Jump to content

Malwarebytes Pro "enable malicious website blocking" turned off

gtdriski
 Share

Recommended Posts

gtdriski

gtdriski

Posted
Posted

Hello,

 

I noticed earlier today that my Malwarebytes Pro task bar icon was gray.  I checked it and the "enable malicious website blocking" had been turned off.  I tried but was unable to turn it back on.

 

I then rebooted my machine (Windows XP) and restarted Malwarebytes Pro.  At this point I was able to turn "Enable Malicious Website Blocking" back on.

 

I also noticed the Windows System Restore had be turned off.  Again, I was able to turn it back on.

 

Things seem ok now, but since something was obviously messing with my system should I run some types of scans?

 

Your assistance is appreciated

 

Thanks, Gary

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Next,

 

Download Security Check by screen317 from either of the following:

http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe

Save it to your Desktop.

Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

Kevin...

Link to post
Share on other sites
gtdriski

gtdriski

Posted
  • Author
Posted

Thanks Kevin,

 

Here are the logs:

 

Farbar

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-07-2013
Ran by GaryT (administrator) on 21-07-2013 18:16:42
Running from C:\Documents and Settings\GaryT\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
(brother Industries Ltd) C:\WINDOWS\system32\brsvc01a.exe
(brother Industries Ltd) C:\WINDOWS\system32\brss01a.exe
(Logitech Inc.) c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\RaMaint.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LogMeIn.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LMIGuardian.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
() C:\WINDOWS\system32\PSIService.exe
(Intuit) C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit Inc.) C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(Windows ® Codename Longhorn DDK provider) C:\Program Files\UPHClean\uphclean.exe
(Cisco Systems, Inc.) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(Google Inc.) C:\Documents and Settings\GaryT\Local Settings\Application Data\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Intuit Inc. All rights reserved.) C:\Documents and Settings\GaryT\Local Settings\Application Data\Intuit\SyncManager\Current\IntuitSyncManager.exe
(Intuit, Inc.) C:\PROGRA~1\Intuit\QUICKB~1\QBDBMgr.exe
(Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe
(Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk10\PerfectDisk.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Winlogon: [uIHost] C:\WINDOWS\system32\logonui.exe [x ] ()
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [X]
Winlogon\Notify\LMIinit: LMIinit.dll (LogMeIn, Inc.)
Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)
Skype] - C:\Program Files\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [Google Update] - C:\Documents and Settings\GaryT\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [136176 2011-08-18] (Google Inc.)
BootExecute: PDBoot.exeautocheck autochk * sasnative32

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cm.my.yahoo.com/?rd=nux
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {774C86F0-F13C-4FAF-8D16-A4F2417C8AFC} URL = http://www.weather.com/search/enhanced?where={searchTerms}
SearchScopes: HKCU - {7FCF2E2B-F64E-4ACE-BFA4-F76F7C9C0194} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b2ie7
SearchScopes: HKCU - {84B73620-247B-453E-BF3D-01F0CAA7FF70} URL = http://www.shopzilla.com/buy/superfind.xpml?search_box=1&sfsk=0&cat_id=1&keyword={searchTerms}
SearchScopes: HKCU - {931D8C7B-7F39-4D42-9991-FC52DC61283C} URL = http://www.facebook.com/s.php?src=os&q={searchTerms}
SearchScopes: HKCU - {9360E69F-4978-40C5-A508-176730C120F0} URL = http://search.about.com/fullsearch.htm?terms={searchTerms}
BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: del.icio.us Toolbar Helper - {7AA07AE6-01EF-44EC-93CA-9D7CD41CCDB6} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll (del.icio.us, a Yahoo! Company)
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Catcher Class - {ADECBED6-0366-4377-A739-E69DFBA04663} - C:\Program Files\Moyea\FLV Downloader\MoyeaCth.dll (Moyea Software Co., Ltd.)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
Toolbar: HKLM - del.icio.us - {981FE6A8-260C-4930-960F-C3BC82746CB0} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll (del.icio.us, a Yahoo! Company)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU -del.icio.us - {981FE6A8-260C-4930-960F-C3BC82746CB0} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll (del.icio.us, a Yahoo! Company)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU -No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} -  No File
DPF: {02FFCFC3-C28F-4ED9-954B-1BAC9FD77E12} http://webstream.intra.net/media/xflux3.cab
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.microsoft.com/Dcode/ActiveX/MSDcode.cab
DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/viewers/ipixx.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {16C698C4-4BE0-4CDF-B777-39276A95F58F} http://meeting.zoho.com/login/ActivexViewer.jsp
DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} http://dlmanager.akamaitools.com.edgesuite.net/dlmanager/versions/activex/dlm-activex-2.0.3.8.cab
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-36.cab
DPF: {54D53429-945C-4188-B460-C81356541882} http://photosmart.hpphoto.com/Download/HPeServicesLocalPrint.CAB
DPF: {56426D1F-A2BB-4195-8555-CCE6533F81E8} http://meeting.zoho.com/login/Agent.jsp
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1122093200750
DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
DPF: {7BC974EF-A718-4A17-B77E-4C8DBC327AFA} https://secure.voloper.net/editor.cab
DPF: {7DD82D6B-3553-470B-8D1E-D5C7086478A7} https://merchantaccount.quickbooks.com/sync/QBMASSyncCom2_2005.cab
DPF: {84B7AC1D-9AD1-474F-B6B0-FE1641DBFDFA} http://www.contentpurity.com/xp/ScanFilexp.CAB
DPF: {87651085-BCBF-4281-B8F7-1F6E56E92515} http://meeting.zoho.com/login/Agent.jsp
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {B7039D87-D648-4431-BA87-C3A04E6111DA} https://67.43.9.72:4643/vz/ssh/wodTelnetDLX.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {D5382F3F-32AA-41E1-9FFF-5D1EFAC80D40} http://contentpurity.com/members/FileClean.CAB
DPF: {D821DC4A-0814-435E-9820-661C543A4679} http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} http://office.webstream-innovations.com/hyperoffice/personal/documents/XUpload.ocx
DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} http://driveragent.com/files/driveragent.cab
DPF: {F21AC8A4-4322-11D6-8EBE-0001023D1A2A} https://merchantaccount.quickbooks.com/recurchrg/IntuitRecurPayCom.cab
DPF: {F8A9F96F-8375-4596-BD89-EEAE2781D810} https://merchantaccount.quickbooks.com/sync/QBMASSyncCom1.cab
DPF: {FF1CD9A3-00CD-45C1-8182-4EEC229A182D} http://www.plaxo.com/activex/plx_upldr-2k-xp.cab
Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2006\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files\Intuit\QuickBooks 2006\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files\Intuit\QuickBooks 2006\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
Handler: ipp - No CLSID Value -
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 208.67.222.222 208.67.220.220 38.116.38.49

