Jump to content

unable to access the Internet after MBAM scan


Coylepj

Recommended Posts

I was doing my routine scan with malware bytes yesterday. It found a whole bunch of stuff and I had it remove all the threats. It seemed to take a very long time so I just let it run. When I return the screen was black. I had to do a forced shutdown. When I restarted I was unable to access the Internet although my computer claimed that my connection was good. Now I notice that a command window pops up during start up with the following heading on it.
c:\progra~1\browse~1\browse~1.exe
Any help would be greatly appreciated.
 
DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.45.2
Run by PETE at 10:17:05 on 2014-02-14
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.2036.1393 [GMT -5:00]
.
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ================
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\idt\dellxpm09b_6159v043\wdm\stacsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\IDT\WDM\sttray.exe
C:\WINDOWS\system32\AESTFltr.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG SafeGuard toolbar\vprot.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Nuance\dgnsvc.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uProxyServer = hxxp=127.0.0.1:1062;https=127.0.0.1:1062;
uProxyOverride = <-loopback>
BHO: HelperObject Class: {00C6482D-C502-44C8-8409-FCE54AD9C208} - c:\program files\techsmith\snagit 7\SnagItBHO.dll
BHO: Wondershare Video Converter Ultimate: {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - c:\program files\wondershare\video converter ultimate\SVRIEPlugin.dll
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\17.3.1.204\AVG SafeGuard toolbar_toolbar.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.9012.1008\swg.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: &RoboForm: {724D43A0-0D85-11D4-9908-00400523E39A} - c:\program files\siber systems\ai roboform\roboform.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\17.3.1.204\AVG SafeGuard toolbar_toolbar.dll
TB: SnagIt: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - c:\program files\techsmith\snagit 7\SnagItIEAddin.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [GoogleDriveSync] "c:\program files\google\drive\googledrivesync.exe" /autostart
uRun: [iSUSPM] c:\documents and settings\all users\application data\flexnet\connect\11\ISUSPM.exe -scheduler
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [nwiz] nwiz.exe /installquiet
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [sysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [AESTFltr] c:\windows\system32\AESTFltr.exe /NoDlg
mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [vProt] "c:\program files\avg safeguard toolbar\vprot.exe"
mRun: [DNS7reminder] "c:\program files\nuance\naturallyspeaking11\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\nuance\naturallyspeaking11\Ereg.ini"
mRun: [browserSafeguard] "c:\program files\browsersafeguard\BrowserSafeguard.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Customize Menu - c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: RoboForm Toolbar - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: Save Forms - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\17.3.0\ViProtocol.dll
AppInit_DLLs= c:\progra~1\settin~1\datamngr\mgrldr.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\32.0.1700.107\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-2-8 147768]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-2-8 222520]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-2-8 102712]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-2-8 27448]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2013-8-1 120600]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-2-26 209176]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22840]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-2-8 176952]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-2-14 193848]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-3-18 37664]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2014\avgwdsvc.exe [2013-9-24 348008]
R2 DragonSvc;Dragon Service;c:\program files\common files\nuance\dgnsvc.exe [2011-6-4 296808]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-9-8 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-9-8 701512]
R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\nvidia corporation\performance drivers\nvPDsvc.exe [2009-12-8 5241448]
R2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0;c:\program files\common files\avg secure search\vtoolbarupdater\17.3.0\ToolbarUpdater.exe [2014-1-20 1771544]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [2013-1-27 112512]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [2013-3-18 241880]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-9-8 22856]
S0 cerc6;cerc6; [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2014\avgidsagent.exe [2013-11-11 3478544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 Util RightSurf;Util RightSurf;c:\program files\rightsurf\bin\utilRightSurf.exe [2014-1-24 80672]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
.
=============== Created Last 30 ================
.
2014-02-06 18:33:52 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-06 18:33:52 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-02-06 18:30:13 -------- d-----w- c:\documents and settings\pete\local settings\application data\Adobe
2014-02-03 18:11:38 -------- d-----w- c:\program files\Siber Systems
2014-02-03 17:33:16 -------- d-----w- C:\_rf
2014-02-02 19:23:39 216064 ----a-w- c:\windows\system32\gcapi_dll.dll
2014-02-02 19:23:27 -------- d-----w- c:\documents and settings\pete\application data\Foxit Software
2014-02-02 19:23:26 -------- d-----w- c:\program files\Foxit Software
2014-02-01 17:12:50 -------- d-----w- c:\program files\Browsersafeguard
2014-01-29 21:57:17 529296 ----a-r- c:\windows\system32\hpinksts8811.dll
2014-01-29 21:57:17 269200 ----a-r- c:\windows\system32\hpinksts8811LM.dll
2014-01-29 21:57:16 2216848 ----a-r- c:\windows\system32\hpinkins8811.exe
2014-01-29 21:57:13 221072 ----a-r- c:\windows\system32\hpinkcoi8811.dll
2014-01-25 18:06:48 -------- d-----w- C:\Intel
2014-01-25 03:25:16 -------- d-----w- c:\program files\MSXML 4.0
2014-01-24 14:07:59 -------- d-----w- c:\documents and settings\pete\application data\DigitalSites
2014-01-24 14:07:52 -------- d-----w- c:\program files\RightSurf
2014-01-24 14:07:49 -------- d-----w- c:\documents and settings\pete\application data\0D0S1L2Z1P1B
2014-01-24 12:46:33 46848 -c----w- c:\windows\system32\dllcache\irbus.sys
2014-01-24 12:46:33 123008 -c----w- c:\windows\system32\dllcache\usbvideo.sys
2014-01-23 23:03:22 -------- d-----w- c:\documents and settings\pete\local settings\application data\TechSmith
2014-01-23 23:03:01 -------- d-----w- c:\documents and settings\all users\Application DataTechSmith
2014-01-23 22:59:40 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2014-01-23 19:46:42 60160 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys
2014-01-23 19:46:42 60160 ----a-w- c:\windows\system32\drivers\usbaudio.sys
2014-01-23 19:44:53 -------- d-----w- c:\documents and settings\pete\application data\Nuance
2014-01-23 18:04:47 -------- d-----w- c:\program files\common files\IVA
2014-01-23 18:04:26 -------- d-----w- c:\program files\common files\Nuance
2014-01-23 18:01:15 -------- d-----w- c:\windows\Speech
2014-01-23 18:01:15 -------- d-----w- c:\program files\Nuance
2014-01-23 18:01:15 -------- d-----w- c:\documents and settings\all users\application data\Nuance
.
==================== Find3M  ====================
.
2014-02-05 23:26:52 920064 ----a-w- c:\windows\system32\wininet.dll
2014-02-05 23:26:43 43520 ------w- c:\windows\system32\licmgr10.dll
2014-02-05 23:26:42 1469440 ------w- c:\windows\system32\inetcpl.cpl
2014-02-05 23:26:37 18944 ----a-w- c:\windows\system32\corpol.dll
2014-02-05 22:24:05 385024 ------w- c:\windows\system32\html.iec
2014-01-04 03:13:05 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-12-20 14:29:47 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-12-20 14:29:47 145408 ----a-w- c:\windows\system32\javacpl.cpl
2013-12-05 11:26:06 1172992 ----a-w- c:\windows\system32\msxml3.dll
