Link to post
Share on other sites

Thanks for reopening this!
Here are the logs from step 2:

 

Malwarebytes Anti-Rootkit BETA 1.06.0.1004
www.malwarebytes.org

Database version: v2013.07.10.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
MOM :: LAPTOP [administrator]

7/10/2013 5:42:13 PM
mbar-log-2013-07-10 (17-42-13).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: PUP
Objects scanned: 256060
Time elapsed: 38 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
 

 

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.06.0.1004

© Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

Java version: 1.6.0_31

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.188000 GHz
Memory total: 1071824896, free: 138047488

Downloaded database version: v2013.07.10.08
Initializing...
------------ Kernel report ------------
     07/10/2013 17:41:58
------------ Loaded modules -----------
\WINDOWS\system32\ntkrnlpa.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
ACPI.sys
\WINDOWS\system32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
compbatt.sys
\WINDOWS\system32\DRIVERS\BATTC.SYS
pciide.sys
\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
intelide.sys
viaide.sys
aliide.sys
pcmcia.sys
MountMgr.sys
ftdisk.sys
dmload.sys
dmio.sys
ACPIEC.sys
\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
PartMgr.sys
VolSnap.sys
atapi.sys
disk.sys
\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
fltmgr.sys
sr.sys
PxHelp20.sys
KSecDD.sys
WudfPf.sys
Ntfs.sys
NDIS.sys
ohci1394.sys
\WINDOWS\system32\DRIVERS\1394BUS.SYS
Mup.sys
avgrkx86.sys
avglogx.sys
avgmfx86.sys
avgidshx.sys
\SystemRoot\system32\DRIVERS\AmdK8.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\ati2mtag.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\imapi.sys
\??\C:\WINDOWS\system32\drivers\UBHelper.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\ks.sys
\??\C:\WINDOWS\system32\drivers\NTIDrvr.sys
\SystemRoot\SYSTEM32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\bcmwl5.sys
\SystemRoot\system32\drivers\tifm21.sys
\SystemRoot\system32\DRIVERS\sdbus.sys
\SystemRoot\system32\DRIVERS\Rtnicxp.sys
\SystemRoot\system32\drivers\camc6hal.sys
\SystemRoot\system32\drivers\camc6aud.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\HSFHWATI.sys
\SystemRoot\system32\DRIVERS\HSF_DPV.sys
\SystemRoot\system32\DRIVERS\HSF_CNXT.sys
\SystemRoot\System32\Drivers\Modem.SYS
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\System32\Drivers\RootMdm.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\system32\DRIVERS\wanatw4.sys
\SystemRoot\System32\Drivers\pcouffin.sys
\SystemRoot\system32\DRIVERS\RimSerial.sys
\SystemRoot\system32\DRIVERS\WDFLDR.SYS
\SystemRoot\system32\DRIVERS\Wdf01000.sys
\SystemRoot\system32\DRIVERS\rdpdr.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\system32\DRIVERS\avgtdix.sys
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\??\C:\WINDOWS\system32\drivers\EABFiltr.sys
\SystemRoot\system32\DRIVERS\avgldx86.sys
\SystemRoot\system32\DRIVERS\avgidsshimx.sys
\SystemRoot\system32\DRIVERS\avgidsdriverx.sys
\SystemRoot\System32\Drivers\Udfs.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\ati2dvag.dll
\SystemRoot\System32\ati2cqag.dll
\SystemRoot\System32\atikvmag.dll
\SystemRoot\System32\ati3duag.dll
\SystemRoot\System32\ativvaxx.dll
\??\C:\WINDOWS\system32\drivers\mbam.sys
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\fssfltr_tdi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\pnarp.sys
\SystemRoot\system32\DRIVERS\purendis.sys
\SystemRoot\system32\DRIVERS\mrxdav.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\System32\Drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\srv.sys
\SystemRoot\System32\Drivers\MCSTRM.SYS
\SystemRoot\system32\DRIVERS\mdmxsdk.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\ipfltdrv.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\DRIVERS\ssudbus.sys
\SystemRoot\system32\DRIVERS\wpdusb.sys
\SystemRoot\system32\DRIVERS\wudfrd.sys
\SystemRoot\system32\DRIVERS\ssudmdm.sys
\SystemRoot\system32\DRIVERS\WinUSB.sys
\SystemRoot\system32\drivers\kmixer.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff87165ab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-3\
Lower Device Object: 0xffffffff87130940
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Device number: 0, partition: 1
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff87165ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8712f930, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff87165ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff871d69e8, DeviceName: \Device\00000086\, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff87130940, DeviceName: \Device\Ide\IdeDeviceP0T0L0-3\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\system32\drivers...
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
The directory C:\WINDOWS\system32\drivers seems inaccessible or encrypted.
Drivers scan is aborted.
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 16351635

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 155862567
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Other (0x88)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 155878695  Numsec = 417690

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 80026361856 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-156281488-156301488)...
Done!
Scan finished
=======================================


Removal queue found; removal started
Removing c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...
Removing c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\bootstrap_0_0_63_i.mbam...
Removing c:\documents and settings\all users\application data\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...
Removal finished
 

And from step 3:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.0.5 (07.10.2013:2)
OS: Microsoft Windows XP x86
Ran by MOM on Wed 07/10/2013 at 20:33:59.67
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\dw7
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uniblue registrybooster 2
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F4D76F09-7896-458A-890F-E1F05C46069F}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escorteng.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\esrv.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\scripthelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\toolbar.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\viprotocol.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{09c554c3-109b-483c-a06b-f14172f1a947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{1fdff5a2-7bb1-48e1-8081-7236812b12b2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{35c1605e-438b-4d64-aab1-8885f097a9b1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{4d076ab4-7562-427a-b5d2-bd96e19dee56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{4e1e9d45-8bf9-4139-915c-9f83cc3d5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{b12e99ed-69bd-437c-86be-c862b9e5444d}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{bb711cb0-c70b-482e-9852-ec05ebd71dbb}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{d7ee8177-d51e-4f89-92b6-83ea2ec40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{4e92db5f-aad9-49d3-8eab-b40cbe5b1ff7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{66eef543-a9ac-4a9d-aa3c-1ed148ac8eee}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{826d7151-8d99-434b-8540-082b8c2ae556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{b658800c-f66e-4ef3-ab85-6c0c227862a9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{cc5ad34c-6f10-4cb3-b74a-c2dd4d5060a3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{de9028d0-5ffa-4e69-94e3-89ee8741f468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{f25af245-4a81-40dc-92f9-e9021f207706}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{03e2a1f3-4402-4121-8b35-733216d61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{4e92db5f-aad9-49d3-8eab-b40cbe5b1ff7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{66eef543-a9ac-4a9d-aa3c-1ed148ac8eee}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{9e3b11f6-4179-4603-a71b-a55f4bcb0bec}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{c401d2ce-dc27-45c7-bc0c-8e6ea7f085d6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{11549fe4-7c5a-4c17-9fc3-56fc5162a994}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{1ea4dbf0-3c3b-11cf-810c-00aa00389b71}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{74fb6afd-dd77-4ceb-83bd-ab2b63e63c93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{9c049ba6-ea47-4ac3-aed6-a66d8dc9e1d8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{c2ac8a0e-e48e-484b-a71c-c7a937faab94}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\startnow toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\startnow toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\zugo
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{6c97a91e-4524-4019-86af-2aa2d567bf5c}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{02478d38-c3f9-4efb-9b51-7695eca05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{6c97a91e-4524-4019-86af-2aa2d567bf5c}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{f25af245-4a81-40dc-92f9-e9021f207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondary
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondary.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\b
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\imside1egate.application.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar.bandobject
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar.bandobject.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar.toolbarhelperobject
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar.toolbarhelperobject.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\active setup\installed components\{03f998b2-0e00-11d3-a498-00104b6eb52e}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\active setup\installed components\{1b00725b-c455-4de6-bfb6-ad540ad427cd}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\windows\currentversion\ext\preapproved\{c6fdd0c3-266a-4dc3-b459-28c697c44cdc}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\windows\currentversion\ext\preapproved\{f25af245-4a81-40dc-92f9-e9021f207706}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{73ADCAE4-C933-4BB3-9D00-B66D84125A5E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F4D76F01-7896-458A-890F-E1F05C46069F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F4D76F09-7896-458A-890F-E1F05C46069F}



~~~ Files

Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll
Successfully deleted: [File] "C:\Documents and Settings\MOM\desktop\speedypc pro.lnk"



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\speedypc software"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\viewpoint"
Successfully deleted: [Folder] "C:\Documents and Settings\MOM\Application Data\drivercure"
Successfully deleted: [Folder] "C:\Documents and Settings\MOM\Application Data\speedypc software"
Successfully deleted: [Folder] "C:\Documents and Settings\MOM\Application Data\viewpoint"
Successfully deleted: [Folder] "C:\Program Files\coupons"
Successfully deleted: [Folder] "C:\Program Files\freeze.com"
Successfully deleted: [Folder] "C:\Program Files\speedypc software"
Successfully deleted: [Folder] "C:\Program Files\startnow toolbar"
Successfully deleted: [Folder] "C:\Program Files\viewpoint"
Successfully deleted: [Folder] "C:\Program Files\Common Files\speedypc software"
Successfully deleted: [Folder] "C:\Documents and Settings\MOM\start menu\programs\speedypc software"
Successfully deleted: [Folder] "C:\Program Files\AskPBar"



~~~ FireFox

Successfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\adawaretb.xml"
Successfully deleted the following from C:\Documents and Settings\MOM\Application Data\mozilla\firefox\profiles\30qgon9z.default-1369715500859\prefs.js

user_pref("services.sync.client.syncID", "eJKV94ph-WMx");





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 07/10/2013 at 20:50:46.06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

I am working on doing step 4 now and will post those when done, unless you want me to do something else!
 

Link to post
Share on other sites

step 4 log:

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.0.5 (07.10.2013:2)
OS: Microsoft Windows XP x86
Ran by MOM on Wed 07/10/2013 at 20:33:59.67
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\dw7
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uniblue registrybooster 2
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F4D76F09-7896-458A-890F-E1F05C46069F}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escorteng.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\esrv.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\scripthelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\toolbar.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\viprotocol.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{09c554c3-109b-483c-a06b-f14172f1a947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{1fdff5a2-7bb1-48e1-8081-7236812b12b2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{35c1605e-438b-4d64-aab1-8885f097a9b1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{4d076ab4-7562-427a-b5d2-bd96e19dee56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{4e1e9d45-8bf9-4139-915c-9f83cc3d5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{b12e99ed-69bd-437c-86be-c862b9e5444d}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{bb711cb0-c70b-482e-9852-ec05ebd71dbb}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{d7ee8177-d51e-4f89-92b6-83ea2ec40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{4e92db5f-aad9-49d3-8eab-b40cbe5b1ff7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{66eef543-a9ac-4a9d-aa3c-1ed148ac8eee}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{826d7151-8d99-434b-8540-082b8c2ae556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{b658800c-f66e-4ef3-ab85-6c0c227862a9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{cc5ad34c-6f10-4cb3-b74a-c2dd4d5060a3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{de9028d0-5ffa-4e69-94e3-89ee8741f468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{f25af245-4a81-40dc-92f9-e9021f207706}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{03e2a1f3-4402-4121-8b35-733216d61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{4e92db5f-aad9-49d3-8eab-b40cbe5b1ff7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{66eef543-a9ac-4a9d-aa3c-1ed148ac8eee}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{9e3b11f6-4179-4603-a71b-a55f4bcb0bec}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{c401d2ce-dc27-45c7-bc0c-8e6ea7f085d6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{11549fe4-7c5a-4c17-9fc3-56fc5162a994}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{1ea4dbf0-3c3b-11cf-810c-00aa00389b71}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{74fb6afd-dd77-4ceb-83bd-ab2b63e63c93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{9c049ba6-ea47-4ac3-aed6-a66d8dc9e1d8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{c2ac8a0e-e48e-484b-a71c-c7a937faab94}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\startnow toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\startnow toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\zugo
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{6c97a91e-4524-4019-86af-2aa2d567bf5c}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{02478d38-c3f9-4efb-9b51-7695eca05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{6c97a91e-4524-4019-86af-2aa2d567bf5c}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{f25af245-4a81-40dc-92f9-e9021f207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondary
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondary.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\b
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\imside1egate.application.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar.bandobject
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar.bandobject.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar.toolbarhelperobject
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar.toolbarhelperobject.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\active setup\installed components\{03f998b2-0e00-11d3-a498-00104b6eb52e}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\active setup\installed components\{1b00725b-c455-4de6-bfb6-ad540ad427cd}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\windows\currentversion\ext\preapproved\{c6fdd0c3-266a-4dc3-b459-28c697c44cdc}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\windows\currentversion\ext\preapproved\{f25af245-4a81-40dc-92f9-e9021f207706}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{73ADCAE4-C933-4BB3-9D00-B66D84125A5E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F4D76F01-7896-458A-890F-E1F05C46069F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F4D76F09-7896-458A-890F-E1F05C46069F}



~~~ Files

Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll
Successfully deleted: [File] "C:\Documents and Settings\MOM\desktop\speedypc pro.lnk"



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\speedypc software"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\viewpoint"
Successfully deleted: [Folder] "C:\Documents and Settings\MOM\Application Data\drivercure"
Successfully deleted: [Folder] "C:\Documents and Settings\MOM\Application Data\speedypc software"
Successfully deleted: [Folder] "C:\Documents and Settings\MOM\Application Data\viewpoint"
Successfully deleted: [Folder] "C:\Program Files\coupons"
Successfully deleted: [Folder] "C:\Program Files\freeze.com"
Successfully deleted: [Folder] "C:\Program Files\speedypc software"
Successfully deleted: [Folder] "C:\Program Files\startnow toolbar"
Successfully deleted: [Folder] "C:\Program Files\viewpoint"
Successfully deleted: [Folder] "C:\Program Files\Common Files\speedypc software"
Successfully deleted: [Folder] "C:\Documents and Settings\MOM\start menu\programs\speedypc software"
Successfully deleted: [Folder] "C:\Program Files\AskPBar"



~~~ FireFox

Successfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\adawaretb.xml"
Successfully deleted the following from C:\Documents and Settings\MOM\Application Data\mozilla\firefox\profiles\30qgon9z.default-1369715500859\prefs.js

user_pref("services.sync.client.syncID", "eJKV94ph-WMx");





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 07/10/2013 at 20:50:46.06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Link to post
Share on other sites

  • Root Admin

Okay, please run the following then and post back the log as an ATTACHMENT by clicking the More Reply Options button.

 

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.


 

Link to post
Share on other sites

Step 5 log:

 

 

 

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\E5PYE3VH\updater-startnow-200-2.5-g[1].exe    a variant of Win32/Toolbar.Zugo application
C:\Documents and Settings\MOM\Desktop\SPY STUFF\cnet_501_b073_multilanguage_exe.exe    a variant of Win32/InstallCore.D application
C:\Documents and Settings\MOM\Desktop\SPY STUFF\INSTALL EXES\Nero-8.3.2.1_eng_trial.exe    Win32/Toolbar.AskSBar application
C:\Documents and Settings\MOM\My Documents\downloads\cbsidlm-tr1_13-Gaps_Solitaire-SEO-10967808.exe    Win32/DownloadAdmin.G application
C:\Program Files\AWS\WeatherBug\Local\askToolbarInstaller-1.9.1.0.exe    a variant of Win32/Bundled.Toolbar.Ask application

Link to post
Share on other sites

  • Root Admin

The items in the ESET scan log install adware toolbars if you're not careful and why they're flagged. You can keep them if you want but choose custom anytime you install something and don't allow other add-ons to be installed.

Please run the FRST scan above and post that log.

Link to post
Share on other sites

Here are the scans from FARBAR:

