Jump to content

PROGRAM_ERROR_UPDATING (0, 0, I/O Error)


Recommended Posts

DDS (Ver_2012-11-20.01) - NTFS_x86 

Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 1.6.0_45

Run by User at 15:13:26 on 2013-10-04

Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.3317.2228 [GMT -6:00]

.

AV: Norton Security Suite *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}

FW: Norton Security Suite *Enabled* 

.

============== Running Processes ================

.

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe

C:\WINDOWS\system32\EscSvc.exe

c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

C:\PROGRA~1\GFI\GFIBAC~1\GFIHInst.exe

C:\PROGRA~1\GFI\GFIBAC~1\GFIHSC~1.EXE

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe

C:\Program Files\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe

C:\Program Files\Secunia\PSI\PSIA.exe

C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\program files\real\realplayer\update\realsched.exe

C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe

C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

C:\Program Files\Epson Software\Event Manager\EEventManager.exe

C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIJAE.EXE

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\WordPerfect Office 11\Programs\DAD11.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

C:\Program Files\Secunia\PSI\psi_tray.exe

C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

C:\Program Files\ScreenThemes\scthemes.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Mozilla Thunderbird\thunderbird.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Norton Security Suite\Engine\20.4.0.40\uistub.exe

C:\Program Files\Norton Security Suite\Engine\20.4.0.40\SymErr.exe

C:\Program Files\Norton Security Suite\Engine\20.4.0.40\SymErr.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

.

============== Pseudo HJT Report ===============

.






BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton security suite\engine\20.4.0.40\coieplg.dll

BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton security suite\engine\20.4.0.40\ips\ipsbho.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton security suite\engine\20.4.0.40\coieplg.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [Core Temp] "c:\documents and settings\user\desktop\programs\Core Temp.exe"

uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"

uRun: [EPLTarget\P0000000000000000] c:\windows\system32\spool\drivers\w32x86\3\e_fatijae.exe /ept "epltarget\P0000000000000000" /M "XP-800 Series"

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun

mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4\OpwareSE4.exe"

mRun: [sSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot

mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot

mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe"  -osboot

mRun: [F5D7050v3] c:\program files\belkin\f5d7050v3\Belkinwcui.exe

mRun: [Microsoft Works Update Detection] c:\program files\common files\microsoft shared\works shared\WkUFind.exe

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"

mRun: [FUFAXRCV] "c:\program files\epson software\fax utility\FUFAXRCV.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

mRunOnce: [ (A0)] cmd /c "c:\documents and settings\user\desktop\mbar\mbar.exe" /rdv /s

StartupFolder: c:\docume~1\user\startm~1\programs\startup\pictur~1.lnk - c:\program files\sony\sony picture utility\pmbcore\SPUVolumeWatcher.exe

StartupFolder: c:\docume~1\user\startm~1\programs\startup\screen~1.lnk - c:\program files\screenthemes\scthemes.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\camiov~1.lnk - c:\program files\jasc software inc\after shot\IXApplet.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\deskto~1.lnk - c:\windows\installer\{54f90b55-beb3-4f0d-8802-228822fa5921}\NewShortcut1_3.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\eventr~1.lnk - c:\program files\printmaster platinum 17\Remind.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hppsc1~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpohmr08.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpoddt~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\register.lnk - c:\program files\azurebay\azurebay screen saver\Register.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: {32A32D38-B8ED-4b3f-AFD0-EF23B697B5C1} - c:\program files\travelaxe\Travelaxe.exe

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.















TCP: NameServer = 192.168.1.1

TCP: Interfaces\{04F1982E-518B-4B75-9A3C-E817F8CD2DAE} : DHCPNameServer = 192.168.1.1

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\29.0.1547.76\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\r3ylsglz.default\

FF - prefs.js: browser.search.selectedEngine - Yahoo!

FF - prefs.js: browser.startup.homepage - www.google.com

FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll

FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll

FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll

FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\amazon\mp3 downloader\npAmazonMP3DownloaderPlugin.dll

FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll

FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll

FF - plugin: c:\windows\system32\adobe\director\np32dsw_1204144.dll

FF - plugin: c:\windows\system32\npDeployJava1.dll

FF - plugin: c:\windows\system32\npptools.dll

FF - plugin: c:\windows\system32\npwmsdrm.dll

FF - ExtSQL: 2013-09-09 08:40; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\coFFPlgn

FF - ExtSQL: 2013-09-09 20:44; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\IPSFFPlgn

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.homepage.dontask - true

============= SERVICES / DRIVERS ===============

.

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\1404000.028\symds.sys [2013-7-23 367704]

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\1404000.028\symefa.sys [2013-7-23 934488]

R1 bckd;bckd;c:\windows\system32\drivers\bckd.sys [2011-6-10 86544]

R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\bashdefs\20130924.001\BHDrvx86.sys [2013-9-23 1097304]

R1 ccSet_N360;Norton Security Suite Settings Manager;c:\windows\system32\drivers\n360\1404000.028\ccsetx86.sys [2013-7-23 134744]

R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\1404000.028\ironx86.sys [2013-7-23 175264]

R2 bckwfs;Blue Coat K9 Web Protection;c:\program files\blue coat k9 web protection\k9filter.exe [2009-12-11 1575184]

R2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\epson\epsoncustomerparticipation\EPCP.exe [2012-5-10 539744]

R2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\escsvc.exe [2013-7-30 122000]

R2 GFIBckHAtt;GFI Backup 2009 - Home Edition Attendant Service;c:\progra~1\gfi\gfibac~1\GFIHInst.exe [2010-4-9 858480]

R2 GFIBckHSched;GFI Backup 2009 - Home Edition Scheduler Service;c:\progra~1\gfi\gfibac~1\GFIHSC~1.EXE [2010-4-9 2324848]

R2 N360;Norton Security Suite;c:\program files\norton security suite\engine\20.4.0.40\ccsvchst.exe [2013-7-23 144368]

R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2010-12-21 987704]

R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-9-8 5071712]

R3 ALSysIO;ALSysIO;\??\c:\docume~1\user\locals~1\temp\alsysio.sys --> c:\docume~1\user\locals~1\temp\ALSysIO.sys [?]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2013-8-26 108120]

R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\ipsdefs\20131003.001\IDSXpx86.sys [2013-10-3 380832]

R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2013-10-4 48728]

R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\virusdefs\20131004.002\NAVENG.SYS [2013-10-4 93272]

R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\virusdefs\20131004.002\NAVEX15.SYS [2013-10-4 1612376]

R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]

S1 AntiLog32;AntiLog32;\??\c:\windows\system32\drivers\antilog32.sys --> c:\windows\system32\drivers\AntiLog32.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate1c95cb9c0e2c704;Google Update Service (gupdate1c95cb9c0e2c704);c:\program files\google\update\GoogleUpdate.exe [2008-12-12 133104]

S2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2010-12-21 399416]

S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-7-25 162672]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-4-9 1684736]

S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2009-12-18 11336]

S3 gwiopm;gwiopm;\??\j:\old backup from mike's\c\documents and settings\mike\my documents\downloads\gwiopm.sys --> j:\old backup from mike's\c\documents and settings\mike\my documents\downloads\gwiopm.sys [?]

S3 keycrypt;keycrypt;c:\windows\system32\drivers\keycrypt32.sys --> c:\windows\system32\drivers\KeyCrypt32.sys [?]

S3 SaiH075C;SaiH075C;c:\windows\system32\drivers\SaiH075C.sys [2010-4-17 132232]

S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\drivers\silabenm.sys [2011-4-17 47176]

S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\drivers\silabser.sys [2011-4-17 58112]

S3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\cm106.sys --> c:\windows\system32\drivers\CM106.sys [?]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-18 754856]

.

=============== File Associations ===============

.

ShellExec: Foxit Reader.exe: print="c:\program files\foxit software\foxit reader\Foxit Reader.exe"/p "%1" 

ShellExec: Foxit Reader.exe: printto="c:\program files\foxit software\foxit reader\Foxit Reader.exe"/t "%1" "%2" "%3" "%4" 

ShellExec: FOXITR~1.EXE: print="c:\progra~1\foxits~1\foxitr~1\FOXITR~1.EXE"/p "%1" 

ShellExec: FOXITR~1.EXE: printto="c:\progra~1\foxits~1\foxitr~1\FOXITR~1.EXE"/t "%1" "%2" "%3" "%4" 

.

=============== Created Last 30 ================

.

2013-10-04 21:04:31 48728 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2013-10-04 20:40:41 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-10-04 20:40:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-10-04 20:18:53 -------- d-----w- c:\documents and settings\user\application data\PowerAgent

2013-09-30 04:44:03 73728 ----a-w- c:\windows\system32\javacpl.cpl

2013-09-24 20:45:49 -------- d-----w- c:\program files\iPod

2013-09-24 20:45:43 -------- d-----w- c:\program files\iTunes

2013-09-24 20:45:43 -------- d-----w- c:\documents and settings\all users\application data\188F1432-103A-4ffb-80F1-36B633C5C9E1

2013-09-24 20:21:32 271256 ----a-w- c:\program files\mozilla firefox\browser\components\browsercomps.dll

2013-09-10 18:03:10 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-09-10 18:03:10 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-09-09 20:23:02 -------- d-----w- c:\program files\inContact

2013-09-09 04:07:31 -------- d-----w- c:\program files\TeamViewer

2013-09-05 14:04:02 209272 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll

2013-09-05 14:04:02 209272 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll

.

==================== Find3M  ====================

.

2013-10-04 18:54:26 867240 ----a-w- c:\windows\system32\npDeployJava1.dll

2013-10-04 18:54:26 789416 ----a-w- c:\windows\system32\deployJava1.dll

2013-09-20 16:54:08 3723656 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe

2013-08-09 01:56:45 386560 ----a-w- c:\windows\system32\themeui.dll

2013-08-08 06:05:59 920064 ----a-w- c:\windows\system32\wininet.dll

2013-08-08 06:05:59 43520 ----a-w- c:\windows\system32\licmgr10.dll

2013-08-08 06:05:59 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2013-08-08 06:05:58 18944 ----a-w- c:\windows\system32\corpol.dll

2013-08-08 01:27:48 1877760 ----a-w- c:\windows\system32\win32k.sys

2013-08-08 00:02:34 385024 ----a-w- c:\windows\system32\html.iec

2013-08-05 13:30:32 1289728 ----a-w- c:\windows\system32\ole32.dll

2013-08-03 20:18:38 1543680 ----a-w- c:\windows\system32\wmvdecod.dll

2013-07-23 21:59:40 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

2013-07-10 10:37:53 406016 ----a-w- c:\windows\system32\usp10.dll

.

============= FINISH: 15:14:34.56 ===============

 


.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume1

Install Date: 11/28/2008 12:34:02 PM

System Uptime: 10/4/2013 1:40:30 PM (2 hours ago)

.

Motherboard: Intel Corporation |  | DG35EC

Processor: Intel Pentium III Xeon processor | LGA 775 | 2982/333mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 298 GiB total, 196.55 GiB free.

D: is CDROM ()

J: is FIXED (NTFS) - 149 GiB total, 58.834 GiB free.

L: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP1238: 7/7/2013 10:24:32 AM - System Checkpoint