2013-11-27 20:21:06 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2013-11-17 01:29:43 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
.
============= FINISH: 10:17:12.20 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 1/23/2013 11:25:36 AM
System Uptime: 2/14/2014 10:02:48 AM (0 hours ago)
.
Motherboard: Dell Inc. |  | 0NY980
Processor: Intel Pentium III Xeon processor | Microprocessor | 1582/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 39.88 GiB free.
D: is CDROM ()
E: is Removable
F: is FIXED (NTFS) - 1858 GiB total, 354.805 GiB free.
G: is FIXED (NTFS) - 2795 GiB total, 96.591 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Broadcom USH
Device ID: USB\VID_0A5C&PID_5800&MI_00\6&66DE6C9&0&0000
Manufacturer: 
Name: Broadcom USH
PNP Device ID: USB\VID_0A5C&PID_5800&MI_00\6&66DE6C9&0&0000
Service: 
.
Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Description: HID-compliant mouse
Device ID: HID\VID_045E&PID_0095&COL01\7&672915C&0&0000
Manufacturer: Microsoft
Name: HID-compliant mouse
PNP Device ID: HID\VID_045E&PID_0095&COL01\7&672915C&0&0000
Service: mouhid
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Base System Device
Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_02501028&REV_11\4&A85581B&0&0BF0
Manufacturer: 
Name: Base System Device
PNP Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_02501028&REV_11\4&A85581B&0&0BF0
Service: 
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: SM Bus Controller
Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_02501028&REV_03\3&61AAA01&0&FB
Manufacturer: 
Name: SM Bus Controller
PNP Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_02501028&REV_03\3&61AAA01&0&FB
Service: 
.
==== System Restore Points ===================
.
RP166: 12/1/2013 9:02:56 PM - System Checkpoint
RP167: 12/13/2013 8:57:45 AM - System Checkpoint
RP168: 12/14/2013 9:06:53 AM - System Checkpoint
RP169: 12/14/2013 1:40:44 PM - Software Distribution Service 3.0
RP170: 12/15/2013 2:05:17 PM - System Checkpoint
RP171: 12/19/2013 8:35:11 AM - System Checkpoint
RP172: 12/20/2013 9:29:41 AM - Installed Java 7 Update 45
RP173: 12/22/2013 6:41:52 AM - System Checkpoint
RP174: 12/27/2013 7:59:40 AM - System Checkpoint
RP175: 12/30/2013 11:01:22 AM - System Checkpoint
RP176: 1/5/2014 7:45:35 PM - System Checkpoint
RP177: 1/7/2014 9:23:55 AM - System Checkpoint
RP178: 1/15/2014 10:39:17 PM - Software Distribution Service 3.0
RP179: 1/17/2014 7:07:28 AM - System Checkpoint
RP180: 1/19/2014 1:55:53 PM - System Checkpoint
RP181: 1/20/2014 2:25:50 PM - System Checkpoint
RP182: 1/22/2014 9:24:06 AM - System Checkpoint
RP183: 1/23/2014 9:54:22 AM - System Checkpoint
RP184: 1/23/2014 12:51:53 PM - Installed Visual C++ 9.0 Runtime for Dragon NaturallySpeaking.
RP185: 1/23/2014 1:01:12 PM - Installed Dragon NaturallySpeaking 11.
RP186: 1/23/2014 6:01:22 PM - Installed SnagIt 7
RP187: 1/24/2014 6:38:08 PM - System Checkpoint
RP188: 1/24/2014 10:25:10 PM - Software Distribution Service 3.0
RP189: 1/25/2014 1:24:30 PM - Software Distribution Service 3.0
RP190: 1/29/2014 12:29:44 PM - System Checkpoint
RP191: 1/30/2014 7:56:17 PM - System Checkpoint
RP192: 2/1/2014 9:57:26 AM - System Checkpoint
RP193: 2/2/2014 2:23:57 PM - Printer Driver Foxit Reader PDF Printer Driver Installed
RP194: 2/6/2014 2:51:08 PM - System Checkpoint
RP195: 2/8/2014 8:30:02 AM - System Checkpoint
RP196: 2/9/2014 12:36:19 PM - System Checkpoint
RP197: 2/10/2014 12:52:45 PM - System Checkpoint
RP198: 2/11/2014 1:23:16 PM - System Checkpoint
RP199: 2/12/2014 8:29:59 PM - System Checkpoint
RP200: 2/13/2014 7:45:29 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
7-Zip 9.20
ACDSee
Adobe Flash Player 12 ActiveX
AI RoboForm (All Users)
Any Video Converter 5.0.9
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASPCA Reminder by We-Care.com v4.1.22.1
aTube Catcher
AVG 2014
AVG SafeGuard toolbar
Bonjour
Dragon NaturallySpeaking 11
DW WLAN Card Utility
File Opener Pro
FLAC 1.2.1b (remove only)
Foxit Reader
Free YouTube Downloader 3.5.136
Google Chrome
Google Drive
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
IDT Audio
Intel® Network Connections Drivers
iTunes
Java 7 Update 45
Java Auto Updater
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Newsbin Pro
NVIDIA Drivers
NVIDIA Performance Drivers
QuickNote
QuickPar 0.9
RightSurf
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2901110v2)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB2817183)
Security Update for Windows Internet Explorer 8 (KB2829530)
Security Update for Windows Internet Explorer 8 (KB2838727)
Security Update for Windows Internet Explorer 8 (KB2846071)
Security Update for Windows Internet Explorer 8 (KB2847204)
Security Update for Windows Internet Explorer 8 (KB2862772)
Security Update for Windows Internet Explorer 8 (KB2870699)
Security Update for Windows Internet Explorer 8 (KB2879017)
Security Update for Windows Internet Explorer 8 (KB2888505)
Security Update for Windows Internet Explorer 8 (KB2898785)
Security Update for Windows Internet Explorer 8 (KB2909210)
Security Update for Windows Internet Explorer 8 (KB2909921)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB2803821-v2)
Security Update for Windows Media Player (KB2803821)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219-v2)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135-v2)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2797052)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2808735)
Security Update for Windows XP (KB2809289)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2839229)
Security Update for Windows XP (KB2845187)
Security Update for Windows XP (KB2847311)
Security Update for Windows XP (KB2849470)
Security Update for Windows XP (KB2850851)
Security Update for Windows XP (KB2850869)
Security Update for Windows XP (KB2859537)
Security Update for Windows XP (KB2862152)
Security Update for Windows XP (KB2862330)
Security Update for Windows XP (KB2862335)
Security Update for Windows XP (KB2864063)
Security Update for Windows XP (KB2868038)
Security Update for Windows XP (KB2868626)
Security Update for Windows XP (KB2876217)
Security Update for Windows XP (KB2876315)
Security Update for Windows XP (KB2876331)
Security Update for Windows XP (KB2883150)
Security Update for Windows XP (KB2892075)
Security Update for Windows XP (KB2893294)
Security Update for Windows XP (KB2893984)
Security Update for Windows XP (KB2898715)
Security Update for Windows XP (KB2900986)
Security Update for Windows XP (KB2914368)
Security Update for Windows XP (KB2916036)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
SnagIt 7
StuffIt Expander 2011
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB2863058)
Update for Windows XP (KB2904266)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB973815)
Update for Zip Extractor
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking
Visual Studio 2012 x86 Redistributables
VLC media player 1.1.7
Vz In-Home Agent
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 8
WinRAR archiver
Wondershare Video Converter Ultimate(Build 6.0.1.0)
XML Paper Specification Shared Components Pack 1.0
xplorer² lite 32 bit
Zip Extractor Packages
.
==== Event Viewer Messages From Past Week ========
.
2/9/2014 5:08:00 PM, error: Schedule [7901]  - The At2.job command failed to start due to the following error:  %%2147942402
2/9/2014 5:07:00 PM, error: Schedule [7901]  - The At1.job command failed to start due to the following error:  %%2147942402
2/9/2014 10:22:13 AM, error: DCOM [10000]  - Unable to start a DCOM Server: {B906071E-9281-44B9-BBDB-98893081D222}. The error: "%193" Happened while starting this command: C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\agent.exe -Embedding
2/13/2014 8:08:00 AM, error: Schedule [7901]  - The At2.job command failed to start due to the following error:  %%2147942403
2/13/2014 7:44:18 AM, error: Service Control Manager [7000]  - The Util RightSurf service failed to start due to the following error:  Access is denied.
2/13/2014 7:44:18 AM, error: Service Control Manager [7000]  - The Update RightSurf service failed to start due to the following error:  Access is denied.
.
==== End Of File ===========================
 

 

Link to post
Share on other sites

Welcome to the forum.

