Jump to content

Software policy restriction message when trying to start Mbam


Recommended Posts

I seem to be having almost the same exact problem mentioned here... https://forums.malwarebytes.org/index.php?showtopic=134848

 

 

 

I appear to have picked up some malware that is disabling my Malwarebytes and Eset antivirus on my Win XP machine. I noticed earlier today that I got a pop up from Malwarebytes that a couple of malicious process were trying to do some actions, I quarantined them at the time. The programs I quarantined were "Trojan.Fake.Apach", "Trojan.Ransom.Gend" and "Trojan.ED"



I tried to do a scan with Malwarebytes but it gave me a message that it could not open due to a software policy restriction, although I have never set any on my stand alone pc. I tried to do an online scan with ESET but it gave me "error 8" and would not start. I downloaded a trial version of ESET but it will not start, it gives me the messsage "Error: Service 'ESET Service' (ekrn) failed to start. Verify that you have sufficient priveleges to start system services".



I have reinstalled Malwarebytes and now it starts, however it does not find any new threats, but I cannot enable the filesystem or malicious website blocking protection as I cannot check the boxes to turn them on. Lastly my Zonealarm firewall icon has disappeared from the Taskbar and it doesn't seem that I can restart it.



What should I do first to resolve this?

 

I have run Farbar Recovery Scan Tool mentioned in the other thread and found this:

 

 

HKLM Group Policy restriction on software: C:\Program Files\Alwil Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Malwarebytes' Anti-Malware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\BitDefender <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Lavasoft <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Panda Security <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\ESET <====== ATTENTION



Thank you for your help!

Link to post
Share on other sites

Please post both logs form FRST and also.......

Please download and run RogueKiller 32 Bit to your desktop.

RogueKiller 64 Bit <---use this one for 64 bit systems

Quit all running programs.

For Windows XP, double-click to start.
For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.


Click Scan to scan the system.
When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.
(please don't put logs in code or quotes and use the default font)

General P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
2. If you have illegal/cracked software, cracks, keygens, Adobe host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.
Failure to remove such software will result in your topic being closed and no further assistance being provided.


MrC


Note:
Please read all of my instructions completely including these.

Make sure system restore is turned on and running

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly


Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive


<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.


<+>The removal of malware isn't instantaneous, please be patient.


<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs


<+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.


------->Your topic will be closed if you haven't replied within 3 days!<--------
(If I don't respond within 24 hours, please send me a PM)

Link to post
Share on other sites

Thanks for the reply.  Here are the logs:

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-10-2013
Ran by RG (administrator) on RAUL-PC on 22-10-2013 13:04:02
Running from C:\Documents and Settings\RG\Desktop
Microsoft Windows XP Professional Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Check Point Software Technologies LTD) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
() C:\WINDOWS\system32\ANIWConnService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciServiceHost.exe
() C:\Program Files\CDBurnerXP\NMSAccessU.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Protexis Inc.) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
() C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\SWAS.exe
(Webroot Software, Inc.) C:\Program Files\Webroot\Washer\WasherSvc.exe
(Check Point Software Technologies, Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
() C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Check Point Software Technologies LTD) C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
() C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
(Check Point Software Technologies) C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
(Innovative Solutions GRUP SRL) K:\Azureus downloads\Advanced Uninstaller Pro 9.1\Crack\Monitor.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Opera Software) C:\Program Files\Opera10.01\opera.exe
() C:\Documents and Settings\RG\Desktop\RogueKiller.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NVMixerTray] - C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe [131072 2004-12-20] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [ZoneAlarm] - C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [73832 2013-08-12] (Check Point Software Technologies LTD)
HKLM\...\Run: [HTC Sync Loader] - C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [655360 2012-12-12] ()
HKLM\...\Run: [iSW] - C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [738984 2012-07-14] (Check Point Software Technologies)
HKLM Group Policy restriction on software: C:\Program Files\Alwil Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Malwarebytes' Anti-Malware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\BitDefender <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Lavasoft <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Panda Security <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\ESET <====== ATTENTION
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
HKCU\...\Run: [Advanced Uninstaller PRO Installation Monitor] - K:\Azureus downloads\Advanced Uninstaller Pro 9.1\Crack\Monitor.exe [920976 2008-07-08] (Innovative Solutions GRUP SRL)
HKCU\...\Run: [sUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [4616064 2011-12-08] (SUPERAntiSpyware.com)
HKU\Administrator\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe"
HKU\Administrator.XXX-53E9B60FB0D\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe"
HKU\Administrator.XXX-53E9B60FB0D.000\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe"
HKU\Administrator.XXX-53E9B60FB0D.001\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe"
HKU\Administrator.XXX-53E9B60FB0D.002\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe"
Lsa: [Authentication Packages] msv1_0 relog_ap
BootExecute: autocheck autochk * sprestrtsprestrt

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: (No Name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - No File
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll (Check Point Software Technologies LTD)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: PodcastBHO Class - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: ZeonIEEventHelper Class - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll (Zeon Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll No File
Toolbar: HKLM - No Name - {ba14329e-9550-4989-b3f2-9732e92d17cc} - No File
Toolbar: HKLM - Nuance PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll (Zeon Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Toolbar: HKLM - ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll (Check Point Software Technologies LTD)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - Winamp Toolbar - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll No File
Toolbar: HKCU - No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
Toolbar: HKCU - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204
DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} http://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} http://support.microsoft.com/mats/DiagWebControl.cab
DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} http://ax.emsisoft.com/asquared.cab
DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_12-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-18] (SuperAdBlocker.com)
Winsock: Catalog5 01 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Documents and Settings\RG\Application Data\Mozilla\Firefox\Profiles\mvmblz1v.default
FF user.js: detected! => C:\Documents and Settings\RG\Application Data\Mozilla\Firefox\Profiles\mvmblz1v.default\user.js
FF Homepage: https://www.google.com/
FF NetworkProxy: "http", "119.252.162.210"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @checkpoint.com/FFApi - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll No File
FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @doubletwist.com/NPPodcast - C:\Program Files\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @veetle.com/vbp;version=0.9.4 - C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.15 - C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.15 - C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\RG\Application Data\Mozilla\Firefox\Profiles\mvmblz1v.default\searchplugins\winamp-search.xml
FF SearchPlugin: C:\Documents and Settings\RG\Application Data\Mozilla\Firefox\Profiles\mvmblz1v.default\searchplugins\zonealarm.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\ask.xml
FF Extension: zonealarm.com - C:\Documents and Settings\RG\Application Data\Mozilla\Firefox\Profiles\mvmblz1v.default\Extensions\ffxtlbr@zonealarm.com
FF Extension: Winamp Toolbar - C:\Documents and Settings\RG\Application Data\Mozilla\Firefox\Profiles\mvmblz1v.default\Extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
FF Extension: FireShot - C:\Documents and Settings\RG\Application Data\Mozilla\Firefox\Profiles\mvmblz1v.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
FF Extension: No Name - C:\Documents and Settings\RG\Application Data\Mozilla\Firefox\Profiles\mvmblz1v.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF Extension: freehdsport - C:\Documents and Settings\RG\Application Data\Mozilla\Firefox\Profiles\mvmblz1v.default\Extensions\freehdsport@freehdsport.tv.xpi
FF Extension: No Name - C:\Documents and Settings\RG\Application Data\Mozilla\Firefox\Profiles\mvmblz1v.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
FF Extension: No Name - C:\Documents and Settings\RG\Application Data\Mozilla\Firefox\Profiles\mvmblz1v.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF Extension: No Name - C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2011-08-11] (SUPERAntiSpyware.com)
R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [411168 2007-02-16] (Acronis)
R2 AdobeActiveFileMonitor10.0; C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-14] (Adobe Systems Incorporated)
R2 ANIWConnService; C:\WINDOWS\system32\ANIWConnService.exe [151552 2009-07-07] ()
S3 AresChatServer; C:\Program Files\Ares\chatServer.exe [398336 2009-01-27] (Ares Development Group)
S3 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [67360 2010-01-25] (NOS Microsystems Ltd.)
S2 gupdate1c9b1898cf0d880; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-03-30] (Google Inc.)
R2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-04-12] (Nero AG)
S2 IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [497320 2012-07-14] (Check Point Software Technologies)
S2 LIVESRV; C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe [278528 2008-08-07] (SOFTWIN S.R.L.)
S3 LPDSVC; C:\Windows\system32\tcpsvcs.exe [19456 2006-02-28] (Microsoft Corporation)
R2 NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] ()
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [272024 2008-04-04] ()
R2 SWAS_Core; C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\SWAS.exe [1449984 2008-04-15] ()
R2 vsmon; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2445304 2013-08-12] (Check Point Software Technologies LTD)
R2 wwEngineSvc; C:\Program Files\Webroot\Washer\WasherSvc.exe [598856 2007-11-26] (Webroot Software, Inc.)
R2 ZAPrivacyService; C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [54160 2013-06-18] (Check Point Software Technologies, Ltd.)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"