RP1239: 7/8/2013 3:27:38 PM - System Checkpoint

RP1240: 7/9/2013 3:37:21 PM - System Checkpoint

RP1241: 7/10/2013 7:08:21 PM - System Checkpoint

RP1242: 7/11/2013 1:41:14 AM - Software Distribution Service 3.0

RP1243: 7/14/2013 12:54:43 AM - Software Distribution Service 3.0

RP1244: 7/15/2013 11:07:44 AM - System Checkpoint

RP1245: 7/16/2013 12:07:50 PM - System Checkpoint

RP1246: 7/17/2013 12:42:33 PM - System Checkpoint

RP1247: 7/18/2013 12:00:19 PM - Software Distribution Service 3.0

RP1248: 7/19/2013 2:29:01 PM - System Checkpoint

RP1249: 7/20/2013 3:04:48 PM - System Checkpoint

RP1250: 7/21/2013 3:37:28 PM - System Checkpoint

RP1251: 7/22/2013 3:53:04 PM - System Checkpoint

RP1252: 7/23/2013 4:28:53 PM - System Checkpoint

RP1253: 7/24/2013 5:10:22 PM - System Checkpoint

RP1254: 7/25/2013 5:36:01 PM - System Checkpoint

RP1255: 7/26/2013 5:59:32 PM - System Checkpoint

RP1256: 7/27/2013 7:43:30 PM - System Checkpoint

RP1257: 7/29/2013 8:25:50 AM - System Checkpoint

RP1258: 7/30/2013 9:28:16 AM - System Checkpoint

RP1259: 7/30/2013 12:41:28 PM - Installed EpsonNet Print

RP1260: 7/30/2013 12:42:47 PM - Installed FAX Utility

RP1261: 7/31/2013 2:21:20 PM - System Checkpoint

RP1262: 8/1/2013 2:40:40 PM - Installed Software Updater

RP1263: 8/2/2013 3:08:57 PM - System Checkpoint

RP1264: 8/3/2013 4:05:55 PM - System Checkpoint

RP1265: 8/4/2013 5:20:36 PM - System Checkpoint

RP1266: 8/5/2013 5:42:11 PM - System Checkpoint

RP1267: 8/6/2013 3:43:50 PM - Removed OpenOffice.org 3.4.1

RP1268: 8/6/2013 3:44:54 PM - Installed OpenOffice 4.0.0

RP1269: 8/7/2013 3:55:47 PM - System Checkpoint

RP1270: 8/8/2013 6:16:04 PM - System Checkpoint

RP1271: 8/9/2013 6:33:10 PM - System Checkpoint

RP1272: 8/10/2013 6:35:06 PM - System Checkpoint

RP1273: 8/11/2013 6:49:57 PM - System Checkpoint

RP1274: 8/12/2013 7:11:23 PM - System Checkpoint

RP1275: 8/13/2013 8:01:03 PM - System Checkpoint

RP1276: 8/14/2013 12:00:16 PM - Software Distribution Service 3.0

RP1277: 8/15/2013 12:35:35 PM - System Checkpoint

RP1278: 8/16/2013 12:40:05 PM - System Checkpoint

RP1279: 8/17/2013 1:40:05 PM - System Checkpoint

RP1280: 8/18/2013 2:35:07 PM - System Checkpoint

RP1281: 8/19/2013 2:37:30 PM - System Checkpoint

RP1282: 8/20/2013 3:59:00 PM - System Checkpoint

RP1283: 8/21/2013 4:07:08 PM - System Checkpoint

RP1284: 8/22/2013 4:19:44 PM - System Checkpoint

RP1285: 8/23/2013 4:40:22 PM - System Checkpoint

RP1286: 8/24/2013 5:10:20 PM - System Checkpoint

RP1287: 8/25/2013 6:07:00 PM - System Checkpoint

RP1288: 8/26/2013 7:06:13 PM - System Checkpoint

RP1289: 8/27/2013 7:34:08 PM - System Checkpoint

RP1290: 8/27/2013 11:46:32 PM - Software Distribution Service 3.0

RP1291: 8/29/2013 9:30:02 AM - System Checkpoint

RP1292: 8/30/2013 10:12:03 AM - System Checkpoint

RP1293: 8/31/2013 11:09:40 AM - System Checkpoint

RP1294: 9/1/2013 11:54:30 AM - System Checkpoint

RP1295: 9/2/2013 12:26:53 PM - System Checkpoint

RP1296: 9/3/2013 12:39:59 PM - System Checkpoint

RP1297: 9/4/2013 1:20:13 PM - System Checkpoint

RP1298: 9/5/2013 1:42:03 PM - System Checkpoint

RP1299: 9/6/2013 1:45:18 PM - System Checkpoint

RP1300: 9/7/2013 2:45:46 PM - System Checkpoint

RP1301: 9/8/2013 10:37:18 PM - System Checkpoint

RP1302: 9/9/2013 1:55:53 PM - Removed Acrobat.com

RP1303: 9/9/2013 2:06:40 PM - Removed Java 7 Update 25

RP1304: 9/9/2013 2:07:29 PM - Removed JavaFX 2.1.1

RP1305: 9/9/2013 2:08:33 PM - Removed Skype Click to Call

RP1306: 9/9/2013 2:24:35 PM - Installed Java 6 Update 45

RP1307: 9/9/2013 2:26:01 PM - Removed Java 7 Update 25

RP1308: 9/9/2013 2:28:39 PM - Removed Java 6 Update 45

RP1309: 9/9/2013 2:29:08 PM - Removed Java 6 Update 45

RP1310: 9/9/2013 2:30:28 PM - Installed Java 6 Update 45

RP1311: 9/10/2013 12:00:17 PM - Software Distribution Service 3.0

RP1312: 9/11/2013 12:42:26 PM - System Checkpoint

RP1313: 9/12/2013 12:00:20 PM - Software Distribution Service 3.0

RP1314: 9/12/2013 12:23:09 PM - Software Distribution Service 3.0

RP1315: 9/13/2013 3:37:15 PM - Software Distribution Service 3.0

RP1316: 9/14/2013 4:33:16 PM - System Checkpoint

RP1317: 9/15/2013 5:09:57 PM - System Checkpoint

RP1318: 9/19/2013 10:19:16 AM - System Checkpoint

RP1319: 9/20/2013 11:12:02 AM - System Checkpoint

RP1320: 9/21/2013 11:55:55 AM - System Checkpoint

RP1321: 9/22/2013 12:29:53 PM - System Checkpoint

RP1322: 9/23/2013 2:11:00 PM - System Checkpoint

RP1323: 9/24/2013 2:31:45 PM - System Checkpoint

RP1324: 9/25/2013 2:58:19 PM - System Checkpoint

RP1325: 9/26/2013 5:41:11 PM - System Checkpoint

RP1326: 9/27/2013 5:59:07 PM - System Checkpoint

RP1327: 9/28/2013 6:11:00 PM - System Checkpoint

RP1328: 9/29/2013 4:17:45 PM - Installed Software Updater

RP1329: 10/1/2013 9:44:50 AM - System Checkpoint

RP1330: 10/2/2013 3:53:59 PM - System Checkpoint

RP1331: 10/3/2013 4:30:51 PM - System Checkpoint

RP1332: 10/4/2013 12:44:43 PM - Removed Java 7 Update 25

RP1333: 10/4/2013 1:36:24 PM - Removed Java 7 Update 25

RP1334: 10/4/2013 2:10:43 PM - Installed Java 6 Update 45

.

==== Installed Programs ======================

.

ABBYY FineReader 6.0 Sprint

Adobe AIR

Adobe Connect 9 Add-in

Adobe Flash Player 11 ActiveX

Adobe Reader XI (11.0.04)

Adobe Shockwave Player 12.0

Amazon MP3 Downloader 1.0.15

AnswerWorks 5.0 English Runtime

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ArcSoft MediaImpression

ArcSoft Software Suite

AzureBay Screen Saver

Belkin 54Mbps Wireless Network Adapter

Blue Coat K9 Web Protection 4.2.123

Bonjour

Canon PIXMA iP6000D

Cisco Unified Presenter Add-in 6x5

Compatibility Pack for the 2007 Office system

CutePDF Writer 2.8

EPSON Connect version 1.0

Epson Customer Participation

Epson Event Manager

Epson FAX Utility

Epson PC-FAX Driver

EPSON Scan

EPSON XP-800 Series Printer Uninstall

EpsonNet Print

FamilySearch Indexing 3.7.8

Foxit Reader

FSSS Production

GetMyAncestors

GFI Backup 2009 - Home Edition

Google Chrome

Google Earth

Google Update Helper

Google Updater

High Definition Audio Driver Package - KB888111

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB2756822)

Hotfix for Windows XP (KB2779562)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

HP Photo and Imaging 2.0 - All-in-One

HP Photo and Imaging 2.0 - All-in-One Drivers

HP Photo and Imaging 2.0 - hp psc 1200 series

hp psc 1200 series

Intel® Graphics Media Accelerator Driver

Intel® Network Connections 15.1.29.0

iTunes

Jasc After Shot

Java Auto Updater

Java 6 Update 45

LightScribe  1.4.124.1

Macromedia Shockwave Player

Malwarebytes Anti-Malware version 1.75.0.1300

Mavis Beacon Teaches Typing 12 Standard

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2698023)

Microsoft .NET Framework 1.1 Security Update (KB2833941)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Digital Image Pro 9

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

Microsoft National Language Support Downlevel APIs

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Word Viewer 2003

Microsoft Silverlight

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Web Publishing Wizard 1.52

Microsoft Windows XP Video Decoder Checkup Utility

Mozilla Firefox 24.0 (x86 en-US)

Mozilla Maintenance Service

Mozilla Thunderbird 17.0 (x86 en-US)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

Nero 7 Essentials

Norton Security Suite

OpenOffice 4.0.0

OrdinanceTracker

Palm VersaMail

Picasa 3

Picture Package Music Transfer

PowerAgent

PrintMaster Platinum 17

Quicken 2011

QuickTime

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

Realtek High Definition Audio Driver

RealUpgrade 1.1

Remote Control USB Driver

RootsMagic 5.0.4.1

ScanSoft OmniPage SE 4

ScreenThemes 3.0

Secunia PSI (2.0.0.1003)

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 7 (KB938127-v2)

Security Update for Windows Internet Explorer 7 (KB956390)

Security Update for Windows Internet Explorer 7 (KB958215)

Security Update for Windows Internet Explorer 7 (KB960714)

Security Update for Windows Internet Explorer 7 (KB961260)

Security Update for Windows Internet Explorer 7 (KB963027)

Security Update for Windows Internet Explorer 8 (KB2183461)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB2699988)

Security Update for Windows Internet Explorer 8 (KB2722913)

Security Update for Windows Internet Explorer 8 (KB2744842)

Security Update for Windows Internet Explorer 8 (KB2761465)

Security Update for Windows Internet Explorer 8 (KB2792100)

Security Update for Windows Internet Explorer 8 (KB2797052)

Security Update for Windows Internet Explorer 8 (KB2799329)

Security Update for Windows Internet Explorer 8 (KB2809289)

Security Update for Windows Internet Explorer 8 (KB2817183)

Security Update for Windows Internet Explorer 8 (KB2829530)

Security Update for Windows Internet Explorer 8 (KB2838727)

Security Update for Windows Internet Explorer 8 (KB2846071)

Security Update for Windows Internet Explorer 8 (KB2847204)

Security Update for Windows Internet Explorer 8 (KB2862772)

Security Update for Windows Internet Explorer 8 (KB2870699)

Security Update for Windows Internet Explorer 8 (KB969897)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB972260)

Security Update for Windows Internet Explorer 8 (KB974455)

Security Update for Windows Internet Explorer 8 (KB978207)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB2834904-v2)

Security Update for Windows Media Player (KB2834904)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player (KB979402)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2705219)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2709162)

Security Update for Windows XP (KB2712808)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB2723135)

Security Update for Windows XP (KB2724197)

Security Update for Windows XP (KB2727528)

Security Update for Windows XP (KB2731847)

Security Update for Windows XP (KB2753842-v2)

Security Update for Windows XP (KB2753842)

Security Update for Windows XP (KB2757638)

Security Update for Windows XP (KB2758857)

Security Update for Windows XP (KB2761226)

Security Update for Windows XP (KB2770660)

Security Update for Windows XP (KB2778344)

Security Update for Windows XP (KB2779030)

Security Update for Windows XP (KB2780091)

Security Update for Windows XP (KB2799494)

Security Update for Windows XP (KB2802968)

Security Update for Windows XP (KB2807986)

Security Update for Windows XP (KB2808735)

Security Update for Windows XP (KB2813170)

Security Update for Windows XP (KB2813345)

Security Update for Windows XP (KB2820197)

Security Update for Windows XP (KB2820917)

Security Update for Windows XP (KB2829361)

Security Update for Windows XP (KB2834886)

Security Update for Windows XP (KB2839229)

Security Update for Windows XP (KB2845187)

Security Update for Windows XP (KB2849470)

Security Update for Windows XP (KB2850851)

Security Update for Windows XP (KB2850869)

Security Update for Windows XP (KB2859537)

Security Update for Windows XP (KB2864063)

Security Update for Windows XP (KB2876217)

Security Update for Windows XP (KB2876315)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB938464-v2)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956390)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)

Skype™ 6.7

Snood for Windows version 3.0-W

Software Updater

Sony Picture Utility

SpO2 Assistant V2.x

Super Collapse!

Super Glinx!

Super Nisqually!

swMSM

System Requirements Lab

System Requirements Lab for Intel

TeamViewer 8

The Weather Channel App

The Weather Channel Desktop 6

Travelaxe

Uninstall FamilySearch Indexing

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Windows (KB971513)

Update for Mipony Download Accelerator

Update for Windows Internet Explorer 8 (KB2447568)

Update for Windows Internet Explorer 8 (KB971180)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB980182)

Update for Windows Internet Explorer 8 (KB982632)

Update for Windows Internet Explorer 8 (KB982664)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2661254-v2)

Update for Windows XP (KB2718704)

Update for Windows XP (KB2736233)

Update for Windows XP (KB2749655)

Update for Windows XP (KB2863058)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

WebFldrs XP

Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 7

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows PowerShell 1.0

Windows Resource Kit Tools - SubInAcl.exe

Windows XP Service Pack 3

WinPatrol 2009

WordPerfect Office 11

.

==== Event Viewer Messages From Past Week ========

.

9/30/2013 8:05:35 AM, error: System Error [1003]  - Error code 1000008e, parameter1 c0000005, parameter2 a8022217, parameter3 a67f59c0, parameter4 00000000.

9/29/2013 4:13:46 PM, error: Service Control Manager [7011]  - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.

9/27/2013 8:55:51 AM, error: Service Control Manager [7000]  - The MCSTRM service failed to start due to the following error:  The system cannot find the file specified.

10/4/2013 12:45:18 PM, error: Service Control Manager [7023]  - The Application Management service terminated with the following error:  The specified module could not be found.

10/3/2013 9:16:28 AM, error: NetBT [4321]  - The name "WORKGROUP      :1d" could not be registered on the Interface with IP address 192.168.1.2. The machine with the IP address 192.168.1.7 did not allow the name to be claimed by this machine.

.

==== End Of File ===========================

 


 

Link to post
Share on other sites

I followed the process and everything seems to now be working properly. Thanks so much.  I got the following report from the execution of Anti-Malware.