Please download and run RogueKiller 32 Bit to your desktop.

RogueKiller 64 Bit <---use this one for 64 bit systems

Which system am I using?

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes and use the default font)

General Forum P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

2. If you have illegal/cracked software, cracks, keygens, custom (Adobe) host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Failure to remove such software will result in your topic being closed and no further assistance being provided.

MrC

Note:

Please read all of my instructions completely including these.

Make sure system restore is turned on and running, please create a new restore point

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs

<+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

Link to post
Share on other sites

Thanks so much for being patient with me I had the notification settings wrong. I tried to run Roguekiller on my computer but I was unable to except do U LA. There was no accept button. Maybe this is because I don't have any Internet connection. I tried restarting the computer in safe mode with networking and that didn't help either. Please help

Best regards

Pete

Link to post
Share on other sites

Have you tried system restore, you have many restore points...the latest being:

RP196: 2/9/2014 12:36:19 PM - System Checkpoint

RP197: 2/10/2014 12:52:45 PM - System Checkpoint

RP198: 2/11/2014 1:23:16 PM - System Checkpoint

RP199: 2/12/2014 8:29:59 PM - System Checkpoint

RP200: 2/13/2014 7:45:29 AM - Software Distribution Service 3.0

Let me know....MrC

Link to post
Share on other sites

I see you are born the same year as I am. I guess that makes both of us old farts. Enjoyed seeing your dogs, What is there names? Here is a picture of my silly pup, Her name is Simba

I tried to restore to every available restore point but nothing worked. This is my usual experience for restore points. That's why I usually don't bother. Any other suggestions?

post-156568-0-28735600-1392995969_thumb.

Link to post
Share on other sites

These are the only log files that I could find. I'm not sure when the problem occurred if MBam created a log file since the computer crashed. I ran another scan today with the old definitions file and the computer was clean

 

 

2014/02/03 21:19:48 -0500 SINGHI PETE MESSAGE Starting database refresh
2014/02/03 21:19:54 -0500 SINGHI PETE MESSAGE Database refreshed successfully
 
2014/02/12 17:07:33 -0500 SINGHI PETE MESSAGE Starting database refresh
2014/02/12 17:07:44 -0500 SINGHI PETE MESSAGE Database refreshed successfully
 
Link to post
Share on other sites

I can't read it but they look like all PUP (Potentially Unwanted Program).

Give this a try:

Reset the IP/DNS settings of your interent connection:

Go to Start -> Control Panel -> Double click on Network Connections.

Right click on your default connection (usually Local Area Connection or Wireless Network Connection) and select Properties.

Select the General tab.

Double click on Internet Protocol (TCP/IP).

Under General tab:

Select "Obtain an IP address automatically".

Select "Obtain DNS server address automatically".

Click OK twice to save the settings.

Reboot if you had to change any setting.

MrC

Link to post
Share on other sites

That did not work. So I restored everything that M Bam had quarantined. Wa-la my Internet connection came back. So I updated M Bam and ran another complete scan. Attached is the log
What do you think is the problem item?
Thanks for all your help

 

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org
 
Database version: v2014.02.22.02
 
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
PETE :: SINGHI [administrator]
 
2/22/2014 8:58:38 AM
MBAM-log-2014-02-22 (11-31-23).txt
 
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 280753
Time elapsed: 1 hour(s), 19 minute(s), 33 second(s)
 
Memory Processes Detected: 2
C:\Program Files\RightSurf\bin\utilRightSurf.exe (PUP.Optional.RightSurf.A) -> 3420 -> No action taken.
C:\Program Files\Browsersafeguard\BrowserSafeguard.exe (PUP.Optional.BrowserSafeGuard.A) -> 516 -> No action taken.
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 21
HKLM\SYSTEM\CurrentControlSet\Services\Util RightSurf (PUP.Optional.RightSurf.A) -> No action taken.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{88BE1AA9-6740-461C-9E3E-F35EB8FA741C} (PUP.Optional.RightSurf.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (PUP.Optional.OptimumInstaller.A) -> No action taken.
HKCR\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} (PUP.Optional.Conduit) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browsersafeguard (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RightSurf (PUP.Optional.RightSurf.A) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\Update RightSurf (PUP.Optional.RightSurf.A) -> No action taken.
HKCU\Software\ConduitSearchScopes (PUP.Optional.Conduit.A) -> No action taken.
HKCU\Software\RightSurf (PUP.Optional.RightSurf.A) -> No action taken.
HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> No action taken.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> No action taken.
HKLM\SOFTWARE\BROWSERSAFEGUARD (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
HKLM\SOFTWARE\Google\Chrome\Extensions\dhogjnnleghndloamdkljhnhdchpcijl (PUP.Optional.PassShow.A) -> No action taken.
HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\Software\RightSurf (PUP.Optional.RightSurf.A) -> No action taken.
 
Registry Values Detected: 3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|BrowserSafeguard (PUP.Optional.BrowserSafeGuard.A) -> Data: "C:\Program Files\Browsersafeguard\BrowserSafeguard.exe" -> No action taken.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0A2O0R1R1H2Z1S1G0H1F -> No action taken.
HKLM\SOFTWARE\Browsersafeguard|sourceid (PUP.Optional.BrowserSafeGuard.A) -> Data: treasure|D-Chrome-Media1 -> No action taken.
 
Registry Data Items Detected: 1
 
Folders Detected: 16
C:\Program Files\PassShow (PUP.Optional.PassShow.A) -> No action taken.
C:\Program Files\Browsersafeguard (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Program Files\Browsersafeguard\Resources (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Documents and Settings\All Users\Start Menu\Programs\BrowserSafeguard (PUP.Optional.BrowserSafeGuard) -> No action taken.
C:\Program Files\RightSurf (PUP.Optional.RightSurf.A) -> No action taken.
C:\Program Files\RightSurf\bin (PUP.Optional.RightSurf.A) -> No action taken.
C:\Program Files\RightSurf\bin\plugins (PUP.Optional.RightSurf.A) -> No action taken.
C:\Documents and Settings\PETE\Application Data\mysearchdial (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\PETE\Application Data\mysearchdial\icons_2.2.15.1631 (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\PETE\Application Data\mysearchdial\UpdateProc (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temp\ct3306061 (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temp\ct3306061\plugins (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Conduit\IE (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Conduit\IE\CT3306061 (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\Application Data\newnext.me (PUP.Optional.NextLive.A) -> No action taken.
C:\Documents and Settings\PETE\Application Data\newnext.me\cache (PUP.Optional.NextLive.A) -> No action taken.
 