FireFox:
========
FF ProfilePath: C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default
FF Homepage: hxxp://web.ebuddy.com/#|hxxp://www.netvibes.com/privatepage/1#General|https://www.passpack.com/online/#
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @IBM.com/WDPlugin,version=1 - C:\WINDOWS\system32\IBM\npwdplugin.dll (IBM )
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @Sibelius.com/Scorch Plugin,version=6.2.0.88 - C:\Program Files\Sibelius Software\Scorch\npsibelius.dll ()
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @vialect.com/superfile,version=1.0 - C:\Program Files\Intra.Net 4.x Components\packages\{309453F2-8D7A-4F10-BDAC-EA09D31F9198}\npsf.dll (Vialect)
FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin HKCU: @IBM.com/WDPlugin,version=1 - C:\WINDOWS\system32\IBM\npwdplugin.dll (IBM )
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\GaryT\Local Settings\Application Data\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\GaryT\Local Settings\Application Data\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\searchplugins\delicious-tag.xml
FF SearchPlugin: C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\searchplugins\linkedin-1.xml
FF SearchPlugin: C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\searchplugins\linkedin.xml
FF SearchPlugin: C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\searchplugins\linkedinjobs.xml
FF SearchPlugin: C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\searchplugins\marketwatch.xml
FF SearchPlugin: C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\searchplugins\technorati.xml
FF SearchPlugin: C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\searchplugins\weathercom.xml
FF SearchPlugin: C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\searchplugins\webster.xml
FF SearchPlugin: C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\searchplugins\wikipedia-en.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\answers.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
FF Extension: No Name - C:\Documents and Settings\GaryT\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\Extensions\collector@broceliand.fr
FF Extension: United States English Spellchecker - C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\Extensions\en-US@dictionaries.addons.mozilla.org
FF Extension: No Name - C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\Extensions\foxmarks@kei.com
FF Extension: No Name - C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\Extensions\kgen@elitwork.com
FF Extension: printpdf - C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\Extensions\printpdf@pavlov.net
FF Extension: SEO Blogger - C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\Extensions\seo-blogger@wordtracker.com
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: SeoQuake - C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\Extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}(2)
FF Extension: WOT - C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: Evernote Web Clipper - C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
FF Extension: LinkedIn Companion for Firefox - C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\Extensions\{e2337727-f9c9-411b-929e-287584341d1a}
FF Extension: No Name - C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\Extensions\{ec9CEB59-8266-438b-91D9-82F56D595E15}
FF Extension: rankchecker - C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\Extensions\rankchecker@seobook.com.xpi
FF Extension: seo4firefox - C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\Extensions\seo4firefox@seobook.com.xpi
FF Extension: seotoolbar - C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\Extensions\seotoolbar@seobook.com.xpi
FF Extension: sqlime - C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\Extensions\sqlime@security.compass.xpi
FF Extension: No Name - C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\Extensions\{86c18b42-e466-45a9-ae7a-9b95ba6f5640}.xpi
FF Extension: No Name - C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi
FF Extension: No Name - C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi
FF Extension: No Name - C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
FF Extension: No Name - C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\Extensions\{d57c9ff1-6389-48fc-b770-f78bd89b6e8a}.xpi
FF Extension: No Name - C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: No Name - C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: No Name - C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\Extensions\{F5DDF39C-9293-4d5e-9AA8-E04E6DD5E9B4}.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype extension for Firefox - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======

CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\GaryT\Local Settings\Application Data\Google\Chrome\Application\28.0.1500.71\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\GaryT\Local Settings\Application Data\Google\Chrome\Application\28.0.1500.71\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\GaryT\Local Settings\Application Data\Google\Chrome\Application\28.0.1500.71\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Chrome Toolbox Plugin) - C:\Documents and Settings\GaryT\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fjccknnhdnkbanjilpjddjhmkghmachn\1.0.30_0\plugin/convenience.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java Platform SE 6 U29) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Shockwave for Director) - C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (ActiveTouch General Plugin Container) - C:\Program Files\Mozilla Firefox\plugins\npatgpc.dll (WebEx Communications, Inc)
CHR Plugin: (Google Gadget Plugin) - C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll ()
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2003) - C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (QuickTime Plug-in 7.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (WD General Plugin) - C:\Program Files\Mozilla Firefox\plugins\npwdplugin.dll (IBM )
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Update) - C:\Documents and Settings\GaryT\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Intra.Net) - C:\Program Files\Intra.Net 4.x Components\packages\{309453F2-8D7A-4F10-BDAC-EA09D31F9198}\npsf.dll (Vialect)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Bejeweled) - C:\DOCUME~1\GaryT\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0
CHR Extension: (BIODIGITAL HUMAN) - C:\DOCUME~1\GaryT\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak\0.9.5_0
CHR Extension: (Xmarks Bookmark Sync) - C:\DOCUME~1\GaryT\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.25_0
CHR Extension: (YouTube) - C:\DOCUME~1\GaryT\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\DOCUME~1\GaryT\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Zoho Projects) - C:\DOCUME~1\GaryT\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\dhifphcimhhfnhlemdpmlonlkgfkjjae\1.1_0
CHR Extension: (Google+) - C:\DOCUME~1\GaryT\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm\1.2.0.418_0
CHR Extension: (Sumo Paint) - C:\DOCUME~1\GaryT\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\dpgjihldbpodlmnjolekemlfbcajnmod\3.7_0
CHR Extension: (Google Calendar) - C:\DOCUME~1\GaryT\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0
CHR Extension: (Creately - Online Diagramming) - C:\DOCUME~1\GaryT\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\figjjaggcjcojopflaabmebmocabdglm\1.1_0
CHR Extension: (Chrome Toolbox (by Google)) - C:\DOCUME~1\GaryT\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\fjccknnhdnkbanjilpjddjhmkghmachn\1.0.32_0
CHR Extension: (bitly | \u2665  your bitmarks) - C:\DOCUME~1\GaryT\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic\2.0.89_0
CHR Extension: (Dropbox) - C:\DOCUME~1\GaryT\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl\3.0.6_0
CHR Extension: (Zoho Mail) - C:\DOCUME~1\GaryT\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\jjemfhbmnkbapnnmiadkbiaokccjnhge\1.1_0
CHR Extension: (Zoho CRM) - C:\DOCUME~1\GaryT\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\kigppphkaknhndejgcmckacpipcioacn\1.1.1_0
CHR Extension: (HootSuite) - C:\DOCUME~1\GaryT\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\kneloppijbcidgidihgdjnooihjcdbij\5.244_0
CHR Extension: (Evernote Web) - C:\DOCUME~1\GaryT\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0
CHR Extension: (Webcam Toy) - C:\DOCUME~1\GaryT\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade\1.4_0
CHR Extension: (Skype Click to Call) - C:\DOCUME~1\GaryT\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.6.0.11664_0
CHR Extension: (Google Maps) - C:\DOCUME~1\GaryT\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0
CHR Extension: (Chrome to Phone) - C:\DOCUME~1\GaryT\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco\2.3.1_0
CHR Extension: (SEO for Chrome) - C:\DOCUME~1\GaryT\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\oangcciaeihlfmhppegpdceadpfaoclj\0.9.5_0
CHR Extension: (ColorPick Eyedropper) - C:\DOCUME~1\GaryT\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\ohcpnigalekghcmgcdcenkpelffpdolg\0.0.1.68_0
CHR Extension: (Palette for Chrome) - C:\DOCUME~1\GaryT\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod\1.6.0_0
CHR Extension: (Evernote Web Clipper) - C:\DOCUME~1\GaryT\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\5.9.18_0
CHR Extension: (Gmail) - C:\DOCUME~1\GaryT\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR StartMenuInternet: Google Chrome - "C:\Documents and Settings\GaryT\Local Settings\Application Data\Google\Chrome\Application\chrome.exe"