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-07-2013 02
Ran by MOM (administrator) on 11-07-2013 17:03:20
Running from C:\Documents and Settings\MOM\My Documents\downloads
Microsoft Windows XP Professional Service Pack 3, v.3264 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
() C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
(AOL LLC) C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgwdsvc.exe
(Seagate Technology LLC) C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
(Microsoft Corporation) C:\WINDOWS\eHome\ehRecvr.exe
(Microsoft Corporation) C:\WINDOWS\eHome\ehSched.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Seagate Technology LLC) C:\Program Files\Maxtor\Sync\SyncServices.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(NTI Corporation) C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.0.0\ToolbarUpdater.exe
(America Online, Inc.) C:\WINDOWS\wanmpsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Cisco Systems, Inc.) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
(Cisco Systems, Inc.) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
(Cisco Systems, Inc.) C:\Program Files\Pure Networks\Network Magic\nmapp.exe
(Hewlett-Packard Company) C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Microsoft Corporation) C:\WINDOWS\eHome\ehmsas.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgui.exe
(ATI Technologies, Inc.) C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
(NTI Corporation) C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZtray.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Hewlett-Packard) C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPNSCFG.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Samsung Electronics) C:\Program Files\Samsung\Kies\KiesAirMessage.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files\Evernote\Evernote\EvernoteTray.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files\Evernote\Evernote\Evernote.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgcsrvx.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [nmctxth] - "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [647216 2009-07-07] (Cisco Systems, Inc.)
HKLM\...\Run: [nmapp] - "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash [472112 2010-01-27] (Cisco Systems, Inc.)
HKLM\...\Run: [LSBWatcher] - c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [253952 2004-10-14] (Hewlett-Packard Company)
HKLM\...\Run: [ehTray] - C:\WINDOWS\ehome\ehtray.exe [64512 2005-08-05] (Microsoft Corporation)
HKLM\...\Run: [Cpqset] - C:\Program Files\HPQ\Default Settings\cpqset.exe [233534 2005-08-01] ()
HKLM\...\Run: [AVG_UI] - "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY [4408368 2013-04-29] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [ATIPTA] - "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [344064 2005-12-01] (ATI Technologies, Inc.)
HKLM\...\Run: [Adobe ARM] - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [backupNowEZtray] - "C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZtray.exe" -k [580672 2012-07-23] (NTI Corporation)
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
Winlogon\Notify\AtiExtEvent: Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\avgrsstarter: avgrsstx.dll [X]
Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)
HKCU\...\Run: [spyware Doctor] - C:\PROGRA~1\SPYWAR~2\swdoctor.exe /Q [1506544 2005-05-26] (PCTools)
HKCU\...\Run: [spybotSD TeaTimer] - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [204288 2006-10-18] (Microsoft Corporation)
HKCU\...\Run: [Weather] - C:\Program Files\AWS\WeatherBug\Weather.exe 1 [1652736 2010-10-29] (AWS Convergence Technologies, Inc.)
HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe /preload [1561968 2013-04-23] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup [578560 2013-04-18] (Samsung Electronics)
HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844168 2013-05-15] (Samsung)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
MountPoints2: {2d656f6e-7cad-11e2-944c-00038a000015} - E:\restore\restorestarter.exe
MountPoints2: {cd2533f6-ad93-11df-9378-00038a000015} - E:\Setup_FlipShare.exe
MountPoints2: {d168c7c8-2989-11db-91eb-00038a000015} - E:\LaunchU3.exe
MountPoints2: {d168c7c9-2989-11db-91eb-00038a000015} - F:\PortableApps\PortableAppsMenu\PortableAppsMenu.exe
MountPoints2: {de7fff13-12b8-11de-9301-00038a000015} - G:\LaunchU3.exe -a
MountPoints2: {e8ccd5a3-71f9-11df-9364-00038a000015} - E:\KODAK_Software_Downloader.exe
HKU\Administrator\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" [x]
HKU\Administrator\...\RunOnce: [spchecker] - "C:\Program Files\AVG\AVG10\Notification\SPCheckerTE.exe" [x]
HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" [x]
Startup: C:\Documents and Settings\MOM\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files\ERUNT\AUTOBACK.EXE ()
Startup: C:\Documents and Settings\MOM\Start Menu\Programs\Startup\EvernoteTray.lnk
ShortcutTarget: EvernoteTray.lnk -> C:\Program Files\Evernote\Evernote\EvernoteTray.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll (Microsoft Corporation)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
URLSearchHook: (No Name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} -  No File
URLSearchHook: (No Name) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} -  No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKCU - {70D46D94-BF1E-45ED-B567-48701376298E} URL = http://127.0.0.1:4664/search&s=jucO2fYK0MlZZD22vPitNtyiJyI?q={searchTerms}
SearchScopes: HKCU - {B3FFF406-BFAB-4CAA-860B-3B02B85CB42E} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=ie8
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -  No File
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll (PC Tools)
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: No Name - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} -  No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll (GuideWorks Pty. Ltd.)
BHO: XBTP08998 Class - {B8FC7AE4-FD8B-477c-B1BD-DE14280DECAF} -  No File
BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -  No File
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} -  No File
Toolbar: HKLM - Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} -  No File
Toolbar: HKLM - &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKLM - FireShot - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} -  No File
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKLM - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -  No File
Toolbar: HKCU -No Name - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -  No File
Toolbar: HKCU -AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} -  No File
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU -&RoboForm - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKCU -No Name - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -  No File
Toolbar: HKCU -No Name - {C17590D2-ECB4-4B15-8820-F58798DCC118} -  No File
Toolbar: HKCU -No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} -  No File
Toolbar: HKCU -No Name - {A057A204-BACC-4D26-9990-79A187E2698E} -  No File
Toolbar: HKCU -No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
Toolbar: HKCU -&Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKCU -No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKCU -No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/betapit/PCPitStop.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/da2/PCPitStop2.cab
Handler: ipp - No CLSID Value -
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} -  No File
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [294400 2007-02-05] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\MOM\Application Data\Mozilla\Firefox\Profiles\30qgon9z.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.0.0\\npsitesafety.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @meadco.com/neptune plugin,version=2.0.0.29 - C:\PROGRA~1\MEADCO~1\npmeadax.dll (MeadCo Corp.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @real.com/nppl3260;version=15.0.0.198 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.0.198 - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.0.198 - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.0.198 - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=15.0.0.198 - c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/RhapsodyPlayerEngine,version=1.0 - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF Plugin: @real.com/RhapsodyPlayerEngine,version=1.1 - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF Plugin: @rim.com/npappworld - C:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll ()
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @viewpoint.com/VMP - C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll No File
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin HKCU: @octoshape.com/Octoshape Streaming Services,version=1.0 - C:\Documents and Settings\MOM\Application Data\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\MOM\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF Extension: No Name - C:\Documents and Settings\MOM\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\inspector@mozilla.org
FF Extension: Google Toolbar for Firefox - C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] C:\Program Files\Siber Systems\AI RoboForm\Firefox
FF Extension: AI Roboform Toolbar for Firefox - C:\Program Files\Siber Systems\AI RoboForm\Firefox
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [avg@toolbar] C:\Documents and Settings\All Users\Application Data\AVG Secure Search\12.2.5.34\
FF Extension: AVG Security Toolbar - C:\Documents and Settings\All Users\Application Data\AVG Secure Search\12.2.5.34\
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff

Chrome:
=======

CHR RestoreOnStartup:       "urls_to_restore_on_startup": [  ]

========================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor4.0; C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe [102400 2005-09-09] ()
R2 AOL ACS; C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe [46640 2006-10-23] (AOL LLC)
R2 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144672 2009-08-28] (Apple Inc.)
S3 AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [947528 2011-03-18] ()
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4937264 2013-05-14] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-04-18] (AVG Technologies CZ, s.r.o.)
R2 Basics Service; C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe [124280 2007-10-09] (Seagate Technology LLC)
S3 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [68000 2010-03-29] (NOS Microsystems Ltd.)
R3 hpqcxs08; C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll [217088 2008-10-16] (Hewlett-Packard Co.)
R2 hpqddsvc; C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll [135168 2008-03-25] (Hewlett-Packard Co.)
S3 hpqwmi; C:\Program Files\HPQ\SHARED\HPQWMI.exe [102400 2005-10-11] (Hewlett-Packard Development Company, L.P.)
R2 HPSLPSVC; C:\Program Files\Hewlett-Packard\Digital Imaging\bin\HPSLPSVC32.DLL [602112 2007-05-16] (Hewlett-Packard Co.)
R2 Maxtor Sync Service; C:\Program Files\Maxtor\Sync\SyncServices.exe [193888 2008-07-21] (Seagate Technology LLC)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
R2 nmservice; C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe [647216 2012-05-06] (Cisco Systems, Inc.)
R2 NTI BackupNowEZSvr; C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe [45592 2011-09-23] (NTI Corporation)
S4 PCPitstop Scheduling; C:\Program Files\PCPitstop\PCPitstopScheduleService.exe [85504 2009-06-26] (PC Pitstop LLC)
R2 vToolbarUpdater13.0.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.0.0\ToolbarUpdater.exe [711112 2012-09-27] ()
R2 WANMiniportService; C:\WINDOWS\wanmpsvc.exe [65536 2003-08-27] (America Online, Inc.)
S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [x]
S3 GoogleDesktopManager-093009-130223; "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [x]
R2 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" [x]
S2 KodakCCS; %SystemRoot%\system32\drivers\KodakCCS.exe [x]

==================== Drivers (Whitelisted) ====================

R1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [36352 2005-03-09] (Advanced Micro Devices)
R3 ati2mtag; C:\Windows\System32\DRIVERS\ati2mtag.sys [1412608 2005-12-01] (ATI Technologies Inc.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208184 2013-03-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [60216 2013-02-08] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22328 2013-03-01] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [170808 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [245048 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [96568 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [39224 2013-02-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [182072 2013-03-21] (AVG Technologies CZ, s.r.o.)
S1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [26984 2012-09-27] ()
R3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl5.sys [376320 2005-09-28] (Broadcom Corporation)
S3 BTWUSB; C:\Windows\System32\Drivers\btwusb.sys [56648 2005-08-18] (Broadcom Corporation.)
R1 eabfiltr; C:\WINDOWS\system32\drivers\EABFiltr.sys [7936 2005-05-05] (Hewlett-Packard Development Company, L.P.)
S3 eabusb; C:\WINDOWS\system32\drivers\eabusb.sys [5760 2005-05-05] (Hewlett-Packard Development Company, L.P.)
R2 fssfltr; C:\Windows\System32\DRIVERS\fssfltr_tdi.sys [54760 2010-04-28] (Microsoft Corporation)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2007-03-07] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2007-03-07] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2007-03-07] (HP)
R3 HSFHWATI; C:\Windows\System32\DRIVERS\HSFHWATI.sys [231424 2005-08-22] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\Windows\System32\DRIVERS\HSF_DPV.sys [1035008 2005-08-22] (Conexant Systems, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R2 MCSTRM; C:\Windows\System32\Drivers\MCSTRM.sys [8413 2006-11-15] (RealNetworks, Inc.)
S3 MotDev; C:\Windows\System32\DRIVERS\motodrv.sys [42752 2009-05-08] (Motorola Inc)
S3 MXOPSWD; C:\Windows\System32\DRIVERS\mxopswd.sys [22152 2007-05-03] (Maxtor Corp.)
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R2 pnarp; C:\Windows\System32\DRIVERS\pnarp.sys [25392 2009-07-07] (Cisco Systems, Inc.)
R2 purendis; C:\Windows\System32\DRIVERS\purendis.sys [26672 2009-07-07] (Cisco Systems, Inc.)
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-04] (Realtek Semiconductor Corporation)
S3 TVICHW32; C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [23600 2006-09-21] (EnTech Taiwan)
R3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
S1 wceusbsh; C:\Windows\System32\DRIVERS\wceusbsh.sys [31744 2007-11-30] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 Lavasoft Kernexplorer; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [x]
S0 Lbd; system32\DRIVERS\Lbd.sys [x]
U4 mchInjDrv; \??\C:\DOCUME~1\MOM\LOCALS~1\Temp\mc211.tmp [x]
S3 slabbus; system32\DRIVERS\slabbus.sys [x]
S3 slabser; system32\DRIVERS\slabser.sys [x]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [x]
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created Files and Folders ========

2013-07-11 17:00 - 2013-07-11 17:00 - 00000000 ___DC C:\FRST
2013-07-11 09:34 - 2013-07-11 09:34 - 00000689 ___AC C:\Documents and Settings\MOM\Desktop\eset.txt
2013-07-11 09:27 - 2013-07-11 09:27 - 00000000 ___DC C:\Documents and Settings\MOM\My Documents\New Folder
2013-07-11 02:59 - 2013-07-11 02:59 - 00000000 ___DC C:\Program Files\ESET
2013-07-11 00:32 - 2013-07-11 00:34 - 00000388 ___AC C:\AdwCleaner[s4].txt
2013-07-11 00:31 - 2013-07-11 00:31 - 00008124 ___AC C:\AdwCleaner[R3].txt
2013-07-10 20:50 - 2013-07-10 20:50 - 00012541 ___AC C:\Documents and Settings\MOM\Desktop\JRT.txt
2013-07-10 20:33 - 2013-07-10 20:33 - 00000000 ____D C:\WINDOWS\ERUNT
2013-07-10 17:41 - 2013-07-10 19:20 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2013-07-10 17:32 - 2013-07-11 02:44 - 00000000 ____D C:\WINDOWS\ERDNT
2013-07-10 17:31 - 2013-07-10 17:31 - 00000645 ___AC C:\Documents and Settings\MOM\Desktop\NTREGOPT.lnk
2013-07-10 17:31 - 2013-07-10 17:31 - 00000626 ___AC C:\Documents and Settings\MOM\Desktop\ERUNT.lnk
2013-07-10 17:31 - 2013-04-20 20:10 - 00000985 ____A C:\WINDOWS\win.tmp
2013-07-10 17:31 - 2013-02-13 17:07 - 00000227 ____A C:\WINDOWS\system.tmp
2013-07-10 17:30 - 2013-07-10 17:31 - 00000000 ___DC C:\Program Files\ERUNT
2013-07-06 23:16 - 2013-07-06 23:16 - 00021303 ___AC C:\Documents and Settings\MOM\Desktop\dds.txt
2013-07-06 23:16 - 2013-07-06 23:16 - 00017580 ___AC C:\Documents and Settings\MOM\Desktop\attach.txt
2013-07-06 09:50 - 2013-07-06 23:19 - 00002318 ____A C:\WINDOWS\setupapi.log
2013-07-03 09:32 - 2013-07-06 09:33 - 00000000 ___DC C:\Program Files\Mozilla Firefox
2013-07-02 08:35 - 2013-07-02 08:35 - 00000385 ___AC C:\AdwCleaner[s3].txt
2013-07-02 01:22 - 2013-07-02 01:22 - 00000385 ___AC C:\AdwCleaner[s2].txt
2013-07-02 01:20 - 2013-07-02 01:21 - 00014915 ___AC C:\AdwCleaner[R2].txt
2013-07-02 00:45 - 2013-07-02 00:46 - 00000490 ___AC C:\AdwCleaner[s1].txt
2013-07-02 00:42 - 2013-07-02 00:42 - 00014876 ___AC C:\AdwCleaner[R1].txt
2013-07-01 14:48 - 2013-07-01 14:48 - 00000000 ___DC C:\Documents and Settings\MOM\Application Data\Malwarebytes
2013-07-01 14:47 - 2013-07-01 14:48 - 00000000 ___DC C:\Program Files\Malwarebytes' Anti-Malware
2013-07-01 14:47 - 2013-07-01 14:47 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\Malwarebytes
2013-07-01 14:47 - 2013-04-04 14:50 - 00022856 ____A (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

==================== One Month Modified Files and Folders =======

2013-07-11 17:04 - 2013-05-15 02:56 - 02033213 ____A C:\WINDOWS\WindowsUpdate.log
2013-07-11 17:00 - 2013-07-11 17:00 - 00000000 ___DC C:\FRST
2013-07-11 16:59 - 2010-10-26 08:19 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\MFAData
2013-07-11 16:58 - 2008-10-29 22:26 - 00000418 __AHC C:\WINDOWS\Tasks\User_Feed_Synchronization-{B7099585-5F74-4162-8AB5-AF79FCB27C1C}.job
2013-07-11 10:23 - 2009-11-06 23:13 - 00000880 ___AC C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-11 09:34 - 2013-07-11 09:34 - 00000689 ___AC C:\Documents and Settings\MOM\Desktop\eset.txt
2013-07-11 09:29 - 2012-04-10 20:04 - 00000830 ___AC C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-07-11 09:27 - 2013-07-11 09:27 - 00000000 ___DC C:\Documents and Settings\MOM\My Documents\New Folder
2013-07-11 02:59 - 2013-07-11 02:59 - 00000000 ___DC C:\Program Files\ESET
2013-07-11 02:44 - 2013-07-10 17:32 - 00000000 ____D C:\WINDOWS\ERDNT
2013-07-11 02:43 - 2005-11-29 00:12 - 00000000 ____D C:\WINDOWS\Registration
2013-07-11 02:43 - 2005-08-17 12:39 - 00001158 ___AC C:\WINDOWS\system32\wpa.dbl
2013-07-11 02:40 - 2006-02-15 00:56 - 00000062 _ASHC C:\Documents and Settings\MOM\Local Settings\desktop.ini
2013-07-11 02:40 - 2005-11-29 00:17 - 00000062 _ASHC C:\Documents and Settings\NetworkService\Local Settings\desktop.ini
2013-07-11 02:40 - 2005-11-29 00:17 - 00000062 _ASHC C:\Documents and Settings\LocalService\Local Settings\desktop.ini
2013-07-11 02:40 - 2005-08-17 12:39 - 00000006 __AHC C:\WINDOWS\Tasks\SA.DAT
2013-07-11 00:34 - 2013-07-11 00:32 - 00000388 ___AC C:\AdwCleaner[s4].txt
2013-07-11 00:31 - 2013-07-11 00:31 - 00008124 ___AC C:\AdwCleaner[R3].txt
2013-07-10 20:50 - 2013-07-10 20:50 - 00012541 ___AC C:\Documents and Settings\MOM\Desktop\JRT.txt
2013-07-10 20:33 - 2013-07-10 20:33 - 00000000 ____D C:\WINDOWS\ERUNT
2013-07-10 19:20 - 2013-07-10 17:41 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2013-07-10 18:00 - 2012-10-12 01:56 - 00000464 ____A C:\WINDOWS\Tasks\SpeedyPC Registration3.job
2013-07-10 17:31 - 2013-07-10 17:31 - 00000645 ___AC C:\Documents and Settings\MOM\Desktop\NTREGOPT.lnk
2013-07-10 17:31 - 2013-07-10 17:31 - 00000626 ___AC C:\Documents and Settings\MOM\Desktop\ERUNT.lnk
2013-07-10 17:31 - 2013-07-10 17:30 - 00000000 ___DC C:\Program Files\ERUNT
2013-07-10 17:08 - 2012-02-28 21:34 - 00000284 ___AC C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-07-10 13:31 - 2010-05-05 08:26 - 00000820 ___AC C:\WINDOWS\Tasks\Google Software Updater.job
2013-07-10 09:04 - 2012-10-12 01:55 - 00000436 ____A C:\WINDOWS\Tasks\SpeedyPC Update Version3.job
2013-07-10 09:04 - 2012-10-12 01:54 - 00000392 ____A C:\WINDOWS\Tasks\SpeedyPC Pro.job
2013-07-10 07:23 - 2005-08-17 12:39 - 00032540 ____A C:\WINDOWS\SchedLgU.Txt
2013-07-10 01:23 - 2009-11-06 23:13 - 00000876 ___AC C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-08 23:45 - 2010-08-24 09:03 - 00000000 ___DC C:\Documents and Settings\MOM\Local Settings\Application Data\WeatherBug
2013-07-08 13:31 - 2013-01-05 22:10 - 00334810 ___AC C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2013-07-08 13:31 - 2006-02-15 00:56 - 00000278 __SHC C:\Documents and Settings\MOM\ntuser.ini
2013-07-08 13:31 - 2006-02-15 00:56 - 00000000 ___DC C:\Documents and Settings\MOM
2013-07-08 09:53 - 2012-10-06 15:05 - 00000736 ___AC C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
2013-07-07 21:43 - 2011-02-04 14:46 - 00000282 ____A C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-820892040-1120259444-1739031538-1005.job
2013-07-07 07:10 - 2010-07-13 13:58 - 00000000 ___AC C:\Documents and Settings\MOM\Local Settings\Application Data\prvlcl.dat
2013-07-06 23:19 - 2013-07-06 09:50 - 00002318 ____A C:\WINDOWS\setupapi.log
2013-07-06 23:16 - 2013-07-06 23:16 - 00021303 ___AC C:\Documents and Settings\MOM\Desktop\dds.txt
2013-07-06 23:16 - 2013-07-06 23:16 - 00017580 ___AC C:\Documents and Settings\MOM\Desktop\attach.txt
2013-07-06 09:40 - 2005-11-29 00:12 - 00000000 ___DC C:\Documents and Settings\Administrator
2013-07-06 09:36 - 2012-11-26 09:12 - 00000000 ___DC C:\Program Files\Mozilla Maintenance Service
2013-07-06 09:33 - 2013-07-03 09:32 - 00000000 ___DC C:\Program Files\Mozilla Firefox
2013-07-02 08:35 - 2013-07-02 08:35 - 00000385 ___AC C:\AdwCleaner[s3].txt
2013-07-02 01:22 - 2013-07-02 01:22 - 00000385 ___AC C:\AdwCleaner[s2].txt
2013-07-02 01:21 - 2013-07-02 01:20 - 00014915 ___AC C:\AdwCleaner[R2].txt
2013-07-02 00:46 - 2013-07-02 00:45 - 00000490 ___AC C:\AdwCleaner[s1].txt
2013-07-02 00:42 - 2013-07-02 00:42 - 00014876 ___AC C:\AdwCleaner[R1].txt
2013-07-01 16:42 - 2005-08-17 12:21 - 00656224 ___AC C:\WINDOWS\system32\PerfStringBackup.INI
2013-07-01 16:29 - 2006-02-16 21:55 - 00000000 ____D C:\WINDOWS\OPTIONS
2013-07-01 14:48 - 2013-07-01 14:48 - 00000000 ___DC C:\Documents and Settings\MOM\Application Data\Malwarebytes
2013-07-01 14:48 - 2013-07-01 14:47 - 00000000 ___DC C:\Program Files\Malwarebytes' Anti-Malware
2013-07-01 14:47 - 2013-07-01 14:47 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\Malwarebytes
2013-06-21 03:15 - 2012-12-23 00:49 - 00000000 ___DC C:\Documents and Settings\MOM\Application Data\HpUpdate
2013-06-17 13:56 - 2006-04-15 16:41 - 00000000 ___DC C:\Documents and Settings\MOM\Desktop\Unused Desktop Shortcuts
2013-06-17 13:07 - 2013-05-03 02:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallwinusb0100$
2013-06-17 13:07 - 2011-10-05 15:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$
2013-06-17 13:07 - 2009-06-01 21:11 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01007$
2013-06-17 13:07 - 2008-06-06 22:01 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01005$
2013-06-17 13:07 - 2007-03-24 22:55 - 00000000 __HDC C:\WINDOWS\$NtUninstallWIC$
2013-06-17 13:07 - 2006-12-23 22:52 - 00000000 __HDC C:\WINDOWS\$NtUninstallMSCompPackV1$
2013-06-17 13:07 - 2006-12-23 22:50 - 00000000 __HDC C:\WINDOWS\$NtUninstallWudf01000$
2013-06-17 13:07 - 2006-12-23 22:50 - 00000000 __HDC C:\WINDOWS\$NtUninstallWMFDist11$
2013-06-17 13:07 - 2006-11-29 15:35 - 00000000 __HDC C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2013-06-17 13:07 - 2006-11-29 15:35 - 00000000 __HDC C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2013-06-17 11:23 - 2013-01-11 11:05 - 01091565 ___AC C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-820892040-1120259444-1739031538-1005-0.dat
2013-06-11 22:31 - 2012-04-10 20:04 - 00692104 ___AC (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-06-11 22:31 - 2011-05-14 23:07 - 00071048 ___AC (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2004-08-10 10:00] - [2007-12-01 01:26] - 1033728 ____A (Microsoft Corporation) e0ee428f4777a3cd8760bad61f87abed