==================== Drivers (Whitelisted) ====================

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [48128 2004-08-03] (Microsoft Corporation)
S3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [2317504 2005-04-18] (Realtek Semiconductor Corp.)
S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1691480 2009-11-17] (Creative)
S1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [36352 2005-03-09] (Advanced Micro Devices)
R2 ANIO; C:\WINDOWS\system32\ANIO.SYS [29411 2009-02-09] ()
R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [100328 2011-03-04] (ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [309224 2011-03-04] (ASMedia Technology Inc)
R1 BANTExt; C:\Windows\System32\Drivers\BANTExt.sys [3840 2008-02-27] ()
S3 cpuz132; C:\WINDOWS\system32\drivers\cpuz132_x32.sys [12672 2009-03-27] (Windows ® Codename Longhorn DDK provider)
S3 DCamUSBEMPIA; C:\Windows\System32\DRIVERS\emDevice.sys [100957 2005-12-21] (eMPIA Technology, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [232512 2011-10-20] (DT Soft Ltd)
S3 emAudio; C:\Windows\System32\drivers\emAudio.sys [22528 2006-12-12] (Pinnacle Systems GmbH)
S3 FiltUSBEMPIA; C:\Windows\System32\DRIVERS\emFilter.sys [5245 2005-12-21] (eMPIA Technology, Inc.)
R2 iPodDrv; C:\WINDOWS\system32\drivers\iPodDrv.sys [6656 2010-11-04] (Windows ® Codename Longhorn DDK provider)
R3 k57w2k; C:\Windows\System32\DRIVERS\k57xp32.sys [237096 2011-05-09] (Broadcom Corporation)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [136024 2013-08-04] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11352 2012-01-09] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [586584 2013-08-04] (Kaspersky Lab)
R3 klim5; C:\Windows\System32\DRIVERS\klim5.sys [35672 2012-11-15] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [43608 2012-11-15] (Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145064 2013-08-04] (Kaspersky Lab ZAO)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-24] (Pinnacle Systems GmbH)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [46080 2011-11-10] (Intel Corporation)
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1395800 2009-11-17] (Creative Technology Ltd.)
S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15360 2006-02-28] (Microsoft Corporation)
S3 MREMP50; C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [21248 2009-09-15] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [20096 2009-09-15] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MS1000; C:\Windows\System32\DRIVERS\MS1000.sys [5376 2009-01-23] ()
S3 ms_mpu401; C:\Windows\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-12] ()
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2006-02-28] (Microsoft Corporation)
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-06-01] (Microsoft Corporation)
R0 nvata; C:\Windows\System32\DRIVERS\nvata.sys [100736 2006-04-24] (NVIDIA Corporation)
S3 nvax; C:\Windows\System32\drivers\nvax.sys [53376 2005-07-26] (NVIDIA Corporation)
S3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [54784 2008-08-01] (NVIDIA Corporation)
S3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [22016 2008-08-01] (NVIDIA Corporation)
S3 nvnforce; C:\Windows\System32\drivers\nvapu.sys [415360 2005-07-26] (NVIDIA Corporation)
S3 rt2870; C:\Windows\System32\DRIVERS\Drt2870.sys [724736 2009-08-03] (Ralink Technology, Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ScanUSBEMPIA; C:\Windows\System32\DRIVERS\emScan.sys [4493 2005-12-21] (eMPIA Technology, Inc.)
S3 Secdrv; C:\Windows\System32\DRIVERS\secdrv.sys [27440 2006-02-28] ()
R0 Si3114r5; C:\Windows\System32\DRIVERS\Si3114r5.sys [211496 2008-11-25] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [17064 2008-11-25] (Silicon Image, Inc.)
R0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [12200 2008-11-25] (Silicon Image, Inc.)
S3 SONYPVU1; C:\Windows\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-03-08] (Duplex Secure Ltd.)
S3 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [7168 2009-11-12] ()
R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [32768 2008-09-09] (Acronis)
U3 TrueSight; C:\WINDOWS\system32\TrueSight.sys [26624 2013-10-22] ()
S3 TVICHW32; C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [23600 2008-07-15] (EnTech Taiwan)
R1 Vsdatant; C:\Windows\System32\vsdatant.sys [528232 2013-08-12] (Check Point Software Technologies LTD)
S3 yukonwxp; C:\Windows\System32\DRIVERS\yk51x86.sys [285952 2007-12-06] (Marvell)
S3 AR9271; system32\DRIVERS\athuw.sys [x]
S3 AsrCDDrv; \??\C:\WINDOWS\system32\Drivers\AsrCDDrv.sys [x]
S3 catchme; \??\C:\DOCUME~1\RG\LOCALS~1\Temp\catchme.sys [x]
S2 DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys [x]
S4 IntelIde; No ImagePath
S2 ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [x]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [74584 2013-08-04] (Kaspersky Lab)
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys [x]
S3 Profos; \??\C:\Program Files\Softwin\BitDefender10\profos.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96256 2006-02-28] (Microsoft Corporation)
S2 SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys [x]
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [223616 2006-02-28] (Microsoft Corporation)
S0 tgsbnnve; System32\drivers\gdduv.sys [x]
S3 Trufos; \??\C:\Program Files\Softwin\BitDefender10\trufos.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-22 13:03 - 2013-10-22 13:03 - 01087503 _____ (Farbar) C:\Documents and Settings\RG\Desktop\FRST.exe
2013-10-22 13:01 - 2013-10-22 13:01 - 00002484 _____ C:\Documents and Settings\RG\Desktop\RKreport[0]_S_10222013_130110.txt
2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _____ C:\Documents and Settings\RG\Desktop\RKreport[0]_S_10222013_125720.txt
2013-10-22 12:57 - 2013-10-22 12:57 - 00001689 ____H C:\WINDOWS\system32\BTImages.dat
2013-10-22 12:55 - 2013-10-22 12:55 - 00026624 _____ C:\WINDOWS\system32\TrueSight.sys
2013-10-22 12:54 - 2013-10-22 12:54 - 00955392 _____ C:\Documents and Settings\RG\Desktop\RogueKiller.exe
2013-10-22 09:42 - 2013-10-22 09:42 - 00000000 ____D C:\FRST
2013-10-22 08:12 - 2013-10-22 08:27 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-22 08:12 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-10-22 07:21 - 2013-10-22 08:57 - 00024321 _____ C:\WINDOWS\setupapi.log
2013-10-22 07:21 - 2013-10-22 07:23 - 00417425 _____ C:\WINDOWS\system32\vsconfig.xml
2013-10-22 07:21 - 2013-10-22 07:21 - 00000000 ____D C:\Documents and Settings\RG\Local Settings\Application Data\DoNotTrackPlus
2013-10-22 07:21 - 2013-08-04 00:02 - 00145064 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kneps.sys
2013-10-22 07:21 - 2013-08-04 00:02 - 00074584 _____ (Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2013-10-22 07:21 - 2012-11-15 21:06 - 00043608 _____ (Kaspersky Lab) C:\WINDOWS\system32\Drivers\kltdi.sys
2013-10-22 07:21 - 2012-11-15 21:06 - 00035672 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klim5.sys
2013-10-22 07:20 - 2013-10-22 07:20 - 00000539 _____ C:\Documents and Settings\All Users\Desktop\ZoneAlarm Security.lnk
2013-10-22 07:19 - 2013-10-22 07:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB943232$
2013-10-22 07:00 - 2013-10-22 07:00 - 00000000 __SHD C:\Documents and Settings\Administrator.XXX-53E9B60FB0D.003\PrivacIE
2013-10-22 06:23 - 2013-10-22 06:23 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-22 00:49 - 2013-10-22 00:49 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2013-10-22 00:48 - 2013-10-22 00:49 - 00000000 ____D C:\Documents and Settings\RG\Desktop\mbar
2013-10-22 00:24 - 2013-10-22 07:49 - 00000000 ____D C:\Documents and Settings\RG\Speclean
2013-10-22 00:20 - 2013-10-22 09:26 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ESET
2013-10-21 23:53 - 2013-08-04 00:02 - 00586584 _____ (Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2013-10-21 23:53 - 2013-08-04 00:02 - 00136024 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kl1.sys
2013-10-21 23:53 - 2012-01-09 18:59 - 00011352 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kl2.sys
2013-10-21 23:51 - 2013-10-22 11:48 - 00000820 _____ C:\WINDOWS\Tasks\Google Software Updater.job
2013-10-21 23:35 - 2013-10-21 23:35 - 00028217 _____ C:\ComboFix.txt
2013-10-21 23:25 - 2013-10-21 23:25 - 00000000 _RSHD C:\cmdcons
2013-10-21 23:25 - 2013-10-21 23:00 - 00000223 _____ C:\Boot.bak
2013-10-21 23:25 - 2004-08-03 23:00 - 00260272 __RSH C:\cmldr
2013-10-21 23:23 - 2013-10-21 23:35 - 00000000 ____D C:\Qoobox
2013-10-21 23:23 - 2013-10-21 23:34 - 00000000 ____D C:\WINDOWS\erdnt