Files Detected: 161
C:\Program Files\RightSurf\bin\utilRightSurf.exe (PUP.Optional.RightSurf.A) -> No action taken.
C:\Documents (PUP.Optional.WeCare.A) -> No action taken.
C:\Documents and Settings\PETE\Application Data\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> No action taken.
C:\Documents and Settings\PETE\Application Data\SearchProtect\Res\SPSetup.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Application Data\genienext\nengine.dll (PUP.Optional.NextLive.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Application Data\Mobogenie\Version\OldVersion\Mobogenie2.1.36.zip (PUP.Optional.NextLive.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Application Data\Mobogenie\Version\OldVersion\Mobogenie\nengine.dll (PUP.Optional.NextLive.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temp\SPSetup.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temp\nsa105.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temp\nsc1D.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temp\nsiF7.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temp\nspFA.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temp\nsu106.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temp\tbConn.dll (PUP.Optional.Conduit) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temp\is1590112554\5007885_stp\Mysearchdial.exe (PUP.Optional.MySpeedDial.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temp\is1590112554\5007894_stp\RightSurfSetup.exe (PUP.Optional.RightSurf.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temp\nsdED\SpSetup.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temp\ct3306061\chLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temp\ct3306061\ctbe.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temp\ct3306061\ieLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temp\ct3306061\spch.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temp\ct3306061\statisticsStub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temp\ct3306061\stub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temporary Internet Files\Content.IE5\3HTUMQQS\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temporary Internet Files\Content.IE5\3HTUMQQS\SPSetup[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temporary Internet Files\Content.IE5\3HTUMQQS\conduitinstaller[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temporary Internet Files\Content.IE5\3HTUMQQS\Connect_DLC_5[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temporary Internet Files\Content.IE5\9359OJSU\SPSetup[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temporary Internet Files\Content.IE5\9359OJSU\spstub[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temporary Internet Files\Content.IE5\9359OJSU\checktbexist[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temporary Internet Files\Content.IE5\BEZPUTY8\Connect_DLC_5[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temporary Internet Files\Content.IE5\VDXIF5XR\Setup[1].exe (PUP.Optional.RightSurf.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temporary Internet Files\Content.IE5\VDXIF5XR\sp-downloader[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\My Documents\Downloads\aTube_Catcher.exe (PUP.Optional.Spigot.A) -> No action taken.
C:\Documents and Settings\PETE\My Documents\Downloads\Chrome_Setup.exe (PUP.Optional.OptimumInstaller.A) -> No action taken.
C:\Documents and Settings\PETE\My Documents\Downloads\Setup.exe (PUP.Optional.OptimumInstaller.A) -> No action taken.
C:\Documents and Settings\PETE\My Documents\Downloads\update (1).exe (PUP.Optional.OptimumInstaller.A) -> No action taken.
C:\Documents and Settings\PETE\My Documents\Downloads\update.exe (PUP.Optional.OptimumInstaller.A) -> No action taken.
C:\Documents and Settings\PETE\My Documents\Downloads\ZipExtractorSetup.exe (PUP.Optional.JumpyApps.A) -> No action taken.
C:\Program Files\Conduit\Community Alerts\Alert.dll (PUP.Optional.Conduit) -> No action taken.
C:\RECYCLER\S-1-5-21-484763869-764733703-1417001333-1003\Dc102.exe (PUP.Optional.RocketFuel.A) -> No action taken.
C:\RECYCLER\S-1-5-21-484763869-764733703-1417001333-1003\Dc83.exe (PUP.Optional.JumpyApps.A) -> No action taken.
C:\RECYCLER\S-1-5-21-484763869-764733703-1417001333-1003\Dc116.exe (PUP.Optional.OptimumInstaller.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP173\A0044292.dll (PUP.Optional.NextLive.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP173\A0044326.dll (PUP.Optional.NextLive.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP174\A0044403.dll (PUP.Optional.NextLive.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP174\A0044473.dll (PUP.Optional.NextLive.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP174\A0044508.dll (PUP.Optional.NextLive.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP174\A0044647.dll (PUP.Optional.NextLive.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP175\A0044974.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP175\A0044975.dll (PUP.Optional.Conduit) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP175\A0044976.dll (PUP.Optional.Conduit) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP175\A0044977.dll (PUP.Optional.Conduit) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP175\A0044979.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP175\A0044980.dll (PUP.Optional.Conduit) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP175\A0044981.dll (PUP.Optional.Conduit) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP175\A0044982.dll (PUP.Optional.Conduit) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP175\A0044983.dll (PUP.Optional.Conduit) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP175\A0044984.dll (PUP.Optional.Conduit) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP175\A0044988.dll (PUP.Optional.Conduit) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP188\A0046413.exe (PUP.Optional.RightSurf.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP188\A0046478.exe (PUP.Optional.DealPly) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP188\A0046524.dll (PUP.Optional.NextLive.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP188\A0046526.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP188\A0046528.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP188\A0046529.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP188\A0046530.exe (PUP.Optional.MySearchDial.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP188\A0046531.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP189\A0046592.exe (PUP.Optional.RightSurf.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP190\A0046968.exe (PUP.Optional.RightSurf.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP190\A0046969.exe (PUP.Optional.RightSurf.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047547.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047548.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047549.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047550.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047551.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047552.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047553.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047554.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047555.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047556.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047611.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047612.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047613.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047614.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047617.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047618.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047619.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047620.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047621.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047622.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047707.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047708.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047709.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047710.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047711.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047712.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047713.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047714.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047715.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047716.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0047984.dll (PUP.Optional.RightSurf.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0048133.exe (PUP.Optional.RightSurf.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP193\A0048146.exe (PUP.Optional.RightSurf.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP197\A0048722.exe (PUP.Optional.RightSurf.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP197\A0048728.exe (PUP.Optional.RightSurf.A) -> No action taken.
C:\System Volume Information\_restore{1C812345-7B65-483D-80B3-1C5987036813}\RP199\A0048950.exe (PUP.Optional.RightSurf.A) -> No action taken.
C:\WINDOWS\Temp\nsfA.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\WINDOWS\Temp\nsh13.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\WINDOWS\Temp\nsh17C.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\WINDOWS\Temp\nskB.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\WINDOWS\Temp\nsn181.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\WINDOWS\Temp\nsr17B.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\WINDOWS\Temp\nsu184.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\WINDOWS\Temp\nsv10.exe (PUP.Optional.SearchProtect.A) -> No action taken.
C:\Program Files\PassShow\150.xpi (PUP.Optional.PassShow.A) -> No action taken.
C:\Program Files\PassShow\01.db (PUP.Optional.PassShow.A) -> No action taken.
C:\Program Files\PassShow\150.crx (PUP.Optional.PassShow.A) -> No action taken.
C:\Program Files\PassShow\150.dat (PUP.Optional.PassShow.A) -> No action taken.
C:\Program Files\PassShow\Sqlite3.dll (PUP.Optional.PassShow.A) -> No action taken.
C:\WINDOWS\Tasks\PassShow Update.job (PUP.Optional.PassShow.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Application Data\mysearchdial-speeddial.crx (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Browsersafeguard\ewebstorewrapper.dll (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Program Files\Browsersafeguard\BrowserSafeguard.exe (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Program Files\Browsersafeguard\makecert.exe (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Program Files\Browsersafeguard\TrustedRoot.cer (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Program Files\Browsersafeguard\uninstall.BrowserSafeguard.exe (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Program Files\Browsersafeguard\Resources\certutil.exe (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Program Files\Browsersafeguard\Resources\libnspr4.dll (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Program Files\Browsersafeguard\Resources\libplc4.dll (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Program Files\Browsersafeguard\Resources\libplds4.dll (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Program Files\Browsersafeguard\Resources\nss3.dll (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Program Files\Browsersafeguard\Resources\smime3.dll (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Program Files\Browsersafeguard\Resources\softokn3.dll (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\WINDOWS\Tasks\BrowserSafeguard Update Task.job (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Documents and Settings\All Users\Start Menu\Programs\BrowserSafeguard\BrowserSafeguard.lnk (PUP.Optional.BrowserSafeGuard) -> No action taken.
C:\Program Files\RightSurf\RightSurf.ico (PUP.Optional.RightSurf.A) -> No action taken.
C:\Program Files\RightSurf\RightSurfUninstall.exe (PUP.Optional.RightSurf.A) -> No action taken.
C:\Program Files\RightSurf\updateRightSurf.exe (PUP.Optional.RightSurf.A) -> No action taken.
C:\Program Files\RightSurf\updateRightSurf.InstallState (PUP.Optional.RightSurf.A) -> No action taken.
C:\Program Files\RightSurf\bin\RightSurf.BrowserFilter.Helper.dll (PUP.Optional.RightSurf.A) -> No action taken.
C:\Program Files\RightSurf\bin\RightSurf.BrowserFilter.Helper.dll.old.f2baaf44-3e10-4776-84de-6708c93cfdbe (PUP.Optional.RightSurf.A) -> No action taken.
C:\Program Files\RightSurf\bin\RightSurfBrowserFilter.exe (PUP.Optional.RightSurf.A) -> No action taken.
C:\Program Files\RightSurf\bin\sqlite3.dll (PUP.Optional.RightSurf.A) -> No action taken.
C:\Program Files\RightSurf\bin\utilRightSurf.InstallState (PUP.Optional.RightSurf.A) -> No action taken.
C:\Program Files\RightSurf\bin\plugins\RightSurf.BrowserFilter.dll (PUP.Optional.RightSurf.A) -> No action taken.
C:\Documents and Settings\PETE\Application Data\mysearchdial\icons_2.2.15.1631\62.ico (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\PETE\Application Data\mysearchdial\icons_2.2.15.1631\80.ico (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\PETE\Application Data\mysearchdial\UpdateProc\config.dat (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\PETE\Application Data\mysearchdial\UpdateProc\STTL.DAT (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\PETE\Application Data\mysearchdial\UpdateProc\TTL.DAT (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temp\ct3306061\chromeid.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temp\ct3306061\CT3306061.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temp\ct3306061\initdata.json (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temp\ct3306061\manifest.json (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temp\ct3306061\setup.ini.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\Local Settings\Temp\ct3306061\plugins\TBVerifier.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Conduit\IE\CT3306061\UninstallerUI.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\PETE\Application Data\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> No action taken.
C:\Documents and Settings\PETE\Application Data\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> No action taken.
 