C:\Windows\System32\winlogon.exe
[2004-08-10 10:00] - [2007-12-01 01:26] - 0507904 ____A (Microsoft Corporation) 45ffe966290b9c4ba659325561de4830

C:\Windows\System32\svchost.exe
[2004-08-10 10:00] - [2007-12-01 01:26] - 0014336 ____A (Microsoft Corporation) 0c82b0ae50bb2bc8a96a753f4edc495f

C:\Windows\System32\services.exe
[2004-08-10 10:00] - [2007-12-01 01:26] - 0108544 ____A (Microsoft Corporation) 76727219614a50b2db29bd0cda4260d5

C:\Windows\System32\User32.dll
[2004-08-10 10:00] - [2007-12-01 01:26] - 0578560 ____A (Microsoft Corporation) 6c74c62ecdc3981a7f1f8f1656b27871

C:\Windows\System32\userinit.exe
[2004-08-10 10:00] - [2012-04-10 20:04] - 0026112 ___AC (Microsoft Corporation) 813b2e9c4caea05fba51a442fab7a95d

C:\Windows\System32\Drivers\volsnap.sys
[2004-08-10 10:00] - [2007-11-30 18:25] - 0052352 ___AC (Microsoft Corporation) 2abf037f9d447424b58d73706b55b762


==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-07-2013 02
Ran by MOM at 2013-07-11 17:04:54
Running from C:\Documents and Settings\MOM\My Documents\downloads
Boot Mode: Normal
==========================================================

32 Bit HP CIO Components Installer (Version: 2.1.5)
7-Zip 9.20
Acrobat.com (Version: 2.1.0)
Acrobat.com (Version: 2.1.0.0)
Ad-Aware (Version: 8.0.0)
Ad-Aware Browsing Protection (Version: 0.9.0.3)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 10 ActiveX (Version: 10.0.22.87)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Help Center 2.0 (Version: 2.0.0)
Adobe Photoshop Elements 4.0 (Version: 4.0)
Adobe Reader X (10.1.7) (Version: 10.1.7)
Advanced SystemCare 3 (Version: 3.4.1)
AI RoboForm (All Users)
AIO_Scan (Version: 90.0.189.000)
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 2.6.0.32)
Apple Software Update (Version: 2.1.3.127)
Athlon 64 Processor Driver (Version: 1.2.2.2)
ATI - Software Uninstall Utility (Version: 6.14.10.1014)
ATI Control Panel (Version: 6.14.10.5173)
ATI Display Driver (Version: 8.202-051201a2-029034C-HP)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2171)
AVG 2012 (Version: 12.0.2433)
AVG 2013 (Version: 13.0.3204)
AVG 2013 (Version: 13.0.3349)
AVG 2013 (Version: 2013.0.3349)
BlackBerry App World Browser Plugin (Version: 3.1.1.4)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.32)
BlackBerry Device Software Updater (Version: 6.0.1.37)
Broadcom 802.11 Wireless LAN Adapter (Version: 4.100.15.5)
BufferChm (Version: 90.0.146.000)
C7200 (Version: 90.0.189.000)
C7200_doccd (Version: 90.0.189.000)
c7200_Help (Version: 90.0.189.000)
CameraDrivers (Version: 5.0.0.328)
Celestia 1.4.0
Cisco Network Magic (Version: 5.5.09195.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
Conexant AC-Link Audio
Copy (Version: 90.0.146.000)
Dannon Recipe Box 1.0.0.27
Destination Component (Version: 090.000.091.086)
DeviceDiscovery (Version: 110.0.180.000)
DocProc (Version: 9.0.0.0)
DocProcQFolder (Version: 1.00.0000)
Drive Manager (Version: 1.00.0012)
Duplicate Photo Cleaner
DVD Shrink 3.2
EdgeStreamClient 2.2.5.0
ERUNT 1.1j
ESET Online Scanner v3
Evernote v. 4.6.6 (Version: 4.6.6.8360)
Fax (Version: 120.0.194.000)
FLV Player
Form Fill (Windows Live Toolbar) (Version: 03.01.0146)
Gaps Solitaire 1.1.0 (Version: 1.1.0)
getPlus® for Adobe (Version: 1.5.2.35)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4209.2358)
Google Update Helper (Version: 1.3.21.149)
Google Updater (Version: 2.4.2432.1652)
HP BatteryCheck 1.00 A7 (Version: 1.00 A7)
HP Help and Support (Version: 4.1.0008)
HP Photosmart 330,380,420,470,7800,8000,8200 Series (Version: 8.1)
HP Photosmart Essential2.01 (Version: 1.01.0000)
HP Product Assistant (Version: 100.000.001.000)
HP Smart Web Printing (Version: 2.15.7.0)
HP Update (Version: 5.003.001.001)
HP User Guides 0008 (Version: 1.05.0000)
HP Wireless Assistant 1.01 C1 (Version: 1.01 C1)
HP_Network_UserGuide (Version: 1.00.0000)
HPProductAssistant (Version: 90.0.146.000)
HpSdpAppCoreApp (Version: 3.00.0000)
HPSSupply (Version: 2.2.0.0000)
InterVideo WinDVD (Version: 5.0-B11.662)
Java Auto Updater (Version: 2.1.9.0)
Java 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 14.0.8117.416)
JustCloud Setup (Version: 1.0.0.08)
Lavasoft Personal Firewall 1.0 (Version: 1.0)
Learn2 Player (Uninstall Only)
LightScribe  1.4.105.1 (Version: 1.4.105.1)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Map Button (Windows Live Toolbar) (Version: 03.01.0146)
MarketResearch (Version: 90.0.146.000)
Maxtor Manager (Version: 4.01.0303)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft IntelliPoint 7.0 (Version: 7.0.260.0)
Microsoft Location Finder (Version: 3.0)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote 2007 Trial (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (Version: 12.0.4518.1014)
Microsoft Search Enhancement Pack (Version: 3.0.127.0)
Microsoft Silverlight (Version: 4.0.60129.0)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6425.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60816.0)
Microsoft Works (Version: 08.04.0623)
Motorola Phone Tools (Version: 4.30)
Motorola Phone Tools (Version: 5.00)
Move Networks Media Player for Internet Explorer
Mozilla Firefox 17.0 (x86 en-US) (Version: 17.0)
Mozilla Maintenance Service (Version: 22.0)
MSN
MSVC80_x86 (Version: 1.0.1.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB925672) (Version: 4.20.9839.0)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 6.0 Parser (Version: 6.10.1129.0)
muvee autoProducer 4.0 - SE (Version: 4.00.050)
MyFreeCodec
neroxml (Version: 1.0.0)
NetDeviceManager (Version: 90.0.146.000)
NetDeviceManager (Version: 90.0.192.000)
NetWaiting (Version: 2.5.25)
Network Magic (Version: 5.5.9195.0)
NTI Backup Now EZ (Version: 2.5.2.56)
Octoshape add-in for Adobe Flash Player
Octoshape Streaming Services
OneCare Advisor (Windows Live Toolbar) (Version: 03.01.0159.04)
OpenOffice.org Installer 1.0 (Version: 1.0.9221)
OutlookTools 2 (Version: 2.1.0)
PanoStandAlone (Version: 90.0.146.000)
PC Connectivity Solution (Version: 9.13.1.0)
PC Pitstop Driver Alert2 2.0.0.0 (Version: 2.0.0.0)
PC World Toolbar
Picasa 3 (Version: 3.9)
Popup Blocker (Windows Live Toolbar) (Version: 03.01.0146)
Post-it® Software Notes Lite
Print Screen Deluxe
PS_AIO_02_ProductContext (Version: 90.0.189.000)
PS_AIO_02_Software (Version: 90.0.189.000)
PS_AIO_02_Software_min (Version: 90.0.189.000)
PS8200 (Version: 8.01.0000)
PSPrinters08 (Version: 8.01.0000)
PSSWCORE (Version: 2.01.0000)
PSTAPlugin (Version: 8.01.0000)
Pure Networks Platform (Version: 11.2.09195.1)
Quick Launch Buttons 5.20 G1 (Version: 5.20 G1)
QuickTime (Version: 7.71.80.42)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
REALTEK Gigabit and Fast Ethernet NIC Driver (Version: 1.80)
RealUpgrade 1.1 (Version: 1.1.0)
Rhapsody Player Engine (Version: 1.0.604)
Rhapsody Player Engine (Version: 1.1.0)
Samsung Kies (Version: 2.5.3.13043_14)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.23.0)
Scan (Version: 9.0.0.0)
Segoe UI (Version: 14.0.4327.805)
Smart Menus (Windows Live Toolbar) (Version: 03.01.0146)
SMS-it Outlook Interface
SMS-it!
Soft Data Fax Modem with SmartCP
SolutionCenter (Version: 90.0.146.000)
Sonic Audio Module (Version: 2.0.0.1)
Sonic Copy Module (Version: 2.0.0.1)
Sonic Data Module (Version: 2.0.0.1)
Sonic Express Labeler (Version: 2.0.0)
Sonic MyDVD Plus (Version: 6.1.3)
Sonic Update Manager (Version: 3.0.0)
SonicAC3Encoder (Version: 1.00.0000)
SonicMPEGEncoder (Version: 1.00.0000)
SpeedyPC Pro (Version: 3.1.10.0)
Spybot - Search & Destroy (Version: 1.6.2)
Spybot - Search & Destroy 1.5.2.20
Spyware Doctor 3.2 (Version: 3.2)
Status (Version: 110.0.180.000)
Texas Instruments PCIxx21/x515/xx12 drivers. (Version: 1.20.0000)
The Weather Channel App
TIPCI (Version: 1.20.0000)
Toolbox (Version: 90.0.146.000)
TrayApp (Version: 110.0.180.000)
Trillian
U3Launcher (Version: 1.0.0)
Uniblue RegistryBooster 2
Unity Web Player (HKCU Version: )
Unix Utilities for Yahoo! Widgets
Unload (Version: 5.0.0)
UnloadSupport (Version: 9.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Outlook 2007 Junk Email Filter (KB2508979)
Update Rollup 2 for Windows XP Media Center Edition 2005
URGE (Version: 1.1.8115.0)
VideoToolkit01 (Version: 90.0.146.000)
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Viewpoint Toolbar V35 (Remove Only)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Visual Studio 2005 Tools for Office Second Edition Runtime
WeatherBug (Version: 7.0.0.7)
WebEx Support Manager for Internet Explorer (Version: 6.5.4917)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 90.0.146.000)
Widevine Media Transformer Plugin 5.0.0 (Version: 5.0.0.4679)
Winamp (remove only)
Windows Driver Package - Nokia Modem  (03/05/2008 3.7) (Version: 03/05/2008 3.7)
Windows Driver Package - Nokia Modem  (03/13/2008 6.86.0.1) (Version: 03/13/2008 6.86.0.1)
Windows Driver Package - Nokia Modem  (05/22/2008 3.8) (Version: 05/22/2008 3.8)
Windows Driver Package - Nokia Modem  (05/22/2008 7.00.0.1) (Version: 05/22/2008 7.00.0.1)
Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0018.5)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0036.0)
Windows Internet Explorer 7 (Version: 20061107.210142)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Family Safety (Version: 14.0.8118.427)
Windows Live Favorites for Windows Live Toolbar (Version: 03.01.0130)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Outlook Toolbar (Windows Live Toolbar) (Version: 03.01.0146)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Toolbar (Version: 14.0.8117.416)
Windows Live Toolbar Extension (Windows Live Toolbar) (Version: 03.01.0146)
Windows Live Toolbar Feed Detector (Windows Live Toolbar) (Version: 03.01.0146)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8117.0416)
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Wireless Home Network Setup (Version: 1.1.154.1)
Yahoo! Widgets (Version: 4.5.2.0)
Zinio Reader
 

==================== Restore Points  =========================

14-04-2013 00:42:34 SpeedyPC Pro Backup
16-04-2013 06:08:40 Removed Evernote v. 4.6.2
16-04-2013 06:13:16 Installed Evernote v. 4.6.4
20-04-2013 17:20:31 SpeedyPC Pro Backup
01-05-2013 13:30:05 SpeedyPC Pro Backup
03-05-2013 06:54:02 Installed Samsung Kies
03-05-2013 07:22:50 Installed Windows XP winusb0100.
04-05-2013 13:48:28 SpeedyPC Pro Backup
08-05-2013 11:58:49 SpeedyPC Pro Backup
15-05-2013 04:55:02 System Checkpoint
15-05-2013 07:54:30 SpeedyPC Pro Backup
23-05-2013 04:07:47 SpeedyPC Pro Backup
25-05-2013 13:45:00 SpeedyPC Pro Backup
30-05-2013 04:39:39 SpeedyPC Pro Backup
16-06-2013 00:25:18 Removed Evernote v. 4.6.4
16-06-2013 00:26:23 Installed Evernote v. 4.6.6
19-06-2013 15:07:18 SpeedyPC Pro Backup
04-07-2013 09:49:03 System Checkpoint
05-07-2013 15:22:57 System Checkpoint
06-07-2013 14:32:49 SpeedyPC Pro Backup
11-07-2013 10:54:27 System Checkpoint

==================== Hosts content: ==========================

2004-08-10 10:00 - 2008-02-15 09:20 - 00224678 ____C C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.1001-search.info
127.0.0.1    1001-search.info
127.0.0.1    www.100888290cs.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100sexlinks.com
127.0.0.1    100sexlinks.com
127.0.0.1    www.10sek.com
127.0.0.1    10sek.com
127.0.0.1    www.123topsearch.com
127.0.0.1    123topsearch.com
127.0.0.1    www.132.com
127.0.0.1    132.com
127.0.0.1    www.136136.net
127.0.0.1    136136.net
127.0.0.1    www.139mm.com
127.0.0.1    139mm.com
127.0.0.1    www.163ns.com
127.0.0.1    163ns.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job => ?
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_rundll32_exe.job => C:\WINDOWS\system32\rundll32.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-820892040-1120259444-1739031538-1005.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-820892040-1120259444-1739031538-1005.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\SpeedyPC Pro.job => C:\Program Files\SpeedyPC Software\SpeedyPC\SpeedyPC.exe
Task: C:\WINDOWS\Tasks\SpeedyPC Registration3.job => C:\WINDOWS\system32\rundll32.exe
Task: C:\WINDOWS\Tasks\SpeedyPC Update Version3 Startup Task.job => C:\Program Files\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe
Task: C:\WINDOWS\Tasks\SpeedyPC Update Version3.job => C:\Program Files\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{B7099585-5F74-4162-8AB5-AF79FCB27C1C}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Faulty Device Manager Devices =============

Name: 1394 Net Adapter
Description: 1394 Net Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NIC1394
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart C7200 series
Description: Photosmart C7200 series
Class Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Nokia 6085
Description: Nokia Windows Portable Device Driver
Class Guid: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Manufacturer: Nokia
Service: WUDFRd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Nokia 6085
Description: Nokia 6085
Class Guid: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Manufacturer: Nokia
Service: WUDFRd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/09/2013 00:35:48 AM) (Source: Windows Search Service) (User: )
Description: 10x80070002

Error: (07/09/2013 00:31:22 AM) (Source: Windows Search Service) (User: )
Description: 10x80070002

Error: (07/09/2013 00:29:01 AM) (Source: Windows Search Service) (User: )
Description: 10x80070002

Error: (07/09/2013 00:28:00 AM) (Source: Windows Search Service) (User: )
Description: 10x80070002

Error: (07/09/2013 00:27:26 AM) (Source: Windows Search Service) (User: )
Description: 10x80070002

Error: (07/09/2013 00:27:09 AM) (Source: Windows Search Service) (User: )
Description: 10x80070002

Error: (07/06/2013 09:39:26 AM) (Source: Windows Search Service) (User: )
Description: 10x80070002

Error: (07/04/2013 11:33:42 PM) (Source: Windows Search Service) (User: )
Description: 10x80070002

Error: (07/04/2013 08:17:55 AM) (Source: Windows Search Service) (User: )
Description: 10x80070002

Error: (07/04/2013 08:13:51 AM) (Source: Windows Search Service) (User: )
Description: 10x80070002


System errors:
=============
Error: (07/11/2013 02:46:17 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register with DCOM within the required timeout.