========================== Services (Whitelisted) =================

R2 Brother XP spl Service; C:\WINDOWS\system32\brsvc01a.exe [57344 2003-08-27] (brother Industries Ltd)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1341664 2013-03-21] (ESET)
S3 iPodService; C:\Program Files\iPod\bin\iPodService.exe [323584 2005-12-20] (Apple Computer, Inc.)
R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [319568 2010-10-26] (Logitech, Inc.)
S2 LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [105248 2007-02-06] (Logitech Inc.)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 nmservice; C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe [647216 2009-07-07] (Cisco Systems, Inc.)
R2 PDAgent; C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe [939272 2010-01-26] (Raxco Software, Inc.)
R3 PDEngine; C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe [1033480 2010-01-26] (Raxco Software, Inc.)
R2 ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [177704 2007-06-05] ()
R2 QBVSS; C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2011-08-19] (Intuit Inc.)
S3 Roxio UPnP Renderer 9; C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe [57344 2006-08-10] (Sonic Solutions)
S2 Roxio Upnp Server 9; C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe [294912 2006-08-10] (Sonic Solutions)
R2 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3289208 2013-01-31] (Skype Technologies S.A.)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1724192 2013-01-31] (TuneUp Software)
R2 UPHClean; C:\Program Files\UPHClean\uphclean.exe [399872 2010-09-13] (Windows ® Codename Longhorn DDK provider)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" [x]

==================== Drivers (Whitelisted) ====================

R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [4122368 2008-09-24] (Realtek Semiconductor Corp.)
R1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [36864 2006-07-01] (Advanced Micro Devices)
R3 AmdLLD; C:\Windows\System32\DRIVERS\AmdLLD.sys [34304 2007-06-29] (AMD, Inc.)
S2 BrPar; C:\Windows\System32\drivers\BrPar.sys [19537 2000-07-24] (Brother Industries Ltd.)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 Cinemsup; C:\Windows\System32\Drivers\Cinemsup.sys [6656 2003-12-19] (Sonic Solutions)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 DefragFS; C:\Windows\System32\Drivers\DefragFS.sys [73232 2009-08-20] (Raxco Software, Inc.)
R3 dfmirage; C:\Windows\System32\DRIVERS\dfmirage.sys [31896 2005-11-25] (DemoForge, LLC)
R2 DLABMFSM; C:\Windows\System32\DLA\DLABMFSM.SYS [35128 2006-08-08] (Sonic Solutions)
R2 DLABOIOM; C:\Windows\System32\DLA\DLABOIOM.SYS [32504 2006-08-08] (Sonic Solutions)
R1 DLACDBHM; C:\Windows\System32\Drivers\DLACDBHM.SYS [12952 2006-08-01] (Sonic Solutions)
R2 DLADResM; C:\Windows\System32\DLA\DLADResM.SYS [9432 2006-08-08] (Sonic Solutions)
R2 DLAIFS_M; C:\Windows\System32\DLA\DLAIFS_M.SYS [104504 2006-08-08] (Sonic Solutions)
R2 DLAOPIOM; C:\Windows\System32\DLA\DLAOPIOM.SYS [26136 2006-08-08] (Sonic Solutions)
R2 DLAPoolM; C:\Windows\System32\DLA\DLAPoolM.SYS [14552 2006-08-08] (Sonic Solutions)
R1 DLARTL_M; C:\Windows\System32\Drivers\DLARTL_M.SYS [28216 2006-08-01] (Sonic Solutions)
R2 DLAUDFAM; C:\Windows\System32\DLA\DLAUDFAM.SYS [94680 2006-08-08] (Sonic Solutions)
R2 DLAUDF_M; C:\Windows\System32\DLA\DLAUDF_M.SYS [97880 2006-08-08] (Sonic Solutions)
S4 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
R2 DRVNDDM; C:\Windows\System32\Drivers\DRVNDDM.SYS [51800 2006-08-01] (Sonic Solutions)
R1 eamon; C:\Windows\System32\DRIVERS\eamon.sys [161368 2013-01-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [122240 2013-01-10] (ESET)
S3 ENTECH; C:\WINDOWS\system32\DRIVERS\ENTECH.sys [21664 2004-10-25] (EnTech Taiwan)
R1 epfwtdir; C:\Windows\System32\DRIVERS\epfwtdir.sys [105784 2013-01-10] (ESET)
S3 FileShd; C:\Windows\System32\DRIVERS\fileshd2.sys [69888 2007-09-10] (Pulsar-NVP)
R3 FilterService; C:\Windows\System32\DRIVERS\lvuvcflt.sys [22560 2007-05-11] (Logitech Inc.)
R2 LBeepKE; C:\Windows\System32\Drivers\LBeepKE.sys [12216 2012-09-18] (Logitech, Inc.)
R3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [43704 2012-09-18] (Logitech, Inc.)
R3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [12216 2012-09-18] (Logitech, Inc.)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [42592 2012-03-13] (http://libusb-win32.sourceforge.net)
R2 LMIInfo; C:\Program Files\LogMeIn\x86\RaInfo.sys [12856 2008-07-24] (LogMeIn, Inc.)
R2 LMIRfsDriver; C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [47640 2008-07-24] (LogMeIn, Inc.)
R3 LMouFilt; C:\Windows\System32\DRIVERS\LMouFilt.Sys [39608 2012-09-18] (Logitech, Inc.)
S3 ltmodem5; C:\Windows\System32\DRIVERS\ltmdmnt.sys [652689 2003-12-12] (Agere Systems)
R3 Lvckap; C:\Windows\System32\DRIVERS\LVcKap.sys [1691808 2007-02-06] ()
R3 lvmvdrv; C:\Windows\System32\DRIVERS\LVMVDrv.sys [1964064 2007-02-06] (Logitech Inc.)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25632 2007-02-06] ()
S3 LVPrcMon; C:\WINDOWS\system32\drivers\LVPrcMon.sys [16768 2005-09-01] ()
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41888 2007-05-11] (Logitech Inc.)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [35144 2013-06-02] ()
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-13] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [34064 2009-03-15] (CACE Technologies)