(end)
Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-02-2014 01

Ran by PETE (administrator) on SINGHI on 22-02-2014 13:12:30

Running from C:\Documents and Settings\PETE\My Documents\MBAM\New Folder

Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)

Internet Explorer Version 8

Boot Mode: Normal

 

The only official download link for FRST:

Download link for 32-Bit version:

Download link for 64-Bit Version:

Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2014\avgrsx.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe

(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe

() C:\WINDOWS\System32\WLTRYSVC.EXE

(Dell Inc.) C:\WINDOWS\System32\bcmwltry.exe

(Microsoft Corporation) C:\WINDOWS\System32\SCardSvr.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Nuance Communications, Inc.) C:\Program Files\Common Files\Nuance\dgnsvc.exe

(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe

(Andrea Electronics Corporation) C:\WINDOWS\system32\AESTFltr.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe

() C:\Program Files\AVG SafeGuard toolbar\vprot.exe

() C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe

(BrowserSafeguard) C:\Program Files\Browsersafeguard\BrowserSafeguard.exe

(Google) C:\Program Files\Google\Drive\googledrivesync.exe

(Siber Systems) C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe

(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

() C:\Program Files\RightSurf\bin\utilRightSurf.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe

(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe

(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe

(Google) C:\Program Files\Google\Drive\googledrivesync.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [nwiz] - nwiz.exe /installquiet

HKLM\...\Run: [NvMediaCenter] - C:\WINDOWS\system32\NvMcTray.dll [86016 2009-06-09] (NVIDIA Corporation)

HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [13590528 2009-06-09] (NVIDIA Corporation)

HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [483420 2009-02-23] (IDT, Inc.)

HKLM\...\Run: [AESTFltr] - C:\WINDOWS\system32\AESTFltr.exe [729088 2008-12-16] (Andrea Electronics Corporation)

HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)

HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)

HKLM\...\Run: [vProt] - C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2535448 2014-02-07] ()

HKLM\...\Run: [DNS7reminder] - C:\Program Files\Nuance\NaturallySpeaking11\Ereg\Ereg.exe [328992 2010-10-27] (Nuance Communications, Inc.)

HKLM\...\Run: [browserSafeguard] - C:\Program Files\Browsersafeguard\BrowserSafeguard.exe [413696 2014-02-22] (BrowserSafeguard)

HKU\S-1-5-21-484763869-764733703-1417001333-1003\...\Run: [GoogleDriveSync] - C:\Program Files\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)

HKU\S-1-5-21-484763869-764733703-1417001333-1003\...\Run: [iSUSPM] - C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe [222496 2011-06-04] (Acresso Corporation)

HKU\S-1-5-21-484763869-764733703-1417001333-1003\...\Run: [RoboForm] - C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [160328 2014-02-03] (Siber Systems)

HKU\S-1-5-21-484763869-764733703-1417001333-1003\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-02-06] (Google Inc.)

AppInit_DLLs: C:\PROGRA~1\SETTIN~1\Datamngr\mgrldr.dll => File Not Found

 

==================== Internet (Whitelisted) ====================

 

ProxyEnable: Internet Explorer proxy is enabled.

ProxyServer: http=127.0.0.1:1124;https=127.0.0.1:1124;

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch


SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 

SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 

SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2465} URL = http://isearch.fantastigames.com/web?src=ieb&gct=ds&appid=107&systemid=465&q={searchTerms}


SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3306061&CUI=UN23583840242974096&UM=2

SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={C25C4382-2C03-42C7-ADDA-9C9C7E76AB15}&mid=ee043a5a5eed47d0a05a2eded4a4291e-823878f3fc2a2ef0e14bc205bbc4c6f5e9939ab8〈=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-07 21:46:06&v=17.3.1.204&pid=safeguard&sg=0&sap=dsp&q={searchTerms}

SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2465} URL = http://isearch.fantastigames.com/web?src=ieb&gct=ds&appid=107&systemid=465&q={searchTerms}

SearchScopes: HKCU - {B32961A4-0C14-4B7F-BE74-97B99AC7CF3D} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0103&cd=2XzuyEtN2Y1L1QzutDtDtBtByD0FyBtB0CyB0Bzy0BzztC0FtN0D0Tzu0SyByDyDtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1072087982&ir=

BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll (TechSmith Corporation)

BHO: Wondershare Video Converter Ultimate - {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - C:\Program Files\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll (Wondershare Software Co., Ltd.)