Error: (07/11/2013 02:43:45 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18).  This security permission can be modified using the Component Services administrative tool.

Error: (07/11/2013 02:43:18 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
avgtp
Lbd

Error: (07/11/2013 02:43:18 AM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (07/11/2013 02:41:32 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).

Error: (07/11/2013 02:41:32 AM) (Source: Service Control Manager) (User: )
Description: The Kodak Camera Connection Software service failed to start due to the following error:
%%2

Error: (07/11/2013 02:40:13 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18).  This security permission can be modified using the Component Services administrative tool.

Error: (07/11/2013 01:00:22 AM) (Source: BROWSER) (User: )
Description: The browser was unable to update the service status bits.  The data is the error.

Error: (07/09/2013 11:13:45 PM) (Source: WPDMTPDriver) (User: )
Description: MTP WPD Driver has failed to start. Error 0x8007048f.

Error: (07/09/2013 11:13:42 PM) (Source: Service Control Manager) (User: )
Description: The Pure Networks Platform Service service terminated unexpectedly.  It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (02/25/2012 11:47:11 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 2180 seconds with 1440 seconds of active time.  This session ended with a crash.

Error: (08/16/2011 10:08:20 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 335 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (02/15/2011 09:29:06 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1730 seconds with 420 seconds of active time.  This session ended with a crash.

Error: (12/28/2010 08:33:33 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6548.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 31632 seconds with 2040 seconds of active time.  This session ended with a crash.

Error: (11/25/2010 00:10:52 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 830 seconds with 300 seconds of active time.  This session ended with a crash.

Error: (09/15/2010 03:50:10 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 33 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (09/11/2010 00:01:36 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 891 seconds with 480 seconds of active time.  This session ended with a crash.

Error: (06/14/2010 07:42:22 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 20021 seconds with 1680 seconds of active time.  This session ended with a crash.

Error: (02/24/2010 10:03:05 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 56 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/24/2010 10:01:29 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2902 seconds with 1500 seconds of active time.  This session ended with a crash.


==================== Memory info ===========================

Percentage of memory in use: 88%
Total physical RAM: 1022.17 MB
Available physical RAM: 115.13 MB
Total Pagefile: 2459.48 MB
Available Pagefile: 1369.39 MB
Total Virtual: 2047.88 MB
Available Virtual: 1952.35 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.32 GB) (Free:13.8 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (Under the Horse) (CDROM) (Total:1.85 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 75 GB) (Disk ID: 16351635)
Partition 1: (Active) - (Size=74 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=204 MB) - (Type=88)

==================== End Of Log ============================

Link to post
Share on other sites

  • Root Admin

Please uninstall the following software.  Once done if you want to install the latest versions you can.
If any of them require a license or registration please ensure you have that before removing.

Go to your Control Panel, Programs, Add/Remove


Ad-Aware
Ad-Aware Browsing Protection
AOL Toolbar
AVG Secure Search
Google Toolbar for Internet Explorer
PC World Toolbar
SpeedyPC Pro
Spybot - Search & Destroy (Version: 1.6.2)
Spybot - Search & Destroy 1.5.2.20
Spyware Doctor 3.2 (Version: 3.2)
Viewpoint Toolbar
Windows Live Toolbar
Yahoo! Toolbar
ESET Online Scanner v3
MyFreeCodec



These programs are old and are exploited you need to uninstall them and if possible simply don't use Java.
Java Auto Updater
Java™ 6 Update 31


Your version of Mozilla Firefox 17.0 is out of date.  You need to update it.


This software is pretty much Snake Oil and can cause more harm to your computer than good.  You should uninstall it.
Uniblue RegistryBooster 2

Do I need a Windows Registry Cleaner?



Advanced SystemCare 3
The company behind this product was found to be stealing our database.
Personally I would not trust installing any software from a company that resorts to stealing someone's technology to sell their product.
Please see the following links and make up your own mind if you want to keep this on your system. If needed I can help you remove it.

 

Once you've removed all of these programs then please run the following.


Please download the attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

 

 

Then reboot the computer and let me know how it's running now and if there are still any signs of an infection or other issue

 

Thanks

 

fixlist.txt

Link to post
Share on other sites

I think I removed everything on the list. I forgot to restart the computer before I ran the fix so, I ran it a second time after the restart. Hope that doesn't matter. I also removed the items in the step 5 log, as you suggested.

Here is the FRST log:

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 14-07-2013
Ran by MOM at 2013-07-14 00:15:37 Run:2
Running from C:\Documents and Settings\MOM\Desktop
Boot Mode: Normal

==============================================

HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{0A94B116-4504-4e26-AB05-E61E474AA38B} => Value not found.
HKCR\CLSID\{0A94B116-4504-4e26-AB05-E61E474AA38B} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} => Key not found.
HKCR\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B3FFF406-BFAB-4CAA-860B-3B02B85CB42E} => Key not found.
HKCR\CLSID\{B3FFF406-BFAB-4CAA-860B-3B02B85CB42E} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => Key not found.
HKCR\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} => Key not found.
HKCR\CLSID\{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7327C09-B521-4EDB-8509-7D2660C9EC98} => Key not found.
HKCR\CLSID\{A7327C09-B521-4EDB-8509-7D2660C9EC98} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B56A7D7D-6927-48C8-A975-17DF180C71AC} => Key not found.
HKCR\CLSID\{B56A7D7D-6927-48C8-A975-17DF180C71AC} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B8FC7AE4-FD8B-477c-B1BD-DE14280DECAF} => Key not found.
HKCR\CLSID\{B8FC7AE4-FD8B-477c-B1BD-DE14280DECAF} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{4982D40A-C53B-4615-B15B-B5B5E98D167C} => Value not found.
HKCR\CLSID\{4982D40A-C53B-4615-B15B-B5B5E98D167C} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{F8AD5AA5-D966-4667-9DAF-2561D68B2012} => Value not found.
HKCR\CLSID\{F8AD5AA5-D966-4667-9DAF-2561D68B2012} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Value not found.
HKCR\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} => Value not found.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Value not found.
HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value not found.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} => Value not found.
HKCR\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4982D40A-C53B-4615-B15B-B5B5E98D167C} => Value not found.
HKCR\CLSID\{4982D40A-C53B-4615-B15B-B5B5E98D167C} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} => Value not found.
HKCR\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4982D40A-C53B-4615-B15B-B5B5E98D167C} => Value not found.
HKCR\CLSID\{4982D40A-C53B-4615-B15B-B5B5E98D167C} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} => Value not found.
HKCR\CLSID\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} => Value not found.
HKCR\CLSID\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} => Value not found.
HKCR\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => Value not found.
HKCR\CLSID\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value not found.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Value not found.
HKCR\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Value not found.
HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Key not found.
HKCR\CLSID\{0E5F0222-96B9-11D3-8997-00104BD12D94} => Key not found.
HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93} => Key deleted successfully.
HKCR\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} => Key not found.
HKCR\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} => Key deleted successfully.
HKCR\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} => Key deleted successfully.
HKCR\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} => Key not found.
HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => Key deleted successfully.
HKCR\CLSID\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C} => Key not found.
HKCR\CLSID\{FFB3A759-98B1-446F-BDA9-909C6EB18CC7} => Key not found.
HKCR\PROTOCOLS\Handler\linkscanner => Key not found.
HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => Key not found.
HKCR\PROTOCOLS\Filter\x-sdch => Key not found.
HKCR\CLSID\{B1759355-3EEC-4C1E-B0F1-B719FE26E377} => Key not found.
AVG Security Toolbar Service => Service not found.
vToolbarUpdater13.0.0 => Service not found.
JavaQuickStarterService => Service not found.
"C:\WINDOWS\Tasks\User_Feed_Synchronization-{B7099585-5F74-4162-8AB5-AF79FCB27C1C}.job" => File/Directory not found.
"C:\AdwCleaner[s4].txt" => File/Directory not found.
"C:\AdwCleaner[R3].txt" => File/Directory not found.
"C:\AdwCleaner[s3].txt" => File/Directory not found.
"C:\AdwCleaner[s2].txt" => File/Directory not found.
"C:\AdwCleaner[R2].txt" => File/Directory not found.
"C:\AdwCleaner[s1].txt" => File/Directory not found.
"C:\AdwCleaner[R1].txt" => File/Directory not found.
"C:\AdwCleaner[s4].txt" => File/Directory not found.
"C:\AdwCleaner[R3].txt" => File/Directory not found.
C:\WINDOWS\Tasks\Google Software Updater.job => Moved successfully.
"C:\WINDOWS\Tasks\SpeedyPC Update Version3.job" => File/Directory not found.
"C:\WINDOWS\Tasks\SpeedyPC Pro.job" => File/Directory not found.
"C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job" => File/Directory not found.
"C:\WINDOWS\Tasks\SpeedyPC Update Version3.job" => File/Directory not found.
"C:\WINDOWS\Tasks\SpeedyPC Pro.job" => File/Directory not found.
"C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job" => File/Directory not found.
C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job not found.
C:\WINDOWS\Tasks\Google Software Updater.job not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job not found.
C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_rundll32_exe.job not found.
C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-820892040-1120259444-1739031538-1005.job not found.
C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-820892040-1120259444-1739031538-1005.job not found.
C:\WINDOWS\Tasks\SpeedyPC Pro.job not found.
C:\WINDOWS\Tasks\SpeedyPC Registration3.job not found.
C:\WINDOWS\Tasks\SpeedyPC Update Version3 Startup Task.job not found.
C:\WINDOWS\Tasks\SpeedyPC Update Version3.job not found.
C:\WINDOWS\Tasks\User_Feed_Synchronization-{B7099585-5F74-4162-8AB5-AF79FCB27C1C}.job not found.

==== End of Fixlog ====

Link to post
Share on other sites

  • Root Admin

Looks good.  Okay, please run the following items and post back new logs.

 

 

Please run the following scanner and send back the logs.

Download DDS from one of the locations below and save to your Desktop
dds.scr
dds.com


Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr or dds.com to run the tool.
Click the Run button if prompted with an Open File - Security Warning dialog box.
A black DOS console should open and run for a moment. 


    When done, DDS will open two (2) logs:
  1. DDS.txt
  2. Attach.txt


  • Save both reports to your desktop
  • Please include the following logs in your next reply as an attachment: DDS.txt and Attach.txt
    You can ignore the note about zipping the Attach.txt file


 

 

Next, Please download MiniToolBox save it to your desktop and run it.

Checkmark the following check-boxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using Reset FF Proxy Settings option Firefox should be closed.
 
 
 
Next, download Security Check from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


 

 

Thanks

Link to post
Share on other sites

Ok, Here we go:

 

attach.txt

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 2/14/2006 11:54:59 PM
System Uptime: 7/14/2013 5:05:42 AM (58 hours ago)
.
Motherboard: Hewlett-Packard  |  | 30A4
Processor: AMD Turion 64 Mobile Technology ML-40 | U23 | 1575/mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 74 GiB total, 13.982 GiB free.
D: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\CE84407D613F0200
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\CE84407D613F0200
Service: NIC1394
.
Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}
Description: Photosmart C7200 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart C7200 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia Windows Portable Device Driver
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: Nokia 6085
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd
.
Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia 6085
Device ID: ROOT\WPD\0001
Manufacturer: Nokia
Name: Nokia 6085
PNP Device ID: ROOT\WPD\0001
Service: WUDFRd
.
==== System Restore Points ===================
.
RP34: 4/20/2013 12:20:31 PM - SpeedyPC Pro Backup
RP35: 5/1/2013 8:30:05 AM - SpeedyPC Pro Backup
RP36: 5/3/2013 1:54:02 AM - Installed Samsung Kies
RP37: 5/3/2013 2:22:50 AM - Installed Windows XP winusb0100.
RP38: 5/4/2013 8:48:28 AM - SpeedyPC Pro Backup
RP39: 5/8/2013 6:58:49 AM - SpeedyPC Pro Backup
RP40: 5/14/2013 11:55:02 PM - System Checkpoint
RP41: 5/15/2013 2:54:30 AM - SpeedyPC Pro Backup
RP42: 5/22/2013 11:07:47 PM - SpeedyPC Pro Backup
RP43: 5/25/2013 8:45:00 AM - SpeedyPC Pro Backup
RP44: 5/29/2013 11:39:39 PM - SpeedyPC Pro Backup
RP45: 6/15/2013 7:25:18 PM - Removed Evernote v. 4.6.4
RP46: 6/15/2013 7:26:23 PM - Installed Evernote v. 4.6.6
RP47: 6/19/2013 10:07:18 AM - SpeedyPC Pro Backup
RP48: 7/4/2013 4:49:03 AM - System Checkpoint
RP49: 7/5/2013 10:22:57 AM - System Checkpoint
RP50: 7/6/2013 9:32:49 AM - SpeedyPC Pro Backup
RP51: 7/11/2013 5:54:27 AM - System Checkpoint
RP52: 7/13/2013 2:29:36 AM - Removed Windows Live Upload Tool
RP53: 7/13/2013 2:30:03 AM - Removed Windows Live Favorites for Windows Live Toolbar
RP54: 7/13/2013 5:34:42 PM - Removed WeatherBug
RP55: 7/14/2013 6:15:18 PM - System Checkpoint
RP56: 7/15/2013 6:31:41 PM - System Checkpoint
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
7-Zip 9.20
Acrobat.com
Ad-Aware
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Help Center 2.0
Adobe Photoshop Elements 4.0
Adobe Reader XI (11.0.03)
AI RoboForm (All Users)
AIO_Scan
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Athlon 64 Processor Driver
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
AVG 2012
AVG 2013
BlackBerry App World Browser Plugin
BlackBerry Desktop Software 7.1
BlackBerry Device Software Updater
Broadcom 802.11 Wireless LAN Adapter
BufferChm
C7200
C7200_doccd
c7200_Help
CameraDrivers
Celestia 1.4.0
Cisco Network Magic
Compatibility Pack for the 2007 Office system
Conexant AC-Link Audio
Copy
Dannon Recipe Box 1.0.0.27
Destination Component
DeviceDiscovery
DocProc
DocProcQFolder
Drive Manager
Duplicate Photo Cleaner
DVD Shrink 3.2
EdgeStreamClient 2.2.5.0
ERUNT 1.1j
Evernote v. 4.6.6
Fax
FLV Player
Form Fill (Windows Live Toolbar)
getPlus® for Adobe
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB954550-v5)
HP BatteryCheck 1.00 A7
HP Help and Support
HP Photosmart 330,380,420,470,7800,8000,8200 Series
HP Photosmart Essential2.01
HP Product Assistant
HP Smart Web Printing
HP Update
HP User Guides 0008
HP Wireless Assistant 1.01 C1
HP_Network_UserGuide
HPProductAssistant
HpSdpAppCoreApp
HPSSupply
InterVideo WinDVD
Java Auto Updater
Java 6 Update 31
Junk Mail filter update
JustCloud Setup
Lavasoft Personal Firewall 1.0
Learn2 Player (Uninstall Only)
LightScribe  1.4.105.1
Malwarebytes Anti-Malware version 1.75.0.1300
Map Button (Windows Live Toolbar)
MarketResearch
Maxtor Manager
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft IntelliPoint 7.0
Microsoft Location Finder
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote 2007
Microsoft Office OneNote 2007 Trial
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Software Update for Web Folders  (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Works
Motorola Phone Tools
Move Networks Media Player for Internet Explorer
Mozilla Firefox 17.0 (x86 en-US)
Mozilla Maintenance Service
MSN
MSVC80_x86
MSVCRT
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 6.0 Parser
muvee autoProducer 4.0 - SE
neroxml
NetDeviceManager
NetWaiting
Network Magic
NTI Backup Now EZ
Octoshape add-in for Adobe Flash Player
Octoshape Streaming Services
OneCare Advisor (Windows Live Toolbar)
OpenOffice.org Installer 1.0
OutlookTools 2
PanoStandAlone
PC Connectivity Solution
PC World Toolbar
Picasa 3
Popup Blocker (Windows Live Toolbar)
Post-it® Software Notes Lite
Print Screen Deluxe
PS_AIO_02_ProductContext
PS_AIO_02_Software
PS_AIO_02_Software_min
PS8200
PSPrinters08
PSSWCORE
PSTAPlugin
Pure Networks Platform
Quick Launch Buttons 5.20 G1
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
REALTEK Gigabit and Fast Ethernet NIC Driver
RealUpgrade 1.1
Rhapsody Player Engine
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Scan
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Segoe UI
Smart Menus (Windows Live Toolbar)
SMS-it Outlook Interface
SMS-it!
Soft Data Fax Modem with SmartCP
SolutionCenter
Sonic Audio Module
Sonic Copy Module
Sonic Data Module
Sonic Express Labeler
Sonic MyDVD Plus
Sonic Update Manager
SonicAC3Encoder
SonicMPEGEncoder
Status
Texas Instruments PCIxx21/x515/xx12 drivers.
The Weather Channel App
TIPCI
Toolbox
TrayApp
Trillian
U3Launcher
Unity Web Player
Unload
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Outlook 2007 Junk Email Filter (KB2508979)
Update Rollup 2 for Windows XP Media Center Edition 2005
URGE
VideoToolkit01
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual Studio 2005 Tools for Office Second Edition Runtime
WebEx Support Manager for Internet Explorer
WebFldrs XP
WebReg
Widevine Media Transformer Plugin 5.0.0
Winamp (remove only)
Windows Driver Package - Nokia Modem  (03/05/2008 3.7)
Windows Driver Package - Nokia Modem  (03/13/2008 6.86.0.1)
Windows Driver Package - Nokia Modem  (05/22/2008 3.8)
Windows Driver Package - Nokia Modem  (05/22/2008 7.00.0.1)
Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Outlook Toolbar (Windows Live Toolbar)
Windows Live Photo Gallery
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Toolbar Feed Detector (Windows Live Toolbar)
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Wireless Home Network Setup
Zinio Reader
.
==== Event Viewer Messages From Past Week ========
.
7/9/2013 11:13:45 PM, error: WPDMTPDriver [15300]  - MTP WPD Driver has failed to start. Error 0x8007048f.
7/9/2013 11:13:42 PM, error: Service Control Manager [7034]  - The Pure Networks Platform Service service terminated unexpectedly.  It has done this 1 time(s).
7/13/2013 9:40:07 AM, error: Dhcp [1002]  - The IP address lease 192.168.0.101 for the Network Card with network address 0014A569E70F has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
7/13/2013 12:16:06 AM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the COM+ System Application service to connect.
7/13/2013 12:16:06 AM, error: Service Control Manager [7000]  - The COM+ System Application service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
7/13/2013 12:16:06 AM, error: DCOM [10005]  - DCOM got error "%1053" attempting to start the service COMSysApp with arguments "" in order to run the server: {ECABAFBC-7F19-11D2-978E-0000F8757E2A}
7/13/2013 12:15:29 AM, error: Service Control Manager [7022]  - The Windows Search service hung on starting.
7/13/2013 12:14:11 AM, error: W32Time [17]  - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
7/11/2013 2:43:45 AM, error: DCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18).  This security permission can be modified using the Component Services administrative tool.
7/11/2013 2:43:18 AM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  avgtp Lbd
7/11/2013 2:43:18 AM, error: Service Control Manager [7022]  - The HP CUE DeviceDiscovery Service service hung on starting.
7/11/2013 2:41:32 AM, error: Service Control Manager [7024]  - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).
7/11/2013 2:41:32 AM, error: Service Control Manager [7000]  - The Kodak Camera Connection Software service failed to start due to the following error:  The system cannot find the file specified.
7/11/2013 1:00:22 AM, error: BROWSER [8007]  - The browser was unable to update the service status bits.  The data is the error.
.
==== End Of File ===========================
 