R0 nvata; C:\Windows\System32\DRIVERS\nvata.sys [92800 2005-05-17] (NVIDIA Corporation)
R0 nvatabus; C:\Windows\System32\drivers\nvatabus.sys [92800 2005-05-17] (NVIDIA Corporation)
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [54784 2008-08-01] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [22016 2008-08-01] (NVIDIA Corporation)
R3 ousb2hub; C:\Windows\System32\DRIVERS\ousb2hub.sys [56960 2005-09-29] (OrangeWare Corporation)
R2 ousbehci; C:\Windows\System32\Drivers\ousbehci.sys [45824 2005-09-29] (OrangeWare Corporation)
S3 PCAlertDriver; C:\Program Files\MSI\Core Center\NTGLM7X.sys [22432 2005-08-25] (MICRO-STAR INT'L CO., LTD.)
S3 PCANDIS5; C:\WINDOWS\System32\PCANDIS5.SYS [16128 2004-07-05] (Printing Communications Assoc., Inc. (PCAUSA))
R2 pnarp; C:\Windows\System32\DRIVERS\pnarp.sys [25392 2009-07-07] (Cisco Systems, Inc.)
R2 purendis; C:\Windows\System32\DRIVERS\purendis.sys [26672 2009-07-07] (Cisco Systems, Inc.)
S3 RushTopDevice; C:\Program Files\MSI\Core Center\RushTop.sys [39808 2005-08-25] (MICRO-STAR INT'L CO., LTD.)
S4 RxFilter; C:\Windows\System32\DRIVERS\RxFilter.sys [50688 2006-08-09] (Sonic Solutions)
R0 Si3114r5; C:\Windows\System32\DRIVERS\Si3114r5.sys [211496 2008-11-25] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [17064 2008-11-25] (Silicon Image, Inc.)
R0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [12200 2008-11-25] (Silicon Image, Inc.)
S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-13] (Microsoft Corporation)
S3 SSKBFD; C:\Windows\System32\Drivers\sskbfd.sys [23920 2008-01-04] (Webroot Software Inc (www.webroot.com))
S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-13] (Microsoft Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-09-18] (TuneUp Software)
R3 ubohci; C:\Windows\System32\DRIVERS\ubohci.sys [77056 2005-07-27] (Unibrain S.A.)
R2 ubsbm; C:\Windows\System32\DRIVERS\ubsbm.sys [14080 2005-07-27] (Unibrain S.A.)
R2 ubumapi; C:\Windows\System32\DRIVERS\ubumapi.sys [36352 2005-07-27] (Unibrain S.A.)
S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-13] (Microsoft Corporation)
R3 yukonwxp; C:\Windows\System32\DRIVERS\yk51x86.sys [297344 2009-04-21] (Marvell)
S3 FTDIBUS; system32\drivers\ftdibus.sys [x]
S3 FTSER2K; system32\drivers\ftser2k.sys [x]
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [x]
S4 IntelIde; No ImagePath
S4 LMIRfsClientNP; No ImagePath
S3 PalmUSBD; system32\drivers\PalmUSBD.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-21 18:16 - 2013-07-21 18:16 - 00000000 ____D C:\FRST
2013-07-21 18:11 - 2013-07-21 18:11 - 00891062 _____ C:\Documents and Settings\GaryT\Desktop\SecurityCheck.exe
2013-07-21 18:10 - 2013-07-21 18:10 - 01219874 _____ (Farbar) C:\Documents and Settings\GaryT\Desktop\FRST.exe
2013-07-11 02:42 - 2013-07-11 02:42 - 00009733 _____ C:\WINDOWS\KB2850851.log
2013-07-11 02:41 - 2013-07-11 02:42 - 00009312 _____ C:\WINDOWS\KB2845187.log
2013-06-27 01:35 - 2013-06-27 01:36 - 00009201 _____ C:\WINDOWS\KB2510531-IE8.log
2013-06-27 01:24 - 2013-06-27 01:24 - 00000000 __SHD C:\Documents and Settings\GaryT\IECompatCache
2013-06-27 01:17 - 2013-06-27 01:17 - 00000000 __SHD C:\Documents and Settings\NetworkService\IETldCache
2013-06-27 01:17 - 2013-06-27 01:17 - 00000000 __SHD C:\Documents and Settings\LocalService\IETldCache
2013-06-27 01:16 - 2013-06-27 01:16 - 00000000 __SHD C:\Documents and Settings\GaryT\IETldCache
2013-06-27 01:13 - 2013-06-27 01:13 - 00078526 _____ C:\WINDOWS\KB2838727-IE8.log
2013-06-27 01:12 - 2013-06-27 01:13 - 00082117 _____ C:\WINDOWS\KB2744842-IE8.log
2013-06-27 01:12 - 2013-06-27 01:12 - 00085146 _____ C:\WINDOWS\KB2618444-IE8.log
2013-06-27 01:12 - 2013-05-07 18:30 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2013-06-27 01:11 - 2013-06-27 01:11 - 00074047 _____ C:\WINDOWS\KB2598845-IE8.log
2013-06-27 01:11 - 2013-06-27 01:11 - 00000000 ____D C:\WINDOWS\ie8updates
2013-06-27 01:11 - 2011-08-16 06:45 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iecompat.dll
2013-06-27 01:10 - 2013-06-27 01:17 - 00007481 _____ C:\WINDOWS\spupdsvc.log
2013-06-27 01:10 - 2013-06-27 01:11 - 00097071 _____ C:\WINDOWS\KB982381-IE8.log
2013-06-27 01:10 - 2013-05-07 18:30 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2013-06-27 01:10 - 2013-05-07 18:30 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2013-06-27 01:10 - 2013-05-07 18:30 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2013-06-27 01:09 - 2013-06-27 01:09 - 00000000 __HDC C:\WINDOWS\ie8
2013-06-27 01:08 - 2013-06-27 01:10 - 00087177 _____ C:\WINDOWS\ie8.log
2013-06-27 00:59 - 2013-06-27 01:13 - 00193368 _____ C:\WINDOWS\ie8_main.log
2013-06-26 20:53 - 2013-06-26 20:55 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-06-26 19:55 - 2013-06-26 19:54 - 00263592 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-06-26 19:55 - 2013-06-26 19:54 - 00144896 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2013-06-26 19:54 - 2013-06-26 19:54 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-06-26 19:54 - 2013-06-26 19:54 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-06-26 19:54 - 2013-06-26 19:54 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-06-26 19:54 - 2013-06-26 19:54 - 00000000 ____D C:\Program Files\Java
2013-06-26 19:25 - 2013-06-26 19:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2839229$