BHO: No Name - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)

BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.3.1.204\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)

BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.3.1.204\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)

Toolbar: HKLM - SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll (TechSmith Corporation)

Toolbar: HKLM - &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)

Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File

Toolbar: HKCU - No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} -  No File

Toolbar: HKCU - &RoboForm - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)

Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 71.242.0.12

 

Chrome: 

=======


CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll ()

CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)

CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))

CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)

CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll (AVG Technologies)

CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File

CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Extension: (Google Docs) - C:\Documents and Settings\PETE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-10]

CHR Extension: (Google Drive) - C:\Documents and Settings\PETE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-10]

CHR Extension: (YouTube) - C:\Documents and Settings\PETE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-10]

CHR Extension: (Google Search) - C:\Documents and Settings\PETE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-10]

CHR Extension: (AVG SafeGuard) - C:\Documents and Settings\PETE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-11-24]

CHR Extension: (Google Wallet) - C:\Documents and Settings\PETE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]

CHR Extension: (Gmail) - C:\Documents and Settings\PETE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-10]

CHR HKLM\...\Chrome\Extension: [dhogjnnleghndloamdkljhnhdchpcijl] - C:\Program Files\PassShow\150.crx [2014-02-22]

CHR HKLM\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Documents and Settings\PETE\Local Settings\Application Data\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx [2013-12-11]

CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar\ChromeExt\17.3.1.204\avg.crx [2014-02-07]

CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\DOCUME~1\PETE\LOCALS~1\APPLIC~1\mysearchdial-speeddial.crx [2014-02-22]

CHR HKCU\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Documents and Settings\PETE\Local Settings\Application Data\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx [2013-12-11]

CHR HKCU\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\DOCUME~1\PETE\LOCALS~1\APPLIC~1\mysearchdial-speeddial.crx [2014-02-22]

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

========================== Services (Whitelisted) =================

 

R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)

R2 DragonSvc; C:\Program Files\Common Files\Nuance\dgnsvc.exe [296808 2011-06-04] (Nuance Communications, Inc.)

R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-20] (Oracle Corporation)

R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

R2 NVIDIA Performance Driver Service; C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [5241448 2009-12-08] ()

S2 STacSV; c:\program files\idt\dellxpm09b_6159v043\wdm\stacsv.exe [254034 2009-02-23] (IDT, Inc.)

S2 Update RightSurf; C:\Program Files\RightSurf\updateRightSurf.exe [80160 2014-02-22] ()

R2 Util RightSurf; C:\Program Files\RightSurf\bin\utilRightSurf.exe [80672 2014-02-22] ()

R2 vToolbarUpdater17.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [1771544 2014-01-20] (AVG Secure Search)

R2 wltrysvc; C:\WINDOWS\System32\bcmwltry.exe [2404352 2010-02-02] (Dell Inc.)

 

==================== Drivers (Whitelisted) ====================

 

R3 AESTAud; C:\WINDOWS\System32\drivers\AESTAud.sys [112512 2008-12-16] (Andrea Electronics Corporation)

R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [120600 2013-11-05] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [209176 2013-11-04] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147768 2013-10-24] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [22840 2013-09-17] (AVG Technologies CZ, s.r.o.)

R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [176952 2013-10-31] (AVG Technologies CZ, s.r.o.)

R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.)

R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)

R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-11-16] (AVG Technologies)

R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [2696448 2010-02-02] (Broadcom Corporation)

R3 e1yexpress; C:\WINDOWS\System32\DRIVERS\e1y5132.sys [241880 2011-03-23] (Intel Corporation)

R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)

R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1545795 2009-02-23] (IDT, Inc.)

S0 cerc6; No ImagePath

S4 IntelIde; No ImagePath

U3 TrueSight; \??\C:\WINDOWS\system32\TrueSight.sys [X]

U1 WS2IFSL; 

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-02-22 13:12 - 2014-02-22 13:12 - 00000000 ____D () C:\FRST

2014-02-22 08:55 - 2014-02-22 08:55 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\Application Data\Google

2014-02-22 08:49 - 2014-02-22 13:09 - 00000340 _____ () C:\WINDOWS\Tasks\PassShow Update.job

2014-02-22 08:49 - 2014-02-22 12:12 - 00000684 _____ () C:\WINDOWS\Tasks\BrowserSafeguard Update Task.job

2014-02-22 08:49 - 2014-02-22 09:46 - 00000000 ____D () C:\Program Files\PassShow

2014-02-22 08:49 - 2014-02-22 08:49 - 00366611 _____ () C:\Documents and Settings\PETE\Local Settings\Application Data\mysearchdial-speeddial.crx

2014-02-22 08:49 - 2014-02-22 08:49 - 00000000 ____D () C:\Documents and Settings\PETE\Application Data\newnext.me

2014-02-22 08:49 - 2014-02-22 08:49 - 00000000 ____D () C:\Documents and Settings\PETE\Application Data\mysearchdial

2014-02-22 08:49 - 2014-02-22 08:49 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\BrowserSafeguard

2014-02-22 08:49 - 2014-02-22 08:49 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\WeCareReminder

2014-02-21 21:28 - 2014-02-22 13:02 - 00000000 ____D () C:\Documents and Settings\PETE\My Documents\MBAM

2014-02-20 08:56 - 2014-02-20 08:56 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat

2014-02-20 08:53 - 2014-02-20 08:53 - 00000000 ____D () C:\WINDOWS\CSC

2014-02-19 22:39 - 2014-02-19 19:51 - 03817984 _____ () C:\Documents and Settings\PETE\Desktop\RogueKiller.exe

2014-02-19 19:57 - 2014-02-19 22:37 - 00000000 ____D () C:\Documents and Settings\PETE\Desktop\RK_Quarantine

2014-02-14 10:15 - 2014-02-14 10:17 - 00016658 _____ () C:\Documents and Settings\PETE\Desktop\attach.txt

2014-02-14 10:15 - 2014-02-14 10:17 - 00013052 _____ () C:\Documents and Settings\PETE\Desktop\dds.txt

2014-02-14 10:14 - 2014-02-14 09:59 - 00688992 ____R (Swearware) C:\Documents and Settings\PETE\Desktop\dds.scr

2014-02-13 18:08 - 2014-02-13 18:08 - 00000000 ____D () C:\Documents and Settings\PETE\Desktop\The Fresh and Onlys

2014-02-13 08:11 - 2014-02-13 08:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$

2014-02-13 07:48 - 2014-02-13 07:49 - 00011030 _____ () C:\WINDOWS\KB2909921-IE8.log

2014-02-13 07:48 - 2014-02-13 07:48 - 00004144 _____ () C:\WINDOWS\KB2909210-IE8.log

2014-02-12 17:08 - 2014-02-13 08:11 - 00013074 _____ () C:\WINDOWS\KB2916036.log

2014-02-09 10:30 - 2014-02-09 14:14 - 00000000 ____D () C:\Documents and Settings\PETE\My Documents\RET

2014-02-06 13:47 - 2014-02-06 13:47 - 00000000 ____D () C:\Documents and Settings\PETE\Application Data\Google

2014-02-06 13:45 - 2014-02-06 13:46 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Google

2014-02-06 13:41 - 2014-02-06 13:41 - 00000000 ____D () C:\Documents and Settings\PETE\Application Data\Adobe

2014-02-06 13:33 - 2014-02-22 12:59 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2014-02-06 13:33 - 2014-02-22 08:59 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe

2014-02-06 13:33 - 2014-02-22 08:59 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

2014-02-06 13:30 - 2014-02-06 13:46 - 00000000 ____D () C:\Documents and Settings\PETE\Local Settings\Application Data\Adobe

2014-02-03 13:13 - 2014-02-03 13:13 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AI RoboForm

2014-02-03 13:11 - 2014-02-03 13:11 - 00000000 ____D () C:\Program Files\Siber Systems