 

 

 

dds.txt

 

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 1.6.0_31
Run by MOM at 15:45:13 on 2013-07-16
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1022.459 [GMT -5:00]
.
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZtray.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\Samsung\Kies\KiesAirMessage.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\system32\svchost.exe -k HPService
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.





uProxyOverride = <local>



uURLSearchHooks: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - <orphaned>
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hewlett-packard\smart web printing\hpswp_printenhancer.dll
BHO: HP Print Clips: {053F9267-DC04-4294-A72C-58F732D338C0} - c:\program files\hewlett-packard\smart web printing\hpswp_framework.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - c:\program files\evernote\evernote\EvernoteIE.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
BHO: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - LocalServer32 - <no file>
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &RoboForm: {724D43A0-0D85-11D4-9908-00400523E39A} - c:\program files\siber systems\ai roboform\roboform.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: FireShot: {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - LocalServer32 - <no file>
EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - <orphaned>
EB: &Research: {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\program files\microsoft office\office12\REFIEBAR.DLL
EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - <orphaned>
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [KiesPreload] c:\program files\samsung\kies\Kies.exe /preload
uRun: [KiesAirMessage] c:\program files\samsung\kies\KiesAirMessage.exe -startup
uRun: [] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe"
mRun: [nmapp] "c:\program files\pure networks\network magic\nmapp.exe" -autorun -nosplash
mRun: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exe
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [backupNowEZtray] "c:\program files\nti\nti backup now ez\BackupNowEZtray.exe" -k
mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
dRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
dRun: [swg] c:\program files\google\googletoolbarnotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
dRunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f
dRunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f
StartupFolder: c:\docume~1\mom\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\docume~1\mom\startm~1\programs\startup\everno~1.lnk - c:\program files\evernote\evernote\EvernoteTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: &Viewpoint Search - c:\program files\viewpoint\viewpoint toolbar v35\ViewBar.dll/CXTSEARCH.HTML
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Clip Image - c:\program files\evernote\evernote\\evernoteieres\Clip.html?clipAction=4
IE: Clip selection - c:\program files\evernote\evernote\\evernoteieres\Clip.html?clipAction=3
IE: Clip this page - c:\program files\evernote\evernote\\evernoteieres\Clip.html?clipAction=1
IE: Clip URL - c:\program files\evernote\evernote\\evernoteieres\Clip.html?clipAction=0
IE: Customize Menu - c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: Fill Forms - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: New Note - c:\program files\evernote\evernote\\evernoteieres\NewNote.html
IE: RoboForm Toolbar - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: Save Forms - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: Yahoo! &SMS - /c:\program files\yahoo!\Common/ycsms.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - <orphaned>
IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\program files\hewlett-packard\smart web printing\hpswp_extensions.dll
IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hewlett-packard\smart web printing\hpswp_extensions.dll
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\program files\evernote\evernote\\evernoteieres\AddNote.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.






DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -

TCP: NameServer = 192.168.0.1
TCP: Interfaces\{26D9CED9-63C5-4B17-902B-BAD4671EC5BB} : DHCPNameServer = 192.168.0.1
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\mom\application data\mozilla\firefox\profiles\30qgon9z.default-1369715500859\

FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\mom\application data\mozilla\plugins\npoctoshape.dll
FF - plugin: c:\documents and settings\mom\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\progra~1\meadco~1\npmeadax.dll
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\13.0.0\npsitesafety.dll
FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\research in motion limited\blackberry app world browser plugin\npappworld.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_224.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_94.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2013-07-06 10:11; {E0B8C461-F8FB-49b4-8373-FE32E9252800}; c:\documents and settings\mom\application data\mozilla\firefox\profiles\30qgon9z.default-1369715500859\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-8-9 245048]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 39224]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 170808]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-9 182072]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-4-18 283136]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-11-14 54760]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-7-1 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-7-1 701512]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 NTI BackupNowEZSvr;NTI BackupNowEZSvr;c:\program files\nti\nti backup now ez\BackupNowEZSvr.exe [2011-9-23 45592]
R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [2005-8-22 231424]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-7-1 22856]
S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-8-23 26984]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-5-14 4937264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-5-3 83864]
S3 esgiguard;esgiguard;\??\c:\program files\enigma software group\spyhunter\esgiguard.sys --> c:\program files\enigma software group\spyhunter\esgiguard.sys [?]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 GoogleDesktopManager-093009-130223;Google Desktop Manager 5.9.909.30391;"c:\program files\google\google desktop search\googledesktop.exe" --> c:\program files\google\google desktop search\GoogleDesktop.exe [?]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2010-4-26 19712]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2010-4-26 8320]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2010-4-26 42752]
S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2004-8-10 14336]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-5-3 181912]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\pcpitstop\PCPitstopScheduleService.exe [2013-3-24 85504]
.
=============== Created Last 30 ================
.
2013-07-11 22:00:41    --------    dc----w-    C:\FRST
2013-07-11 01:33:33    --------    d-----w-    c:\windows\ERUNT
2013-07-10 22:41:58    --------    dc----w-    c:\documents and settings\all users\application data\Malwarebytes' Anti-Malware (portable)
2013-07-10 22:31:30    985    ----a-w-    c:\windows\win.tmp
2013-07-10 22:31:30    227    ----a-w-    c:\windows\system.tmp
2013-07-01 19:48:11    --------    dc----w-    c:\documents and settings\mom\application data\Malwarebytes
2013-07-01 19:47:52    --------    dc----w-    c:\documents and settings\all users\application data\Malwarebytes
2013-07-01 19:47:50    22856    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-07-01 19:47:50    --------    dc----w-    c:\program files\Malwarebytes' Anti-Malware
.
==================== Find3M  ====================
.
2013-07-14 22:49:10    71048    -c--a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-14 22:49:10    692104    -c--a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-04-19 00:08:14    4659712    ----a-w-    c:\windows\system32\Redemption.dll
2013-04-19 00:07:00    90112    ----a-w-    c:\windows\MAMCityDownload.ocx
2013-04-19 00:07:00    330240    ----a-w-    c:\windows\MASetupCaller.dll
2013-04-19 00:07:00    30568    ----a-w-    c:\windows\MusiccityDownload.exe
.
============= FINISH: 15:46:29.07 ===============
 

 

 

 

 

result.txt

 

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by MOM (administrator) on 16-07-2013 at 15:55:27
Running from "C:\Documents and Settings\MOM\Desktop"
Microsoft Windows XP Professional Service Pack 3, v.3264 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1       localhost
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.1001-search.info
127.0.0.1    1001-search.info
127.0.0.1    www.100888290cs.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100sexlinks.com
127.0.0.1    100sexlinks.com
127.0.0.1    www.10sek.com
127.0.0.1    10sek.com

There are 7888 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Disconnected)
Broadcom 802.11b/g WLAN = Wireless Network Connection 2 (Connected)
Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Wireless Network Connection 2"

set address name="Wireless Network Connection 2" source=dhcp
set dns name="Wireless Network Connection 2" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection 2" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : LAPTOP

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Broadcast

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : ap41.cspk.wrx.illicom.net



Ethernet adapter Local Area Connection:



        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC

        Physical Address. . . . . . . . . : 00-0F-B0-C2-02-43



Ethernet adapter Wireless Network Connection 2:



        Connection-specific DNS Suffix  . : ap41.cspk.wrx.illicom.net

        Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN

        Physical Address. . . . . . . . . : 00-14-A5-69-E7-0F

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.0.101

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.0.1

        DHCP Server . . . . . . . . . . . : 192.168.0.1

        DNS Servers . . . . . . . . . . . : 192.168.0.1

        Lease Obtained. . . . . . . . . . : Tuesday, July 16, 2013 3:51:27 PM

        Lease Expires . . . . . . . . . . : Tuesday, July 23, 2013 3:51:27 PM

1.0.168.192.in-addr.arpa
    primary name server = localhost
    responsible mail addr = nobody.invalid
    serial  = 1
    refresh = 600 (10 mins)
    retry   = 1200 (20 mins)
    expire  = 604800 (7 days)
    default TTL = 10800 (3 hours)
Server:  UnKnown
Address:  192.168.0.1

Name:    google.com.ap41.cspk.wrx.illicom.net
Address:  67.215.65.145



Pinging google.com [74.125.225.64] with 32 bytes of data:



Reply from 74.125.225.64: bytes=32 time=14ms TTL=54

Reply from 74.125.225.64: bytes=32 time=16ms TTL=54



Ping statistics for 74.125.225.64:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 14ms, Maximum = 16ms, Average = 15ms

Server:  UnKnown
Address:  192.168.0.1

Name:    yahoo.com.ap41.cspk.wrx.illicom.net
Address:  67.215.65.145



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=70ms TTL=45

Reply from 98.139.183.24: bytes=32 time=72ms TTL=44



Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 70ms, Maximum = 72ms, Average = 71ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Reply from 127.0.0.1: bytes=32 time<1ms TTL=64



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0f b0 c2 02 43 ...... Realtek RTL8139/810x Family Fast Ethernet NIC - Packet Scheduler Miniport
0x3 ...00 14 a5 69 e7 0f ...... Broadcom 802.11b/g WLAN - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1   192.168.0.101      25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.0.0    255.255.255.0    192.168.0.101   192.168.0.101      25
    192.168.0.101  255.255.255.255        127.0.0.1       127.0.0.1      25
    192.168.0.255  255.255.255.255    192.168.0.101   192.168.0.101      25
        224.0.0.0        240.0.0.0    192.168.0.101   192.168.0.101      25
  255.255.255.255  255.255.255.255    192.168.0.101               2      1
  255.255.255.255  255.255.255.255    192.168.0.101   192.168.0.101      1
Default Gateway:       192.168.0.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/13/2013 11:47:40 PM) (Source: Windows Search Service) (User: )
Description: 10x80070002

Error: (07/13/2013 11:46:36 PM) (Source: Windows Search Service) (User: )
Description: 10x80070002

Error: (07/13/2013 11:45:57 PM) (Source: Windows Search Service) (User: )
Description: 10x80070002

Error: (07/13/2013 11:45:47 PM) (Source: Windows Search Service) (User: )
Description: 10x80070002

Error: (07/13/2013 07:30:43 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved

Error: (07/13/2013 07:28:25 PM) (Source: Windows Search Service) (User: )
Description: 10x80070002

Error: (07/13/2013 00:12:33 AM) (Source: Windows Search Service) (User: )
Description: 10x80070002

Error: (07/12/2013 06:26:15 PM) (Source: Windows Search Service) (User: )
Description: 10x80070002

Error: (07/12/2013 00:37:17 AM) (Source: Windows Search Service) (User: )
Description: 10x80070002

Error: (07/09/2013 00:35:48 AM) (Source: Windows Search Service) (User: )
Description: 10x80070002


System errors:
=============
Error: (07/15/2013 11:23:23 PM) (Source: Service Control Manager) (User: )
Description: The Pure Networks Platform Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/13/2013 11:46:36 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).

Error: (07/13/2013 11:45:57 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).

Error: (07/13/2013 11:45:47 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).

Error: (07/13/2013 07:30:40 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18).  This security permission can be modified using the Component Services administrative tool.

Error: (07/13/2013 07:30:18 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
avgtp
Lbd

Error: (07/13/2013 07:30:18 PM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (07/13/2013 07:28:26 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).

Error: (07/13/2013 07:28:26 PM) (Source: Service Control Manager) (User: )
Description: The Kodak Camera Connection Software service failed to start due to the following error:
%%2

Error: (07/13/2013 07:26:17 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18).  This security permission can be modified using the Component Services administrative tool.


Microsoft Office Sessions:
=========================
Error: (02/25/2012 11:47:11 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 2180 seconds with 1440 seconds of active time.  This session ended with a crash.

Error: (08/16/2011 10:08:20 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 335 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (02/15/2011 09:29:06 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1730 seconds with 420 seconds of active time.  This session ended with a crash.

Error: (12/28/2010 08:33:33 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6548.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 31632 seconds with 2040 seconds of active time.  This session ended with a crash.

Error: (11/25/2010 00:10:52 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 830 seconds with 300 seconds of active time.  This session ended with a crash.

Error: (09/15/2010 03:50:10 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 33 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (09/11/2010 00:01:36 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 891 seconds with 480 seconds of active time.  This session ended with a crash.

Error: (06/14/2010 07:42:22 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 20021 seconds with 1680 seconds of active time.  This session ended with a crash.

Error: (02/24/2010 10:03:05 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 56 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/24/2010 10:01:29 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2902 seconds with 1500 seconds of active time.  This session ended with a crash.


=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (Version: 2.1.5)
7-Zip 9.20
Acrobat.com (Version: 2.1.0)
Acrobat.com (Version: 2.1.0.0)
Ad-Aware (Version: 8.0.0)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 10 ActiveX (Version: 10.0.22.87)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Help Center 2.0 (Version: 2.0.0)
Adobe Photoshop Elements 4.0 (Version: 4.0)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
AI RoboForm (All Users)
AIO_Scan (Version: 90.0.189.000)
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 2.6.0.32)
Apple Software Update (Version: 2.1.3.127)
Athlon 64 Processor Driver (Version: 1.2.2.2)
ATI - Software Uninstall Utility (Version: 6.14.10.1014)
ATI Control Panel (Version: 6.14.10.5173)
ATI Display Driver (Version: 8.202-051201a2-029034C-HP)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2171)
AVG 2012 (Version: 12.0.2433)
AVG 2013 (Version: 13.0.3204)
AVG 2013 (Version: 13.0.3349)
AVG 2013 (Version: 2013.0.3349)
BlackBerry App World Browser Plugin (Version: 3.1.1.4)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.32)
BlackBerry Device Software Updater (Version: 6.0.1.37)
Broadcom 802.11 Wireless LAN Adapter (Version: 4.100.15.5)
BufferChm (Version: 90.0.146.000)
C7200 (Version: 90.0.189.000)
C7200_doccd (Version: 90.0.189.000)
c7200_Help (Version: 90.0.189.000)
CameraDrivers (Version: 5.0.0.328)
Celestia 1.4.0
Cisco Network Magic (Version: 5.5.09195.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
Conexant AC-Link Audio
Copy (Version: 90.0.146.000)
Dannon Recipe Box 1.0.0.27
Destination Component (Version: 090.000.091.086)
DeviceDiscovery (Version: 110.0.180.000)
DocProc (Version: 9.0.0.0)
DocProcQFolder (Version: 1.00.0000)
Drive Manager (Version: 1.00.0012)
Duplicate Photo Cleaner
DVD Shrink 3.2
EdgeStreamClient 2.2.5.0
ERUNT 1.1j
Evernote v. 4.6.6 (Version: 4.6.6.8360)
Fax (Version: 120.0.194.000)
FLV Player
Form Fill (Windows Live Toolbar) (Version: 03.01.0146)
getPlus® for Adobe (Version: 1.5.2.35)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Update Helper (Version: 1.3.21.153)
Google Updater (Version: 2.4.2432.1652)
HP BatteryCheck 1.00 A7 (Version: 1.00 A7)
HP Help and Support (Version: 4.1.0008)
HP Photosmart 330,380,420,470,7800,8000,8200 Series (Version: 8.1)
HP Photosmart Essential2.01 (Version: 1.01.0000)
HP Product Assistant (Version: 100.000.001.000)
HP Smart Web Printing (Version: 2.15.7.0)
HP Update (Version: 5.003.001.001)
HP User Guides 0008 (Version: 1.05.0000)
HP Wireless Assistant 1.01 C1 (Version: 1.01 C1)
HP_Network_UserGuide (Version: 1.00.0000)
HPProductAssistant (Version: 90.0.146.000)
HpSdpAppCoreApp (Version: 3.00.0000)
HPSSupply (Version: 2.2.0.0000)
InterVideo WinDVD (Version: 5.0-B11.662)
Java Auto Updater (Version: 2.1.9.0)
Java 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 14.0.8117.416)
JustCloud Setup (Version: 1.0.0.08)
Lavasoft Personal Firewall 1.0 (Version: 1.0)
Learn2 Player (Uninstall Only)
LightScribe  1.4.105.1 (Version: 1.4.105.1)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Map Button (Windows Live Toolbar) (Version: 03.01.0146)
MarketResearch (Version: 90.0.146.000)
Maxtor Manager (Version: 4.01.0303)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft IntelliPoint 7.0 (Version: 7.0.260.0)
Microsoft Location Finder (Version: 3.0)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote 2007 Trial (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (Version: 12.0.4518.1014)
Microsoft Search Enhancement Pack (Version: 3.0.127.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6425.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60816.0)
Microsoft Works (Version: 08.04.0623)
Motorola Phone Tools (Version: 4.30)
Motorola Phone Tools (Version: 5.00)
Move Networks Media Player for Internet Explorer
Mozilla Firefox 17.0 (x86 en-US) (Version: 17.0)
Mozilla Maintenance Service (Version: 22.0)
MSN
MSVC80_x86 (Version: 1.0.1.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB925672) (Version: 4.20.9839.0)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 6.0 Parser (Version: 6.10.1129.0)
muvee autoProducer 4.0 - SE (Version: 4.00.050)
neroxml (Version: 1.0.0)
NetDeviceManager (Version: 90.0.146.000)
NetDeviceManager (Version: 90.0.192.000)
NetWaiting (Version: 2.5.25)
Network Magic (Version: 5.5.9195.0)
NTI Backup Now EZ (Version: 2.5.2.56)
Octoshape add-in for Adobe Flash Player
Octoshape Streaming Services
OneCare Advisor (Windows Live Toolbar) (Version: 03.01.0159.04)
OpenOffice.org Installer 1.0 (Version: 1.0.9221)
OutlookTools 2 (Version: 2.1.0)
PanoStandAlone (Version: 90.0.146.000)
PC Connectivity Solution (Version: 9.13.1.0)
PC World Toolbar
Picasa 3 (Version: 3.9)
Popup Blocker (Windows Live Toolbar) (Version: 03.01.0146)
Post-it® Software Notes Lite
Print Screen Deluxe
PS_AIO_02_ProductContext (Version: 90.0.189.000)
PS_AIO_02_Software (Version: 90.0.189.000)
PS_AIO_02_Software_min (Version: 90.0.189.000)
PS8200 (Version: 8.01.0000)
PSPrinters08 (Version: 8.01.0000)
PSSWCORE (Version: 2.01.0000)
PSTAPlugin (Version: 8.01.0000)
Pure Networks Platform (Version: 11.2.09195.1)
Quick Launch Buttons 5.20 G1 (Version: 5.20 G1)
QuickTime (Version: 7.71.80.42)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
REALTEK Gigabit and Fast Ethernet NIC Driver (Version: 1.80)
RealUpgrade 1.1 (Version: 1.1.0)
Rhapsody Player Engine (Version: 1.0.604)
Rhapsody Player Engine (Version: 1.1.0)
Samsung Kies (Version: 2.5.3.13043_14)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.23.0)
Scan (Version: 9.0.0.0)
Segoe UI (Version: 14.0.4327.805)
Smart Menus (Windows Live Toolbar) (Version: 03.01.0146)
SMS-it Outlook Interface
SMS-it!
Soft Data Fax Modem with SmartCP
SolutionCenter (Version: 90.0.146.000)
Sonic Audio Module (Version: 2.0.0.1)
Sonic Copy Module (Version: 2.0.0.1)
Sonic Data Module (Version: 2.0.0.1)
Sonic Express Labeler (Version: 2.0.0)
Sonic MyDVD Plus (Version: 6.1.3)
Sonic Update Manager (Version: 3.0.0)
SonicAC3Encoder (Version: 1.00.0000)
SonicMPEGEncoder (Version: 1.00.0000)
Status (Version: 110.0.180.000)
Texas Instruments PCIxx21/x515/xx12 drivers. (Version: 1.20.0000)
The Weather Channel App
TIPCI (Version: 1.20.0000)
Toolbox (Version: 90.0.146.000)
TrayApp (Version: 110.0.180.000)
Trillian
U3Launcher (Version: 1.0.0)
Unity Web Player (Version: )
Unload (Version: 5.0.0)
UnloadSupport (Version: 9.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Outlook 2007 Junk Email Filter (KB2508979)
Update Rollup 2 for Windows XP Media Center Edition 2005
URGE (Version: 1.1.8115.0)
VideoToolkit01 (Version: 90.0.146.000)
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Visual Studio 2005 Tools for Office Second Edition Runtime
WebEx Support Manager for Internet Explorer (Version: 6.5.4917)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 90.0.146.000)
Widevine Media Transformer Plugin 5.0.0 (Version: 5.0.0.4679)
Winamp (remove only)
Windows Driver Package - Nokia Modem  (03/05/2008 3.7) (Version: 03/05/2008 3.7)
Windows Driver Package - Nokia Modem  (03/13/2008 6.86.0.1) (Version: 03/13/2008 6.86.0.1)
Windows Driver Package - Nokia Modem  (05/22/2008 3.8) (Version: 05/22/2008 3.8)
Windows Driver Package - Nokia Modem  (05/22/2008 7.00.0.1) (Version: 05/22/2008 7.00.0.1)
Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0018.5)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0036.0)
Windows Internet Explorer 7 (Version: 20061107.210142)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Family Safety (Version: 14.0.8118.427)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Outlook Toolbar (Windows Live Toolbar) (Version: 03.01.0146)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Toolbar (Version: 14.0.8117.416)
Windows Live Toolbar Extension (Windows Live Toolbar) (Version: 03.01.0146)
Windows Live Toolbar Feed Detector (Windows Live Toolbar) (Version: 03.01.0146)
Windows Live Writer (Version: 14.0.8117.0416)
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Wireless Home Network Setup (Version: 1.1.154.1)
Zinio Reader