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.10.05.04
 
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
User :: KAY [administrator]
 
10/5/2013 11:08:36 AM
mbam-log-2013-10-05 (11-08-36).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 215968
Time elapsed: 9 minute(s), 52 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 1
C:\Documents and Settings\User\Application Data\Babylon (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
 
Files Detected: 1
C:\Documents and Settings\User\Application Data\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
 
(end)
 
Link to post
Share on other sites

  • Root Admin

Great, glad that was able to get MBAM working again.

Please visit this webpage and read the ComboFix User's Guide:

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.
  • Please attach that log file to your next reply.
  • If needed the file can be located here: C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.
Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

  • Root Admin

Thanks that looks like it was able to remove some of the issues.

Please go ahead and run through the following steps and post back the logs when ready.

STEP 03

Please download Malwarebytes Anti-Rootkit from here

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt
STEP 04

Please download Junkware Removal Tool to your desktop.

  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus
STEP 05

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • STEP 06

    button_eos.gif

    Please go here to run the online antivirus scannner from ESET.

    • Turn off the real time scanner of any existing antivirus program while performing the online scan
    • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
    • When asked, allow the activex control to install
    • Click Start
    • Make sure that the option Remove found threats is unticked
    • Click on Advanced Settings and ensure these options are ticked:
      • Scan for potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth Technology
    • Click Scan
    • Wait for the scan to finish
    • If any threats were found, click the 'List of found threats' , then click Export to text file....
    • Save it to your desktop, then please copy and paste that log as a reply to this topic.
    STEP 07

    Please download the Farbar Recovery Scan Tool and save it to your desktop.

    Note: You need to run the version compatibale with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Press the Scan button.
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.
Link to post
Share on other sites

Ran Step 01  No threats were detected on first run so I didn't make the second run.  Continuing on to step 02

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1007

www.malwarebytes.org

 

Database version: v2013.10.13.03

 

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

User :: KAY [administrator]

 

10/13/2013 9:23:14 AM

mbar-log-2013-10-13 (09-23-14).txt

 

Scan type: Quick scan

Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken

Scan options disabled: 

Objects scanned: 215703

Time elapsed: 19 minute(s), 25 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

Physical Sectors Detected: 0

(No malicious items detected)

 

(end)

 


---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.07.0.1007

 

© Malwarebytes Corporation 2011-2012

 

OS version: 5.1.2600 Windows XP Service Pack 3 x86

 

Account is Administrative

 

Internet Explorer version: 8.0.6001.18702

 

Java version: 1.6.0_45

 

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, J:\ DRIVE_FIXED

CPU speed: 2.982000 GHz

Memory total: 3478642688, free: 2449686528

 

Downloaded database version: v2013.10.13.03

Downloaded database version: v2013.10.11.02

Initializing...

======================

------------ Kernel report ------------

     10/13/2013 09:23:09

------------ Loaded modules -----------

\WINDOWS\system32\ntkrnlpa.exe

\WINDOWS\system32\hal.dll

\WINDOWS\system32\KDCOM.DLL

\WINDOWS\system32\BOOTVID.dll

ACPI.sys

\WINDOWS\system32\DRIVERS\WMILIB.SYS

pci.sys

isapnp.sys

ohci1394.sys

\WINDOWS\system32\DRIVERS\1394BUS.SYS

pciide.sys

\WINDOWS\system32\DRIVERS\PCIIDEX.SYS

MountMgr.sys

ftdisk.sys

PartMgr.sys

VolSnap.sys

atapi.sys

disk.sys

\WINDOWS\system32\DRIVERS\CLASSPNP.SYS

fltmgr.sys

SYMDS.SYS

sr.sys

SYMEFA.SYS

PxHelp20.sys

KSecDD.sys

Ntfs.sys

NDIS.sys

Mup.sys

\SystemRoot\system32\DRIVERS\SMBios.sys

\SystemRoot\system32\DRIVERS\intelppm.sys

\SystemRoot\system32\DRIVERS\igxpmp32.sys

\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS

\SystemRoot\system32\DRIVERS\e1e5132.sys

\SystemRoot\system32\DRIVERS\usbuhci.sys

\SystemRoot\system32\DRIVERS\USBPORT.SYS

\SystemRoot\system32\DRIVERS\usbehci.sys

\SystemRoot\system32\DRIVERS\HDAudBus.sys

\SystemRoot\system32\DRIVERS\nic1394.sys

\SystemRoot\system32\DRIVERS\serial.sys

\SystemRoot\system32\DRIVERS\serenum.sys

\SystemRoot\system32\DRIVERS\imapi.sys

\SystemRoot\system32\drivers\pfc.sys

\SystemRoot\System32\Drivers\AFS2K.SYS

\SystemRoot\system32\drivers\Afc.sys

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\system32\DRIVERS\redbook.sys

\SystemRoot\system32\DRIVERS\ks.sys

\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys

\SystemRoot\system32\DRIVERS\audstub.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\system32\DRIVERS\psched.sys

\SystemRoot\system32\DRIVERS\msgpc.sys

\SystemRoot\system32\DRIVERS\ptilink.sys

\SystemRoot\system32\DRIVERS\raspti.sys

\SystemRoot\system32\DRIVERS\termdd.sys

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\swenum.sys

\SystemRoot\system32\DRIVERS\update.sys

\SystemRoot\system32\DRIVERS\mssmbios.sys

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\drivers\RtkHDAud.sys

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\drivers\N360\1404000.028\ccSetx86.sys

\SystemRoot\system32\drivers\N360\1404000.028\Ironx86.SYS

\SystemRoot\System32\Drivers\Fs_Rec.SYS

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\Drivers\mnmdd.SYS

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\rasacd.sys

\SystemRoot\system32\DRIVERS\ipsec.sys

\SystemRoot\system32\DRIVERS\tcpip.sys

\SystemRoot\System32\Drivers\N360\1404000.028\SYMTDI.SYS

\SystemRoot\system32\DRIVERS\ipnat.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS

\SystemRoot\system32\DRIVERS\arp1394.sys

\SystemRoot\system32\DRIVERS\usbccgp.sys

\??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20131011.001\IDSxpx86.sys

\SystemRoot\system32\drivers\bckd.sys

\SystemRoot\system32\DRIVERS\netbt.sys

\SystemRoot\System32\drivers\ws2ifsl.sys

\SystemRoot\System32\drivers\afd.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\drivers\N360\1404000.028\SRTSPX.SYS

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\System32\Drivers\Fips.SYS

\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

\??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130924.001\BHDrvx86.sys

\SystemRoot\system32\DRIVERS\USBSTOR.SYS

\SystemRoot\System32\Drivers\Cdfs.SYS

\SystemRoot\system32\DRIVERS\rt73.sys

\SystemRoot\system32\drivers\usbaudio.sys

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\kbdhid.sys

\SystemRoot\system32\DRIVERS\usbprint.sys

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\System32\Drivers\dump_atapi.sys

\SystemRoot\System32\Drivers\dump_WMILIB.SYS

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\System32\watchdog.sys

\SystemRoot\System32\drivers\dxg.sys

\SystemRoot\System32\drivers\dxgthk.sys

\SystemRoot\System32\igxpgd32.dll

\SystemRoot\System32\igxprd32.dll

\SystemRoot\System32\igxpdv32.DLL

\SystemRoot\System32\igxpdx32.DLL

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\system32\DRIVERS\AegisP.sys

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\system32\DRIVERS\mrxdav.sys

\SystemRoot\system32\DRIVERS\srv.sys

\??\C:\WINDOWS\system32\drivers\osaio.sys

\SystemRoot\system32\drivers\wdmaud.sys

\SystemRoot\system32\drivers\sysaudio.sys

\SystemRoot\System32\Drivers\N360\1404000.028\SRTSP.SYS

\??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20131012.006\NAVEX15.SYS

\??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20131012.006\NAVENG.SYS

\SystemRoot\System32\Drivers\HTTP.sys

\??\C:\PROGRA~1\Belkin\F5D705~1\GTNDIS5.SYS

\??\C:\DOCUME~1\User\LOCALS~1\Temp\ALSysIO.sys

\SystemRoot\system32\DRIVERS\psi_mf.sys

\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys

\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys

\WINDOWS\system32\ntdll.dll

----------- End -----------

Done!

<<<1>>>

Upper Device Name: \Device\Harddisk7\DR14

Upper Device Object: 0xffffffff8abb4ab8

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\0000009b\

Lower Device Object: 0xffffffff8ab126d8

Lower Device Driver Name: \Driver\USBSTOR\

<<<1>>>

Upper Device Name: \Device\Harddisk6\DR8

Upper Device Object: 0xffffffff8aae6ab8

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\0000008b\

Lower Device Object: 0xffffffff8a678ea0

Lower Device Driver Name: \Driver\USBSTOR\

<<<1>>>

Upper Device Name: \Device\Harddisk5\DR7

Upper Device Object: 0xffffffff8a5fe290

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\0000008a\

Lower Device Object: 0xffffffff8a5c45f8

Lower Device Driver Name: \Driver\USBSTOR\

<<<1>>>

Upper Device Name: \Device\Harddisk4\DR6

Upper Device Object: 0xffffffff8ab84ab8

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\00000089\

Lower Device Object: 0xffffffff8aaf8ea0

Lower Device Driver Name: \Driver\USBSTOR\

<<<1>>>

Upper Device Name: \Device\Harddisk3\DR5

Upper Device Object: 0xffffffff8ab29ab8

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\00000088\

Lower Device Object: 0xffffffff8ab5ca50

Lower Device Driver Name: \Driver\USBSTOR\

<<<1>>>

Upper Device Name: \Device\Harddisk2\DR4

Upper Device Object: 0xffffffff8ab0aab8

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\00000087\

Lower Device Object: 0xffffffff8ab0cea0

Lower Device Driver Name: \Driver\USBSTOR\

<<<1>>>

Upper Device Name: \Device\Harddisk1\DR1

Upper Device Object: 0xffffffff8af60ab8

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\Ide\IdeDeviceP5T0L0-1f\

Lower Device Object: 0xffffffff8af4bd98

Lower Device Driver Name: \Driver\atapi\

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xffffffff8af4aab8

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\Ide\IdeDeviceP2T0L0-7\

Lower Device Object: 0xffffffff8af4fb00

Lower Device Driver Name: \Driver\atapi\

<<<2>>>

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xffffffff8af4aab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8aefee08, DeviceName: Unknown, DriverName: \Driver\PartMgr\

DevicePointer: 0xffffffff8af4aab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff8af67e98, DeviceName: \Device\00000076\, DriverName: \Driver\ACPI\

DevicePointer: 0xffffffff8af4fb00, DeviceName: \Device\Ide\IdeDeviceP2T0L0-7\, DriverName: \Driver\atapi\

------------ End ----------

Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

<<<2>>>

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...

<<<2>>>

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Done!

Drive 0

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: AB7DAB7D

 

Partition information:

 

    Partition 0 type is Primary (0x7)

    Partition is ACTIVE.

    Partition starts at LBA: 63  Numsec = 625121217

    Partition file system is NTFS

    Partition is bootable

 

    Partition 1 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

    Partition 2 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

    Partition 3 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

Disk Size: 320072933376 bytes

Sector size: 512 bytes

 

Scanning physical sectors of unpartitioned space on drive 0 (1-62-625122448-625142448)...

Done!

Physical Sector Size: 512

Drive: 1, DevicePointer: 0xffffffff8af60ab8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8aefebf0, DeviceName: Unknown, DriverName: \Driver\PartMgr\

DevicePointer: 0xffffffff8af60ab8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff8af019e8, DeviceName: \Device\00000078\, DriverName: \Driver\ACPI\

DevicePointer: 0xffffffff8af4bd98, DeviceName: \Device\Ide\IdeDeviceP5T0L0-1f\, DriverName: \Driver\atapi\

------------ End ----------

Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

Drive 1

Scanning MBR on drive 1...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 55645564

 

Partition information:

 

    Partition 0 type is Primary (0x7)

    Partition is ACTIVE.

    Partition starts at LBA: 63  Numsec = 312560577

    Partition file system is NTFS

    Partition is bootable

 

    Partition 1 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

    Partition 2 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

    Partition 3 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

Disk Size: 160041885696 bytes

Sector size: 512 bytes

 

Done!