2014-02-03 12:33 - 2014-02-03 12:33 - 00000000 ____D () C:\_rf

2014-02-03 11:38 - 2014-02-03 13:11 - 00000000 ____D () C:\Documents and Settings\PETE\My Documents\My RoboForm Data

2014-02-03 11:38 - 2014-02-03 11:38 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RoboForm

2014-02-02 18:57 - 2014-02-02 18:57 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\SearchProtect

2014-02-02 14:23 - 2014-02-11 13:40 - 00000000 ____D () C:\Documents and Settings\PETE\Application Data\Foxit Software

2014-02-02 14:23 - 2014-02-02 14:23 - 00001703 _____ () C:\Documents and Settings\All Users\Desktop\Foxit Reader.lnk

2014-02-02 14:23 - 2014-02-02 14:23 - 00000000 ____D () C:\Program Files\Foxit Software

2014-02-02 14:23 - 2014-02-02 14:23 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Foxit Software

2014-02-02 14:23 - 2014-02-02 14:23 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Foxit Reader

2014-02-02 14:23 - 2013-06-09 21:59 - 00216064 _____ () C:\WINDOWS\system32\gcapi_dll.dll

2014-02-02 14:16 - 2014-02-02 14:16 - 00000000 ____D () C:\Program Files\7-Zip

2014-02-02 14:16 - 2014-02-02 14:16 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip

2014-02-02 13:02 - 2014-02-02 13:02 - 00000119 _____ () C:\Documents and Settings\PETE\My Documents\ADD2.txt

2014-02-01 13:27 - 2014-02-06 11:45 - 00000000 ____D () C:\Documents and Settings\PETE\My Documents\New Job

2014-02-01 12:12 - 2014-02-22 08:50 - 00000000 ____D () C:\Program Files\Browsersafeguard

2014-01-29 16:57 - 2012-10-02 17:42 - 02216848 ____R (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinkins8811.exe

2014-01-29 16:57 - 2012-10-02 17:42 - 00529296 ____R (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinksts8811.dll

2014-01-29 16:57 - 2012-10-02 17:42 - 00269200 ____R (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinksts8811LM.dll

2014-01-29 16:57 - 2012-10-02 17:42 - 00221072 ____R (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinkcoi8811.dll

2014-01-25 15:18 - 2014-01-25 15:18 - 00000000 ____D () C:\Documents and Settings\PETE\Application Data\Macromedia

2014-01-25 13:24 - 2014-01-25 13:24 - 00307448 _____ () C:\WINDOWS\msxml4-KB973688-enu.LOG

2014-01-25 13:07 - 2014-01-25 13:08 - 00000140 _____ () C:\Documents and Settings\NetworkService\Application Data\WB.CFG

2014-01-25 13:07 - 2014-01-25 13:07 - 00000005 _____ () C:\Documents and Settings\NetworkService\Application Data\WBPU-TTL.DAT

2014-01-25 13:06 - 2014-01-25 13:06 - 00000000 ____D () C:\Intel

2014-01-24 22:25 - 2014-01-24 22:25 - 00309220 _____ () C:\WINDOWS\msxml4-KB954430-enu.LOG

2014-01-24 22:25 - 2014-01-24 22:25 - 00005933 _____ () C:\WINDOWS\KB2868038.log

2014-01-24 22:25 - 2014-01-24 22:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$

2014-01-24 22:25 - 2014-01-24 22:25 - 00000000 ____D () C:\Program Files\MSXML 4.0

2014-01-24 21:24 - 2014-01-24 21:24 - 00000093 _____ () C:\Documents and Settings\PETE\My Documents\re.txt

2014-01-24 09:08 - 2014-02-22 13:08 - 00000412 _____ () C:\WINDOWS\Tasks\At2.job

2014-01-24 09:08 - 2014-01-24 09:08 - 00000144 _____ () C:\Documents and Settings\PETE\Application Data\WB.CFG

2014-01-24 09:07 - 2014-02-22 13:07 - 00000412 _____ () C:\WINDOWS\Tasks\At1.job

2014-01-24 09:07 - 2014-02-22 08:50 - 00000000 ____D () C:\Program Files\RightSurf

2014-01-24 09:07 - 2014-01-24 09:07 - 00000000 ____D () C:\Documents and Settings\PETE\Application Data\DigitalSites

2014-01-24 09:07 - 2014-01-24 09:07 - 00000000 ____D () C:\Documents and Settings\PETE\Application Data\0D0S1L2Z1P1B

2014-01-24 07:46 - 2013-07-16 19:58 - 00123008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys

2014-01-24 07:46 - 2013-07-16 19:58 - 00046848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irbus.sys

2014-01-23 18:03 - 2014-01-23 18:03 - 00000000 ____D () C:\Documents and Settings\PETE\Local Settings\Application Data\TechSmith

2014-01-23 18:03 - 2014-01-23 18:03 - 00000000 ____D () C:\Documents and Settings\All Users\Application DataTechSmith

2014-01-23 18:02 - 2014-01-23 18:02 - 00000000 ____D () C:\Documents and Settings\PETE\My Documents\SnagIt Catalog

2014-01-23 18:01 - 2014-01-23 18:01 - 00001742 _____ () C:\Documents and Settings\All Users\Desktop\SnagIt 7.lnk

2014-01-23 18:01 - 2014-01-23 18:01 - 00000000 ____D () C:\Program Files\TechSmith

2014-01-23 18:01 - 2014-01-23 18:01 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\SnagIt 7

2014-01-23 17:59 - 2014-01-23 17:59 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard

2014-01-23 15:38 - 2014-02-17 18:59 - 00001395 _____ () C:\Documents and Settings\PETE\Application Data\SAS7_000.DAT

2014-01-23 14:46 - 2013-07-16 19:58 - 00060160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys

2014-01-23 14:46 - 2013-07-16 19:58 - 00060160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbaudio.sys

2014-01-23 14:44 - 2014-01-23 14:44 - 00000000 ____D () C:\Documents and Settings\PETE\Application Data\Nuance

2014-01-23 13:05 - 2014-01-23 14:44 - 00002539 _____ () C:\Documents and Settings\All Users\Desktop\Dragon NaturallySpeaking 11.5.lnk

2014-01-23 13:05 - 2014-01-23 13:05 - 00001994 _____ () C:\Documents and Settings\All Users\Start Menu\Dragon NaturallySpeaking 11.5.lnk

2014-01-23 13:05 - 2014-01-23 13:05 - 00001980 _____ () C:\Documents and Settings\All Users\Start Menu\Software Updates.lnk

2014-01-23 13:05 - 2014-01-23 13:05 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Dragon NaturallySpeaking 11.5

2014-01-23 13:04 - 2014-01-23 13:04 - 00000000 ____D () C:\Program Files\Common Files\Nuance

2014-01-23 13:04 - 2014-01-23 13:04 - 00000000 ____D () C:\Program Files\Common Files\IVA

2014-01-23 13:01 - 2014-01-23 13:05 - 00000000 ____D () C:\WINDOWS\Speech

2014-01-23 13:01 - 2014-01-23 13:01 - 00000000 ____D () C:\Program Files\Nuance

2014-01-23 13:01 - 2014-01-23 13:01 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Nuance

2014-01-23 13:01 - 2014-01-23 13:01 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\FLEXnet

2014-01-23 11:36 - 2014-02-10 07:23 - 00000000 ____D () C:\Documents and Settings\PETE\My Documents\UI

 

==================== One Month Modified Files and Folders =======

 