2013-10-21 23:23 - 2011-06-26 01:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2013-10-21 23:23 - 2010-11-07 12:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2013-10-21 23:23 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2013-10-21 23:23 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2013-10-21 23:23 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2013-10-21 23:23 - 2000-08-30 19:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2013-10-21 23:23 - 2000-08-30 19:00 - 00098816 _____ C:\WINDOWS\sed.exe
2013-10-21 23:23 - 2000-08-30 19:00 - 00080412 _____ C:\WINDOWS\grep.exe
2013-10-21 23:23 - 2000-08-30 19:00 - 00068096 _____ C:\WINDOWS\zip.exe
2013-10-21 23:22 - 2013-10-21 23:22 - 05136138 ____R (Swearware) C:\Documents and Settings\RG\Desktop\ComboFix.exe
2013-10-21 23:05 - 2013-10-21 23:18 - 00000000 ____D C:\Documents and Settings\RG\Desktop\RK_Quarantine
2013-10-21 16:19 - 2013-10-21 16:21 - 00001030 _____ C:\WINDOWS\system32\PCloudCleanerService.log
2013-10-21 15:50 - 2013-10-21 15:50 - 00000935 _____ C:\Documents and Settings\All Users\Desktop\Panda Cloud Cleaner.lnk
2013-10-21 15:50 - 2013-10-21 15:50 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Panda Security
2013-10-02 09:46 - 2013-10-03 07:37 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2013-10-22 13:03 - 2013-10-22 13:03 - 01087503 _____ (Farbar) C:\Documents and Settings\RG\Desktop\FRST.exe
2013-10-22 13:01 - 2013-10-22 13:01 - 00002484 _____ C:\Documents and Settings\RG\Desktop\RKreport[0]_S_10222013_130110.txt
2013-10-22 13:00 - 2013-10-22 13:00 - 00000000 _____ C:\Documents and Settings\RG\Desktop\RKreport[0]_S_10222013_125720.txt
2013-10-22 12:57 - 2013-10-22 12:57 - 00001689 ____H C:\WINDOWS\system32\BTImages.dat
2013-10-22 12:55 - 2013-10-22 12:55 - 00026624 _____ C:\WINDOWS\system32\TrueSight.sys
2013-10-22 12:55 - 2010-07-21 11:04 - 00000000 ____D C:\Documents and Settings\RG\My Documents\Resumes
2013-10-22 12:54 - 2013-10-22 12:54 - 00955392 _____ C:\Documents and Settings\RG\Desktop\RogueKiller.exe
2013-10-22 12:47 - 2008-07-07 19:54 - 00000000 ____D C:\Documents and Settings\RG
2013-10-22 12:46 - 2009-06-30 09:59 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-22 11:48 - 2013-10-21 23:51 - 00000820 _____ C:\WINDOWS\Tasks\Google Software Updater.job
2013-10-22 11:10 - 2008-07-07 18:22 - 00647381 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-22 09:42 - 2013-10-22 09:42 - 00000000 ____D C:\FRST
2013-10-22 09:36 - 2008-07-07 13:11 - 00625494 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-10-22 09:32 - 2013-08-06 15:59 - 00000000 ____D C:\Documents and Settings\RG\Local Settings\Application Data\HTC MediaHub
2013-10-22 09:32 - 2013-08-06 15:46 - 00000000 ____D C:\Documents and Settings\RG\Local Settings\Application Data\Htc
2013-10-22 09:31 - 2009-06-30 09:59 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-22 09:31 - 2008-07-07 19:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-10-22 09:31 - 2008-07-07 13:14 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-10-22 09:31 - 2008-07-07 13:14 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-10-22 09:31 - 2006-02-28 07:00 - 00012598 _____ C:\WINDOWS\system32\wpa.dbl
2013-10-22 09:30 - 2008-07-07 19:52 - 00032582 _____ C:\WINDOWS\SchedLgU.Txt
2013-10-22 09:26 - 2013-10-22 00:20 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ESET
2013-10-22 09:26 - 2012-01-09 10:50 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-22 09:26 - 2009-01-23 17:04 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2013-10-22 08:57 - 2013-10-22 07:21 - 00024321 _____ C:\WINDOWS\setupapi.log
2013-10-22 08:27 - 2013-10-22 08:12 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-22 07:49 - 2013-10-22 00:24 - 00000000 ____D C:\Documents and Settings\RG\Speclean
2013-10-22 07:44 - 2010-01-14 13:17 - 00000000 ____D C:\Program Files\ESET
2013-10-22 07:23 - 2013-10-22 07:21 - 00417425 _____ C:\WINDOWS\system32\vsconfig.xml
2013-10-22 07:22 - 2008-07-07 19:54 - 00000178 ___SH C:\Documents and Settings\RG\ntuser.ini
2013-10-22 07:21 - 2013-10-22 07:21 - 00000000 ____D C:\Documents and Settings\RG\Local Settings\Application Data\DoNotTrackPlus
2013-10-22 07:20 - 2013-10-22 07:20 - 00000539 _____ C:\Documents and Settings\All Users\Desktop\ZoneAlarm Security.lnk
2013-10-22 07:19 - 2013-10-22 07:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB943232$
2013-10-22 07:19 - 2012-04-11 03:00 - 00062431 _____ C:\WINDOWS\updspapi.log
2013-10-22 07:19 - 2012-02-15 04:00 - 00365096 _____ C:\WINDOWS\iis6.log
2013-10-22 07:19 - 2012-02-15 04:00 - 00240821 _____ C:\WINDOWS\FaxSetup.log
2013-10-22 07:19 - 2012-02-15 04:00 - 00134506 _____ C:\WINDOWS\ocgen.log
2013-10-22 07:19 - 2012-02-15 04:00 - 00122473 _____ C:\WINDOWS\tsoc.log
2013-10-22 07:19 - 2012-02-15 04:00 - 00114142 _____ C:\WINDOWS\comsetup.log
2013-10-22 07:19 - 2012-02-15 04:00 - 00085270 _____ C:\WINDOWS\msmqinst.log
2013-10-22 07:19 - 2012-02-15 04:00 - 00066912 _____ C:\WINDOWS\ntdtcsetup.log
2013-10-22 07:19 - 2012-02-15 04:00 - 00043994 _____ C:\WINDOWS\netfxocm.log
2013-10-22 07:19 - 2012-02-15 04:00 - 00018461 _____ C:\WINDOWS\MedCtrOC.log
2013-10-22 07:19 - 2012-02-15 04:00 - 00013735 _____ C:\WINDOWS\ocmsn.log
2013-10-22 07:19 - 2012-02-15 04:00 - 00013473 _____ C:\WINDOWS\tabletoc.log
2013-10-22 07:19 - 2012-02-15 04:00 - 00012692 _____ C:\WINDOWS\msgsocm.log
2013-10-22 07:19 - 2012-02-15 04:00 - 00001393 _____ C:\WINDOWS\imsins.log
2013-10-22 07:00 - 2013-10-22 07:00 - 00000000 __SHD C:\Documents and Settings\Administrator.XXX-53E9B60FB0D.003\PrivacIE
2013-10-22 07:00 - 2008-07-13 17:41 - 00000000 ____D C:\Documents and Settings\Administrator.XXX-53E9B60FB0D.003
2013-10-22 06:56 - 2008-07-07 13:03 - 00000000 ____D C:\WINDOWS\security
2013-10-22 06:36 - 2008-07-07 13:09 - 00000339 __RSH C:\boot.ini
2013-10-22 06:36 - 2006-02-28 07:00 - 00000659 _____ C:\WINDOWS\win.ini
2013-10-22 06:36 - 2006-02-28 07:00 - 00000227 _____ C:\WINDOWS\system.ini
2013-10-22 06:23 - 2013-10-22 06:23 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-22 01:04 - 2008-07-07 13:03 - 00000000 ____D C:\WINDOWS\pchealth
2013-10-22 01:02 - 2010-03-19 17:53 - 00000000 ____D C:\Documents and Settings\RG\Local Settings\Application Data\Mirillis
2013-10-22 00:58 - 2008-07-07 23:53 - 00169984 _____ C:\Documents and Settings\RG\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-22 00:49 - 2013-10-22 00:49 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2013-10-22 00:49 - 2013-10-22 00:48 - 00000000 ____D C:\Documents and Settings\RG\Desktop\mbar
2013-10-22 00:22 - 2012-09-14 22:35 - 01093229 _____ C:\WINDOWS\setupapi.log.2.old
2013-10-21 23:53 - 2009-10-29 11:09 - 00001324 _____ C:\WINDOWS\system32\d3d9caps.dat
2013-10-21 23:35 - 2013-10-21 23:35 - 00028217 _____ C:\ComboFix.txt
2013-10-21 23:35 - 2013-10-21 23:23 - 00000000 ____D C:\Qoobox
2013-10-21 23:34 - 2013-10-21 23:23 - 00000000 ____D C:\WINDOWS\erdnt
2013-10-21 23:25 - 2013-10-21 23:25 - 00000000 _RSHD C:\cmdcons
2013-10-21 23:22 - 2013-10-21 23:22 - 05136138 ____R (Swearware) C:\Documents and Settings\RG\Desktop\ComboFix.exe
2013-10-21 23:18 - 2013-10-21 23:05 - 00000000 ____D C:\Documents and Settings\RG\Desktop\RK_Quarantine
2013-10-21 23:00 - 2013-10-21 23:25 - 00000223 _____ C:\Boot.bak
2013-10-21 16:21 - 2013-10-21 16:19 - 00001030 _____ C:\WINDOWS\system32\PCloudCleanerService.log
2013-10-21 15:50 - 2013-10-21 15:50 - 00000935 _____ C:\Documents and Settings\All Users\Desktop\Panda Cloud Cleaner.lnk
2013-10-21 15:50 - 2013-10-21 15:50 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Panda Security
2013-10-21 15:50 - 2009-10-30 09:59 - 00000000 ____D C:\Program Files\Panda Security
2013-10-21 09:02 - 2008-07-12 16:07 - 00000000 ____D C:\Documents and Settings\RG\Application Data\Azureus
2013-10-17 10:48 - 2008-07-12 15:47 - 00000000 ____D C:\Documents and Settings\RG\Application Data\Corel
2013-10-17 10:33 - 2008-07-12 15:47 - 00003400 ___SH C:\WINDOWS\system32\KGyGaAvL.sys
2013-10-17 10:33 - 2008-07-12 15:47 - 00000000 ____D C:\Documents and Settings\RG\My Documents\My PSP Files
2013-10-14 11:10 - 2013-04-10 08:39 - 00000026 _____ C:\WINDOWS\Zone.Identifier
2013-10-13 03:27 - 2012-02-17 09:47 - 00048586 _____ C:\WINDOWS\wmsetup.log
2013-10-12 19:56 - 2008-07-11 13:52 - 00000000 ____D C:\Documents and Settings\RG\Application Data\Vso
2013-10-10 07:25 - 2013-08-28 12:46 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-10-05 20:03 - 2008-09-22 17:20 - 00000000 ____D C:\Documents and Settings\RG\My Documents\henry scans
2013-10-04 09:48 - 2008-07-14 08:43 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help
2013-10-03 07:37 - 2013-10-02 09:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-28 20:32 - 2008-10-14 11:10 - 00759808 ___SH C:\Documents and Settings\RG\My Documents\Thumbs.db
2013-09-27 08:23 - 2012-02-15 04:00 - 00184266 _____ C:\WINDOWS\setupact.log