Physical Sector Size: 0

Drive: 2, DevicePointer: 0xffffffff8ab0aab8, DeviceName: \Device\Harddisk2\DR4\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8ad92630, DeviceName: Unknown, DriverName: \Driver\PartMgr\

DevicePointer: 0xffffffff8ab0aab8, DeviceName: \Device\Harddisk2\DR4\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff8ab0cea0, DeviceName: \Device\00000087\, DriverName: \Driver\USBSTOR\

------------ End ----------

Physical Sector Size: 0

Drive: 3, DevicePointer: 0xffffffff8ab29ab8, DeviceName: \Device\Harddisk3\DR5\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8a5e1e08, DeviceName: Unknown, DriverName: \Driver\PartMgr\

DevicePointer: 0xffffffff8ab29ab8, DeviceName: \Device\Harddisk3\DR5\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff8ab5ca50, DeviceName: \Device\00000088\, DriverName: \Driver\USBSTOR\

------------ End ----------

Physical Sector Size: 0

Drive: 4, DevicePointer: 0xffffffff8ab84ab8, DeviceName: \Device\Harddisk4\DR6\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8ab8ce08, DeviceName: Unknown, DriverName: \Driver\PartMgr\

DevicePointer: 0xffffffff8ab84ab8, DeviceName: \Device\Harddisk4\DR6\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff8aaf8ea0, DeviceName: \Device\00000089\, DriverName: \Driver\USBSTOR\

------------ End ----------

Physical Sector Size: 0

Drive: 5, DevicePointer: 0xffffffff8a5fe290, DeviceName: \Device\Harddisk5\DR7\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8abdfe08, DeviceName: Unknown, DriverName: \Driver\PartMgr\

DevicePointer: 0xffffffff8a5fe290, DeviceName: \Device\Harddisk5\DR7\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff8a5c45f8, DeviceName: \Device\0000008a\, DriverName: \Driver\USBSTOR\

------------ End ----------

Physical Sector Size: 0

Drive: 6, DevicePointer: 0xffffffff8aae6ab8, DeviceName: \Device\Harddisk6\DR8\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8ad36e08, DeviceName: Unknown, DriverName: \Driver\PartMgr\

DevicePointer: 0xffffffff8aae6ab8, DeviceName: \Device\Harddisk6\DR8\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff8a678ea0, DeviceName: \Device\0000008b\, DriverName: \Driver\USBSTOR\

------------ End ----------

Physical Sector Size: 0

Drive: 7, DevicePointer: 0xffffffff8abb4ab8, DeviceName: \Device\Harddisk7\DR14\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8a51fe08, DeviceName: Unknown, DriverName: \Driver\PartMgr\

DevicePointer: 0xffffffff8abb4ab8, DeviceName: \Device\Harddisk7\DR14\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff8ab126d8, DeviceName: \Device\0000009b\, DriverName: \Driver\USBSTOR\

------------ End ----------

Scan finished

=======================================

 

 

Removal queue found; removal started

Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...

Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_0_63_i.mbam...

Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...

Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\MBR_1_i.mbam...

Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\Bootstrap_1_0_63_i.mbam...

Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\MBR_1_r.mbam...

Removal finished

 

Link to post
Share on other sites

Ran Step 04 JRT.exe

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.4 (10.06.2013:1)
OS: Microsoft Windows XP x86
Ran by User on Sun 10/13/2013 at 10:05:13.43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dsiteproducts
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilivid
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetup.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\babylon"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\drivercure"
Successfully deleted: [Folder] "C:\Documents and Settings\User\Application Data\dsite"
Successfully deleted: [Folder] "C:\Documents and Settings\User\Application Data\iwin"
 