========================= Devices: ================================

Name: ACPI Uniprocessor PC
Description: ACPI Uniprocessor PC
Class Guid: {4D36E966-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: ACPI

Name: AMD Turion 64 Mobile Technology ML-40
Description: AMD K8 Processor
Class Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}
Manufacturer: Advanced Micro Devices
Service: AmdK8

Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: WmiAcpi

Name: PCI bus
Description: PCI bus
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: pci

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: PCI standard PCI-to-PCI bridge
Description: PCI standard PCI-to-PCI bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: pci

Name: ATI MOBILITY RADEON Xpress 200 Series
Description: ATI MOBILITY RADEON Xpress 200 Series
Class Guid: {4D36E968-E325-11CE-BFC1-08002BE10318}
Manufacturer: ATI Technologies Inc.
Service: ati2mtag

Name: Generic Television
Description: Generic Television
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service:

Name: Plug and Play Monitor
Description: Plug and Play Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service:

Name: Default Monitor
Description: Default Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service:

Name: PCI standard PCI-to-PCI bridge
Description: PCI standard PCI-to-PCI bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: pci

Name: Standard OpenHCD USB Host Controller
Description: Standard OpenHCD USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbohci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: USB Human Interface Device
Description: USB Human Interface Device
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: (Standard system devices)
Service: HidUsb

Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: mouhid

Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: (Standard system devices)
Service:

Name: Standard OpenHCD USB Host Controller
Description: Standard OpenHCD USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbohci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Standard Enhanced PCI to USB Host Controller
Description: Standard Enhanced PCI to USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbehci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: ATI SMBus
Description: ATI SMBus
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: ATI Technologies Inc
Service:

Name: Standard Dual Channel PCI IDE Controller
Description: Standard Dual Channel PCI IDE Controller
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: pciide

Name: Primary IDE Channel
Description: Primary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: FUJITSU MHV2080AH
Description: Disk drive
Class Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Secondary IDE Channel
Description: Secondary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: TSSTcorp CD/DVDW TS-L532M
Description: CD-ROM Drive
Class Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom

Name: PCI standard ISA bridge
Description: PCI standard ISA bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: isapnp

Name: ISAPNP Read Data Port
Description: ISAPNP Read Data Port
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System speaker
Description: System speaker
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System timer
Description: System timer
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Quick Launch Buttons
Description: Quick Launch Buttons
Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Manufacturer: Hewlett-Packard
Service: i8042prt

Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: i8042prt

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System board
Description: System board
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft ACPI-Compliant Embedded Controller
Description: Microsoft ACPI-Compliant Embedded Controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: ACPIEC

Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631E54-78A4-11D0-BCF7-00AA00B7B32A}
Manufacturer: Microsoft
Service: CmBatt

Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631E54-78A4-11D0-BCF7-00AA00B7B32A}
Manufacturer: Microsoft
Service: CmBatt

Name: PCI standard PCI-to-PCI bridge
Description: PCI standard PCI-to-PCI bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: pci

Name: Broadcom 802.11b/g WLAN
Description: Broadcom 802.11b/g WLAN
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Broadcom
Service: BCM43XX

Name: Texas Instruments PCIxx21 Cardbus Controller
Description: Generic CardBus Controller
Class Guid: {4D36E977-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: pcmcia

Name: Texas Instruments OHCI Compliant IEEE 1394 Host Controller
Description: Texas Instruments OHCI Compliant IEEE 1394 Host Controller
Class Guid: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F}
Manufacturer: Texas Instruments
Service: ohci1394

Name: 1394 Net Adapter
Description: 1394 Net Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NIC1394
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Texas Instruments PCIxx21 Integrated FlashMedia Controller
Description: Texas Instruments PCIxx21 Integrated FlashMedia Controller
Class Guid: {4D36E970-E325-11CE-BFC1-08002BE10318}
Manufacturer: Texas Instruments Inc
Service: tifm21

Name: SDA Standard Compliant SD Host Controller
Description: SDA Standard Compliant SD Host Controller
Class Guid: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6}
Manufacturer: SDA Standard Compliant SD Host Controller Vendor
Service: sdbus

Name: Realtek RTL8139/810x Family Fast Ethernet NIC
Description: Realtek RTL8139/810x Family Fast Ethernet NIC
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTL8023xp

Name: Conexant AC-Link Audio
Description: Conexant AC-Link Audio
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Conexant
Service: CAMCAUD

Name: AC97 Soft Data Fax Modem with SmartCP
Description: AC97 Soft Data Fax Modem with SmartCP
Class Guid: {4D36E96D-E325-11CE-BFC1-08002BE10318}
Manufacturer: CXT
Service: Modem

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft Composite Battery
Description: Microsoft Composite Battery
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Compbatt

Name: Logical Disk Manager
Description: Logical Disk Manager
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: dmio

Name: Volume Manager
Description: Volume Manager
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: ftdisk

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:

Name: AFD
Description: AFD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AFD

Name: AliIde
Description: AliIde
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AliIde

Name: 1394 ARP Client Protocol
Description: 1394 ARP Client Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Arp1394

Name: AVGIDSDriver
Description: AVGIDSDriver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AVGIDSDriver

Name: AVGIDSHX
Description: AVGIDSHX
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AVGIDSHX

Name: AVGIDSShim
Description: AVGIDSShim
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AVGIDSShim

Name: AVG Free AVI Loader Driver x86
Description: AVG Free AVI Loader Driver x86
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AvgLdx86

Name: AVG Logging Driver
Description: AVG Logging Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Avglogx

Name: AVG Network Redirector
Description: AVG Network Redirector
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AvgTdiX

Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Beep

Name: dmboot
Description: dmboot
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: dmboot

Name: dmload
Description: dmload
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: dmload

Name: EABFiltr
Description: EABFiltr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: EABFiltr

Name: esgiguard
Description: esgiguard
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: esgiguard

Name: Fips
Description: Fips
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Fips

Name: FssFltr
Description: FssFltr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: fssfltr

Name: Generic Packet Classifier
Description: Generic Packet Classifier
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Gpc

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP

Name: IntelIde
Description: IntelIde
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IntelIde

Name: IP Traffic Filter Driver
Description: IP Traffic Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IpFilterDriver

Name: IP Network Address Translator
Description: IP Network Address Translator
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IpNat

Name: IPSEC driver
Description: IPSEC driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IPSec

Name: ksecdd
Description: ksecdd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ksecdd

Name: Lavasoft helper driver
Description: Lavasoft helper driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Lavasoft Kernexplorer

Name: mchInjDrv
Description: mchInjDrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mchInjDrv

Name: MCSTRM
Description: MCSTRM
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MCSTRM

Name: mdmxsdk
Description: mdmxsdk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mdmxsdk

Name: mnmdd
Description: mnmdd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mnmdd

Name: mountmgr
Description: mountmgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mountmgr

Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDIS

Name: Remote Access NDIS TAPI Driver
Description: Remote Access NDIS TAPI Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NdisTapi

Name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Ndisuio

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDProxy

Name: NetBios over Tcpip
Description: NetBios over Tcpip
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NetBT

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null

Name: PartMgr
Description: PartMgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PartMgr

Name: ParVdm
Description: ParVdm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ParVdm

Name: Pure Networks Device Discovery Driver
Description: Pure Networks Device Discovery Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: pnarp

Name: Pure Networks Wireless Driver
Description: Pure Networks Wireless Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: purendis

Name: Remote Access Auto Connection Driver
Description: Remote Access Auto Connection Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RasAcd

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPCDD

Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip

Name: TVICHW32
Description: TVICHW32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: TVICHW32

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VgaSave

Name: ViaIde
Description: ViaIde
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ViaIde

Name: VolSnap
Description: VolSnap
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VolSnap

Name: Remote Access IP ARP Driver
Description: Remote Access IP ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wanarp

Name: Wdf01000
Description: Wdf01000
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wdf01000

Name: Windows Driver Foundation - User-mode Driver Framework Platform Driver
Description: Windows Driver Foundation - User-mode Driver Framework Platform Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WudfPf

Name: Audio Codecs
Description: Audio Codecs
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Legacy Audio Drivers
Description: Legacy Audio Drivers
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Media Control Devices
Description: Media Control Devices
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Legacy Video Capture Devices
Description: Legacy Video Capture Devices
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Video Codecs
Description: Video Codecs
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Standard Modem
Description: Standard Modem
Class Guid: {4D36E96D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard Modem Types)
Service: Modem

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Rasl2tp

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NdisWan

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: RasPppoe

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PptpMiniport

Name: Realtek RTL8139/810x Family Fast Ethernet NIC - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched

Name: WAN Miniport (IP) - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched

Name: Broadcom 802.11b/g WLAN - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched

Name: Direct Parallel
Description: Direct Parallel
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Raspti

Name: Photosmart C7200 series
Description: Photosmart C7200 series
Class Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: pcouffin device for 32 bits systems
Description: pcouffin device for 32 bits systems
Class Guid: {FF646F80-8DEF-11D2-9449-00105A075F6B}
Manufacturer: VSO Software
Service: pcouffin

Name: RIM Virtual Serial Port v2 (COM5)
Description: RIM Virtual Serial Port v2
Class Guid: {4D36E978-E325-11CE-BFC1-08002BE10318}
Manufacturer: RIM Virtual Serial Ports
Service: RimVSerPort

Name: RIM Virtual Serial Port v2 (COM6)
Description: RIM Virtual Serial Port v2
Class Guid: {4D36E978-E325-11CE-BFC1-08002BE10318}
Manufacturer: RIM Virtual Serial Ports
Service: RimVSerPort

Name: Terminal Server Device Redirector
Description: Terminal Server Device Redirector
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: rdpdr

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: swenum

Name: Microsoft WINMM WDM Audio Compatibility Driver
Description: Microsoft WINMM WDM Audio Compatibility Driver
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: wdmaud

Name: Microsoft Kernel System Audio Device
Description: Microsoft Kernel System Audio Device
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: sysaudio

Name: RAS Async Adapter
Description: RAS Async Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: AsyncMac

Name: Microsoft Kernel Wave Audio Mixer
Description: Microsoft Kernel Wave Audio Mixer
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: kmixer

Name: Microcode Update Device
Description: Microcode Update Device
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: update

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: mssmbios

Name: Nokia 6085
Description: Nokia Windows Portable Device Driver
Class Guid: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Manufacturer: Nokia
Service: WUDFRd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Nokia 6085
Description: Nokia 6085
Class Guid: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Manufacturer: Nokia
Service: WUDFRd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 58%
Total physical RAM: 1022.17 MB
Available physical RAM: 423.19 MB
Total Pagefile: 2459.48 MB
Available Pagefile: 1635.61 MB
Total Virtual: 2047.88 MB
Available Virtual: 1968.45 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:74.32 GB) (Free:13.98 GB) NTFS
2 Drive d: (Under the Horse) (CDROM) (Total:1.85 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\LAPTOP

Administrator            ASPNET                   Guest                    
HelpAssistant            MOM                      SUPPORT_388945a0         

========================= Minidump Files ==================================

No minidump file found


**** End of log ****
 

 

 

 

 

Checkup.txt

 

 