==================== One Month Modified Files and Folders =======

2013-07-21 18:16 - 2013-07-21 18:16 - 00000000 ____D C:\FRST
2013-07-21 18:16 - 2007-01-23 12:49 - 00000422 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{6B4B2B2E-0337-436A-93B3-0954C8510B04}.job
2013-07-21 18:15 - 2009-05-30 22:39 - 00000000 ____D C:\Program Files\SOS Online Backup
2013-07-21 18:14 - 2010-07-05 23:34 - 00000000 ____D C:\Documents and Settings\GaryT\My Documents\Malware Tools, Help & Removal
2013-07-21 18:11 - 2013-07-21 18:11 - 00891062 _____ C:\Documents and Settings\GaryT\Desktop\SecurityCheck.exe
2013-07-21 18:11 - 2005-07-17 21:28 - 00000000 ____D C:\Documents and Settings\GaryT\Desktop
2013-07-21 18:10 - 2013-07-21 18:10 - 01219874 _____ (Farbar) C:\Documents and Settings\GaryT\Desktop\FRST.exe
2013-07-21 18:10 - 2006-01-21 01:22 - 00000000 ____D C:\Documents and Settings\GaryT\Application Data\Skype
2013-07-21 18:00 - 2011-08-18 19:00 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1647877149-725345543-1003UA.job
2013-07-21 17:54 - 2010-02-02 21:24 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-21 16:36 - 2011-01-05 01:04 - 00032002 _____ C:\WINDOWS\SchedLgU.Txt
2013-07-21 16:00 - 2011-08-18 19:00 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1647877149-725345543-1003Core.job
2013-07-21 07:25 - 2009-04-24 01:53 - 00000000 ____D C:\Program Files\LogMeIn
2013-07-21 03:12 - 2009-05-30 22:43 - 00000440 _____ C:\WINDOWS\Tasks\SOS Online Backup - Driskill.job
2013-07-21 01:42 - 2011-01-05 01:02 - 01374469 _____ C:\WINDOWS\WindowsUpdate.log
2013-07-20 20:54 - 2010-02-02 21:24 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-20 01:53 - 2013-06-11 00:19 - 00054156 ____H C:\WINDOWS\QTFont.qfn
2013-07-20 01:38 - 2005-07-17 21:20 - 00000000 ____D C:\WINDOWS\system32\Restore
2013-07-20 01:35 - 2012-04-04 18:07 - 00692104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-07-20 01:35 - 2011-05-24 20:30 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-07-20 01:34 - 2005-07-19 22:20 - 00000000 ____D C:\Documents and Settings\GaryT\Local Settings\Application Data\Adobe
2013-07-20 01:34 - 2005-07-18 22:49 - 00000000 ____D C:\Documents and Settings\GaryT\My Documents\Download
2013-07-20 01:30 - 2011-01-05 01:04 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-07-20 01:30 - 2011-01-05 01:04 - 00000049 _____ C:\WINDOWS\wiaservc.log
2013-07-20 01:30 - 2009-01-06 17:38 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2013-07-20 01:30 - 2005-07-17 21:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-07-20 01:29 - 2006-02-19 23:17 - 00000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs
2013-07-20 01:28 - 2012-05-31 16:32 - 01482478 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-796845957-1647877149-725345543-1003-0.dat
2013-07-20 01:28 - 2012-05-31 16:32 - 00359102 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2013-07-20 01:28 - 2011-09-01 00:11 - 00393216 _____ C:\WINDOWS\system32\config\VPN.evt
2013-07-20 01:28 - 2008-12-28 23:52 - 00065536 _____ C:\WINDOWS\system32\config\TuneUp.evt
2013-07-20 01:28 - 2005-07-17 21:28 - 00000278 ___SH C:\Documents and Settings\GaryT\ntuser.ini
2013-07-20 01:27 - 2013-05-13 19:03 - 00002255 _____ C:\WINDOWS\setupapi.log
2013-07-20 01:19 - 2011-04-26 16:41 - 00000090 _____ C:\WINDOWS\QBChanUtil_Trigger.ini
2013-07-17 17:30 - 2013-06-10 02:27 - 00000000 ____D C:\Documents and Settings\GaryT\Desktop\New Folder
2013-07-16 22:36 - 2007-07-17 23:11 - 00002225 _____ C:\Documents and Settings\All Users\Desktop\SmartFTP Client.lnk
2013-07-15 09:48 - 2008-01-27 01:58 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-07-15 00:26 - 2006-12-16 05:04 - 00001840 ____H C:\Documents and Settings\GaryT\My Documents\Default.rdp
2013-07-13 02:10 - 2011-08-18 19:02 - 00002284 _____ C:\Documents and Settings\GaryT\Desktop\Google Chrome.lnk
2013-07-11 02:42 - 2013-07-11 02:42 - 00009733 _____ C:\WINDOWS\KB2850851.log
2013-07-11 02:42 - 2013-07-11 02:41 - 00009312 _____ C:\WINDOWS\KB2845187.log
2013-07-10 13:54 - 2009-03-20 01:33 - 00000000 ___RD C:\Program Files\Skype
2013-07-10 13:54 - 2006-01-21 01:22 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2013-07-09 22:56 - 2012-10-07 19:54 - 00000000 ____D C:\Documents and Settings\GaryT\My Documents\Medical
2013-07-02 01:32 - 2007-11-26 20:43 - 00000600 _____ C:\Documents and Settings\GaryT\Local Settings\Application Data\PUTTY.RND
2013-06-27 23:52 - 2005-07-23 01:23 - 00115536 _____ C:\Documents and Settings\GaryT\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2013-06-27 23:51 - 2005-07-18 05:07 - 00391184 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-06-27 23:25 - 2010-07-12 14:03 - 00000000 ____D C:\WINDOWS\ERDNT
2013-06-27 01:36 - 2013-06-27 01:35 - 00009201 _____ C:\WINDOWS\KB2510531-IE8.log
2013-06-27 01:36 - 2013-05-15 18:45 - 00068752 _____ C:\WINDOWS\updspapi.log
2013-06-27 01:36 - 2013-05-15 18:32 - 00079934 _____ C:\WINDOWS\iis6.log
2013-06-27 01:36 - 2013-05-15 18:32 - 00073908 _____ C:\WINDOWS\FaxSetup.log
2013-06-27 01:36 - 2013-05-15 18:32 - 00035472 _____ C:\WINDOWS\ocgen.log
2013-06-27 01:36 - 2013-05-15 18:32 - 00033841 _____ C:\WINDOWS\tsoc.log
2013-06-27 01:36 - 2013-05-15 18:32 - 00024614 _____ C:\WINDOWS\comsetup.log
2013-06-27 01:36 - 2013-05-15 18:32 - 00022538 _____ C:\WINDOWS\msmqinst.log
2013-06-27 01:36 - 2013-05-15 18:32 - 00014917 _____ C:\WINDOWS\ntdtcsetup.log
2013-06-27 01:36 - 2013-05-15 18:32 - 00012996 _____ C:\WINDOWS\netfxocm.log
2013-06-27 01:36 - 2013-05-15 18:32 - 00005100 _____ C:\WINDOWS\MedCtrOC.log
2013-06-27 01:36 - 2013-05-15 18:32 - 00004104 _____ C:\WINDOWS\ocmsn.log
2013-06-27 01:36 - 2013-05-15 18:32 - 00003732 _____ C:\WINDOWS\tabletoc.log
2013-06-27 01:36 - 2013-05-15 18:32 - 00003636 _____ C:\WINDOWS\msgsocm.log
2013-06-27 01:36 - 2013-05-15 18:32 - 00001374 _____ C:\WINDOWS\imsins.log
2013-06-27 01:35 - 2005-07-23 00:41 - 00000000 ___HD C:\WINDOWS\$hf_mig$
2013-06-27 01:24 - 2013-06-27 01:24 - 00000000 __SHD C:\Documents and Settings\GaryT\IECompatCache
2013-06-27 01:24 - 2005-07-17 21:28 - 00000000 ____D C:\Documents and Settings\GaryT
2013-06-27 01:17 - 2013-06-27 01:17 - 00000000 __SHD C:\Documents and Settings\NetworkService\IETldCache
2013-06-27 01:17 - 2013-06-27 01:17 - 00000000 __SHD C:\Documents and Settings\LocalService\IETldCache
2013-06-27 01:17 - 2013-06-27 01:10 - 00007481 _____ C:\WINDOWS\spupdsvc.log
2013-06-27 01:17 - 2005-07-17 21:28 - 00000803 _____ C:\Documents and Settings\GaryT\Start Menu\Programs\Internet Explorer.lnk
2013-06-27 01:17 - 2005-07-17 21:27 - 00000000 __SHD C:\Documents and Settings\NetworkService
2013-06-27 01:17 - 2005-07-17 21:27 - 00000000 __SHD C:\Documents and Settings\LocalService
2013-06-27 01:16 - 2013-06-27 01:16 - 00000000 __SHD C:\Documents and Settings\GaryT\IETldCache
2013-06-27 01:16 - 2005-07-18 05:00 - 00000000 ____D C:\WINDOWS\Media
2013-06-27 01:16 - 2005-07-18 05:00 - 00000000 ____D C:\WINDOWS\Help
2013-06-27 01:13 - 2013-06-27 01:13 - 00078526 _____ C:\WINDOWS\KB2838727-IE8.log
2013-06-27 01:13 - 2013-06-27 01:12 - 00082117 _____ C:\WINDOWS\KB2744842-IE8.log
2013-06-27 01:13 - 2013-06-27 00:59 - 00193368 _____ C:\WINDOWS\ie8_main.log
2013-06-27 01:13 - 2013-05-15 18:32 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-06-27 01:12 - 2013-06-27 01:12 - 00085146 _____ C:\WINDOWS\KB2618444-IE8.log
2013-06-27 01:11 - 2013-06-27 01:11 - 00074047 _____ C:\WINDOWS\KB2598845-IE8.log
2013-06-27 01:11 - 2013-06-27 01:11 - 00000000 ____D C:\WINDOWS\ie8updates
2013-06-27 01:11 - 2013-06-27 01:10 - 00097071 _____ C:\WINDOWS\KB982381-IE8.log
2013-06-27 01:10 - 2013-06-27 01:08 - 00087177 _____ C:\WINDOWS\ie8.log
2013-06-27 01:09 - 2013-06-27 01:09 - 00000000 __HDC C:\WINDOWS\ie8
2013-06-26 20:55 - 2013-06-26 20:53 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-06-26 20:55 - 2012-05-04 19:37 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-06-26 19:54 - 2013-06-26 19:55 - 00263592 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-06-26 19:54 - 2013-06-26 19:55 - 00144896 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2013-06-26 19:54 - 2013-06-26 19:54 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-06-26 19:54 - 2013-06-26 19:54 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-06-26 19:54 - 2013-06-26 19:54 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-06-26 19:54 - 2013-06-26 19:54 - 00000000 ____D C:\Program Files\Java
2013-06-26 19:54 - 2012-08-15 21:34 - 00867240 _____ (Oracle Corporation) C:\WINDOWS\system32\npdeployJava1.dll
2013-06-26 19:54 - 2010-05-14 01:08 - 00789416 _____ (Oracle Corporation) C:\WINDOWS\system32\deployJava1.dll
2013-06-26 19:27 - 2013-06-11 21:29 - 00111556 _____ C:\WINDOWS\KB2838727-IE7.log
2013-06-26 19:26 - 2013-06-26 19:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2839229$
2013-06-26 19:26 - 2013-06-11 21:29 - 00013283 _____ C:\WINDOWS\KB2839229.log
2013-06-26 19:17 - 2005-07-23 00:45 - 73381792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