 
 
~~~ FireFox
 
Successfully deleted: [File] C:\Documents and Settings\User\Application Data\mozilla\firefox\profiles\r3ylsglz.default\user.js
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 10/13/2013 at 10:10:10.48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to post
Share on other sites

Step 05 Completed AdwCleaner   Keep IE, Firefox, Chrome

 

# AdwCleaner v3.007 - Report created 13/10/2013 at 10:37:27
# Updated 09/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : User - KAY
# Running from : C:\Documents and Settings\User\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Found : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\r3ylsglz.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\jZip
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
 
-\\ Mozilla Firefox v24.0 (en-US)
 
[ File : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\r3ylsglz.default\prefs.js ]
 
 
-\\ Google Chrome v30.0.1599.69
 
[ File : C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [3170 octets] - [13/10/2013 10:37:27]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3230 octets] ##########
Link to post
Share on other sites

# AdwCleaner v3.007 - Report created 13/10/2013 at 17:35:08

# Updated 09/10/2013 by Xplode

# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

# Username : User - KAY

# Running from : C:\Documents and Settings\User\Desktop\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\r3ylsglz.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : HKCU\Software\jZip

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v8.0.6001.18702

 

 

-\\ Mozilla Firefox v24.0 (en-US)

 

[ File : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\r3ylsglz.default\prefs.js ]

 

 

-\\ Google Chrome v30.0.1599.69

 

[ File : C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

 

 

[ File : C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [3310 octets] - [13/10/2013 10:37:27]

AdwCleaner[R1].txt - [3370 octets] - [13/10/2013 17:33:44]

AdwCleaner[s0].txt - [3333 octets] - [13/10/2013 17:35:08]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3393 octets] ##########
Link to post
Share on other sites

Step 06 Eset Report of Threats

 

C:\Data\Downloads\cnet_revosetup_exe.exe a variant of Win32/InstallCore.D application

C:\Data\Downloads\frzfonts_d165396.exe a variant of Win32/InstallIQ.A application

C:\Data\Downloads\Nero-9.4.12.3d_free.exe Win32/Toolbar.AskSBar application

C:\Data\Downloads\ClipArt & backgrounds\iLividSetup.exe Win32/Toolbar.SearchSuite application

C:\Data\Downloads\CutePDF\CuteWriter.exe a variant of Win32/Bundled.Toolbar.Ask.A application

C:\Data\Downloads\Epson XP-800\epson14514.exe a variant of Win32/Bundled.Toolbar.Ask.D application

C:\Program Files\GFI\GFI Backup 2009 - Home Edition\Backup\Mike's Backup\C\Data\Downloads\jZip\jZipV1c.exe multiple threats

C:\Program Files\GFI\GFI Backup 2009 - Home Edition\Backup\Mike's Backup\C\Documents and Settings\User\Local Settings\Temp\nsp26.tmp.exe multiple threats

C:\RECYCLER\S-1-5-21-1935655697-1085031214-725345543-1004\Dc3.exe a variant of Win32/Kryptik.BLXE trojan

C:\System Volume Information\_restore{B39E5D6F-27D3-4BCE-A2BA-8E6D67095437}\RP1341\A0181073.exe Win32/DownWare.E application

J:\Data\Downloads\CutePDF\CuteWriter.exe a variant of Win32/Bundled.Toolbar.Ask.A application

J:\Documents and Settings\Mike\My Documents\Downloads\cnet_revosetup_exe.exe a variant of Win32/InstallCore.D application

J:\Documents and Settings\Mike\My Documents\Downloads\frzfonts_d165396.exe a variant of Win32/InstallIQ.A application

J:\Documents and Settings\Mike\My Documents\Downloads\Nero-9.4.12.3d_free.exe Win32/Toolbar.AskSBar application

J:\Original Data Mike's\Downloads\jZip\jZipV1c.exe multiple threats
Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2013
Ran by User (administrator) on KAY on 14-10-2013 08:20:53
Running from C:\Documents and Settings\User\Desktop
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Blue Coat Systems, Inc.) C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\WINDOWS\system32\EscSvc.exe
(Microsoft Corporation) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(GFI Software Ltd.) C:\PROGRA~1\GFI\GFIBAC~1\GFIHInst.exe
(GFI Software Ltd.) C:\PROGRA~1\GFI\GFIBAC~1\GFIHSC~1.EXE
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe
(Secunia) C:\Program Files\Secunia\PSI\PSIA.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
(Symantec Corporation) C:\Program Files\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(BillP Studios) C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(RealNetworks, Inc.) C:\program files\real\realplayer\update\realsched.exe
(Belkin) C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe
(Microsoft® Corporation) C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Documents and Settings\User\Desktop\Programs\Core Temp.exe
(SEIKO EPSON CORPORATION) C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIJAE.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(Sony Corporation) C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
() C:\Program Files\ScreenThemes\scthemes.exe
(Foxit Corporation) C:\Program Files\Foxit Software\Foxit Reader\Foxit Reader.exe
(Microsoft Corporation) C:\Program Files\internet explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\internet explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [OpwareSE4] - C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [73728 2007-06-13] (Nuance Communications, Inc.)
HKLM\...\Run: [sSBkgdUpdate] - C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [RTHDCPL] - C:\Windows\RTHDCPL.EXE [18782720 2009-10-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [WinPatrol] - C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [320832 2009-10-10] (BillP Studios)
HKLM\...\Run: [iSUSPM Startup] - C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [196608 2004-04-17] (InstallShield Software Corporation)
HKLM\...\Run: [iSUSScheduler] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM\...\Run: [TkBellExe] - C:\program files\real\realplayer\update\realsched.exe [296096 2012-09-03] (RealNetworks, Inc.)
HKLM\...\Run: [F5D7050v3] - C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe [1654784 2007-10-30] (Belkin)
HKLM\...\Run: [Microsoft Works Update Detection] - C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [50688 2003-06-07] (Microsoft® Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [EEventManager] - C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1058400 2012-01-26] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [FUFAXRCV] - C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe [502912 2012-02-29] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254896 2012-09-17] (Sun Microsystems, Inc.)
HKCU\...\Run: [Core Temp] - C:\Documents and Settings\User\Desktop\Programs\Core Temp.exe [378384 2010-04-10] ()
HKCU\...\Run: [EPLTarget\P0000000000000000] - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIJAE.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [skype] - C:\Program Files\Skype\Phone\Skype.exe [20474016 2013-10-02] (Skype Technologies S.A.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Camio Viewer.lnk
ShortcutTarget: Camio Viewer.lnk -> C:\Program Files\Jasc Software Inc\After Shot\IXApplet.exe (Jasc Software)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Event Reminder.lnk
ShortcutTarget: Event Reminder.lnk -> C:\Program Files\PrintMaster Platinum 17\Remind.exe (Broderbund Properties LLC)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hp psc 1000 series.lnk
ShortcutTarget: hp psc 1000 series.lnk -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe (Hewlett-Packard Co.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Register.lnk
ShortcutTarget: Register.lnk -> C:\Program Files\AzureBay\AzureBay Screen Saver\Register.exe (AzureBay)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk
ShortcutTarget: Picture Motion Browser Media Check Tool.lnk -> C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\ScreenThemes.lnk
ShortcutTarget: ScreenThemes.lnk -> C:\Program Files\ScreenThemes\scthemes.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF8A2B3B199ADCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.familysearch.org/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1227917268562
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\r3ylsglz.default
FF SelectedSearchEngine: Yahoo!
FF Homepage: www.google.com
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Software Company)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @real.com/nppl3260;version=15.0.6.14 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.6.14 - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.6.14 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
FF Extension: Norton Toolbar - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF
FF Extension: Norton Vulnerability Protection - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff

Chrome:
=======


CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\30.0.1599.69\pdf.dll ()
CHR Plugin: (XFINITY Constant Guard Protection Suite Add-on) - C:\Program Files\Constant Guard Protection Suite\CHROME\plugin/IdVault.Chrome.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files\Google\Chrome\Application\plugins\npMozCouponPrinter.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks Chrome Background Extension Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer HTML5VideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Software Company)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Updater) - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java Platform SE 7 U13) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.10516.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
CHR Extension: (YouTube) - C:\DOCUME~1\User\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\DOCUME~1\User\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Calculator) - C:\DOCUME~1\User\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\decmldkknaaemlafplkkdmmmelbdnlja\3.5.2_0
CHR Extension: (Google Calendar) - C:\DOCUME~1\User\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0
CHR Extension: (Sunflowers) - C:\DOCUME~1\User\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\iempnicmekabbnffhpbkdjkmelcpjlep\1.0_0
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\DOCUME~1\User\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0
CHR Extension: (Quick Note) - C:\DOCUME~1\User\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.6.0_0
CHR Extension: (Norton Identity Protection) - C:\DOCUME~1\User\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.3.4_0
CHR Extension: (Chrome In-App Payments service) - C:\DOCUME~1\User\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\DOCUME~1\User\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Security Suite\Engine\20.4.0.40\Exts\Chrome.crx

========================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 bckwfs; C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe [1575184 2011-06-10] (Blue Coat Systems, Inc.)
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
R2 EpsonCustomerParticipation; C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [539744 2012-05-10] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
R2 GFIBckHAtt; C:\PROGRA~1\GFI\GFIBAC~1\GFIHInst.exe [858480 2010-07-30] (GFI Software Ltd.)
R2 GFIBckHSched; C:\PROGRA~1\GFI\GFIBAC~1\GFIHSC~1.EXE [2324848 2010-07-30] (GFI Software Ltd.)
S2 gupdate1c95cb9c0e2c704; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-02-17] (Google Inc.)
R2 N360; C:\Program Files\Norton Security Suite\Engine\20.4.0.40\diMaster.dll [556336 2013-05-29] (Symantec Corporation)
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [987704 2010-12-21] (Secunia)
S2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [399416 2010-12-21] (Secunia)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"

==================== Drivers (Whitelisted) ====================

R2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [20747 2012-11-14] (Meetinghouse Data Communications)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R1 AFS2K; C:\Windows\System32\Drivers\AFS2K.sys [35840 2004-10-07] (Oak Technology Inc.)
S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative)
R1 bckd; C:\Windows\System32\drivers\bckd.sys [86544 2011-06-10] (Blue Coat Systems, Inc.)
R1 BHDrvx86; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130924.001\BHDrvx86.sys [1097304 2013-09-23] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360\1404000.028\ccSetx86.sys [134744 2013-04-15] (Symantec Corporation)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2009-12-18] ()
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-08-26] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-08-26] (Symantec Corporation)
R4 GTNDIS5; C:\PROGRA~1\Belkin\F5D705~1\GTNDIS5.SYS [15872 2003-09-25] (Printing Communications Assoc., Inc. (PCAUSA))
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [51024 2003-03-09] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16080 2003-03-09] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21456 2003-03-09] (HP)
R3 IDSxpx86; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20131011.001\IDSxpx86.sys [380824 2013-10-09] (Symantec Corporation)
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)
R3 NAVENG; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20131013.021\NAVENG.SYS [93272 2013-08-28] (Symantec Corporation)
R3 NAVEX15; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20131013.021\NAVEX15.SYS [1612376 2013-08-28] (Symantec Corporation)
R2 osaio; C:\WINDOWS\system32\drivers\osaio.sys [7296 2010-04-10] (OSA Technologies, An Avocent Company)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [21248 2003-09-20] (Padus, Inc.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf.sys [15544 2010-09-01] (Secunia)
R3 RT73; C:\Windows\System32\DRIVERS\rt73.sys [451968 2007-10-02] (Ralink Technology, Corp.)
S3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [14080 2009-06-10] (Saitek)
S3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [36992 2009-06-10] (Saitek)
S3 silabenm; C:\Windows\System32\DRIVERS\silabenm.sys [47176 2010-07-28] (Silicon Laboratories)
S3 silabser; C:\Windows\System32\DRIVERS\silabser.sys [58112 2010-07-28] (Silicon Laboratories)
R3 SMBios; C:\Windows\System32\DRIVERS\SMBios.sys [36484 2003-11-03] (Intel Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360\1404000.028\SRTSP.SYS [603224 2013-05-15] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360\1404000.028\SRTSPX.SYS [32344 2013-03-04] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360\1404000.028\SYMDS.SYS [367704 2013-05-20] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360\1404000.028\SYMEFA.SYS [934488 2013-05-22] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [142496 2013-07-23] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360\1404000.028\Ironx86.SYS [175264 2012-07-27] (Symantec Corporation)
R1 SYMTDI; C:\Windows\System32\Drivers\N360\1404000.028\SYMTDI.SYS [396760 2013-04-24] (Symantec Corporation)
R3 ALSysIO; \??\C:\DOCUME~1\User\LOCALS~1\Temp\ALSysIO.sys [x]
S1 AntiLog32; \??\C:\WINDOWS\system32\drivers\AntiLog32.sys [x]
S3 catchme; \??\C:\DOCUME~1\User\LOCALS~1\Temp\catchme.sys [x]
S3 gwiopm; \??\J:\Old Backup from Mike's\C\Documents and Settings\Mike\My Documents\Downloads\gwiopm.sys [x]
S4 IntelIde; No ImagePath
S3 keycrypt; system32\DRIVERS\KeyCrypt32.sys [x]
S2 MCSTRM; No ImagePath
S3 PalmUSBD; system32\drivers\PalmUSBD.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TlntSvr;
S3 USBMULCD; system32\drivers\CM106.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-10-14 08:20 - 2013-10-14 08:20 - 00000000 ____D C:\FRST
2013-10-14 08:19 - 2013-10-14 08:19 - 01087213 _____ (Farbar) C:\Documents and Settings\User\Desktop\FRST.exe
2013-10-13 21:16 - 2013-10-13 21:16 - 00001568 _____ C:\Documents and Settings\User\Desktop\Eset Report.txt
2013-10-13 18:08 - 2013-10-13 18:08 - 00000000 ____D C:\Program Files\ESET
2013-10-13 17:37 - 2013-10-14 08:03 - 03877096 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2013-10-13 16:49 - 2013-10-13 21:47 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2013-10-13 10:36 - 2013-10-13 17:35 - 00000000 ____D C:\AdwCleaner
2013-10-13 10:36 - 2013-10-13 10:36 - 01048960 _____ C:\Documents and Settings\User\Desktop\AdwCleaner.exe
2013-10-13 10:10 - 2013-10-13 10:10 - 00003003 _____ C:\Documents and Settings\User\Desktop\JRT.txt
2013-10-13 10:05 - 2013-10-13 10:05 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-13 10:03 - 2013-10-13 10:03 - 01032220 _____ (Thisisu) C:\Documents and Settings\User\Desktop\JRT.exe