Results of screen317's Security Check version 0.99.69  
 Windows XP Service Pack 4 x86   
 Out of date service pack!!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
AVG AntiVirus Free Edition 2013   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Ad-Aware
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 6 Update 31  
 Java version out of Date!
 Adobe Flash Player 10 Flash Player out of Date!
 Adobe Flash Player     11.8.800.94  
 Adobe Reader XI  
 Mozilla Firefox 17.0 Firefox out of Date!  
````````Process Check: objlist.exe by Laurent````````  
 Ad-Aware AAWService.exe is disabled!
 Ad-Aware AAWTray.exe is disabled!
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 AVG avgwdsvc.exe
 AVG avgrsx.exe
 AVG avgnsx.exe
 AVG avgemc.exe
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:: 21% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
 

 

 

There ya go! What's next! I am definitely seeing improvement in the computer!!

Link to post
Share on other sites

  • Root Admin

Yes, but it's still having a lot of issue according to the logs.

 

Please try again and remove ALL versions of Java.

 

For now I think you need to temporarily uninstall the following software.

 

Ad-Aware

AVG 2013

PC Pitstop

 

Then for now so that you still have an antivirus install Microsoft Security Essentials.

 

http://windows.microsoft.com/en-us/windows/security-essentials-download

 

Update it and do a Full System scan and let me know what it finds.

Link to post
Share on other sites

Ok, Removed the programs you suggested.

Finally was able to run the scan, nothing was found! However, I had a lot of trouble getting the program to update! I had to got to Microsoft website and find an answer for an error code, updated and ran the scan.
I was going to update and run once more, just because I was not here while it ran, but now it won't update again and gives me the same error code. Tells me I have no internet connection, but, my internet is working like it always does.
So, I'm not entirely sure the scan is correct but, that's what I have!

What, if anything is next?

Link to post
Share on other sites

  • Root Admin

Please try to run this Microsoft Fixit for the Windows Desktop Search

Then do the following.

Reset Default Permissions:

  • Please download ResetDefaultPerms from here and save it to your desktop
  • Close any open programs and save anything you were working on
  • Double click on restoredefaultperms.exe to run it
  • Once it completes it will restart your computer

Then reboot the computer and run a new MiniToolBox scan and post back that log.
 
 
Please download MiniToolBox save it to your desktop and run it.

Checkmark the following check-boxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using Reset FF Proxy Settings option Firefox should be closed.

Link to post
Share on other sites

Result.txt
 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by MOM (administrator) on 18-07-2013 at 01:37:56
Running from "C:\Documents and Settings\MOM\Desktop"
Microsoft Windows XP Professional Service Pack 3, v.3264 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1       localhost
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.1001-search.info
127.0.0.1    1001-search.info
127.0.0.1    www.100888290cs.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100sexlinks.com
127.0.0.1    100sexlinks.com
127.0.0.1    www.10sek.com
127.0.0.1    10sek.com

There are 7888 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Disconnected)
Broadcom 802.11b/g WLAN = Wireless Network Connection 2 (Connected)
Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Wireless Network Connection 2"

set address name="Wireless Network Connection 2" source=dhcp
set dns name="Wireless Network Connection 2" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection 2" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : LAPTOP

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Broadcast

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : ap41.cspk.wrx.illicom.net



Ethernet adapter Local Area Connection:



        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC

        Physical Address. . . . . . . . . : 00-0F-B0-C2-02-43



Ethernet adapter Wireless Network Connection 2:



        Connection-specific DNS Suffix  . : ap41.cspk.wrx.illicom.net

        Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN

        Physical Address. . . . . . . . . : 00-14-A5-69-E7-0F

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.0.101

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.0.1

        DHCP Server . . . . . . . . . . . : 192.168.0.1

        DNS Servers . . . . . . . . . . . : 192.168.0.1

        Lease Obtained. . . . . . . . . . : Thursday, July 18, 2013 1:31:20 AM

        Lease Expires . . . . . . . . . . : Thursday, July 25, 2013 1:31:20 AM

1.0.168.192.in-addr.arpa
    primary name server = localhost
    responsible mail addr = nobody.invalid
    serial  = 1
    refresh = 600 (10 mins)
    retry   = 1200 (20 mins)
    expire  = 604800 (7 days)
    default TTL = 10800 (3 hours)
Server:  UnKnown
Address:  192.168.0.1

Name:    google.com.ap41.cspk.wrx.illicom.net
Address:  67.215.65.145



Pinging google.com [74.125.225.103] with 32 bytes of data:



Reply from 74.125.225.103: bytes=32 time=20ms TTL=54

Reply from 74.125.225.103: bytes=32 time=17ms TTL=54



Ping statistics for 74.125.225.103:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 17ms, Maximum = 20ms, Average = 18ms

Server:  UnKnown
Address:  192.168.0.1

Name:    yahoo.com.ap41.cspk.wrx.illicom.net
Address:  67.215.65.145



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:



Reply from 206.190.36.45: bytes=32 time=88ms TTL=44

Reply from 206.190.36.45: bytes=32 time=90ms TTL=45



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 88ms, Maximum = 90ms, Average = 89ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 0f b0 c2 02 43 ...... Realtek RTL8139/810x Family Fast Ethernet NIC
0x10004 ...00 14 a5 69 e7 0f ...... Broadcom 802.11b/g WLAN
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1   192.168.0.101      25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.0.0    255.255.255.0    192.168.0.101   192.168.0.101      25
    192.168.0.101  255.255.255.255        127.0.0.1       127.0.0.1      25
    192.168.0.255  255.255.255.255    192.168.0.101   192.168.0.101      25
        224.0.0.0        240.0.0.0    192.168.0.101   192.168.0.101      25
  255.255.255.255  255.255.255.255    192.168.0.101           10003      1
  255.255.255.255  255.255.255.255    192.168.0.101   192.168.0.101      1
Default Gateway:       192.168.0.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/18/2013 01:31:17 AM) (Source: Windows Search Service) (User: )
Description: 10x80070002

Error: (07/17/2013 11:48:59 PM) (Source: Microsoft Security Client) (User: )
Description: mssecurityclientmsseces.exe4.2.223.00x80070424updatecmainwindow__onsignatureupdatestatus0security essentialsNILNILNIL

Error: (07/17/2013 11:44:23 PM) (Source: Microsoft Security Client) (User: )
Description: mssecurityclientmsseces.exe4.2.223.00x80070424updatecmainwindow__onsignatureupdatestatus0security essentialsNILNILNIL

Error: (07/17/2013 09:53:25 AM) (Source: Microsoft Security Client) (User: )
Description: mssecurityclientmsseces.exe4.2.223.00x80070424updatecmainwindow__onsignatureupdatestatus0security essentialsNILNILNIL

Error: (07/17/2013 09:34:10 AM) (Source: Microsoft Security Client) (User: )
Description: mssecurityclientmsseces.exe4.2.223.00x80070424updatecmainwindow__onsignatureupdatestatus0security essentialsNILNILNIL

Error: (07/17/2013 09:30:41 AM) (Source: Microsoft Security Client) (User: )
Description: mssecurityclientmsseces.exe4.2.223.00x80070424updatecmainwindow__onsignatureupdatestatus0security essentialsNILNILNIL

Error: (07/17/2013 01:56:16 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 0x8050a003, P2 mpupdateengine, P3 am fe, P4 11.1.4406.0, P5 mpsigstub.exe, P6 4.2.223.0, P7 microsoft security essentials, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (07/17/2013 01:30:21 AM) (Source: Microsoft Security Client) (User: )
Description: mssecurityclientmsseces.exe4.2.223.00x80070424updatecmainwindow__onsignatureupdatestatus0security essentialsNILNILNIL

Error: (07/17/2013 01:13:01 AM) (Source: Windows Search Service) (User: )
Description: 10x80070002

Error: (07/17/2013 01:07:41 AM) (Source: Microsoft Security Client) (User: )
Description: mssecurityclientmsseces.exe4.2.223.00x80070424updatecmainwindow__onsignatureupdatestatus0security essentialsNILNILNIL


System errors:
=============
Error: (07/18/2013 01:33:05 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18).  This security permission can be modified using the Component Services administrative tool.

Error: (07/18/2013 01:32:53 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (07/18/2013 01:32:53 AM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (07/18/2013 01:31:18 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).

Error: (07/18/2013 01:30:45 AM) (Source: Service Control Manager) (User: )
Description: The Kodak Camera Connection Software service failed to start due to the following error:
%%2

Error: (07/18/2013 01:30:13 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18).  This security permission can be modified using the Component Services administrative tool.

Error: (07/17/2013 11:48:48 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.155.146.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.2.0223.00

    Source Path: 4.2.0223.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (07/17/2013 11:44:09 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.155.146.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.2.0223.00

    Source Path: 4.2.0223.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (07/17/2013 09:37:34 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.155.146.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.2.0223.00

    Source Path: 4.2.0223.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (07/17/2013 09:33:53 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.155.146.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.2.0223.00

    Source Path: 4.2.0223.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608


Microsoft Office Sessions:
=========================
Error: (02/25/2012 11:47:11 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 2180 seconds with 1440 seconds of active time.  This session ended with a crash.

Error: (08/16/2011 10:08:20 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 335 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (02/15/2011 09:29:06 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1730 seconds with 420 seconds of active time.  This session ended with a crash.

Error: (12/28/2010 08:33:33 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6548.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 31632 seconds with 2040 seconds of active time.  This session ended with a crash.

Error: (11/25/2010 00:10:52 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 830 seconds with 300 seconds of active time.  This session ended with a crash.

Error: (09/15/2010 03:50:10 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 33 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (09/11/2010 00:01:36 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 891 seconds with 480 seconds of active time.  This session ended with a crash.

Error: (06/14/2010 07:42:22 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 20021 seconds with 1680 seconds of active time.  This session ended with a crash.

Error: (02/24/2010 10:03:05 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 56 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/24/2010 10:01:29 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2902 seconds with 1500 seconds of active time.  This session ended with a crash.


=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (Version: 2.1.5)
7-Zip 9.20
Acrobat.com (Version: 2.1.0)
Acrobat.com (Version: 2.1.0.0)
Ad-Aware (Version: 8.0.0)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 10 ActiveX (Version: 10.0.22.87)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Help Center 2.0 (Version: 2.0.0)
Adobe Photoshop Elements 4.0 (Version: 4.0)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
AI RoboForm (All Users)
AIO_Scan (Version: 90.0.189.000)
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 2.6.0.32)
Apple Software Update (Version: 2.1.3.127)
Athlon 64 Processor Driver (Version: 1.2.2.2)
ATI - Software Uninstall Utility (Version: 6.14.10.1014)
ATI Control Panel (Version: 6.14.10.5173)
ATI Display Driver (Version: 8.202-051201a2-029034C-HP)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2171)
AVG 2012 (Version: 12.0.2433)
AVG 2013 (Version: 2013.0.3349)
AVG Security Toolbar (Version: 12.2.5.34)
BlackBerry App World Browser Plugin (Version: 3.1.1.4)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.32)
BlackBerry Device Software Updater (Version: 6.0.1.37)
Broadcom 802.11 Wireless LAN Adapter (Version: 4.100.15.5)
BufferChm (Version: 90.0.146.000)
C7200 (Version: 90.0.189.000)
C7200_doccd (Version: 90.0.189.000)
c7200_Help (Version: 90.0.189.000)
CameraDrivers (Version: 5.0.0.328)
Celestia 1.4.0
Cisco Network Magic (Version: 5.5.09195.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
Conexant AC-Link Audio
Copy (Version: 90.0.146.000)
Dannon Recipe Box 1.0.0.27
Destination Component (Version: 090.000.091.086)
DeviceDiscovery (Version: 110.0.180.000)
DocProc (Version: 9.0.0.0)
DocProcQFolder (Version: 1.00.0000)
Drive Manager (Version: 1.00.0012)
Duplicate Photo Cleaner
DVD Shrink 3.2
EdgeStreamClient 2.2.5.0
ERUNT 1.1j
Evernote v. 4.6.6 (Version: 4.6.6.8360)
Fax (Version: 120.0.194.000)
FLV Player
Form Fill (Windows Live Toolbar) (Version: 03.01.0146)
getPlus® for Adobe (Version: 1.5.2.35)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Update Helper (Version: 1.3.21.153)
HP BatteryCheck 1.00 A7 (Version: 1.00 A7)
HP Help and Support (Version: 4.1.0008)
HP Photosmart 330,380,420,470,7800,8000,8200 Series (Version: 8.1)
HP Photosmart Essential2.01 (Version: 1.01.0000)
HP Product Assistant (Version: 100.000.001.000)
HP Smart Web Printing (Version: 2.15.7.0)
HP Update (Version: 5.003.001.001)
HP User Guides 0008 (Version: 1.05.0000)
HP Wireless Assistant 1.01 C1 (Version: 1.01 C1)
HP_Network_UserGuide (Version: 1.00.0000)
HPProductAssistant (Version: 90.0.146.000)
HpSdpAppCoreApp (Version: 3.00.0000)
HPSSupply (Version: 2.2.0.0000)
InterVideo WinDVD (Version: 5.0-B11.662)
Java Auto Updater (Version: 2.1.9.0)
Java 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 14.0.8117.416)
JustCloud Setup (Version: 1.0.0.08)
Lavasoft Personal Firewall 1.0 (Version: 1.0)
Learn2 Player (Uninstall Only)
LightScribe  1.4.105.1 (Version: 1.4.105.1)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Map Button (Windows Live Toolbar) (Version: 03.01.0146)
MarketResearch (Version: 90.0.146.000)
Maxtor Manager (Version: 4.01.0303)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft IntelliPoint 7.0 (Version: 7.0.260.0)
Microsoft Location Finder (Version: 3.0)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote 2007 Trial (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (Version: 12.0.4518.1014)
Microsoft Search Enhancement Pack (Version: 3.0.127.0)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6425.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60816.0)
Microsoft Works (Version: 08.04.0623)
Motorola Phone Tools (Version: 4.30)
Motorola Phone Tools (Version: 5.00)
Move Networks Media Player for Internet Explorer
Mozilla Firefox 17.0 (x86 en-US) (Version: 17.0)
Mozilla Maintenance Service (Version: 22.0)
MSN
MSVC80_x86 (Version: 1.0.1.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB925672) (Version: 4.20.9839.0)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 6.0 Parser (Version: 6.10.1129.0)
muvee autoProducer 4.0 - SE (Version: 4.00.050)
neroxml (Version: 1.0.0)
NetDeviceManager (Version: 90.0.146.000)
NetDeviceManager (Version: 90.0.192.000)
NetWaiting (Version: 2.5.25)
Network Magic (Version: 5.5.9195.0)
NTI Backup Now EZ (Version: 2.5.2.56)
Octoshape add-in for Adobe Flash Player
Octoshape Streaming Services
OneCare Advisor (Windows Live Toolbar) (Version: 03.01.0159.04)
OpenOffice.org Installer 1.0 (Version: 1.0.9221)
OutlookTools 2 (Version: 2.1.0)
PanoStandAlone (Version: 90.0.146.000)
PC Connectivity Solution (Version: 9.13.1.0)
PC World Toolbar
Picasa 3 (Version: 3.9)
Popup Blocker (Windows Live Toolbar) (Version: 03.01.0146)
Post-it® Software Notes Lite
Print Screen Deluxe
PS_AIO_02_ProductContext (Version: 90.0.189.000)
PS_AIO_02_Software (Version: 90.0.189.000)
PS_AIO_02_Software_min (Version: 90.0.189.000)
PS8200 (Version: 8.01.0000)
PSPrinters08 (Version: 8.01.0000)
PSSWCORE (Version: 2.01.0000)
PSTAPlugin (Version: 8.01.0000)
Pure Networks Platform (Version: 11.2.09195.1)
Quick Launch Buttons 5.20 G1 (Version: 5.20 G1)
QuickTime (Version: 7.71.80.42)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
REALTEK Gigabit and Fast Ethernet NIC Driver (Version: 1.80)
RealUpgrade 1.1 (Version: 1.1.0)
Rhapsody Player Engine (Version: 1.0.604)
Rhapsody Player Engine (Version: 1.1.0)
Samsung Kies (Version: 2.5.3.13043_14)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.23.0)
Scan (Version: 9.0.0.0)
Segoe UI (Version: 14.0.4327.805)
Smart Menus (Windows Live Toolbar) (Version: 03.01.0146)
SMS-it Outlook Interface
SMS-it!
Soft Data Fax Modem with SmartCP
SolutionCenter (Version: 90.0.146.000)
Sonic Audio Module (Version: 2.0.0.1)
Sonic Copy Module (Version: 2.0.0.1)
Sonic Data Module (Version: 2.0.0.1)
Sonic Express Labeler (Version: 2.0.0)
Sonic MyDVD Plus (Version: 6.1.3)
Sonic Update Manager (Version: 3.0.0)
SonicAC3Encoder (Version: 1.00.0000)
SonicMPEGEncoder (Version: 1.00.0000)
Status (Version: 110.0.180.000)
Texas Instruments PCIxx21/x515/xx12 drivers. (Version: 1.20.0000)
The Weather Channel App
TIPCI (Version: 1.20.0000)
Toolbox (Version: 90.0.146.000)
TrayApp (Version: 110.0.180.000)
Trillian
U3Launcher (Version: 1.0.0)
Unity Web Player (Version: )
Unload (Version: 5.0.0)
UnloadSupport (Version: 9.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Outlook 2007 Junk Email Filter (KB2508979)
Update Rollup 2 for Windows XP Media Center Edition 2005
URGE (Version: 1.1.8115.0)
VideoToolkit01 (Version: 90.0.146.000)
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Visual Studio 2005 Tools for Office Second Edition Runtime
WebEx Support Manager for Internet Explorer (Version: 6.5.4917)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 90.0.146.000)
Widevine Media Transformer Plugin 5.0.0 (Version: 5.0.0.4679)
Winamp (remove only)
Windows Driver Package - Nokia Modem  (03/05/2008 3.7) (Version: 03/05/2008 3.7)
Windows Driver Package - Nokia Modem  (03/13/2008 6.86.0.1) (Version: 03/13/2008 6.86.0.1)
Windows Driver Package - Nokia Modem  (05/22/2008 3.8) (Version: 05/22/2008 3.8)
Windows Driver Package - Nokia Modem  (05/22/2008 7.00.0.1) (Version: 05/22/2008 7.00.0.1)
Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0018.5)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0036.0)
Windows Internet Explorer 7 (Version: 20061107.210142)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Family Safety (Version: 14.0.8118.427)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Outlook Toolbar (Windows Live Toolbar) (Version: 03.01.0146)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Toolbar (Version: 14.0.8117.416)
Windows Live Toolbar Extension (Windows Live Toolbar) (Version: 03.01.0146)
Windows Live Toolbar Feed Detector (Windows Live Toolbar) (Version: 03.01.0146)
Windows Live Writer (Version: 14.0.8117.0416)
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Wireless Home Network Setup (Version: 1.1.154.1)
Zinio Reader

========================= Devices: ================================

Name: ACPI Uniprocessor PC
Description: ACPI Uniprocessor PC
Class Guid: {4D36E966-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: ACPI

Name: AMD Turion 64 Mobile Technology ML-40
Description: AMD K8 Processor
Class Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}
Manufacturer: Advanced Micro Devices
Service: AmdK8

Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: WmiAcpi

Name: PCI bus
Description: PCI bus
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: pci

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: PCI standard PCI-to-PCI bridge
Description: PCI standard PCI-to-PCI bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: pci

Name: ATI MOBILITY RADEON Xpress 200 Series
Description: ATI MOBILITY RADEON Xpress 200 Series
Class Guid: {4D36E968-E325-11CE-BFC1-08002BE10318}
Manufacturer: ATI Technologies Inc.
Service: ati2mtag

Name: Generic Television
Description: Generic Television
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service:

Name: Plug and Play Monitor
Description: Plug and Play Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service:

Name: Default Monitor
Description: Default Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service:

Name: PCI standard PCI-to-PCI bridge
Description: PCI standard PCI-to-PCI bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: pci

Name: Standard OpenHCD USB Host Controller
Description: Standard OpenHCD USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbohci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: USB Human Interface Device
Description: USB Human Interface Device
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: (Standard system devices)
Service: HidUsb

Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: mouhid

Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: (Standard system devices)
Service:

Name: Standard OpenHCD USB Host Controller
Description: Standard OpenHCD USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbohci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Standard Enhanced PCI to USB Host Controller
Description: Standard Enhanced PCI to USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbehci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: ATI SMBus
Description: ATI SMBus
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: ATI Technologies Inc
Service:

Name: Standard Dual Channel PCI IDE Controller
Description: Standard Dual Channel PCI IDE Controller
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: pciide

Name: Primary IDE Channel
Description: Primary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: FUJITSU MHV2080AH
Description: Disk drive
Class Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Secondary IDE Channel
Description: Secondary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: TSSTcorp CD/DVDW TS-L532M
Description: CD-ROM Drive
Class Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom

Name: PCI standard ISA bridge
Description: PCI standard ISA bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: isapnp

Name: ISAPNP Read Data Port
Description: ISAPNP Read Data Port
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System speaker
Description: System speaker
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System timer
Description: System timer
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Quick Launch Buttons
Description: Quick Launch Buttons
Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Manufacturer: Hewlett-Packard
Service: i8042prt

Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: i8042prt

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System board
Description: System board
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft ACPI-Compliant Embedded Controller
Description: Microsoft ACPI-Compliant Embedded Controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: ACPIEC

Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631E54-78A4-11D0-BCF7-00AA00B7B32A}
Manufacturer: Microsoft
Service: CmBatt

Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631E54-78A4-11D0-BCF7-00AA00B7B32A}
Manufacturer: Microsoft
Service: CmBatt

Name: PCI standard PCI-to-PCI bridge
Description: PCI standard PCI-to-PCI bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: pci

Name: Broadcom 802.11b/g WLAN
Description: Broadcom 802.11b/g WLAN