Files to move or delete:
====================
C:\Documents and Settings\All Users\Uninst.exe
C:\Documents and Settings\GaryT\DimdimSetup.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-07-2013
Ran by GaryT at 2013-07-21 18:17:46
Running from C:\Documents and Settings\GaryT\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

3114 SATARAID5
500e (Version: 1.13.00)
ABBYY FineReader 5.0 Sprint (Version: 5.0.0.3412)
Adobe Acrobat  9 Standard - English, Français, Deutsch (Version: 9.5.5)
Adobe Acrobat 9.5.5 - CPSID_83708
Adobe AIR (Version: 3.5.0.1060)
Adobe ConnectNow
Adobe ConnectNow Add-in
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Shockwave Player 11 (Version: 11)
Advanced Find and Replace v5.1 (Version: 5.1)
AMD CPUInfo (Version: 3.0.1.0031)
AMD Power Monitor (Version: 1.3.1.0016)
AMD Processor Driver (Version: 1.3.2.0053)
Apple Software Update (Version: 2.0.2.92)
Brother BRAdmin Professional 2.51 (Version: 2.51)
Brother HL-5170DN
Camera Window DS (Version: 5.0)
Camera Window DVC (Version: 5.0)
Camera Window MC (Version: 5.0)
Camtasia Studio 7 (Version: 7.1.1)
Canon Camera Support Core Library (Version: 7.1.0.11)
Canon Camera Window DS for ZoomBrowser EX (Version: 5.0)
Canon Camera Window DVC for ZoomBrowser EX (Version: 5.0)
Canon Camera Window for ZoomBrowser EX (Version: 5.0)
Canon i950
Canon MovieEdit Task for ZoomBrowser EX (Version: 1.2.0.21)
Canon PhotoRecord (Version: 02.00.00029)
Canon RAW Image Task for ZoomBrowser EX (Version: 0.9.2)
Canon RemoteCapture Task for ZoomBrowser EX (Version: 1.1)
Canon Utilities Easy-PhotoPrint
Canon ZoomBrowser EX (Version: 5.00.0000)
CCleaner (Version: 4.01)
Cisco AnyConnect VPN Client (Version: 2.5.3055)
Cisco Network Magic (Version: 5.5.09195.0)
Cisco Unified Presenter Add-in 6x5
ClickTracks Hosted Viewer (Version: 6.1.3)
Cole2k Media - Codec Pack (Advanced) 7.1.0
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Constant Contact QuickImport - Outlook (HKCU Version: 1.0)
Corel Photo Album 6 (Version: 6.33)
Critical Security Update
Critical Update for Windows Media Player 11 (KB959772)
CSS eXplorer (Version: 1.0.0)
Cypress USB Mass Storage Driver Installation
del.icio.us Buttons for Internet Explorer (Version: 1.0.8)
DeVilbiss Remote Control (Version: 1.3.0.0)
DH Driver Cleaner.NET (Version: 3.2.0.6)
Directory Submitter 1.0.29
DivX (Version: 6.0)
DivX Player (Version: 6.0)
Domain Samurai (Version: 0.03.18)
DriverMax 5 (Version: 5.31.0.560)
Dropbox (HKCU Version: 1.4.7)
Dual-Core Optimizer (Version: 1.1.4.0169)
EPSON Copy Utility 3 (Version: 3.0.2.0)
EPSON Perf 2480 - 2580 Guide
EPSON Scan
EPSON Smart Panel
eReg (Version: 1.20.138.34)
erLT (Version: 1.20.0137)
ESET NOD32 Antivirus (Version: 6.0.316.0)
EVEREST Ultimate Edition v5.02 (Version: 5.02)
Evernote v. 4.5.10 (Version: 4.5.10.7472)
Family Tree Maker 2011 (Version: 20.0.379)
Flash Decompiler Trillix (Version: 3.0)
Free Easy Burner V 3.8
Google AdWords Editor (Version: 7.0.0)
Google Chrome (HKCU Version: 28.0.1500.72)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4209.2358)
Google Update Helper (Version: 1.3.21.153)
GoToMeeting 5.4.0.1082 (HKCU Version: 5.4.0.1082)
GSiteCrawler (Version: v1.23)
GTK+ 2.10.6-1 runtime environment
HighMAT Extension to Microsoft Windows XP CD Writing Wizard (Version: 1.1.1905.1)
HP eServices Local Prints and Save (Version: 1.00.0007)
HP Scrawlr (Version: 1.0.133.4)
InfraRecorder
Internet Explorer Q903235
Intra.Net 4.x Components
IrfanView (remove only)
iTunes (Version: 6.0.2.23)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Jawbone Updater (Version: 0.1)
join.me (HKCU Version: 1.9.1.204)
Keyword Cloud Generator 1.0.21
LightScribe  1.4.136.1 (Version: 1.4.136.1)
Likno Web Button Maker (Version: 2.0.144)
Localizer Leads Tool (Version: 3.5.2)
Logitech Audio Echo Cancellation Component (Version: 10.51.2027)
Logitech QuickCam (Version: 10.51.2029)
Logitech SetPoint 6.50 (Version: 6.50.152)
Logitech Solar App 1.0 (Version: 1.00.46)
Logitech Video Enumerator (Version: 10.51.2027)
Logitech® Camera Driver
LogMeIn (Version: 4.0.784)
LtMoh_MARS
Macromedia Dreamweaver 8 (Version: 8.0.2)
Macromedia Extension Manager (Version: 1.7.240)
Macromedia Flash 8 (Version: 8.00.0000)
Macromedia Flash 8 Video Encoder (Version: 1.00.0000)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Market Samurai (Version: 0.92.54)
MediaInfo 0.7.5.3 (Version: 0.7.5.3)
MediaLife
Memory Zipper Plus 7.11 (Version: 7.11.1)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office 2003 Primary Interop Assemblies (Version: 11.0.6553.0)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Office Project Standard 2003 (Version: 11.0.8173.0)
Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mirage Driver 1.1 (Version: 1.1)
Mix-FX (Version: )
MovieEdit Task (Version: 1.2.0.21)
Moyea Flash Video MX Pro Version: 5.0.16.932
Moyea Flash Video MX Pro Version: 6.0.2.1174
Moyea FLV Downloader version 1.15.0.15
Moyea FLV Player version 1.5.2.7
Moyea FLV to Video Converter Pro 3 Version: 3.0.6.0
Mozilla Firefox 22.0 (x86 en-US) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
MSI DigiCell (Version: 2.1.2.11)
MSXML 4.0 SP2 (KB925672) (Version: 4.20.9839.0)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 6 Service Pack 2 (KB954459) (Version: 6.20.1099.0)
MVision (Version: 10.51.2027)
MyPublisher BookMaker
Netsparker [Community Edition] - Web Application Security Scanner
Network Magic (Version: 5.5.9195.0)
Nmap 4.85BETA5
Notepad++ (Version: 5.7)
NVIDIA Drivers (Version: 1.5)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Paint.NET v3.5.10 (Version: 3.60.0)
Paros 3.2.13
Passpack DESKTOP (Version: 2.0.2)
PerfectDisk 10 Professional (Version: 10.0.129)
PhotoImpression 5
PingPlotter Standard 3.30.0s (Version: 3.30.0s)
PlexTools Professional V2.28 (Version: 2.28.0000)
Pure Networks Platform (Version: 11.2.09195.1)
QuickBooks (Version: 22.0.4014.2206)
QuickBooks Pro 2012 (Version: 22.0.4014.2206)
Quicken 2006 (Version: 15.1.1.29)
Quicken WillMaker Plus 2006
QuickTime (Version: 7.4.0.91)
RAW Image Task (Version: 0.9.2)
RawShooter essentials 2005 (Version: 1.1.3)
Realtek AC'97 Audio (Version: 5.36)
Recuva (remove only)
RemoteCapture Task 1.1 (Version: 1.1)
Report Viewer 2.3
Revo Uninstaller Pro 3.0.5 (Version: 3.0.5)
Roxio Content 9 (Version: 9.0.021)
Roxio Drag-to-Disc (Version: 9.0)
Roxio Easy Media Creator 9 Suite (Version: 9.0.088)
Roxio Media Experience (Version: 3.5)
Roxio Update Manager (Version: 6.0.0)
Savings Bond Wizard
ScanToWeb
SeaTools for Windows (Version: 1.2.0.5)
Sibelius Scorch (Firefox, Opera, Netscape, Chrome only) (Version: 6.2.0)
Skype Click to Call (Version: 6.9.12585)
Skype™ 6.6 (Version: 6.6.106)
SmartFTP Client (Version: 4.0.1239.0)
SmartFTP Client 3.0 Setup Files (remove only) (Version: 3.0)
SmartFTP Client 4.0 Setup Files (remove only) (Version: 4.0)
SmartLink Desktop (Version: 2.4.1)
Snagit 10.0.1 (Version: 10.0.1)
SnagIt Studio (Version: 8.0.1)
SOS Online Backup (Version: 4.0.10.3)
Speccy (Version: 1.21)
StuffIt Expander 2009 (Version: 13.0.1)
Sumopaint Pro (Version: 5.0.4)
SupportSoft Assisted Service (Version: 15)
System Requirements Lab
TeamViewer 6 (Version: 6.0.11656)
Time Zone Data Update Tool for Microsoft Office Outlook (Version: 12.0.4518.1029)
TuneUp Utilities 2013 (Version: 13.0.3020.7)
TuneUp Utilities Language Pack (en-US) (Version: 12.0.3600.104)
TuneUp Utilities Language Pack (en-US) (Version: 13.0.3020.7)
ubCore (Version: 4.0)
UEStudio '10.30 (Version: 10.30.2)
UltraCompare v7.20 (Version: 7.0.97)
UltraSentry (Version: 1.0.28)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2616676-v2) (Version: 2)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
USB Storage Adapter FX (SM1)
User Profile Hive Cleanup Service (Version: 1.6.36)
Visual Studio 2005 Tools for Office Second Edition Runtime
Web CEO 9.1 (Version: 9.1)
WebEx
WebFldrs XP (Version: 9.50.6513)
Windows Genuine Advantage v1.3.0254.0 (Version: 1.3.0254.0)
Windows Imaging Component (Version: 3.0.0.0)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Sign-in Assistant (Version: 5.000.818.6)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
Windows Media Format 11 runtime
Windows Resource Kit Tools - SubInAcl.exe (Version: 5.2.3790.1164)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinMerge 2.12.4 (Version: 2.12.4)
winpcap-nmap 4.02
WinZip 15.0 (Version: 15.0.9411)
WSI Power Search
XML Paper Specification Shared Components Pack 1.0
XSitePro2 (Version: 2.061)
XviD MPEG-4 Codec
Yugma (Version: 1.0)
Yugma (Version: 4.1.3.2)
 