2013-10-13 09:23 - 2013-10-13 09:43 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2013-10-13 09:23 - 2013-10-13 09:23 - 00105176 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2013-10-13 09:21 - 2013-10-13 09:21 - 00047064 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2013-10-12 23:07 - 2013-10-12 23:07 - 00001845 _____ C:\Documents and Settings\User\Desktop\Chrome App Launcher.lnk
2013-10-12 23:07 - 2013-10-12 23:07 - 00000000 ____D C:\Documents and Settings\User\Start Menu\Programs\Google Chrome
2013-10-12 11:21 - 2013-10-12 11:21 - 00006643 _____ C:\Documents and Settings\User\My Documents\ComboFix.zip
2013-10-12 11:10 - 2013-10-12 11:10 - 00020021 _____ C:\ComboFix.txt
2013-10-12 11:00 - 2008-11-28 13:28 - 00000211 _____ C:\Boot.bak
2013-10-12 10:59 - 2013-10-12 11:00 - 00000000 _RSHD C:\cmdcons
2013-10-12 10:59 - 2004-08-03 23:00 - 00260272 __RSH C:\cmldr
2013-10-12 10:56 - 2011-06-26 00:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2013-10-12 10:56 - 2010-11-07 11:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2013-10-12 10:56 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2013-10-12 10:56 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2013-10-12 10:56 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2013-10-12 10:56 - 2000-08-30 18:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2013-10-12 10:56 - 2000-08-30 18:00 - 00098816 _____ C:\WINDOWS\sed.exe
2013-10-12 10:56 - 2000-08-30 18:00 - 00080412 _____ C:\WINDOWS\grep.exe
2013-10-12 10:56 - 2000-08-30 18:00 - 00068096 _____ C:\WINDOWS\zip.exe
2013-10-12 10:55 - 2013-10-12 11:10 - 00000000 ____D C:\Qoobox
2013-10-12 10:55 - 2013-10-12 11:08 - 00000000 ____D C:\WINDOWS\erdnt
2013-10-12 08:44 - 2013-10-12 08:44 - 00094208 _____ C:\WINDOWS\Minidump\Mini101213-01.dmp
2013-10-09 12:42 - 2013-10-09 12:42 - 00094208 _____ C:\WINDOWS\Minidump\Mini100913-01.dmp
2013-10-09 11:01 - 2013-10-13 23:07 - 00000000 ____D C:\Documents and Settings\User\Desktop\mission
2013-10-08 23:45 - 2013-10-08 23:45 - 00129973 _____ C:\WINDOWS\KB2862335.log
2013-10-08 23:45 - 2013-10-08 23:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-08 23:45 - 2013-10-08 23:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-08 23:33 - 2013-10-08 23:33 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$
2013-10-08 23:32 - 2013-10-08 23:33 - 00011560 _____ C:\WINDOWS\KB2868038.log
2013-10-08 23:29 - 2013-10-08 23:31 - 00011825 _____ C:\WINDOWS\KB2879017-IE8.log
2013-10-08 23:29 - 2013-10-08 23:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-08 23:28 - 2013-10-08 23:28 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2013-10-08 21:44 - 2013-10-08 23:45 - 00132900 _____ C:\WINDOWS\KB2847311.log
2013-10-08 21:42 - 2013-07-16 18:58 - 00123008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys
2013-10-08 21:41 - 2013-08-08 18:55 - 00144128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2013-10-08 21:41 - 2013-08-08 18:55 - 00032384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys
2013-10-08 21:41 - 2013-08-08 18:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2013-10-08 21:41 - 2009-03-18 05:02 - 00030336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2013-10-07 14:20 - 2013-10-07 14:20 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 8
2013-10-05 11:07 - 2013-10-05 11:07 - 00000000 ____D C:\Documents and Settings\User\Application Data\Malwarebytes
2013-10-05 10:55 - 2013-10-05 10:55 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-05 10:55 - 2013-10-05 10:55 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2013-10-05 10:55 - 2013-10-05 10:55 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2013-10-05 10:55 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-10-04 14:59 - 2013-10-04 14:59 - 00008280 _____ C:\Documents and Settings\User\Desktop\RKreport[0]_S_10042013_145931.txt
2013-10-04 14:18 - 2013-10-04 14:18 - 00000000 ____D C:\Documents and Settings\User\Application Data\PowerAgent
2013-10-04 14:16 - 2013-10-04 14:16 - 00001804 _____ C:\Documents and Settings\User\Desktop\FSSS Production.lnk
2013-10-04 14:16 - 2013-10-04 14:16 - 00000000 ____D C:\Documents and Settings\User\Start Menu\Programs\Amdocs SmartClient CRM
2013-10-04 14:13 - 2013-10-04 14:13 - 00000000 ____D C:\Program Files\Common Files\Java
2013-10-04 14:11 - 2013-10-04 14:10 - 00162224 _____ (Sun Microsystems, Inc.) C:\WINDOWS\system32\javaws.exe
2013-10-04 14:11 - 2013-10-04 14:10 - 00149936 _____ (Sun Microsystems, Inc.) C:\WINDOWS\system32\javaw.exe
2013-10-04 14:11 - 2013-10-04 14:10 - 00149936 _____ (Sun Microsystems, Inc.) C:\WINDOWS\system32\java.exe
2013-10-04 13:44 - 2013-10-04 13:44 - 00000156 _____ C:\Documents and Settings\User\Desktop\EMEASUPORT.url
2013-09-30 08:03 - 2013-09-30 08:02 - 00094208 _____ C:\WINDOWS\Minidump\Mini093013-01.dmp
2013-09-29 22:44 - 2013-10-04 14:10 - 00073728 _____ (Sun Microsystems, Inc.) C:\WINDOWS\system32\javacpl.cpl
2013-09-27 17:00 - 2013-09-27 18:12 - 06363648 _____ C:\Documents and Settings\User\My Documents\Baptism Regan.car
2013-09-24 14:46 - 2013-09-24 14:46 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2013-09-24 14:45 - 2013-09-24 14:46 - 00000000 ____D C:\Program Files\iTunes
2013-09-24 14:45 - 2013-09-24 14:46 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-09-24 14:45 - 2013-09-24 14:45 - 00000000 ____D C:\Program Files\iPod
2013-09-24 14:44 - 2013-09-24 14:44 - 00000000 ____D C:\Documents and Settings\Default User\Application Data\Apple Computer
2013-09-21 21:28 - 2013-09-21 21:28 - 00346112 _____ C:\Documents and Settings\User\My Documents\RS Visiting Teaching Sept 13.sig

==================== One Month Modified Files and Folders =======

2013-10-14 08:20 - 2013-10-14 08:20 - 00000000 ____D C:\FRST
2013-10-14 08:19 - 2013-10-14 08:19 - 01087213 _____ (Farbar) C:\Documents and Settings\User\Desktop\FRST.exe
2013-10-14 08:07 - 2012-11-14 12:20 - 00000000 _____ C:\Documents and Settings\User\order.txt
2013-10-14 08:06 - 2012-10-16 17:19 - 00000276 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1935655697-1085031214-725345543-1004.job
2013-10-14 08:06 - 2008-11-28 13:32 - 01764475 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-14 08:05 - 2009-07-24 16:34 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-14 08:04 - 2008-11-28 13:39 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-10-14 08:04 - 2008-11-28 06:26 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-10-14 08:04 - 2008-11-28 06:26 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-10-14 08:03 - 2013-10-13 17:37 - 03877096 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2013-10-14 08:03 - 2008-11-28 13:42 - 00000178 ___SH C:\Documents and Settings\User\ntuser.ini
2013-10-14 08:03 - 2008-11-28 13:39 - 00032538 _____ C:\WINDOWS\SchedLgU.Txt
2013-10-14 07:55 - 2012-11-25 19:19 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-10-13 23:34 - 2011-04-13 17:55 - 00000000 ____D C:\Documents and Settings\User\Application Data\Skype
2013-10-13 23:07 - 2013-10-09 11:01 - 00000000 ____D C:\Documents and Settings\User\Desktop\mission
2013-10-13 22:55 - 2009-07-24 16:34 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-13 22:54 - 2013-09-10 12:03 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-10-13 21:47 - 2013-10-13 16:49 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2013-10-13 21:16 - 2013-10-13 21:16 - 00001568 _____ C:\Documents and Settings\User\Desktop\Eset Report.txt
2013-10-13 18:08 - 2013-10-13 18:08 - 00000000 ____D C:\Program Files\ESET
2013-10-13 18:08 - 2009-02-17 04:28 - 00663322 _____ C:\WINDOWS\setupapi.log
2013-10-13 17:43 - 2008-12-09 18:33 - 00000412 _____ C:\WINDOWS\MAXLINK.INI
2013-10-13 17:35 - 2013-10-13 10:36 - 00000000 ____D C:\AdwCleaner
2013-10-13 12:48 - 2008-12-12 18:28 - 00000868 _____ C:\WINDOWS\Tasks\Google Software Updater.job
2013-10-13 12:04 - 2010-04-07 20:44 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-10-13 10:36 - 2013-10-13 10:36 - 01048960 _____ C:\Documents and Settings\User\Desktop\AdwCleaner.exe
2013-10-13 10:10 - 2013-10-13 10:10 - 00003003 _____ C:\Documents and Settings\User\Desktop\JRT.txt
2013-10-13 10:05 - 2013-10-13 10:05 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-13 10:03 - 2013-10-13 10:03 - 01032220 _____ (Thisisu) C:\Documents and Settings\User\Desktop\JRT.exe
2013-10-13 09:43 - 2013-10-13 09:23 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2013-10-13 09:23 - 2013-10-13 09:23 - 00105176 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2013-10-13 09:21 - 2013-10-13 09:21 - 00047064 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2013-10-13 09:05 - 2004-08-04 06:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2013-10-12 23:07 - 2013-10-12 23:07 - 00001845 _____ C:\Documents and Settings\User\Desktop\Chrome App Launcher.lnk
2013-10-12 23:07 - 2013-10-12 23:07 - 00000000 ____D C:\Documents and Settings\User\Start Menu\Programs\Google Chrome
2013-10-12 11:21 - 2013-10-12 11:21 - 00006643 _____ C:\Documents and Settings\User\My Documents\ComboFix.zip
2013-10-12 11:10 - 2013-10-12 11:10 - 00020021 _____ C:\ComboFix.txt
2013-10-12 11:10 - 2013-10-12 10:55 - 00000000 ____D C:\Qoobox
2013-10-12 11:08 - 2013-10-12 10:55 - 00000000 ____D C:\WINDOWS\erdnt
2013-10-12 11:08 - 2004-08-04 06:00 - 00000227 _____ C:\WINDOWS\system.ini
2013-10-12 11:07 - 2008-12-28 11:57 - 00000000 ____D C:\Program Files\iWin Games
2013-10-12 11:00 - 2013-10-12 10:59 - 00000000 _RSHD C:\cmdcons
2013-10-12 11:00 - 2008-11-28 06:22 - 00000327 __RSH C:\boot.ini
2013-10-12 10:51 - 2008-11-28 17:35 - 00000069 _____ C:\WINDOWS\NeroDigital.ini
2013-10-12 08:53 - 2010-04-09 15:11 - 00000284 _____ C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1935655697-1085031214-725345543-1004.job
2013-10-12 08:44 - 2013-10-12 08:44 - 00094208 _____ C:\WINDOWS\Minidump\Mini101213-01.dmp
2013-10-12 08:44 - 2010-04-09 18:43 - 00000000 ____D C:\WINDOWS\Minidump
2013-10-12 08:42 - 2011-04-13 17:54 - 00000000 ___RD C:\Program Files\Skype
2013-10-12 08:42 - 2011-04-13 17:54 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2013-10-10 10:24 - 2008-11-28 06:18 - 00000000 ____D C:\WINDOWS\repair
2013-10-10 09:58 - 2008-11-28 13:30 - 00000000 ____D C:\WINDOWS\Registration
2013-10-09 12:42 - 2013-10-09 12:42 - 00094208 _____ C:\WINDOWS\Minidump\Mini100913-01.dmp
2013-10-09 09:03 - 2011-01-09 10:52 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-09 09:03 - 2008-11-28 06:23 - 01133056 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-08 23:47 - 2008-11-28 06:24 - 00583236 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-10-08 23:45 - 2013-10-08 23:45 - 00129973 _____ C:\WINDOWS\KB2862335.log
2013-10-08 23:45 - 2013-10-08 23:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-08 23:45 - 2013-10-08 23:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-08 23:45 - 2013-10-08 21:44 - 00132900 _____ C:\WINDOWS\KB2847311.log
2013-10-08 23:45 - 2008-11-28 17:55 - 00302290 _____ C:\WINDOWS\updspapi.log
2013-10-08 23:45 - 2008-11-28 06:24 - 02204397 _____ C:\WINDOWS\FaxSetup.log
2013-10-08 23:45 - 2008-11-28 06:24 - 01082865 _____ C:\WINDOWS\ocgen.log
2013-10-08 23:45 - 2008-11-28 06:24 - 00849591 _____ C:\WINDOWS\tsoc.log
2013-10-08 23:45 - 2008-11-28 06:24 - 00717051 _____ C:\WINDOWS\comsetup.log
2013-10-08 23:45 - 2008-11-28 06:24 - 00437158 _____ C:\WINDOWS\ntdtcsetup.log
2013-10-08 23:45 - 2008-11-28 06:24 - 00347055 _____ C:\WINDOWS\iis6.log
2013-10-08 23:45 - 2008-11-28 06:24 - 00117544 _____ C:\WINDOWS\ocmsn.log
2013-10-08 23:45 - 2008-11-28 06:24 - 00111098 _____ C:\WINDOWS\msgsocm.log
2013-10-08 23:45 - 2008-11-28 06:24 - 00001374 _____ C:\WINDOWS\imsins.log
2013-10-08 23:45 - 2008-11-28 06:24 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-10-08 23:42 - 2013-07-18 12:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-10-08 23:37 - 2008-11-28 17:56 - 78106760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-10-08 23:36 - 2011-01-09 10:52 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
2013-10-08 23:33 - 2013-10-08 23:33 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$
2013-10-08 23:33 - 2013-10-08 23:32 - 00011560 _____ C:\WINDOWS\KB2868038.log
2013-10-08 23:31 - 2013-10-08 23:29 - 00011825 _____ C:\WINDOWS\KB2879017-IE8.log
2013-10-08 23:29 - 2013-10-08 23:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-08 23:28 - 2013-10-08 23:28 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2013-10-08 21:55 - 2013-09-10 12:03 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-10-08 21:55 - 2013-09-10 12:03 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-10-08 21:55 - 2013-06-12 11:02 - 17226632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2013-10-08 14:43 - 2012-12-22 20:43 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-10-07 14:20 - 2013-10-07 14:20 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 8
2013-10-07 14:20 - 2013-09-08 22:07 - 00000815 _____ C:\Documents and Settings\All Users\Desktop\TeamViewer 8.lnk
2013-10-05 11:07 - 2013-10-05 11:07 - 00000000 ____D C:\Documents and Settings\User\Application Data\Malwarebytes
2013-10-05 10:55 - 2013-10-05 10:55 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-05 10:55 - 2013-10-05 10:55 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2013-10-05 10:55 - 2013-10-05 10:55 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2013-10-04 14:59 - 2013-10-04 14:59 - 00008280 _____ C:\Documents and Settings\User\Desktop\RKreport[0]_S_10042013_145931.txt
2013-10-04 14:18 - 2013-10-04 14:18 - 00000000 ____D C:\Documents and Settings\User\Application Data\PowerAgent
2013-10-04 14:16 - 2013-10-04 14:16 - 00001804 _____ C:\Documents and Settings\User\Desktop\FSSS Production.lnk
2013-10-04 14:16 - 2013-10-04 14:16 - 00000000 ____D C:\Documents and Settings\User\Start Menu\Programs\Amdocs SmartClient CRM
2013-10-04 14:13 - 2013-10-04 14:13 - 00000000 ____D C:\Program Files\Common Files\Java
2013-10-04 14:10 - 2013-10-04 14:11 - 00162224 _____ (Sun Microsystems, Inc.) C:\WINDOWS\system32\javaws.exe
2013-10-04 14:10 - 2013-10-04 14:11 - 00149936 _____ (Sun Microsystems, Inc.) C:\WINDOWS\system32\javaw.exe
2013-10-04 14:10 - 2013-10-04 14:11 - 00149936 _____ (Sun Microsystems, Inc.) C:\WINDOWS\system32\java.exe
2013-10-04 14:10 - 2013-09-29 22:44 - 00073728 _____ (Sun Microsystems, Inc.) C:\WINDOWS\system32\javacpl.cpl
2013-10-04 14:10 - 2008-12-12 18:55 - 00000000 ____D C:\Program Files\Java
2013-10-04 13:44 - 2013-10-04 13:44 - 00000156 _____ C:\Documents and Settings\User\Desktop\EMEASUPORT.url
2013-10-04 12:54 - 2012-07-10 21:39 - 00867240 _____ (Oracle Corporation) C:\WINDOWS\system32\npDeployJava1.dll
2013-10-04 12:54 - 2010-05-18 06:43 - 00789416 _____ (Oracle Corporation) C:\WINDOWS\system32\deployJava1.dll
2013-09-30 08:02 - 2013-09-30 08:03 - 00094208 _____ C:\WINDOWS\Minidump\Mini093013-01.dmp
2013-09-29 16:17 - 2013-07-30 12:42 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Epson Software
2013-09-29 16:13 - 2012-11-10 18:57 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2013-09-27 18:12 - 2013-09-27 17:00 - 06363648 _____ C:\Documents and Settings\User\My Documents\Baptism Regan.car
2013-09-24 14:46 - 2013-09-24 14:46 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2013-09-24 14:46 - 2013-09-24 14:45 - 00000000 ____D C:\Program Files\iTunes
2013-09-24 14:46 - 2013-09-24 14:45 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-09-24 14:45 - 2013-09-24 14:45 - 00000000 ____D C:\Program Files\iPod
2013-09-24 14:45 - 2009-01-11 21:23 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-09-24 14:44 - 2013-09-24 14:44 - 00000000 ____D C:\Documents and Settings\Default User\Application Data\Apple Computer
2013-09-24 14:44 - 2011-08-23 09:39 - 00000000 ____D C:\Documents and Settings\Default User\Local Settings\Application Data\Apple Computer
2013-09-24 14:21 - 2013-09-09 14:36 - 00000730 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2013-09-24 14:21 - 2013-09-09 14:36 - 00000724 _____ C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2013-09-24 14:21 - 2008-12-12 17:36 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-23 23:36 - 2004-08-04 06:00 - 00174592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ie4uinit.exe
2013-09-23 23:36 - 2004-08-04 06:00 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-09-23 12:33 - 2012-06-13 14:23 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2013-09-23 12:33 - 2010-06-10 15:17 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2013-09-23 12:33 - 2009-07-24 16:22 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2013-09-23 12:33 - 2009-07-24 16:22 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2013-09-23 12:33 - 2009-03-08 04:33 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\corpol.dll