Files to move or delete:
====================
C:\Documents and Settings\RG\WombleEasyDVD.exe


Some content of TEMP:
====================
C:\Documents and Settings\RG\Local Settings\Temp\InstHelper.exe
C:\Documents and Settings\RG\Local Settings\Temp\ntdll_dump.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2006-02-28 07:00] - [2006-02-28 07:00] - 1032192 ____A (Microsoft Corporation) a0732187050030ae399b241436565e64

C:\Windows\System32\winlogon.exe
[2006-02-28 07:00] - [2006-02-28 07:00] - 0502272 ____A (Microsoft Corporation) 01c3346c241652f43aed8e2149881bfe

C:\Windows\System32\svchost.exe
[2006-02-28 07:00] - [2006-02-28 07:00] - 0014336 ____A (Microsoft Corporation) 8f078ae4ed187aaabc0a305146de6716

C:\Windows\System32\services.exe
[2006-02-28 07:00] - [2006-02-28 07:00] - 0108032 ____A (Microsoft Corporation) c6ce6eec82f187615d1002bb3bb50ed4

C:\Windows\System32\User32.dll
[2006-02-28 07:00] - [2006-02-28 07:00] - 0577024 ____A (Microsoft Corporation) c72661f8552ace7c5c85e16a3cf505c4

C:\Windows\System32\userinit.exe
[2006-02-28 07:00] - [2006-02-28 07:00] - 0024576 ____A (Microsoft Corporation) 39b1ffb03c2296323832acbae50d2aff

C:\Windows\System32\Drivers\volsnap.sys
[2006-02-28 07:00] - [2006-02-28 07:00] - 0052352 ____A (Microsoft Corporation) ee4660083deba849ff6c485d944b379b


==================== End Of Log ============================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-10-2013
Ran by RG at 2013-10-22 09:43:14
Running from C:\Documents and Settings\RG\Local Settings\Application Data\Opera\Opera10.01\temporary_downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: ZoneAlarm Antivirus (Disabled - Up to date) {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}
Could not list Security Center items. Check WMI.


==================== Installed Programs ======================

ABBYY FineReader 5.0 Sprint Plus (Version: 5.0.0.3501)
Abrosoft FantaMorph 3.7 (Version: 3.7)
AC3Filter 1.62b (Version: 1.62b)
ACDSee 10 Photo Manager (Version: 10.0.219)
Acrobat.com (Version: 1.6.65)
Acronis True Image Home (Version: 10.0.4942)
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.2)
Adobe AIR (Version: 3.5.0.880)
Adobe Community Help (Version: 3.5.23)
Adobe Download Assistant (Version: 1.0.6)
Adobe Download Manager (Version: 1.6.2.60)
Adobe Flash Player 11 ActiveX (Version: 11.0.1.152)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Media Player (Version: 1.8)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Premiere Elements 10 (Version: 10.0)
Adobe Reader 9.4.6 (Version: 9.4.6)
Advanced Uninstaller PRO - Version 9 (Version: 9)
ANIO Service
ANIWZCS2 Service
Any DVD Converter Professional 4.2.2
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Ares 2.1.7 (Version: 2.1.7-Build#3041)
Asmedia ASM104x USB 3.0 Host Controller Driver (Version: 1.10.1.0)
AT&T Portal
Athlon 64 Processor Driver (Version: 1.2.2.2)
Auslogics Disk Defrag (Version: version 3.2)
AVI/MPEG/RM/WMV Joiner 4.82
Belarc Advisor 7.2
Bonjour (Version: 3.0.0.10)
Boris Graffiti (Version: 5.20.200)
Broadcom NetLink Controller (Version: 14.8.5.1)
CDBurnerXP (Version: 4.3.8.2474)
Cisco Connect (Version: 1.4.11299.0)
Contents (Version: 1.6.0.272)
Contour Storyteller (Version: 3.3.3)
ConvertXtoDVD 3.6.8.166 (Version: 3.6.8.166)
Corel Paint Shop Pro Photo XI (Version: 11.00.0000)
Corel VideoStudio Pro X3 (Version: 1.6.0.272)
Corel WordPerfect Office - iFilter (Version: 1.00.000)
Coupon Printer for Windows (Version: 5.0.0.1)
CPUID CPU-Z 1.51
DAEMON Tools Lite (Version: 4.41.3.0173)
Data Lifeguard Tools
DeviceIO (Version: 1.6.0.272)
DivX Setup (Version: 2.6.1.8)
doubleTwist (Version: 3.0.0.6339)
DriverAgent by TouchStone Software
Dropbox (HKCU Version: 2.0.26)
DVD Decrypter (Remove Only)
DVD Flick 1.3.0.7 (Version: 1.3.0.7)
DVD Shrink 3.2
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.5.0
DVDFab 8.1.5.9 (20/01/2012) Qt
Elements 10 Organizer (Version: 10.0)
EphPod
EPSON Copy Utility 3 (Version: 3.0.2.0)
EPSON Perf 4180 Guide
EPSON Scan
EPSON Smart Panel
ESET Online Scanner v3
ffdshow v1.1.4399 [2012-03-22] (Version: 1.1.4399.0)
FormatFactory 2.90 (Version: 2.90)
GetDataBack for NTFS (Version: 3.30.001)
Google Earth (Version: 7.1.1.1888)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Update Helper (Version: 1.3.21.165)
Google Updater (Version: 2.4.2432.1652)
H.264 Encoder
Haali Media Splitter
HTC BMP USB Driver (Version: 1.0.5375)
HTC Driver Installer (Version: 4.3.0.001)
HTC Sync (Version: 3.3.21)
HTC Sync Manager (Version: 2.1.45.0)
ICA (Version: 1.6.0.272)
IESviewer 2.99n (Version: 2.99)
Intel® Management Engine Components (Version: 8.0.3.1427)
Intel® Processor Graphics (Version: 6.14.10.5404)
IPM_VS_Pro (Version: 13.0)
IPTInstaller (Version: 4.0.8)
iTunes (Version: 10.6.1.7)
J2SE Runtime Environment 5.0 Update 12 (Version: 1.5.0.120)
Java 6 Update 20 (Version: 6.0.200)
K-Lite Codec Pack 9.2.8 (Full) (Version: 9.2.8)
Lagarith Lossless Codec (1.3.27)
LAME v3.99.3 (for Windows)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MediaFACE 5.0 (Version: 5.0)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
MLE (Version: 1.0.0.18)
Mozilla Firefox 24.0 (x86 en-US) (Version: 24.0)
Mozilla Maintenance Service (Version: 24.0)
MP3 To Ringtone Gold 3.50
MSVCRT Redists (Version: 1.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
MSXML 6.0 Parser (Version: 6.00.3883.8)
Nero Burning ROM 10 (Version: 10.2.11000.12.100)
Nero Burning ROM 10 (Version: 10.5.10300)
Nero BurningROM 10 Help (CHM) (Version: 10.5.10100)
Nero BurnRights 10 (Version: 4.2.10300.0.102)
Nero BurnRights 10 Help (CHM) (Version: 10.5.10000)
Nero Control Center 10 (Version: 10.2.10600.0.6)
Nero ControlCenter 10 Help (CHM) (Version: 10.5.10000)
Nero Core Components 10 (Version: 2.0.17400.8.2)
neroxml (Version: 1.0.0)
Nuance OmniPage 17 (Version: 17.0.0000)
Nuance PDF Create! 5 (Version: 5.20.3200)
NVIDIA Drivers (Version: 1.10)
NVIDIA nView Desktop Manager (Version: 6.14.10.00)
NvMixer
OpenSource Flash Video Splitter 1.0.0.5 (Version: 1.0.0.5)
Opera 12.16 (Version: 12.16.1860)
Opera 9.64 (Version: 9.64)
Panda Cloud Cleaner (Version: 1.0.76)
PDF Settings CS5 (Version: 10.0)
Photocensoredet
Pinnacle Studio 12 (Version: 12.0.0.6163)
Pinnacle Studio 12 Ultimate Plugins (Version: 12.0.0.0)
Pinnacle Video Driver (Version: 12.00.0017)
PlexTools Professional V2.32a (Version: 2.32.0001)
PowerISO (Version: 4.8)
PRE10STIInstaller (Version: 1.0)
proDAD Vitascene 1.0
PureHD (Version: 1.6.0.272)
QuickPar 0.9 (Version: 0.9)
QuickTime (Version: 7.55.90.70)
Real Alternative 2.0.2 Lite (Version: 2.0.2)
Realtek AC'97 Audio
Realtek High Definition Audio Driver (Version: 5.10.0.6559)
Recovery Toolbox for Outlook Express 1.1
Samsung CLP-310 Series
Scan to PDF (Version: 2.40)
ScanToWeb
Setup (Version: 1.6.0.272)
ShaPlus Bandwidth Meter 1.3 (Version: 1.3)
Share (Version: 1.6.0.272)
Smart File Advisor 1.1.1 (Version: 1.1.1)
SmartSound Common Data (Version: 1.1.0)
SmartSound Premiere Elements 10 Plugin (Version: 5.70.0001)
SmartSound Quicktracks 5 (Version: 5.1.5)
SmartSound Sonicfire Pro 5 (Version: 5.7.1)
Sony Vegas Pro 8.0 (Version: 8.0.179)
SopCast 3.5.0 (Version: 3.5.0)
Spell Checker For OE 2.1
Splash Lite (Version: 1.7.0)
Splash PRO EX (Version: 1.11.0)
SUPERAntiSpyware (Version: 5.0.1142)
SyncThru Web Admin Service
System Requirements Lab
Temp File Cleaner
Ulead GIF Animator 5
Ultimate Codec Packages
Ultra MKV Converter 4.1.0101
Ultra Video Joiner 5.2.1025
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687400) 32-Bit Edition
Update for Ultimate Codec
Update for Windows XP (KB932823-v3) (Version: 3)
VC 9.0 Runtime (Version: 1.0.0)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Veetle Broadcaster Plugin 0.9.4 (Version: 0.9.4)
Veetle TV 0.9.15 (Version: 0.9.15)
VIO (Version: 1.6.0.272)
VSClassic (Version: 1.6.0.272)
VSPro (Version: 1.6.0.272)
Vuze (Version: 5.1.0.0)
Vuze_Remote Toolbar (Version: )
WD Diagnostics (Version: 1.09.0002)
WhoCrashed 1.01
Winamp (Version: 5.572 )
Winamp Detector Plug-in (HKCU Version: 1.0.0.1)
Window Washer
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
Windows Media Format 11 runtime
Windows Media Player 11
WinRAR archiver
WinZip (Version: 8.1 (4331))
Wondershare Media Converter(Build 1.3.4.0)
WordPerfect Lightning - IPM (Version: 1.0)
WordPerfect Lightning - Messages (Version: 1.0)
WordPerfect Lightning - MSOM (Version: 1.1)
WordPerfect Lightning (Version: 2.0)
WordPerfect Office 2002
WordPerfect Office 2002 (Version: 10)
WordPerfect Office X5 - Common (Version: 15.0)
Wordperfect Office X5 - EN (Version: 15.0)
WordPerfect Office X5 - Filters (Version: 15.0)
WordPerfect Office X5 - Graphics (Version: 15.0)
WordPerfect Office X5 - IPM (Version: 15.0)
WordPerfect Office X5 - LegalTools (Version: 15.0)
WordPerfect Office X5 - Migration Manager (Version: 15.0)
WordPerfect Office X5 - Oxford (Version: 15.0)
WordPerfect Office X5 - PerfectExperts EN (Version: 15.0)
WordPerfect Office X5 - PR (Version: 15.0)
WordPerfect Office X5 - QP (Version: 15.0)
WordPerfect Office X5 - Setup Files (Version: 15.0)
WordPerfect Office X5 - Sharepoint (Version: 15.0)
WordPerfect Office X5 - Skins (Version: 15.0)
WordPerfect Office X5 - System EN (Version: 15.0)
WordPerfect Office X5 - Templates (Version: 15.0)
WordPerfect Office X5 - WP (Version: 15.0)
WordPerfect Office X5 - WT (Version: 15.0)
WordPerfect Office X5 (Version: 15.0)
WordPerfect Office X5 (Version: 15.0.0.357)
Xvid Video Codec (Version: 1.3.2)
ZoneAlarm Antivirus (Version: 11.0.780.000)
ZoneAlarm Firewall (Version: 11.0.780.000)
ZoneAlarm Security (Version: 11.0.780.000)
ZoneAlarm Security Toolbar (Version: 1.8.22.0)