==================== Restore Points  =========================

20-07-2013 05:38:17 System Checkpoint
21-07-2013 05:41:40 System Checkpoint

==================== Hosts content: ==========================

2012-08-09 02:06 - 2013-06-07 18:42 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1647877149-725345543-1003Core.job => C:\Documents and Settings\GaryT\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-796845957-1647877149-725345543-1003UA.job => C:\Documents and Settings\GaryT\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SOS Online Backup - Driskill.job => c:\program files\sos online backup\sosuploadagent.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{6B4B2B2E-0337-436A-93B3-0954C8510B04}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/21/2013 03:12:16 AM) (Source: MSSOAP) (User: )
Description: Soap error: One of the parameters supplied is invalid..

Error: (07/21/2013 03:12:16 AM) (Source: MSSOAP) (User: )
Description: Soap error: Loading of the WSDL file failed.

Error: (07/21/2013 03:12:16 AM) (Source: MSSOAP) (User: )
Description: Soap error: XML Parser failed at linenumber 0, lineposition 0, reason is: System error: -2146697210.
.

Error: (07/20/2013 09:23:12 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (07/20/2013 09:23:12 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/20/2013 09:23:12 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (07/20/2013 09:23:12 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/20/2013 09:23:11 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (07/20/2013 09:23:11 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/20/2013 09:23:11 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.


System errors:
=============
Error: (07/20/2013 01:30:35 AM) (Source: Service Control Manager) (User: )
Description: The BrPar service depends on the Parallel arbitrator group and no member of this group started.

Error: (07/20/2013 01:30:35 AM) (Source: Service Control Manager) (User: )
Description: The Parallel port driver service failed to start due to the following error:
%%1058

Error: (07/20/2013 01:30:09 AM) (Source: NETLOGON) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (07/18/2013 00:31:27 AM) (Source: Print) (User: GTD-DESKTOP)
Description: The document ALLDATAdiy.com - 2004 Mercury Truck Mountaineer 2WD V8-4.6L SOHC VIN W - Body - Rear Door Window Stuck In Up Position/Inoperative owned by GaryT failed to print on printer Brother HL-5170DN series. Data type: NT EMF 1.008. Size of the spool file in bytes: 847632. Number of bytes printed: 0. Total number of pages in the document: 3. Number of pages printed: 0. Client machine: \\GTD-DESKTOP. Win32 error code returned by the print processor: ALLDATAdiy.com - 2004 Mercury Truck Mountaineer 2WD V8-4.6L SOHC VIN W - Body - Rear Door Window Stuck In Up Position/Inoperative0. ALLDATAdiy.com - 2004 Mercury Truck Mountaineer 2WD V8-4.6L SOHC VIN W - Body - Rear Door Window Stuck In Up Position/Inoperative1

Error: (07/15/2013 11:59:37 AM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.103 for the Network Card with network address 0013D3632A27 has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (07/13/2013 11:59:34 AM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.103 for the Network Card with network address 0013D3632A27 has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (07/12/2013 11:59:30 AM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.106 for the Network Card with network address 0013D3632A27 has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (07/11/2013 02:42:59 AM) (Source: Print) (User: GTD-DESKTOP)
Description: The document Helprx.info | Apidra owned by GaryT failed to print on printer Brother HL-5170DN series. Data type: NT EMF 1.008. Size of the spool file in bytes: 5373952. Number of bytes printed: 0. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\GTD-DESKTOP. Win32 error code returned by the print processor: Helprx.info | Apidra0. Helprx.info | Apidra1

Error: (07/01/2013 11:59:46 PM) (Source: Service Control Manager) (User: )
Description: The BrPar service depends on the Parallel arbitrator group and no member of this group started.