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Broadcom
Service: BCM43XX

Name: Texas Instruments PCIxx21 Cardbus Controller
Description: Generic CardBus Controller
Class Guid: {4D36E977-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: pcmcia

Name: Texas Instruments OHCI Compliant IEEE 1394 Host Controller
Description: Texas Instruments OHCI Compliant IEEE 1394 Host Controller
Class Guid: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F}
Manufacturer: Texas Instruments
Service: ohci1394

Name: 1394 Net Adapter
Description: 1394 Net Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NIC1394
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Texas Instruments PCIxx21 Integrated FlashMedia Controller
Description: Texas Instruments PCIxx21 Integrated FlashMedia Controller
Class Guid: {4D36E970-E325-11CE-BFC1-08002BE10318}
Manufacturer: Texas Instruments Inc
Service: tifm21

Name: SDA Standard Compliant SD Host Controller
Description: SDA Standard Compliant SD Host Controller
Class Guid: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6}
Manufacturer: SDA Standard Compliant SD Host Controller Vendor
Service: sdbus

Name: Realtek RTL8139/810x Family Fast Ethernet NIC
Description: Realtek RTL8139/810x Family Fast Ethernet NIC
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTL8023xp

Name: Conexant AC-Link Audio
Description: Conexant AC-Link Audio
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Conexant
Service: CAMCAUD

Name: AC97 Soft Data Fax Modem with SmartCP
Description: AC97 Soft Data Fax Modem with SmartCP
Class Guid: {4D36E96D-E325-11CE-BFC1-08002BE10318}
Manufacturer: CXT
Service: Modem

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft Composite Battery
Description: Microsoft Composite Battery
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Compbatt

Name: Logical Disk Manager
Description: Logical Disk Manager
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: dmio

Name: Volume Manager
Description: Volume Manager
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: ftdisk

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:

Name: AFD
Description: AFD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AFD

Name: AliIde
Description: AliIde
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AliIde

Name: 1394 ARP Client Protocol
Description: 1394 ARP Client Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Arp1394

Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Beep

Name: dmboot
Description: dmboot
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: dmboot

Name: dmload
Description: dmload
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: dmload

Name: EABFiltr
Description: EABFiltr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: EABFiltr

Name: esgiguard
Description: esgiguard
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: esgiguard

Name: Fips
Description: Fips
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Fips

Name: FssFltr
Description: FssFltr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: fssfltr

Name: Generic Packet Classifier
Description: Generic Packet Classifier
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Gpc

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP

Name: IntelIde
Description: IntelIde
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IntelIde

Name: IP Traffic Filter Driver
Description: IP Traffic Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IpFilterDriver

Name: IP Network Address Translator
Description: IP Network Address Translator
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IpNat

Name: IPSEC driver
Description: IPSEC driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IPSec

Name: ksecdd
Description: ksecdd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ksecdd

Name: Lavasoft helper driver
Description: Lavasoft helper driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Lavasoft Kernexplorer

Name: MCSTRM
Description: MCSTRM
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MCSTRM

Name: mdmxsdk
Description: mdmxsdk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mdmxsdk

Name: mnmdd
Description: mnmdd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mnmdd

Name: mountmgr
Description: mountmgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mountmgr

Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDIS

Name: Remote Access NDIS TAPI Driver
Description: Remote Access NDIS TAPI Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NdisTapi

Name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Ndisuio

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDProxy

Name: NetBios over Tcpip
Description: NetBios over Tcpip
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NetBT

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null

Name: PartMgr
Description: PartMgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PartMgr

Name: ParVdm
Description: ParVdm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ParVdm

Name: Pure Networks Device Discovery Driver
Description: Pure Networks Device Discovery Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: pnarp

Name: Pure Networks Wireless Driver
Description: Pure Networks Wireless Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: purendis

Name: Remote Access Auto Connection Driver
Description: Remote Access Auto Connection Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RasAcd

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPCDD

Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip

Name: TVICHW32
Description: TVICHW32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: TVICHW32

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VgaSave

Name: ViaIde
Description: ViaIde
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ViaIde

Name: VolSnap
Description: VolSnap
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VolSnap

Name: Remote Access IP ARP Driver
Description: Remote Access IP ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wanarp

Name: Wdf01000
Description: Wdf01000
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wdf01000

Name: Windows Driver Foundation - User-mode Driver Framework Platform Driver
Description: Windows Driver Foundation - User-mode Driver Framework Platform Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WudfPf

Name: Audio Codecs
Description: Audio Codecs
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Legacy Audio Drivers
Description: Legacy Audio Drivers
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Media Control Devices
Description: Media Control Devices
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Legacy Video Capture Devices
Description: Legacy Video Capture Devices
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Video Codecs
Description: Video Codecs
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Standard Modem
Description: Standard Modem
Class Guid: {4D36E96D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard Modem Types)
Service: Modem

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Rasl2tp

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NdisWan

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: RasPppoe

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PptpMiniport

Name: Realtek RTL8139/810x Family Fast Ethernet NIC - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched

Name: WAN Miniport (IP) - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched

Name: Broadcom 802.11b/g WLAN - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched

Name: Direct Parallel
Description: Direct Parallel
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Raspti

Name: Photosmart C7200 series
Description: Photosmart C7200 series
Class Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: pcouffin device for 32 bits systems
Description: pcouffin device for 32 bits systems
Class Guid: {FF646F80-8DEF-11D2-9449-00105A075F6B}
Manufacturer: VSO Software
Service: pcouffin

Name: RIM Virtual Serial Port v2 (COM5)
Description: RIM Virtual Serial Port v2
Class Guid: {4D36E978-E325-11CE-BFC1-08002BE10318}
Manufacturer: RIM Virtual Serial Ports
Service: RimVSerPort

Name: RIM Virtual Serial Port v2 (COM6)
Description: RIM Virtual Serial Port v2
Class Guid: {4D36E978-E325-11CE-BFC1-08002BE10318}
Manufacturer: RIM Virtual Serial Ports
Service: RimVSerPort

Name: Terminal Server Device Redirector
Description: Terminal Server Device Redirector
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: rdpdr

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: swenum

Name: Microsoft WINMM WDM Audio Compatibility Driver
Description: Microsoft WINMM WDM Audio Compatibility Driver
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: wdmaud

Name: Microsoft Kernel System Audio Device
Description: Microsoft Kernel System Audio Device
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: sysaudio

Name: Microcode Update Device
Description: Microcode Update Device
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: update

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: mssmbios

Name: Nokia 6085
Description: Nokia Windows Portable Device Driver
Class Guid: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Manufacturer: Nokia
Service: WUDFRd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Nokia 6085
Description: Nokia 6085
Class Guid: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Manufacturer: Nokia
Service: WUDFRd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 64%
Total physical RAM: 1022.17 MB
Available physical RAM: 362.82 MB
Total Pagefile: 2459.74 MB
Available Pagefile: 1658.32 MB
Total Virtual: 2047.88 MB
Available Virtual: 1968.45 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:74.32 GB) (Free:13.85 GB) NTFS
2 Drive d: (Under the Horse) (CDROM) (Total:1.85 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\LAPTOP

Administrator            ASPNET                   Guest                    
HelpAssistant            MOM                      SUPPORT_388945a0         

========================= Minidump Files ==================================

No minidump file found


**** End of log ****
 

Link to post
Share on other sites

  • Root Admin

Please see if  you can uninstall both of these or not or if it gives you an error trying to uninstall them.

 

First try to remove them from the Control Panel, Add/Remove and if that does not work then try this.

 

Microsoft Security Client
Microsoft Security Essentials

Microsoft Security Essentials Removal Tool
 

 

Let me know how that works out.

Link to post
Share on other sites

I was able to uninstall Microsoft Security Essentials but could not find or uninstall Microsoft Security Client.
 

I used the link provided which took me to Microsoft fix it, it says "processing" then "this Microsoft fix it has been processed" and I get a window that gives me options for "tell us what you think", "get help online now", and "read more about fix it".

I'm not sure where you want me to go from here! I did search the "get help online now" but all I can find is how to uninstall Essentials but nothing about Client.

Link to post
Share on other sites

  • Root Admin

Please visit this webpage and read the ComboFix User's Guide:

 

We'll use it to help us clean up any left over items of MSE too.

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file.  Please be patient as it can take some time to load.
  • Please attach that log file to your next reply.
  • If needed the file can be located here:  C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.
Link to post
Share on other sites

Here is the log from the last scan.

I am having problems with my computer shutting down unexpectedly. It seems to be running very hot. I have 2 fans running on it to get the scan done. I'm not sure if it's something we have done here or if it's just because it is old. Maybe you can tell from the scans.
I do not have anything on here for virus or malware protection, you had me uninstall everything. I there a free program you would suggest since, obviously what I had, wasn't working?

 

 

 

ComboFix 13-07-18.04 - MOM 07/19/2013   2:20.2.1 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1022.320 [GMT -5:00]
Running from: c:\documents and settings\MOM\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\documents and settings\All Users\Application Data\1jt85an2g145o0y0qqomr582hicxyqw1rs8
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\MOM\Application Data\inst.exe
c:\documents and settings\MOM\Local Settings\Application Data\1jt85an2g145o0y0qqomr582hicxyqw1rs8
c:\documents and settings\MOM\Local Settings\Application Data\assembly\tmp
c:\documents and settings\MOM\Templates\1jt85an2g145o0y0qqomr582hicxyqw1rs8
c:\documents and settings\MOM\WINDOWS
C:\install.exe
c:\windows\system32\AutoRun.inf
c:\windows\system32\azip32.dll
c:\windows\system32\BSTIEPrintCtl1.dll
c:\windows\system32\Cache
c:\windows\system32\Cache\23bb55a8d32a3cf5.fb
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\3b707e1113125f1a.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\b13f4065d2d36363.fb
c:\windows\system32\Cache\b1e6e14a07e5eac2.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\c9a92d386551a457.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\dac9f147750532fb.fb
c:\windows\system32\Cache\e0de16f883bea794.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\muzapp.exe
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((   Files Created from 2013-06-19 to 2013-07-19  )))))))))))))))))))))))))))))))
.
.
2013-07-19 07:11 . 2013-07-19 07:12    --------    d-----w-    c:\windows\LastGood
2013-07-18 23:05 . 2013-07-19 01:31    2036    -c--a-w-    C:\FixitRegBackup.reg
2013-07-18 06:16 . 2004-06-11 21:33    290304    ----a-w-    c:\windows\subinacl.exe
2013-07-17 06:56 . 2013-05-02 07:06    238872    ------w-    c:\windows\system32\MpSigStub.exe
2013-07-11 22:00 . 2013-07-13 22:51    --------    dc----w-    C:\FRST
2013-07-11 01:33 . 2013-07-11 01:33    --------    d-----w-    c:\windows\ERUNT
2013-07-10 22:41 . 2013-07-11 00:20    --------    dc----w-    c:\documents and settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2013-07-10 22:31 . 2013-04-21 01:10    985    ----a-w-    c:\windows\win.tmp
2013-07-10 22:31 . 2013-02-13 22:07    227    ----a-w-    c:\windows\system.tmp
2013-07-10 22:30 . 2013-07-10 22:31    --------    dc----w-    c:\program files\ERUNT
2013-07-01 19:48 . 2013-07-01 19:48    --------    dc----w-    c:\documents and settings\MOM\Application Data\Malwarebytes
2013-07-01 19:47 . 2013-07-01 19:47    --------    dc----w-    c:\documents and settings\All Users\Application Data\Malwarebytes
2013-07-01 19:47 . 2013-07-01 19:48    --------    dc----w-    c:\program files\Malwarebytes' Anti-Malware
2013-07-01 19:47 . 2013-04-04 19:50    22856    ----a-w-    c:\windows\system32\drivers\mbam.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-14 22:49 . 2012-04-11 01:04    692104    -c--a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-07-14 22:49 . 2011-05-15 04:07    71048    -c--a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-19 204288]
"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2013-04-23 1561968]
"KiesAirMessage"="c:\program files\Samsung\Kies\KiesAirMessage.exe" [2013-04-18 578560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2009-07-07 647216]
"nmapp"="c:\program files\Pure Networks\Network Magic\nmapp.exe" [2010-01-27 472112]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-06 64512]
"Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2005-08-01 233534]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-12-02 344064]
"BackupNowEZtray"="c:\program files\NTI\NTI Backup Now EZ\BackupNowEZtray.exe" [2012-07-23 580672]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2013-04-23 311152]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2010-10-02 160328]
"swg"="c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [bU]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"adaware"="reg.exe delete HKCU\Software\AppDataLow\Software\adaware" [X]
"adaware_XP"="reg.exe delete HKCU\Software\adaware" [X]
.
c:\documents and settings\MOM\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE %SystemRoot%\ERDNT\AutoBackup\#Date# /noconfirmdelete /noprogresswindow [2005-10-20 38912]
EvernoteTray.lnk - c:\program files\Evernote\Evernote\EvernoteTray.exe [2013-5-22 395104]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
avgrsstx.dll [bU]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk]
backup=c:\windows\pss\America Online 9.0 Tray Icon.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^LaunchU3.exe.lnk]
backup=c:\windows\pss\LaunchU3.exe.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^MOM^Start Menu^Programs^Startup^AOL Desktop.lnk]
path=c:\documents and settings\MOM\Start Menu\Programs\Startup\AOL Desktop.lnk
backup=c:\windows\pss\AOL Desktop.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^MOM^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^MOM^Start Menu^Programs^Startup^Webshots.lnk]
backup=c:\windows\pss\Webshots.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FolderShare
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KodakShareButtonApp
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PhotoShow Deluxe Media Manager
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Live FolderShare
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinPatrol
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2005-09-09 07:18    57344    -c----w-    c:\program files\Adobe\Photoshop Elements 4.0\apdproxy.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
c:\program files\IObit\Advanced SystemCare 3\AWC.exe [bU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
c:\program files\Common Files\AOL\ACS\AOLDial.exe [bU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
c:\program files\Common Files\Symantec Shared\ccApp.exe [bU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DW7]
2013-02-07 04:40    13102080    -c--a-w-    c:\program files\The Weather Channel\The Weather Channel App\TWCApp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
c:\program files\Common Files\AOL\1141165329\ee\AOLSoftware.exe [bU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
2005-05-04 18:59    794624    -c----w-    c:\program files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2009-05-26 19:16    1468296    -c--a-w-    c:\program files\Microsoft IntelliPoint\ipoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IS CfgWiz]
c:\program files\Norton Internet Security\cfgwiz.exe [bU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2007-12-01 06:26    1695232    -c----w-    c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Octoshape Streaming Services]
2009-01-12 13:42    70936    -c----w-    c:\documents and settings\MOM\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-04-19 01:56    421888    -c--a-w-    c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
2011-12-01 09:10    499312    -c--a-w-    c:\program files\Real\RealPlayer\realplay.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoboForm]
2010-10-02 05:47    160328    -c--a-w-    c:\program files\Siber Systems\AI RoboForm\robotaskbaricon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt]
c:\program files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe [bU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-12-01 09:10    296056    -c--a-w-    c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2]
c:\program files\Uniblue\RegistryBooster 2\RegistryBooster.exe [bU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Weather]
c:\program files\AWS\WeatherBug\Weather.exe [bU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"iPodService"=3 (0x3)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Adobe\\Photoshop Elements 4.0\\AdobePhotoshopElementsMediaServer.exe"=
"c:\\Program Files\\Hp\\HPNetworkAssistant\\HPNetworkAssistant.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Documents and Settings\\MOM\\Application Data\\Octoshape\\Octoshape Streaming Services\\OctoshapeClient.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Trillian\\trillian.exe"=
"c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe"= c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet,0.0.0.0/255.255.255.255:Enabled:Pure Networks Platform Service
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"67:UDP"= 67:UDP:DHCP Discovery Service
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [7/1/2013 2:47 PM 418376]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7/1/2013 2:47 PM 701512]
R2 NTI BackupNowEZSvr;NTI BackupNowEZSvr;c:\program files\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe [9/23/2011 10:51 PM 45592]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [5/3/2013 2:06 AM 83864]
R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [8/22/2005 4:06 AM 231424]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/1/2013 2:47 PM 22856]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [6/1/2008 10:05 PM 47360]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [5/3/2013 2:06 AM 181912]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [8/23/2012 6:13 AM 26984]
S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]
S3 GoogleDesktopManager-093009-130223;Google Desktop Manager 5.9.909.30391;"c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" --> c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [?]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [4/26/2010 6:03 PM 19712]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [4/26/2010 6:03 PM 8320]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [4/26/2010 6:03 PM 42752]
S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [8/10/2004 10:00 AM 14336]
S4 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\PCPitstop\PCPitstopScheduleService.exe --> c:\program files\PCPitstop\PCPitstopScheduleService.exe [?]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
*NewlyCreated* - WUAUSERV
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12    REG_MULTI_SZ       Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt    REG_MULTI_SZ       hpqcxs08 hpqddsvc
HPService    REG_MULTI_SZ       HPSLPSVC
getPlusHelper    REG_MULTI_SZ       getPlusHelper
nosGetPlusHelper    REG_MULTI_SZ       nosGetPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2013-07-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 22:49]
.
2013-07-17 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 23:57]
.
.
------- Supplementary Scan -------
.



uInternet Settings,ProxyOverride = <local>


IE: &Viewpoint Search - c:\program files\Viewpoint\Viewpoint Toolbar V35\ViewBar.dll/CXTSEARCH.HTML
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Clip Image - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
IE: Clip selection - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
IE: Clip URL - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000

IE: New Note - c:\program files\Evernote\Evernote\\EvernoteIERes\NewNote.html



TCP: DhcpNameServer = 192.168.0.1
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF - ProfilePath - c:\documents and settings\MOM\Application Data\Mozilla\Firefox\Profiles\30qgon9z.default-1369715500859\

FF - ExtSQL: 2013-07-06 10:11; {E0B8C461-F8FB-49b4-8373-FE32E9252800}; c:\documents and settings\MOM\Application Data\Mozilla\Firefox\Profiles\30qgon9z.default-1369715500859\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{6c97a91e-4524-4019-86af-2aa2d567bf5c} - (no file)
ShellIconOverlayIdentifiers-{04cd1f3e-81d5-4904-a3ab-e0f99a7d769d} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-07-19 02:32
Windows 5.1.2600 Service Pack 3, v.3264 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe??????????9?P??|?????? ???B?????????????hLC? ??????
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(528)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(3500)
c:\program files\NTI\NTI Backup Now EZ\Pehook.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\dot3dlg.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2013-07-19  02:38:36
ComboFix-quarantined-files.txt  2013-07-19 07:38
.
Pre-Run: 15,035,154,432 bytes free
Post-Run: 15,034,724,352 bytes free
.
- - End Of File - - 148B67C1B39126C80BFEF9869C566EDE
671B81004FDD1588FA9ED1331C9CECA9


 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.