==================== Restore Points =========================

14-08-2013 01:07:44 System Checkpoint
15-08-2013 02:07:44 System Checkpoint
16-08-2013 02:08:51 System Checkpoint
17-08-2013 02:20:51 System Checkpoint
18-08-2013 03:07:46 System Checkpoint
19-08-2013 03:08:53 System Checkpoint
20-08-2013 03:28:00 System Checkpoint
21-08-2013 03:49:06 System Checkpoint
22-08-2013 03:52:07 System Checkpoint
23-08-2013 05:02:42 System Checkpoint
24-08-2013 05:52:08 System Checkpoint
25-08-2013 06:52:07 System Checkpoint
26-08-2013 07:52:06 System Checkpoint
27-08-2013 08:13:52 System Checkpoint
28-08-2013 09:13:53 System Checkpoint
29-08-2013 10:13:52 System Checkpoint
30-08-2013 10:52:23 System Checkpoint
31-08-2013 11:52:22 System Checkpoint
01-09-2013 12:52:23 System Checkpoint
02-09-2013 13:13:20 System Checkpoint
03-09-2013 14:20:13 System Checkpoint
04-09-2013 15:07:40 System Checkpoint
05-09-2013 17:48:31 System Checkpoint
06-09-2013 18:29:43 System Checkpoint
07-09-2013 18:53:42 System Checkpoint
08-09-2013 20:07:48 System Checkpoint
09-09-2013 20:29:42 System Checkpoint
10-09-2013 20:44:10 System Checkpoint
11-09-2013 22:52:48 System Checkpoint
12-09-2013 23:01:02 System Checkpoint
13-09-2013 23:49:48 System Checkpoint
15-09-2013 01:30:52 System Checkpoint
16-09-2013 01:49:47 System Checkpoint
17-09-2013 01:54:49 System Checkpoint
18-09-2013 02:18:36 System Checkpoint
19-09-2013 02:54:46 System Checkpoint
20-09-2013 03:34:02 System Checkpoint
21-09-2013 04:04:11 System Checkpoint
22-09-2013 05:04:09 System Checkpoint
23-09-2013 06:04:11 System Checkpoint
24-09-2013 07:04:10 System Checkpoint
25-09-2013 08:04:11 System Checkpoint
26-09-2013 09:04:10 System Checkpoint
27-09-2013 09:13:45 System Checkpoint
28-09-2013 10:13:44 System Checkpoint
29-09-2013 11:13:45 System Checkpoint
30-09-2013 12:13:43 System Checkpoint
01-10-2013 14:20:00 System Checkpoint
02-10-2013 14:35:42 System Checkpoint
03-10-2013 15:51:00 System Checkpoint
04-10-2013 14:47:52 Configured Microsoft Office Enterprise 2007
05-10-2013 15:13:46 System Checkpoint
06-10-2013 16:14:51 System Checkpoint
07-10-2013 17:32:25 System Checkpoint
08-10-2013 18:44:09 System Checkpoint
09-10-2013 19:13:44 System Checkpoint
10-10-2013 19:28:30 System Checkpoint
11-10-2013 20:26:27 System Checkpoint
12-10-2013 22:03:10 System Checkpoint
13-10-2013 23:20:38 System Checkpoint
14-10-2013 23:45:51 System Checkpoint
16-10-2013 00:26:31 System Checkpoint
17-10-2013 01:26:27 System Checkpoint
18-10-2013 01:32:27 System Checkpoint
19-10-2013 01:48:54 System Checkpoint
20-10-2013 02:27:53 System Checkpoint
21-10-2013 02:57:16 System Checkpoint
21-10-2013 20:42:08 Installed Kaspersky Security Scan.
21-10-2013 21:26:34 Removed Kaspersky Security Scan.
22-10-2013 12:19:41 Installed Windows XP KB943232.
22-10-2013 12:19:54 Removed ZoneAlarm Security
22-10-2013 12:20:07 Removed ZoneAlarm Firewall
22-10-2013 12:20:43 Removed ZoneAlarm Antivirus
22-10-2013 14:28:52 Restore Operation
22-10-2013 14:32:05 Restore Operation

==================== Hosts content: ==========================

2012-01-24 11:14 - 2013-10-21 23:34 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-12-06 12:31 - 2007-08-14 03:39 - 00022723 _____ () C:\WINDOWS\system32\cl31cl3.dll
2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-01 18:31 - 2013-08-01 18:31 - 00030056 _____ () C:\Program Files\HTC\HTC Sync Manager\DbAccess.dll
2013-08-01 18:32 - 2013-08-01 18:32 - 00607376 _____ () C:\Program Files\HTC\HTC Sync Manager\sqlite3.dll
2013-08-01 18:33 - 2013-08-01 18:33 - 00044392 _____ () C:\Program Files\HTC\HTC Sync Manager\NAdvLog.dll
2013-08-01 18:33 - 2013-08-01 18:33 - 00036216 _____ () C:\Program Files\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2013-08-01 18:33 - 2013-08-01 18:33 - 00080248 _____ () C:\Program Files\HTC\HTC Sync Manager\ninstallerhelper.dll
2013-08-01 18:38 - 2013-08-01 18:38 - 00223592 _____ () C:\Program Files\HTC\HTC Sync Manager\DevConnMon.dll
2011-10-09 21:07 - 2008-04-15 19:48 - 04976640 _____ () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\qt-mt333.dll
2011-10-09 21:07 - 2008-04-15 19:48 - 00024064 _____ () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\XalanMessages_1_9.dll
2011-10-09 21:07 - 2008-04-15 19:48 - 00118784 _____ () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\slp.dll
2011-10-09 21:07 - 2008-04-15 19:48 - 00073728 _____ () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\zlib1.dll
2011-10-09 21:07 - 2008-04-15 19:48 - 00057344 _____ () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\boost_thread-vc71-mt-1_32.dll
2012-12-12 14:56 - 2012-12-12 14:56 - 00028672 _____ () C:\Program Files\HTC\HTC Sync 3.0\OutputLog.dll
2012-12-12 14:56 - 2012-12-12 14:56 - 00516599 _____ () C:\Program Files\HTC\HTC Sync 3.0\sqlite3.dll
2012-12-12 14:56 - 2012-12-12 14:56 - 00094208 _____ () C:\Program Files\HTC\HTC Sync 3.0\fdHttpd.dll
2012-12-12 14:56 - 2012-12-12 14:56 - 00405504 _____ () C:\Program Files\HTC\HTC Sync 3.0\HtcDetect.dll
2012-12-12 14:56 - 2012-12-12 14:56 - 00159744 _____ () C:\Program Files\HTC\HTC Sync 3.0\htcDisk.dll
2012-12-12 14:56 - 2012-12-12 14:56 - 00172032 _____ () C:\Program Files\HTC\HTC Sync 3.0\htcDetectLegend.dll
2012-12-12 14:56 - 2012-12-12 14:56 - 00559244 _____ () C:\Program Files\HTC\HTC Sync 3.0\sqlite3.7.dll
2012-12-12 14:56 - 2012-12-12 14:56 - 01515520 _____ () C:\Program Files\HTC\HTC Sync 3.0\Maps\R66Api.dll
2006-02-28 07:00 - 2006-02-28 07:00 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2006-02-28 07:00 - 2006-02-28 07:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2013-05-23 09:35 - 2013-05-23 09:35 - 16033160 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{1a3e09be-1e45-494b-9174-d7385b45bbf5} => ""=""

==================== Faulty Device Manager Devices =============

Name: PCI Device
Description: PCI Device
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/22/2013 08:57:41 AM) (Source: MsiInstaller) (User: RAUL-PC)
Description: Product: ESET Smart Security -- Error 5001. The computer has not been restarted after a program uninstallation. Please restart the computer and run the installer again.