Error: (07/01/2013 11:59:46 PM) (Source: Service Control Manager) (User: )
Description: The Parallel port driver service failed to start due to the following error:
%%1058


Microsoft Office Sessions:
=========================
Error: (07/21/2013 03:12:16 AM) (Source: MSSOAP)(User: )
Description: One of the parameters supplied is invalid.

Error: (07/21/2013 03:12:16 AM) (Source: MSSOAP)(User: )
Description: Loading of the WSDL file failed

Error: (07/21/2013 03:12:16 AM) (Source: MSSOAP)(User: )
Description: XML Parser failed at linenumber 0, lineposition 0, reason is: System error: -2146697210.

Error: (07/20/2013 09:23:12 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (07/20/2013 09:23:12 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/20/2013 09:23:12 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (07/20/2013 09:23:12 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/20/2013 09:23:11 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (07/20/2013 09:23:11 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/20/2013 09:23:11 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.


==================== Memory info ===========================

Percentage of memory in use: 28%
Total physical RAM: 3455.46 MB
Available physical RAM: 2464.57 MB
Total Pagefile: 4827.91 MB
Available Pagefile: 3868.61 MB
Total Virtual: 2047.88 MB
Available Virtual: 1947.46 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:186.3 GB) (Free:43.49 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 186 GB) (Disk ID: FFFFFFFF)
Partition 1: (Active) - (Size=186 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

Security Check

 

 Results of screen317's Security Check version 0.99.70  
 Windows XP Service Pack 3 x86   
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
ESET NOD32 Antivirus 6.0   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300  
 TuneUp Utilities 2013   
 TuneUp Utilities Language Pack (en-US)
 TuneUp Utilities 2013   
 CCleaner     
 DH Driver Cleaner.NET   
 Java 7 Update 25  
 Adobe Flash Player     11.8.800.94  
 Mozilla Firefox (Firefox,. Firefox out of Date!  
````````Process Check: objlist.exe by Laurent````````  
 ESET NOD32 Antivirus egui.exe  
 ESET NOD32 Antivirus ekrn.exe  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:: 4%
````````````````````End of Log``````````````````````

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Do not see any obvious malware/infection in your logs, continue as follows..

 

Download OTM from either of the following links and save to your Desktop:

http://oldtimer.geekstogo.com/OTM.exe.
http://www.itxassociates.com/OT-Tools/OTM.com
http://www.itxassociates.com/OT-Tools/OTM.exe  

Double click OTM.exe to start the tool. Vista or Windows 7 users accepy UAC alert. Be aware all processes will be stopped during run, also Desktop will disappear, this will be put back on completion....

  • Copy the text from the code box belowbelow to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    :Filesipconfig /flushdns /cC:\FRSTC:\Documents and Settings\GaryT\Desktop\FRST.exeC:\Documents and Settings\All Users\Uninst.exeC:\Documents and Settings\GaryT\DimdimSetup.exe:Commands[EmptyTemp]
  • Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  • Click the red btnmoveit.png button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTM


Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

If the machine reboots, the Results log can be found here:

c:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log

Where mmddyyyy_hhmmss is the date of the tool run.

 

Next,

 

There are toolbars and possible unwanted plugins etc showing, we check for unwanted adware, run the following:

 

Download http://www.bleepingcomputer.com/download/adwcleaner/ by Xplode onto your Desktop.

 

  •   Please close all open programs and internet browsers.
  •   Double click on Adwcleaner.exe to run the tool.
  •   Click on Delete.
  •   Confirm each time with OK.
  •   Your computer will be rebooted automatically. A text file will open after the restart.
  •   Please post the content of that logfile in your reply.
  •   You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number.

 

Post those two logs, also let me know if any remaining issues or concerns... 

 

Firefox does show as outdated, check for latest version...  http://support.mozilla.org/en-US/kb/update-firefox-latest-version

 

Kevin...

Link to post
Share on other sites
gtdriski

gtdriski

Posted
  • Author
Posted

Hello Kevin,

 

Here are the logs:

 

OTM

 

All processes killed
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\GaryT\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\GaryT\Desktop\cmd.txt deleted successfully.
C:\FRST\Quarantine folder moved successfully.
C:\FRST\Logs folder moved successfully.
C:\FRST\Hives\Users\00000002 folder moved successfully.
C:\FRST\Hives\Users\00000001 folder moved successfully.
C:\FRST\Hives\Users folder moved successfully.
C:\FRST\Hives folder moved successfully.
C:\FRST folder moved successfully.
C:\Documents and Settings\GaryT\Desktop\FRST.exe moved successfully.
C:\Documents and Settings\All Users\Uninst.exe moved successfully.
C:\Documents and Settings\GaryT\DimdimSetup.exe moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 58264 bytes
 
User: GaryT
->Temp folder emptied: 2652505 bytes
->Temporary Internet Files folder emptied: 18725542 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 721933072 bytes
->Google Chrome cache emptied: 240932043 bytes
->Flash cache emptied: 8108591 bytes
 
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33624 bytes
->FireFox cache emptied: 23729193 bytes
->Flash cache emptied: 405 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 10155 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1453 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 13832 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 175485 bytes
RecycleBin emptied: 3521758 bytes
 
Total Files Cleaned = 973.00 mb
 
 
OTM by OldTimer - Version 3.1.21.0 log created on 07222013_233649

Files moved on Reboot...

Registry entries deleted on Reboot...

Adwcleaner

 

# AdwCleaner v2.306 - Logfile created 07/22/2013 at 23:47:44
# Updated 19/07/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : GaryT - GTD-DESKTOP
# Boot Mode : Normal
# Running from : C:\Documents and Settings\GaryT\Desktop\AdwCleaner.exe
# Option [Delete]


***** [services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

***** [internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v22.0 (en-US)

File : C:\Documents and Settings\LocalService\Application Data\Mozilla\Firefox\Profiles\4qu1wovc.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\GaryT\Application Data\Mozilla\Firefox\Profiles\1llhjzre.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v28.0.1500.72

File : C:\Documents and Settings\GaryT\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1256 octets] - [10/06/2013 23:53:24]
AdwCleaner[s1].txt - [3608 octets] - [30/04/2013 04:31:48]
AdwCleaner[s2].txt - [1928 octets] - [22/07/2013 23:47:44]

########## EOF - C:\AdwCleaner[s2].txt - [1988 octets] ##########
 

Firefox tells me it is running the latest version (22.0), so I don't know why it shows outdated.

 

Things seem ok.

 

Thanks, Gary

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Maybe Firefox error is just a gliche, nothing to worry about. Run the following, after that you should be good to go:

 

  • Download OTC by OldTimer from here http://oldtimer.geekstogo.com/OTC.exe or here http://www.itxassociates.com/OT-Tools/OTC.exe and save to your Desktop.
  • Double click OTC_Icon.jpg icon to start the program.
    If you are using Vista or Windows 7 accept UAC
  • Then Click the big CleanUp.jpg button.
  • You will get a prompt saying "Begining Cleanup Process". Please select Yes.
  • Restart your computer when prompted.
  • This will remove tools we have used and itself.

 

Any tools/logs remaining on the Desktop can be deleted.

 

Let me know if any remaining issues or concerns, if none I guess we can call this one done...

 

Kevin

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.