2013-09-23 12:33 - 2008-11-28 18:01 - 11113472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2013-09-23 12:33 - 2008-11-28 18:01 - 02006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2013-09-23 12:33 - 2008-11-28 18:01 - 00630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2013-09-23 12:33 - 2008-11-28 18:01 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2013-09-23 12:33 - 2008-11-28 13:31 - 00759296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll
2013-09-23 12:33 - 2007-08-13 19:54 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-09-23 12:33 - 2007-08-13 19:54 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-09-23 12:33 - 2007-08-13 19:54 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2013-09-23 12:33 - 2007-08-13 19:34 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-09-23 12:33 - 2004-08-04 06:00 - 06017536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2013-09-23 12:33 - 2004-08-04 06:00 - 06017536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-09-23 12:33 - 2004-08-04 06:00 - 01469440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl
2013-09-23 12:33 - 2004-08-04 06:00 - 01469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-09-23 12:33 - 2004-08-04 06:00 - 01215488 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll
2013-09-23 12:33 - 2004-08-04 06:00 - 01215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-09-23 12:33 - 2004-08-04 06:00 - 00920064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll
2013-09-23 12:33 - 2004-08-04 06:00 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-09-23 12:33 - 2004-08-04 06:00 - 00611840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstime.dll
2013-09-23 12:33 - 2004-08-04 06:00 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstime.dll
2013-09-23 12:33 - 2004-08-04 06:00 - 00387584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedkcs32.dll
2013-09-23 12:33 - 2004-08-04 06:00 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2013-09-23 12:33 - 2004-08-04 06:00 - 00206848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll
2013-09-23 12:33 - 2004-08-04 06:00 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2013-09-23 12:33 - 2004-08-04 06:00 - 00184320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll
2013-09-23 12:33 - 2004-08-04 06:00 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2013-09-23 12:33 - 2004-08-04 06:00 - 00105984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll
2013-09-23 12:33 - 2004-08-04 06:00 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2013-09-23 12:33 - 2004-08-04 06:00 - 00067072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtmled.dll
2013-09-23 12:33 - 2004-08-04 06:00 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2013-09-23 12:33 - 2004-08-04 06:00 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licmgr10.dll
2013-09-23 12:33 - 2004-08-04 06:00 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2013-09-23 12:33 - 2004-08-04 06:00 - 00025600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsproxy.dll
2013-09-23 12:33 - 2004-08-04 06:00 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2013-09-23 12:33 - 2004-08-04 06:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\corpol.dll
2013-09-23 12:06 - 2004-08-04 06:00 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2013-09-21 21:28 - 2013-09-21 21:28 - 00346112 _____ C:\Documents and Settings\User\My Documents\RS Visiting Teaching Sept 13.sig
2013-09-15 19:47 - 2010-04-15 17:57 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\CutePDF Writer

Files to move or delete:
====================
C:\Documents and Settings\User\jobq.dat

Some content of TEMP:
====================
C:\Documents and Settings\User\Local Settings\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-10-2013
Ran by User at 2013-10-14 08:22:05
Running from C:\Documents and Settings\User\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Norton Security Suite (Disabled - Up to date) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Security Suite (Disabled) {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

==================== Installed Programs ======================

ABBYY FineReader 6.0 Sprint (Version: 6.00.1395.4512)
Adobe AIR (Version: 2.7.1.19610)
Adobe Connect 9 Add-in (HKCU Version: 11,2,385,0)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Reader XI (11.0.05) (Version: 11.0.05)
Adobe Shockwave Player 12.0 (Version: 12.0.3.133)
Adobe Shockwave Player 12.0 (Version: 12.0.4.144)
Amazon MP3 Downloader 1.0.15 (Version: 1.0.15)
AnswerWorks 5.0 English Runtime (Version: 5.0.7)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
ArcSoft MediaImpression
ArcSoft Software Suite
AzureBay Screen Saver
Belkin 54Mbps Wireless Network Adapter (Version: 1.00.01)
Blue Coat K9 Web Protection 4.2.123 (Version: 4.2.123)
Bonjour (Version: 3.0.0.10)
Canon PIXMA iP6000D
Cisco Unified Presenter Add-in 6x5
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CutePDF Writer 2.8
EPSON Connect version 1.0 (Version: 1.0)
Epson Customer Participation (Version: 1.4.0.0)
Epson Event Manager (Version: 3.01.0003)
Epson FAX Utility (Version: 1.30.00)
Epson PC-FAX Driver
EPSON Scan
EPSON XP-800 Series Printer Uninstall
EpsonNet Print (Version: 2.5.00)
ESET Online Scanner v3
FamilySearch Indexing 3.7.8 (Version: 3.7.8)
Foxit Reader (Version: 4.3.1.218)
FSSS Production
GetMyAncestors (Version: 2011.7.30.0)
GFI Backup 2009 - Home Edition (Version: 3.0)
Google Chrome (Version: 30.0.1599.69)
Google Earth (Version: 7.1.1.1888)
Google Updater (Version: 2.4.2432.1652)
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
HP Photo and Imaging 2.0 - All-in-One (Version: 1.10.0000)
HP Photo and Imaging 2.0 - All-in-One Drivers (Version: 1.10.0000)
HP Photo and Imaging 2.0 - hp psc 1200 series
hp psc 1200 series (Version: 1.10.0000)
Intel® Graphics Media Accelerator Driver (Version: 0.0.0.0000)
Intel® Network Connections 15.1.29.0 (Version: 15.1.29.0)
iTunes (Version: 11.1.0.126)
Jasc After Shot (Version: 1.0.0.0)
Java Auto Updater (Version: 2.0.7.2)
Java 6 Update 45 (Version: 6.0.450)
LightScribe  1.4.124.1 (Version: 1.4.124.1)
Macromedia Shockwave Player
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Mavis Beacon Teaches Typing 12 Standard
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Digital Image Pro 9 (Version: 9.0.0.0000)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Web Publishing Wizard 1.52
Microsoft Windows XP Video Decoder Checkup Utility
Mozilla Firefox 24.0 (x86 en-US) (Version: 24.0)
Mozilla Maintenance Service (Version: 24.0.1)
Mozilla Thunderbird 17.0 (x86 en-US) (Version: 17.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Nero 7 Essentials (Version: 7.02.4129)
Norton Security Suite (Version: 20.4.0.40)
OpenOffice 4.0.0 (Version: 4.00.9702)
OrdinanceTracker (Version: 2010.4.3.1)
Palm VersaMail (HKCU Version: 2.61.1100)
Palm VersaMail (Version: 2.61.1100)
Picasa 3 (Version: 3.9)
Picture Package Music Transfer (Version: 1.1.00.11270)
PowerAgent (Version: 0.1)
PrintMaster Platinum 17 (Version: 17.00.0000)
Quicken 2011 (Version: 20.1.8.6)
QuickTime (Version: 7.74.80.86)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.6)
Realtek High Definition Audio Driver (Version: 5.10.0.5964)
RealUpgrade 1.1 (Version: 1.1.0)
Remote Control USB Driver (Version: 2.3.2.317)
RootsMagic 5.0.4.1
ScanSoft OmniPage SE 4 (Version: 15.2.0020)
ScreenThemes 3.0
Secunia PSI (2.0.0.1003)
Skype™ 6.9 (Version: 6.9.106)
Snood for Windows version 3.0-W
Software Updater (Version: 4.1.4)
Sony Picture Utility (Version: 3.0.02.12110)
SpO2 Assistant V2.x
Super Collapse!
Super Glinx!
Super Nisqually!
swMSM (Version: 12.0.0.1)
System Requirements Lab (Version: 4.1.71.0)
System Requirements Lab for Intel (Version: 4.1.66.0)
TeamViewer 8 (Version: 8.0.22298)
The Weather Channel App
Travelaxe
Uninstall FamilySearch Indexing
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Windows (KB971513)
Update for Mipony Download Accelerator
Update for Windows Internet Explorer 8 (KB2447568) (Version: 1)
Update for Windows Internet Explorer 8 (KB971180) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows Internet Explorer 8 (KB982632) (Version: 1)
Update for Windows Internet Explorer 8 (KB982664) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
WebFldrs XP (Version: 9.50.7523)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell 1.0 (Version: 2)
Windows Resource Kit Tools - SubInAcl.exe (Version: 5.2.3790.1164)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinPatrol 2009 (Version: 17.0.2010.0)
WordPerfect Office 11 (Version: 11.0.0.233)

==================== Restore Points  =========================

16-07-2013 18:07:50 System Checkpoint
17-07-2013 18:42:33 System Checkpoint
18-07-2013 18:00:19 Software Distribution Service 3.0
19-07-2013 20:29:01 System Checkpoint
20-07-2013 21:04:48 System Checkpoint
21-07-2013 21:37:28 System Checkpoint
22-07-2013 21:53:04 System Checkpoint
23-07-2013 22:28:53 System Checkpoint
24-07-2013 23:10:22 System Checkpoint
25-07-2013 23:36:01 System Checkpoint
26-07-2013 23:59:32 System Checkpoint
28-07-2013 01:43:30 System Checkpoint
29-07-2013 14:25:50 System Checkpoint
30-07-2013 15:28:16 System Checkpoint
30-07-2013 18:41:28 Installed EpsonNet Print
30-07-2013 18:42:47 Installed FAX Utility
31-07-2013 20:21:20 System Checkpoint
01-08-2013 20:40:40 Installed Software Updater
02-08-2013 21:08:57 System Checkpoint
03-08-2013 22:05:55 System Checkpoint
04-08-2013 23:20:36 System Checkpoint
05-08-2013 23:42:11 System Checkpoint
06-08-2013 21:43:50 Removed OpenOffice.org 3.4.1
06-08-2013 21:44:54 Installed OpenOffice 4.0.0
07-08-2013 21:55:47 System Checkpoint
09-08-2013 00:16:04 System Checkpoint
10-08-2013 00:33:10 System Checkpoint
11-08-2013 00:35:06 System Checkpoint
12-08-2013 00:49:57 System Checkpoint
13-08-2013 01:11:23 System Checkpoint
14-08-2013 02:01:03 System Checkpoint
14-08-2013 18:00:16 Software Distribution Service 3.0
15-08-2013 18:35:35 System Checkpoint
16-08-2013 18:40:05 System Checkpoint
17-08-2013 19:40:05 System Checkpoint
18-08-2013 20:35:07 System Checkpoint
19-08-2013 20:37:30 System Checkpoint
20-08-2013 21:59:00 System Checkpoint
21-08-2013 22:07:08 System Checkpoint
22-08-2013 22:19:44 System Checkpoint
23-08-2013 22:40:22 System Checkpoint
24-08-2013 23:10:20 System Checkpoint
26-08-2013 00:07:00 System Checkpoint
27-08-2013 01:06:13 System Checkpoint
28-08-2013 01:34:08 System Checkpoint
28-08-2013 05:46:32 Software Distribution Service 3.0
29-08-2013 15:30:02 System Checkpoint
30-08-2013 16:12:03 System Checkpoint
31-08-2013 17:09:40 System Checkpoint
01-09-2013 17:54:30 System Checkpoint
02-09-2013 18:26:53 System Checkpoint
03-09-2013 18:39:59 System Checkpoint
04-09-2013 19:20:13 System Checkpoint
05-09-2013 19:42:03 System Checkpoint
06-09-2013 19:45:18 System Checkpoint
07-09-2013 20:45:46 System Checkpoint
09-09-2013 04:37:18 System Checkpoint
09-09-2013 19:55:53 Removed Acrobat.com
09-09-2013 20:06:40 Removed Java 7 Update 25
09-09-2013 20:07:29 Removed JavaFX 2.1.1
09-09-2013 20:08:33 Removed Skype Click to Call
09-09-2013 20:24:35 Installed Java 6 Update 45
09-09-2013 20:26:01 Removed Java 7 Update 25
09-09-2013 20:28:39 Removed Java 6 Update 45
09-09-2013 20:29:08 Removed Java 6 Update 45
09-09-2013 20:30:28 Installed Java 6 Update 45
10-09-2013 18:00:17 Software Distribution Service 3.0
11-09-2013 18:42:26 System Checkpoint
12-09-2013 18:00:20 Software Distribution Service 3.0
12-09-2013 18:23:09 Software Distribution Service 3.0
13-09-2013 21:37:15 Software Distribution Service 3.0
14-09-2013 22:33:16 System Checkpoint
15-09-2013 23:09:57 System Checkpoint
19-09-2013 16:19:16 System Checkpoint
20-09-2013 17:12:02 System Checkpoint
21-09-2013 17:55:55 System Checkpoint
22-09-2013 18:29:53 System Checkpoint
23-09-2013 20:11:00 System Checkpoint
24-09-2013 20:31:45 System Checkpoint
25-09-2013 20:58:19 System Checkpoint
26-09-2013 23:41:11 System Checkpoint
27-09-2013 23:59:07 System Checkpoint
29-09-2013 00:11:00 System Checkpoint
29-09-2013 22:17:45 Installed Software Updater
01-10-2013 15:44:50 System Checkpoint
02-10-2013 21:53:59 System Checkpoint
03-10-2013 22:30:51 System Checkpoint
04-10-2013 18:44:43 Removed Java 7 Update 25
04-10-2013 19:36:24 Removed Java 7 Update 25
04-10-2013 20:10:43 Installed Java 6 Update 45
05-10-2013 20:39:26 System Checkpoint
06-10-2013 21:33:36 System Checkpoint
07-10-2013 22:29:03 System Checkpoint
08-10-2013 22:54:42 System Checkpoint
09-10-2013 05:10:15 Software Distribution Service 3.0
10-10-2013 20:12:43 System Checkpoint
11-10-2013 20:55:20 System Checkpoint
13-10-2013 17:07:52 System Checkpoint
13-10-2013 18:00:15 Software Distribution Service 3.0

==================== Hosts content: ==========================

2004-08-04 06:00 - 2013-10-12 11:08 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1352940630.job => C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe
Task: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1935655697-1085031214-725345543-1004.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1935655697-1085031214-725345543-1004.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe

==================== Loaded Modules (whitelisted) =============

2010-04-15 17:55 - 2009-11-05 08:39 - 00087552 _____ () C:\WINDOWS\system32\cpwmon2k.dll
2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-23 15:59 - 2012-05-30 08:51 - 00699280 ____R () C:\PROGRAM FILES\NORTON SECURITY SUITE\ENGINE\20.4.0.40\wincfi39.dll
2010-04-10 15:34 - 2009-09-14 16:36 - 00506711 ____N () C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
2012-11-14 12:14 - 2007-11-26 12:45 - 00188416 _____ () C:\Program Files\Belkin\F5D7050v3\BelkinwcuiDLL.dll
2012-11-14 12:14 - 2007-10-30 23:29 - 00151617 _____ () C:\Program Files\Belkin\F5D7050v3\blkwcapi.dll
2012-11-14 12:14 - 2003-10-13 16:30 - 00094208 _____ () C:\Program Files\Belkin\F5D7050v3\GTW32N50.dll
2012-11-14 12:14 - 2005-08-10 16:36 - 00045056 _____ () C:\Program Files\Belkin\F5D7050v3\Security.dll
2012-11-14 12:14 - 2006-02-24 11:40 - 00061440 _____ () C:\Program Files\Belkin\F5D7050v3\BelkinHWStatus.dll
2004-08-04 06:00 - 2008-04-13 18:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2004-08-04 06:00 - 2008-04-13 18:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (10/12/2013 01:34:06 PM) (Source: MsiInstaller) (User: KAY)
Description: Product: PrintMaster Platinum 17 -- Error 1706.  Installation has been canceled.  You may run this installation at a later time.

Error: (10/12/2013 11:06:22 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: A connection with the server could not be established

Error: (10/12/2013 11:05:33 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: A connection with the server could not be established

Error: (10/10/2013 10:47:17 AM) (Source: Application Hang) (User: )
Description: Hanging application GFIBackup.exe, version 3.1.2010.730, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (10/10/2013 10:47:16 AM) (Source: Application Hang) (User: )
Description: Hanging application GFIBackup.exe, version 3.1.2010.730, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (10/10/2013 10:46:52 AM) (Source: Application Hang) (User: )
Description: Hanging application GFIBackup.exe, version 3.1.2010.730, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (10/09/2013 09:06:31 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (09/29/2013 10:49:04 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1969

Error: (09/29/2013 10:49:04 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1969

Error: (09/29/2013 10:49:04 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

System errors:
=============
Error: (10/14/2013 08:05:33 AM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (10/14/2013 07:56:42 AM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (10/13/2013 05:39:34 PM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (10/13/2013 09:06:41 AM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (10/12/2013 10:55:30 AM) (Source: Service Control Manager) (User: )
Description: The GFI Backup 2009 - Home Edition Attendant Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/12/2013 10:55:30 AM) (Source: Service Control Manager) (User: )
Description: The GFI Backup 2009 - Home Edition Scheduler Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/12/2013 08:56:00 AM) (Source: System Error) (User: )
Description: Error code 1000008e, parameter1 c0000005, parameter2 a8240217, parameter3 a78479c0, parameter4 00000000.