Error: (10/22/2013 07:46:37 AM) (Source: MsiInstaller) (User: RAUL-PC)
Description: Product: ESET NOD32 Antivirus -- Error 1920. Service 'ESET Service' (ekrn) failed to start. Verify that you have sufficient privileges to start system services.

Error: (10/22/2013 00:22:16 AM) (Source: MsiInstaller) (User: RAUL-PC)
Description: Product: ESET Smart Security -- Error 1920. Service 'ESET Service' (ekrn) failed to start. Verify that you have sufficient privileges to start system services.

Error: (10/21/2013 11:33:25 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\RG\WINDOWS\SYSTEM> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (10/16/2013 01:47:17 PM) (Source: Application Hang) (User: )
Description: Hanging application SplashLite.exe, version 1.7.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (10/15/2013 11:00:59 AM) (Source: Application Error) (User: )
Description: Faulting application splashlite.exe, version 1.7.0.0, faulting module msvcr90.dll, version 9.0.30729.6161, fault address 0x0003af64.
Processing media-specific event for [splashlite.exe!ws!]

Error: (10/14/2013 08:32:19 PM) (Source: Application Hang) (User: )
Description: Hanging application Azureus.exe, version 4.8.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (10/12/2013 04:53:41 AM) (Source: Application Hang) (User: )
Description: Hanging application Azureus.exe, version 4.8.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (10/04/2013 09:47:54 AM) (Source: Application Hang) (User: )
Description: Hanging application SETUP.EXE, version 12.0.6606.1000, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/29/2013 09:57:26 PM) (Source: Application Hang) (User: )
Description: Hanging application SplashLite.exe, version 1.7.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (10/22/2013 09:32:02 AM) (Source: 0) (User: )
Description:

Error: (10/22/2013 09:31:58 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd

Error: (10/22/2013 09:31:51 AM) (Source: Service Control Manager) (User: )
Description: The SSPORT service failed to start due to the following error:
%%2

Error: (10/22/2013 09:31:51 AM) (Source: Service Control Manager) (User: )
Description: The BitDefender Desktop Update Service service depends on the following nonexistent service: XCOMM

Error: (10/22/2013 09:31:51 AM) (Source: Service Control Manager) (User: )
Description: The DgiVecp service failed to start due to the following error:
%%2

Error: (10/22/2013 09:31:51 AM) (Source: Service Control Manager) (User: )
Description: The Parallel port driver service failed to start due to the following error:
%%1058

Error: (10/22/2013 09:31:51 AM) (Source: Service Control Manager) (User: )
Description: The ZoneAlarm LTD Toolbar IswSvc service depends on the ZoneAlarm LTD Toolbar ISWKL service which failed to start because of the following error:
%%2

Error: (10/22/2013 09:31:51 AM) (Source: Service Control Manager) (User: )
Description: The ZoneAlarm LTD Toolbar ISWKL service failed to start due to the following error:
%%2

Error: (10/22/2013 09:27:58 AM) (Source: 0) (User: )
Description:

Error: (10/22/2013 09:27:53 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 36%
Total physical RAM: 3297.01 MB
Available physical RAM: 2100.06 MB
Total Pagefile: 5174.98 MB
Available Pagefile: 3833.07 MB
Total Virtual: 2047.88 MB
Available Virtual: 1955.24 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:107.42 GB) (Free:40.17 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive k: (New Volume) (Fixed) (Total:465.76 GB) (Free:42.3 GB) NTFS
Drive l: (New Volume) (Fixed) (Total:465.76 GB) (Free:175.66 GB) NTFS
Drive s: (New Volume) (Fixed) (Total:358.34 GB) (Free:149.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 67A93141)
Partition 1: (Active) - (Size=107 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=358 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 0E343701)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 307DB55F)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-10-2013
Ran by RG at 2013-10-22 09:43:14
Running from C:\Documents and Settings\RG\Local Settings\Application Data\Opera\Opera10.01\temporary_downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: ZoneAlarm Antivirus (Disabled - Up to date) {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}
Could not list Security Center items. Check WMI.


==================== Installed Programs ======================

ABBYY FineReader 5.0 Sprint Plus (Version: 5.0.0.3501)
Abrosoft FantaMorph 3.7 (Version: 3.7)
AC3Filter 1.62b (Version: 1.62b)
ACDSee 10 Photo Manager (Version: 10.0.219)
Acrobat.com (Version: 1.6.65)
Acronis True Image Home (Version: 10.0.4942)
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.2)
Adobe AIR (Version: 3.5.0.880)
Adobe Community Help (Version: 3.5.23)
Adobe Download Assistant (Version: 1.0.6)
Adobe Download Manager (Version: 1.6.2.60)
Adobe Flash Player 11 ActiveX (Version: 11.0.1.152)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Media Player (Version: 1.8)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Premiere Elements 10 (Version: 10.0)
Adobe Reader 9.4.6 (Version: 9.4.6)
Advanced Uninstaller PRO - Version 9 (Version: 9)
ANIO Service
ANIWZCS2 Service
Any DVD Converter Professional 4.2.2
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Ares 2.1.7 (Version: 2.1.7-Build#3041)
Asmedia ASM104x USB 3.0 Host Controller Driver (Version: 1.10.1.0)
AT&T Portal
Athlon 64 Processor Driver (Version: 1.2.2.2)
Auslogics Disk Defrag (Version: version 3.2)
AVI/MPEG/RM/WMV Joiner 4.82
Belarc Advisor 7.2
Bonjour (Version: 3.0.0.10)
Boris Graffiti (Version: 5.20.200)
Broadcom NetLink Controller (Version: 14.8.5.1)
CDBurnerXP (Version: 4.3.8.2474)
Cisco Connect (Version: 1.4.11299.0)
Contents (Version: 1.6.0.272)
Contour Storyteller (Version: 3.3.3)
ConvertXtoDVD 3.6.8.166 (Version: 3.6.8.166)
Corel Paint Shop Pro Photo XI (Version: 11.00.0000)
Corel VideoStudio Pro X3 (Version: 1.6.0.272)
Corel WordPerfect Office - iFilter (Version: 1.00.000)
Coupon Printer for Windows (Version: 5.0.0.1)
CPUID CPU-Z 1.51
DAEMON Tools Lite (Version: 4.41.3.0173)
Data Lifeguard Tools
DeviceIO (Version: 1.6.0.272)
DivX Setup (Version: 2.6.1.8)
doubleTwist (Version: 3.0.0.6339)
DriverAgent by TouchStone Software
Dropbox (HKCU Version: 2.0.26)
DVD Decrypter (Remove Only)
DVD Flick 1.3.0.7 (Version: 1.3.0.7)
DVD Shrink 3.2
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.5.0
DVDFab 8.1.5.9 (20/01/2012) Qt
Elements 10 Organizer (Version: 10.0)
EphPod
EPSON Copy Utility 3 (Version: 3.0.2.0)
EPSON Perf 4180 Guide
EPSON Scan
EPSON Smart Panel
ESET Online Scanner v3
ffdshow v1.1.4399 [2012-03-22] (Version: 1.1.4399.0)
FormatFactory 2.90 (Version: 2.90)
GetDataBack for NTFS (Version: 3.30.001)
Google Earth (Version: 7.1.1.1888)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Update Helper (Version: 1.3.21.165)
Google Updater (Version: 2.4.2432.1652)
H.264 Encoder
Haali Media Splitter
HTC BMP USB Driver (Version: 1.0.5375)
HTC Driver Installer (Version: 4.3.0.001)
HTC Sync (Version: 3.3.21)
HTC Sync Manager (Version: 2.1.45.0)
ICA (Version: 1.6.0.272)
IESviewer 2.99n (Version: 2.99)
Intel® Management Engine Components (Version: 8.0.3.1427)
Intel® Processor Graphics (Version: 6.14.10.5404)
IPM_VS_Pro (Version: 13.0)
IPTInstaller (Version: 4.0.8)
iTunes (Version: 10.6.1.7)
J2SE Runtime Environment 5.0 Update 12 (Version: 1.5.0.120)
Java 6 Update 20 (Version: 6.0.200)
K-Lite Codec Pack 9.2.8 (Full) (Version: 9.2.8)
Lagarith Lossless Codec (1.3.27)
LAME v3.99.3 (for Windows)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MediaFACE 5.0 (Version: 5.0)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
MLE (Version: 1.0.0.18)
Mozilla Firefox 24.0 (x86 en-US) (Version: 24.0)
Mozilla Maintenance Service (Version: 24.0)
MP3 To Ringtone Gold 3.50
MSVCRT Redists (Version: 1.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
MSXML 6.0 Parser (Version: 6.00.3883.8)
Nero Burning ROM 10 (Version: 10.2.11000.12.100)
Nero Burning ROM 10 (Version: 10.5.10300)
Nero BurningROM 10 Help (CHM) (Version: 10.5.10100)
Nero BurnRights 10 (Version: 4.2.10300.0.102)
Nero BurnRights 10 Help (CHM) (Version: 10.5.10000)
Nero Control Center 10 (Version: 10.2.10600.0.6)
Nero ControlCenter 10 Help (CHM) (Version: 10.5.10000)
Nero Core Components 10 (Version: 2.0.17400.8.2)
neroxml (Version: 1.0.0)
Nuance OmniPage 17 (Version: 17.0.0000)
Nuance PDF Create! 5 (Version: 5.20.3200)
NVIDIA Drivers (Version: 1.10)
NVIDIA nView Desktop Manager (Version: 6.14.10.00)
NvMixer
OpenSource Flash Video Splitter 1.0.0.5 (Version: 1.0.0.5)
Opera 12.16 (Version: 12.16.1860)
Opera 9.64 (Version: 9.64)
Panda Cloud Cleaner (Version: 1.0.76)
PDF Settings CS5 (Version: 10.0)
Photocensoredet
Pinnacle Studio 12 (Version: 12.0.0.6163)
Pinnacle Studio 12 Ultimate Plugins (Version: 12.0.0.0)
Pinnacle Video Driver (Version: 12.00.0017)
PlexTools Professional V2.32a (Version: 2.32.0001)
PowerISO (Version: 4.8)
PRE10STIInstaller (Version: 1.0)
proDAD Vitascene 1.0
PureHD (Version: 1.6.0.272)
QuickPar 0.9 (Version: 0.9)
QuickTime (Version: 7.55.90.70)
Real Alternative 2.0.2 Lite (Version: 2.0.2)
Realtek AC'97 Audio
Realtek High Definition Audio Driver (Version: 5.10.0.6559)
Recovery Toolbox for Outlook Express 1.1
Samsung CLP-310 Series
Scan to PDF (Version: 2.40)
ScanToWeb
Setup (Version: 1.6.0.272)
ShaPlus Bandwidth Meter 1.3 (Version: 1.3)
Share (Version: 1.6.0.272)
Smart File Advisor 1.1.1 (Version: 1.1.1)
SmartSound Common Data (Version: 1.1.0)
SmartSound Premiere Elements 10 Plugin (Version: 5.70.0001)
SmartSound Quicktracks 5 (Version: 5.1.5)
SmartSound Sonicfire Pro 5 (Version: 5.7.1)
Sony Vegas Pro 8.0 (Version: 8.0.179)
SopCast 3.5.0 (Version: 3.5.0)
Spell Checker For OE 2.1
Splash Lite (Version: 1.7.0)
Splash PRO EX (Version: 1.11.0)
SUPERAntiSpyware (Version: 5.0.1142)
SyncThru Web Admin Service
System Requirements Lab
Temp File Cleaner
Ulead GIF Animator 5
Ultimate Codec Packages
Ultra MKV Converter 4.1.0101
Ultra Video Joiner 5.2.1025
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687400) 32-Bit Edition
Update for Ultimate Codec
Update for Windows XP (KB932823-v3) (Version: 3)
VC 9.0 Runtime (Version: 1.0.0)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Veetle Broadcaster Plugin 0.9.4 (Version: 0.9.4)
Veetle TV 0.9.15 (Version: 0.9.15)
VIO (Version: 1.6.0.272)
VSClassic (Version: 1.6.0.272)
VSPro (Version: 1.6.0.272)
Vuze (Version: 5.1.0.0)
Vuze_Remote Toolbar (Version: )
WD Diagnostics (Version: 1.09.0002)
WhoCrashed 1.01
Winamp (Version: 5.572 )
Winamp Detector Plug-in (HKCU Version: 1.0.0.1)
Window Washer
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
Windows Media Format 11 runtime
Windows Media Player 11
WinRAR archiver
WinZip (Version: 8.1 (4331))
Wondershare Media Converter(Build 1.3.4.0)
WordPerfect Lightning - IPM (Version: 1.0)
WordPerfect Lightning - Messages (Version: 1.0)
WordPerfect Lightning - MSOM (Version: 1.1)
WordPerfect Lightning (Version: 2.0)
WordPerfect Office 2002
WordPerfect Office 2002 (Version: 10)
WordPerfect Office X5 - Common (Version: 15.0)
Wordperfect Office X5 - EN (Version: 15.0)
WordPerfect Office X5 - Filters (Version: 15.0)
WordPerfect Office X5 - Graphics (Version: 15.0)
WordPerfect Office X5 - IPM (Version: 15.0)
WordPerfect Office X5 - LegalTools (Version: 15.0)
WordPerfect Office X5 - Migration Manager (Version: 15.0)
WordPerfect Office X5 - Oxford (Version: 15.0)
WordPerfect Office X5 - PerfectExperts EN (Version: 15.0)
WordPerfect Office X5 - PR (Version: 15.0)
WordPerfect Office X5 - QP (Version: 15.0)
WordPerfect Office X5 - Setup Files (Version: 15.0)
WordPerfect Office X5 - Sharepoint (Version: 15.0)
WordPerfect Office X5 - Skins (Version: 15.0)
WordPerfect Office X5 - System EN (Version: 15.0)
WordPerfect Office X5 - Templates (Version: 15.0)
WordPerfect Office X5 - WP (Version: 15.0)
WordPerfect Office X5 - WT (Version: 15.0)
WordPerfect Office X5 (Version: 15.0)
WordPerfect Office X5 (Version: 15.0.0.357)
Xvid Video Codec (Version: 1.3.2)
ZoneAlarm Antivirus (Version: 11.0.780.000)
ZoneAlarm Firewall (Version: 11.0.780.000)
ZoneAlarm Security (Version: 11.0.780.000)
ZoneAlarm Security Toolbar (Version: 1.8.22.0)

==================== Restore Points =========================

14-08-2013 01:07:44 System Checkpoint
15-08-2013 02:07:44 System Checkpoint
16-08-2013 02:08:51 System Checkpoint
17-08-2013 02:20:51 System Checkpoint
18-08-2013 03:07:46 System Checkpoint
19-08-2013 03:08:53 System Checkpoint
20-08-2013 03:28:00 System Checkpoint
21-08-2013 03:49:06 System Checkpoint
22-08-2013 03:52:07 System Checkpoint
23-08-2013 05:02:42 System Checkpoint
24-08-2013 05:52:08 System Checkpoint
25-08-2013 06:52:07 System Checkpoint
26-08-2013 07:52:06 System Checkpoint
27-08-2013 08:13:52 System Checkpoint
28-08-2013 09:13:53 System Checkpoint
29-08-2013 10:13:52 System Checkpoint
30-08-2013 10:52:23 System Checkpoint
31-08-2013 11:52:22 System Checkpoint
01-09-2013 12:52:23 System Checkpoint
02-09-2013 13:13:20 System Checkpoint
03-09-2013 14:20:13 System Checkpoint
04-09-2013 15:07:40 System Checkpoint
05-09-2013 17:48:31 System Checkpoint
06-09-2013 18:29:43 System Checkpoint
07-09-2013 18:53:42 System Checkpoint
08-09-2013 20:07:48 System Checkpoint
09-09-2013 20:29:42 System Checkpoint
10-09-2013 20:44:10 System Checkpoint
11-09-2013 22:52:48 System Checkpoint
12-09-2013 23:01:02 System Checkpoint
13-09-2013 23:49:48 System Checkpoint
15-09-2013 01:30:52 System Checkpoint
16-09-2013 01:49:47 System Checkpoint
17-09-2013 01:54:49 System Checkpoint
18-09-2013 02:18:36 System Checkpoint
19-09-2013 02:54:46 System Checkpoint
20-09-2013 03:34:02 System Checkpoint
21-09-2013 04:04:11 System Checkpoint
22-09-2013 05:04:09 System Checkpoint
23-09-2013 06:04:11 System Checkpoint
24-09-2013 07:04:10 System Checkpoint
25-09-2013 08:04:11 System Checkpoint
26-09-2013 09:04:10 System Checkpoint
27-09-2013 09:13:45 System Checkpoint
28-09-2013 10:13:44 System Checkpoint
29-09-2013 11:13:45 System Checkpoint
30-09-2013 12:13:43 System Checkpoint
01-10-2013 14:20:00 System Checkpoint
02-10-2013 14:35:42 System Checkpoint
03-10-2013 15:51:00 System Checkpoint
04-10-2013 14:47:52 Configured Microsoft Office Enterprise 2007
05-10-2013 15:13:46 System Checkpoint
06-10-2013 16:14:51 System Checkpoint
07-10-2013 17:32:25 System Checkpoint
08-10-2013 18:44:09 System Checkpoint
09-10-2013 19:13:44 System Checkpoint
10-10-2013 19:28:30 System Checkpoint
11-10-2013 20:26:27 System Checkpoint
12-10-2013 22:03:10 System Checkpoint
13-10-2013 23:20:38 System Checkpoint
14-10-2013 23:45:51 System Checkpoint
16-10-2013 00:26:31 System Checkpoint
17-10-2013 01:26:27 System Checkpoint
18-10-2013 01:32:27 System Checkpoint
19-10-2013 01:48:54 System Checkpoint
20-10-2013 02:27:53 System Checkpoint
21-10-2013 02:57:16 System Checkpoint
21-10-2013 20:42:08 Installed Kaspersky Security Scan.
21-10-2013 21:26:34 Removed Kaspersky Security Scan.
22-10-2013 12:19:41 Installed Windows XP KB943232.
22-10-2013 12:19:54 Removed ZoneAlarm Security
22-10-2013 12:20:07 Removed ZoneAlarm Firewall
22-10-2013 12:20:43 Removed ZoneAlarm Antivirus
22-10-2013 14:28:52 Restore Operation
22-10-2013 14:32:05 Restore Operation