Error: (10/12/2013 08:45:43 AM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (10/12/2013 08:37:25 AM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (10/11/2013 07:52:19 AM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Microsoft Office Sessions:
=========================
Error: (10/12/2013 01:34:06 PM) (Source: MsiInstaller)(User: KAY)
Description: Product: PrintMaster Platinum 17 -- Error 1706.  Installation has been canceled.  You may run this installation at a later time.(NULL)(NULL)(NULL)

Error: (10/12/2013 11:06:22 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtA connection with the server could not be established

Error: (10/12/2013 11:05:33 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtA connection with the server could not be established

Error: (10/10/2013 10:47:17 AM) (Source: Application Hang)(User: )
Description: GFIBackup.exe3.1.2010.730hungapp0.0.0.000000000

Error: (10/10/2013 10:47:16 AM) (Source: Application Hang)(User: )
Description: GFIBackup.exe3.1.2010.730hungapp0.0.0.000000000

Error: (10/10/2013 10:46:52 AM) (Source: Application Hang)(User: )
Description: GFIBackup.exe3.1.2010.730hungapp0.0.0.000000000

Error: (10/09/2013 09:06:31 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (09/29/2013 10:49:04 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1969

Error: (09/29/2013 10:49:04 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1969

Error: (09/29/2013 10:49:04 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

==================== Memory info ===========================

Percentage of memory in use: 29%
Total physical RAM: 3317.49 MB
Available physical RAM: 2341.23 MB
Total Pagefile: 5200.61 MB
Available Pagefile: 4348.94 MB
Total Virtual: 2047.88 MB
Available Virtual: 1940.37 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:298.08 GB) (Free:197.85 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive j: () (Fixed) (Total:149.04 GB) (Free:62.58 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 298 GB) (Disk ID: AB7DAB7D)
Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: 55645564)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites

  • Root Admin

Please uninstall ALL versions of Java from the Control Panel, Add/Remove.
 
Please download JavaRa-1.16 and save it to your computer.

  • Double click to open the zip file and then select all and choose Copy.
  • Create a new folder on your Desktop named RemoveJava and paste the files into this new folder.
  • Quit all browsers and other running applications.
  • Right-click on JavaRa.exe in RemoveJava folder and choose Run as administrator to start the program.
  • From the drop-down menu, choose English and click on Select.
  • JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
  • Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
  • A logfile will pop up. Please save it to a convenient location and post it in your next reply.

 

 

 

Then restart the computer and run the following.
 

Please download the attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

fixlist.txt

Link to post
Share on other sites

  • Root Admin

Well you can ignore it but you need to very very aware that older versions of JAVA have been exploited and can very easily help get your computer infected.  When possible you should look at replacing or updating that application as soon as possible.

 

Please go ahead and run the other requested scan.

Link to post
Share on other sites

JavaRa 1.16 Removal Log.

 

Report follows after line.

 

------------------------------------

 

The JavaRa removal process was started on Fri Oct 18 22:09:42 2013

 

JavaRa 1.16 Removal Log.

 

Report follows after line.

 

------------------------------------

 

The JavaRa removal process was started on Fri Oct 18 22:24:37 2013

 

Found and removed: C:\Program Files\Java\jre6

 

Found and removed: C:\Documents and Settings\User\Application Data\Sun\Java\jre1.6.0_11

 

Found and removed: C:\Documents and Settings\User\Application Data\Sun\Java\jre1.6.0_12

 

Found and removed: C:\Documents and Settings\User\Application Data\Sun\Java\jre1.6.0_15

 

Found and removed: C:\Documents and Settings\User\Application Data\Sun\Java\jre1.6.0_17

 

Found and removed: C:\Documents and Settings\User\Application Data\Sun\Java\jre1.6.0_19

 

Found and removed: C:\Documents and Settings\User\Application Data\Sun\Java\jre1.6.0_20

 

Found and removed: C:\Documents and Settings\User\Application Data\Sun\Java\jre1.6.0_21

 

Found and removed: C:\Documents and Settings\User\Application Data\Sun\Java\jre1.6.0_22

 

Found and removed: C:\Documents and Settings\User\Application Data\Sun\Java\jre1.6.0_23

 

Found and removed: C:\Documents and Settings\User\Application Data\Sun\Java\jre1.6.0_24

 

Found and removed: C:\Documents and Settings\User\Application Data\Sun\Java\jre1.6.0_26

 

Found and removed: C:\Documents and Settings\User\Application Data\Sun\Java\jre1.6.0_29

 

Found and removed: C:\Documents and Settings\User\Application Data\Sun\Java\jre1.6.0_31

 

Found and removed: C:\Documents and Settings\User\Application Data\Sun\Java\jre1.7.0_05

 

Found and removed: C:\Documents and Settings\User\Application Data\Sun\Java\jre1.7.0_07

 

Found and removed: Applications\java.exe

 

Found and removed: Applications\javaw.exe

 

Found and removed: CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}

 

Found and removed: CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}

 

Found and removed: Software\JavaSoft\Java Update

 

Found and removed: Software\JavaSoft\Java2D\1.5.0_11

 

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.6

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

 

Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}

 

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3412062B03

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3412062B04

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3412062B06

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3612062B03

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3612062B04

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3612062B06

 

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.1

 

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.1.1

 

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.1.2

 

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.1.3

 

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.2

 

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.2.1

 

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.3

 

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.3.1

 

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.4

 

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.4.1

 

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.4.2

 

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.5

 

Found and removed: SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}

 

Found and removed: SOFTWARE\Classes\CLSID\{5852F5ED-8BF4-11D4-A245-0080C6F74284}

 

Found and removed: SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

 

Found and removed: SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}

 

Found and removed: SOFTWARE\Classes\Installer\Features\F60730A4A66673047777F5728467D401

 

Found and removed: SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401

 

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\A5CCAAC40F5B69B47777ACF82566467C

 

Found and removed: SOFTWARE\Classes\Interface\{5852F5EC-8BF4-11D4-A245-0080C6F74284}

 

Found and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/java-deployment-toolkit

 

Found and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/x-java-applet

 

Found and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/x-java-jnlp-file

 

Found and removed: SOFTWARE\Classes\TypeLib\{5852F5E0-8BF4-11D4-A245-0080C6F74284}

 

Found and removed: SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\JAVA_SUN

 

Found and removed: SOFTWARE\Microsoft\Internet Explorer\Low Rights

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\javaws.exe

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A5CCAAC40F5B69B47777ACF82566467C

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\225FA5D4CDB0C57489E7F511C11D0182

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\225FC5D4ADB0C57489E7F511C11D0182

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\225FC5D4BDB0C57489E7F511C11D0182

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\225FC5D4CDB0C57489E7F511C11D0182

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\52AAFD69654C07446983ADA1256FC7A9

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD9BB15F1AC776D49B768EDF5A02B896

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1215CC4312C58A4A8F9D630115FB457

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}

 

Found and removed: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Accessibility\ATs

 

Found and removed: SOFTWARE\JavaSoft

 

Found and removed: SOFTWARE\JreMetrics

 

Found and removed: SOFTWARE\MozillaPlugins

 

Found and removed: SYSTEM\ControlSet001\Enum\Root\LEGACY_JAVAQUICKSTARTERSERVICE

 

Found and removed: SYSTEM\ControlSet001\Services\Eventlog\Application\JavaQuickStarterService

 

Found and removed: SYSTEM\ControlSet001\Services\JavaQuickStarterService

 

JavaRa 1.16 Removal Log.

 

Report follows after line.

 

------------------------------------

 

The JavaRa removal process was started on Fri Oct 18 22:26:25 2013

 

Found and removed: CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}

 

Found and removed: CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}

 

------------------------------------

 

Finished reporting.

 

 

 

JavaRa 1.16 Removal Log.

 

Report follows after line.

 

------------------------------------

 

The JavaRa removal process was started on Fri Oct 18 22:32:13 2013

 

------------------------------------

 

Finished reporting.


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 03-10-2013

Ran by User at 2013-10-18 22:44:47 Run:1

Running from C:\Documents and Settings\User\Desktop

Boot Mode: Normal

 

==============================================

 

Content of fixlist:

*****************

C:\Data\Downloads\cnet_revosetup_exe.exe

C:\Data\Downloads\frzfonts_d165396.exe

C:\Data\Downloads\ClipArt & backgrounds\iLividSetup.exe

J:\Documents and Settings\Mike\My Documents\Downloads\cnet_revosetup_exe.exe

J:\Documents and Settings\Mike\My Documents\Downloads\frzfonts_d165396.exe

J:\Original Data Mike's\Downloads\jZip\jZipV1c.exe

Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Register.lnk

KCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://download.eset...lineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab

DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab

DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab

DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab

DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab

DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab

DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab

FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}

FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff

R2 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"

S2 gupdate1c95cb9c0e2c704; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-02-17] (Google Inc.)

R3 ALSysIO; \??\C:\DOCUME~1\User\LOCALS~1\Temp\ALSysIO.sys [x]

S3 gwiopm; \??\J:\Old Backup from Mike's\C\Documents and Settings\Mike\My Documents\Downloads\gwiopm.sys [x]

C:\Documents and Settings\User\jobq.dat

C:\Documents and Settings\User\Local Settings\Temp\Quarantine.exe

Task: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

 

*****************

 

C:\Data\Downloads\cnet_revosetup_exe.exe => Moved successfully.

C:\Data\Downloads\frzfonts_d165396.exe => Moved successfully.

C:\Data\Downloads\ClipArt & backgrounds\iLividSetup.exe => Moved successfully.

J:\Documents and Settings\Mike\My Documents\Downloads\cnet_revosetup_exe.exe => Moved successfully.

J:\Documents and Settings\Mike\My Documents\Downloads\frzfonts_d165396.exe => Moved successfully.

J:\Original Data Mike's\Downloads\jZip\jZipV1c.exe => Moved successfully.

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Register.lnk => Moved successfully.

HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.

HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.

HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found.

HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} => Key not found.

HKCR\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.

HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C} => Key not found.

HKCR\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{233C1507-6A77-46A4-9443-F871F945D258} => Key deleted successfully.

HKCR\CLSID\{233C1507-6A77-46A4-9443-F871F945D258} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{31435657-9980-0010-8000-00AA00389B71} => Key deleted successfully.

HKCR\CLSID\{31435657-9980-0010-8000-00AA00389B71} => Key not found.

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{6414512B-B978-451D-A0D8-FCFDF33E833C} => Key deleted successfully.

HKCR\CLSID\{6414512B-B978-451D-A0D8-FCFDF33E833C} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5} => Key deleted successfully.

HKCR\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93} => Key deleted successfully.

HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} => Key deleted successfully.

HKCR\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} => Key not found.

HKCR\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} => Key not found.

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} => Key deleted successfully.

HKCR\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} => Key not found.

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} => Key deleted successfully.

HKCR\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} => Key not found.

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} => Key deleted successfully.

HKCR\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} => Key not found.

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} => Key deleted successfully.

HKCR\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} => Key not found.

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => Key deleted successfully.

HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => Key not found.

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7} => Key deleted successfully.

HKCR\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7} => Key not found.

HKLM\Software\MozillaPlugins\@java.com/JavaPlugin => Key not found.

C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll not found.

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} => Moved successfully.

C:\Program Files\Java\jre6\lib\deploy\jqs\ff => not found.

JavaQuickStarterService => Service not found.

gupdate1c95cb9c0e2c704 => Service deleted successfully.

ALSysIO => Service deleted successfully.

gwiopm => Service deleted successfully.

C:\Documents and Settings\User\jobq.dat => Moved successfully.

"C:\Documents and Settings\User\Local Settings\Temp\Quarantine.exe" => File/Directory not found.

C:\WINDOWS\Tasks\Google Software Updater.job => Moved successfully.

C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.

C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.

 

 

The system needs a manual reboot. 

 

==== End of Fixlog ====

Link to post
Share on other sites

  • Root Admin

Please restart the computer and run the following again.

 

Lets clean out any adware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Link to post
Share on other sites

# AdwCleaner v3.008 - Report created 19/10/2013 at 06:56:40

# Updated 17/10/2013 by Xplode

# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

# Username : User - KAY

# Running from : C:\Documents and Settings\User\Desktop\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v8.0.6001.18702

 

 

-\\ Mozilla Firefox v24.0 (en-US)

 

[ File : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\r3ylsglz.default\prefs.js ]

 

 

-\\ Google Chrome v30.0.1599.101

 

[ File : C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

 

 

[ File : C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [3310 octets] - [13/10/2013 10:37:27]

AdwCleaner[R1].txt - [3370 octets] - [13/10/2013 17:33:44]

AdwCleaner[R2].txt - [1267 octets] - [19/10/2013 06:54:30]

AdwCleaner[s0].txt - [3473 octets] - [13/10/2013 17:35:08]

AdwCleaner[s1].txt - [1188 octets] - [19/10/2013 06:56:40]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1248 octets] ##########
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.