==================== Hosts content: ==========================

2012-01-24 11:14 - 2013-10-21 23:34 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-12-06 12:31 - 2007-08-14 03:39 - 00022723 _____ () C:\WINDOWS\system32\cl31cl3.dll
2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-01 18:31 - 2013-08-01 18:31 - 00030056 _____ () C:\Program Files\HTC\HTC Sync Manager\DbAccess.dll
2013-08-01 18:32 - 2013-08-01 18:32 - 00607376 _____ () C:\Program Files\HTC\HTC Sync Manager\sqlite3.dll
2013-08-01 18:33 - 2013-08-01 18:33 - 00044392 _____ () C:\Program Files\HTC\HTC Sync Manager\NAdvLog.dll
2013-08-01 18:33 - 2013-08-01 18:33 - 00036216 _____ () C:\Program Files\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2013-08-01 18:33 - 2013-08-01 18:33 - 00080248 _____ () C:\Program Files\HTC\HTC Sync Manager\ninstallerhelper.dll
2013-08-01 18:38 - 2013-08-01 18:38 - 00223592 _____ () C:\Program Files\HTC\HTC Sync Manager\DevConnMon.dll
2011-10-09 21:07 - 2008-04-15 19:48 - 04976640 _____ () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\qt-mt333.dll
2011-10-09 21:07 - 2008-04-15 19:48 - 00024064 _____ () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\XalanMessages_1_9.dll
2011-10-09 21:07 - 2008-04-15 19:48 - 00118784 _____ () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\slp.dll
2011-10-09 21:07 - 2008-04-15 19:48 - 00073728 _____ () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\zlib1.dll
2011-10-09 21:07 - 2008-04-15 19:48 - 00057344 _____ () C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\boost_thread-vc71-mt-1_32.dll
2012-12-12 14:56 - 2012-12-12 14:56 - 00028672 _____ () C:\Program Files\HTC\HTC Sync 3.0\OutputLog.dll
2012-12-12 14:56 - 2012-12-12 14:56 - 00516599 _____ () C:\Program Files\HTC\HTC Sync 3.0\sqlite3.dll
2012-12-12 14:56 - 2012-12-12 14:56 - 00094208 _____ () C:\Program Files\HTC\HTC Sync 3.0\fdHttpd.dll
2012-12-12 14:56 - 2012-12-12 14:56 - 00405504 _____ () C:\Program Files\HTC\HTC Sync 3.0\HtcDetect.dll
2012-12-12 14:56 - 2012-12-12 14:56 - 00159744 _____ () C:\Program Files\HTC\HTC Sync 3.0\htcDisk.dll
2012-12-12 14:56 - 2012-12-12 14:56 - 00172032 _____ () C:\Program Files\HTC\HTC Sync 3.0\htcDetectLegend.dll
2012-12-12 14:56 - 2012-12-12 14:56 - 00559244 _____ () C:\Program Files\HTC\HTC Sync 3.0\sqlite3.7.dll
2012-12-12 14:56 - 2012-12-12 14:56 - 01515520 _____ () C:\Program Files\HTC\HTC Sync 3.0\Maps\R66Api.dll
2006-02-28 07:00 - 2006-02-28 07:00 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2006-02-28 07:00 - 2006-02-28 07:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2013-05-23 09:35 - 2013-05-23 09:35 - 16033160 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{1a3e09be-1e45-494b-9174-d7385b45bbf5} => ""=""

==================== Faulty Device Manager Devices =============

Name: PCI Device
Description: PCI Device
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/22/2013 08:57:41 AM) (Source: MsiInstaller) (User: RAUL-PC)
Description: Product: ESET Smart Security -- Error 5001. The computer has not been restarted after a program uninstallation. Please restart the computer and run the installer again.

Error: (10/22/2013 07:46:37 AM) (Source: MsiInstaller) (User: RAUL-PC)
Description: Product: ESET NOD32 Antivirus -- Error 1920. Service 'ESET Service' (ekrn) failed to start. Verify that you have sufficient privileges to start system services.

Error: (10/22/2013 00:22:16 AM) (Source: MsiInstaller) (User: RAUL-PC)
Description: Product: ESET Smart Security -- Error 1920. Service 'ESET Service' (ekrn) failed to start. Verify that you have sufficient privileges to start system services.

Error: (10/21/2013 11:33:25 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\RG\WINDOWS\SYSTEM> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (10/16/2013 01:47:17 PM) (Source: Application Hang) (User: )
Description: Hanging application SplashLite.exe, version 1.7.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (10/15/2013 11:00:59 AM) (Source: Application Error) (User: )
Description: Faulting application splashlite.exe, version 1.7.0.0, faulting module msvcr90.dll, version 9.0.30729.6161, fault address 0x0003af64.
Processing media-specific event for [splashlite.exe!ws!]

Error: (10/14/2013 08:32:19 PM) (Source: Application Hang) (User: )
Description: Hanging application Azureus.exe, version 4.8.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (10/12/2013 04:53:41 AM) (Source: Application Hang) (User: )
Description: Hanging application Azureus.exe, version 4.8.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (10/04/2013 09:47:54 AM) (Source: Application Hang) (User: )
Description: Hanging application SETUP.EXE, version 12.0.6606.1000, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/29/2013 09:57:26 PM) (Source: Application Hang) (User: )
Description: Hanging application SplashLite.exe, version 1.7.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (10/22/2013 09:32:02 AM) (Source: 0) (User: )
Description:

Error: (10/22/2013 09:31:58 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd

Error: (10/22/2013 09:31:51 AM) (Source: Service Control Manager) (User: )
Description: The SSPORT service failed to start due to the following error:
%%2

Error: (10/22/2013 09:31:51 AM) (Source: Service Control Manager) (User: )
Description: The BitDefender Desktop Update Service service depends on the following nonexistent service: XCOMM

Error: (10/22/2013 09:31:51 AM) (Source: Service Control Manager) (User: )
Description: The DgiVecp service failed to start due to the following error:
%%2

Error: (10/22/2013 09:31:51 AM) (Source: Service Control Manager) (User: )
Description: The Parallel port driver service failed to start due to the following error:
%%1058

Error: (10/22/2013 09:31:51 AM) (Source: Service Control Manager) (User: )
Description: The ZoneAlarm LTD Toolbar IswSvc service depends on the ZoneAlarm LTD Toolbar ISWKL service which failed to start because of the following error:
%%2

Error: (10/22/2013 09:31:51 AM) (Source: Service Control Manager) (User: )
Description: The ZoneAlarm LTD Toolbar ISWKL service failed to start due to the following error:
%%2

Error: (10/22/2013 09:27:58 AM) (Source: 0) (User: )
Description:

Error: (10/22/2013 09:27:53 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 36%
Total physical RAM: 3297.01 MB
Available physical RAM: 2100.06 MB
Total Pagefile: 5174.98 MB
Available Pagefile: 3833.07 MB
Total Virtual: 2047.88 MB
Available Virtual: 1955.24 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:107.42 GB) (Free:40.17 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive k: (New Volume) (Fixed) (Total:465.76 GB) (Free:42.3 GB) NTFS
Drive l: (New Volume) (Fixed) (Total:465.76 GB) (Free:175.66 GB) NTFS
Drive s: (New Volume) (Fixed) (Total:358.34 GB) (Free:149.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 67A93141)
Partition 1: (Active) - (Size=107 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=358 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 0E343701)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 307DB55F)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

 

 

 

 

RogueKiller V8.7.5 [Oct 22 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 2) 32 bits version
Started in : Normal mode
User : RG [Admin rights]
Mode : Scan -- Date : 10/22/2013 13:01:10
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[sCREENSVR][sUSP PATH] HKCU\[...]\Desktop : SCRNSAVE.EXE (C:\WINDOWS\firefox.scr [7]) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 2 ¤¤¤
[FF][PROXY] mvmblz1v.default : user_pref("network.proxy.hxxp", "119.252.162.210"); -> FOUND
[FF][PROXY] mvmblz1v.default : user_pref("network.proxy.hxxp_port", 8080); -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Disk drive +++++
--- User ---
[MBR] d512c1b68c63afe76c394688ecbf4b5b
[bSP] e9febe2e42d8084d3335a571f2d04366 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 109999 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 225279495 | Size: 366937 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) Disk drive +++++
--- User ---
[MBR] 766c425cbd68c885276e4ba38bb1bb88
[bSP] fdaf12d92a5daccfa895f69481de475f : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ IDE) Hitachi HDP725050GLA360 +++++
--- User ---
[MBR] a13b6502b10ee851dc07942e6059674b
[bSP] 242d29b5ddc73052a1846a0046a98a85 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_10222013_130110.txt >>
RKreport[0]_S_10222013_125720.txt



 

Link to post
Share on other sites

I see you ran ComboFix, can you post the logs from it.

----------------------------------------

What are these related to:
 

(Innovative Solutions GRUP SRL) K:\Azureus downloads\Advanced Uninstaller Pro 9.1\Crack\Monitor.exe
HKCU\...\Run: [Advanced Uninstaller PRO Installation Monitor] - K:\Azureus downloads\Advanced Uninstaller Pro 9.1\Crack\Monitor.exe [920976 2008-07-08] (Innovative Solutions GRUP SRL)

 


--------------------------------------------

Download the attached fixlist.txt to the same folder as FRST.
Run FRST and click Fix only once and wait
The tool will create a log (Fixlog.txt) in the folder, please post it to your reply.

MrC

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.