2014-02-22 13:12 - 2014-02-22 13:12 - 00000000 ____D () C:\FRST

2014-02-22 13:11 - 2014-01-22 13:41 - 00000000 ___RD () C:\Documents and Settings\PETE\My Documents\Google Drive

2014-02-22 13:11 - 2013-01-23 11:22 - 01342747 _____ () C:\WINDOWS\WindowsUpdate.log

2014-02-22 13:10 - 2013-01-23 18:08 - 00200560 _____ () C:\WINDOWS\system32\nvModes.001

2014-02-22 13:10 - 2008-04-14 07:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl

2014-02-22 13:09 - 2014-02-22 08:49 - 00000340 _____ () C:\WINDOWS\Tasks\PassShow Update.job

2014-02-22 13:09 - 2013-06-10 17:22 - 00000878 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-02-22 13:09 - 2013-01-23 11:57 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-02-22 13:09 - 2010-05-12 12:06 - 02384182 _____ () C:\WINDOWS\system32\NvwsApps.xml

2014-02-22 13:08 - 2014-01-24 09:08 - 00000412 _____ () C:\WINDOWS\Tasks\At2.job

2014-02-22 13:08 - 2013-01-23 11:58 - 00000178 ___SH () C:\Documents and Settings\PETE\ntuser.ini

2014-02-22 13:08 - 2013-01-23 11:57 - 00032384 _____ () C:\WINDOWS\SchedLgU.Txt

2014-02-22 13:07 - 2014-01-24 09:07 - 00000412 _____ () C:\WINDOWS\Tasks\At1.job

2014-02-22 13:02 - 2014-02-21 21:28 - 00000000 ____D () C:\Documents and Settings\PETE\My Documents\MBAM

2014-02-22 12:59 - 2014-02-06 13:33 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2014-02-22 12:54 - 2013-06-10 17:22 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-02-22 12:12 - 2014-02-22 08:49 - 00000684 _____ () C:\WINDOWS\Tasks\BrowserSafeguard Update Task.job

2014-02-22 09:46 - 2014-02-22 08:49 - 00000000 ____D () C:\Program Files\PassShow

2014-02-22 08:59 - 2014-02-06 13:33 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe

2014-02-22 08:59 - 2014-02-06 13:33 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

2014-02-22 08:56 - 2013-01-23 06:11 - 00589556 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-02-22 08:55 - 2014-02-22 08:55 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\Application Data\Google

2014-02-22 08:55 - 2014-01-22 13:35 - 00001767 _____ () C:\Documents and Settings\All Users\Desktop\Google Slides.lnk

2014-02-22 08:55 - 2014-01-22 13:35 - 00001765 _____ () C:\Documents and Settings\All Users\Desktop\Google Sheets.lnk

2014-02-22 08:55 - 2014-01-22 13:35 - 00001755 _____ () C:\Documents and Settings\All Users\Desktop\Google Docs.lnk

2014-02-22 08:55 - 2014-01-22 13:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Drive

2014-02-22 08:50 - 2014-02-01 12:12 - 00000000 ____D () C:\Program Files\Browsersafeguard

2014-02-22 08:50 - 2014-01-24 09:07 - 00000000 ____D () C:\Program Files\RightSurf

2014-02-22 08:49 - 2014-02-22 08:49 - 00366611 _____ () C:\Documents and Settings\PETE\Local Settings\Application Data\mysearchdial-speeddial.crx

2014-02-22 08:49 - 2014-02-22 08:49 - 00000000 ____D () C:\Documents and Settings\PETE\Application Data\newnext.me

2014-02-22 08:49 - 2014-02-22 08:49 - 00000000 ____D () C:\Documents and Settings\PETE\Application Data\mysearchdial

2014-02-22 08:49 - 2014-02-22 08:49 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\BrowserSafeguard

2014-02-22 08:49 - 2014-02-22 08:49 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\WeCareReminder

2014-02-22 08:49 - 2013-12-23 21:13 - 00000000 ____D () C:\Documents and Settings\PETE\Local Settings\Application Data\genienext

2014-02-22 08:49 - 2013-12-23 21:12 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Conduit

2014-02-22 08:33 - 2013-01-27 18:10 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData

2014-02-22 06:57 - 2013-01-23 11:58 - 00000000 ____D () C:\Documents and Settings\PETE

2014-02-22 06:48 - 2013-01-23 06:11 - 00565499 _____ () C:\WINDOWS\setupapi.log

2014-02-21 17:34 - 2013-04-10 20:25 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage

2014-02-21 09:39 - 2013-01-23 11:21 - 00000000 ____D () C:\WINDOWS\system32\Restore

2014-02-20 21:08 - 2013-01-23 21:45 - 00111104 _____ () C:\Documents and Settings\PETE\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-02-20 08:56 - 2014-02-20 08:56 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat

2014-02-20 08:53 - 2014-02-20 08:53 - 00000000 ____D () C:\WINDOWS\CSC

2014-02-19 22:37 - 2014-02-19 19:57 - 00000000 ____D () C:\Documents and Settings\PETE\Desktop\RK_Quarantine

2014-02-19 19:51 - 2014-02-19 22:39 - 03817984 _____ () C:\Documents and Settings\PETE\Desktop\RogueKiller.exe

2014-02-19 07:58 - 2013-01-23 18:08 - 00200560 _____ () C:\WINDOWS\system32\nvModes.dat

2014-02-17 18:59 - 2014-01-23 15:38 - 00001395 _____ () C:\Documents and Settings\PETE\Application Data\SAS7_000.DAT

2014-02-17 18:45 - 2013-01-23 06:13 - 00000216 _____ () C:\WINDOWS\wiadebug.log

2014-02-17 11:27 - 2013-01-23 06:13 - 00000049 _____ () C:\WINDOWS\wiaservc.log

2014-02-14 10:17 - 2014-02-14 10:15 - 00016658 _____ () C:\Documents and Settings\PETE\Desktop\attach.txt

2014-02-14 10:17 - 2014-02-14 10:15 - 00013052 _____ () C:\Documents and Settings\PETE\Desktop\dds.txt

2014-02-14 09:59 - 2014-02-14 10:14 - 00688992 ____R (Swearware) C:\Documents and Settings\PETE\Desktop\dds.scr

2014-02-13 18:08 - 2014-02-13 18:08 - 00000000 ____D () C:\Documents and Settings\PETE\Desktop\The Fresh and Onlys

2014-02-13 11:41 - 2013-01-23 11:23 - 00000000 __SHD () C:\Documents and Settings\All Users\DRM

2014-02-13 11:02 - 2013-03-20 16:10 - 00000000 __HDC () C:\WINDOWS\ie8

2014-02-13 08:12 - 2013-05-24 17:58 - 00000000 ____D () C:\WINDOWS\Microsoft.NET

2014-02-13 08:11 - 2014-02-13 08:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$

2014-02-13 08:11 - 2014-02-12 17:08 - 00013074 _____ () C:\WINDOWS\KB2916036.log

2014-02-13 08:11 - 2013-03-19 17:15 - 00093430 _____ () C:\WINDOWS\updspapi.log

2014-02-13 08:11 - 2013-01-23 06:11 - 01234255 _____ () C:\WINDOWS\iis6.log

2014-02-13 08:11 - 2013-01-23 06:11 - 01112057 _____ () C:\WINDOWS\FaxSetup.log

2014-02-13 08:11 - 2013-01-23 06:11 - 00540940 _____ () C:\WINDOWS\ocgen.log

2014-02-13 08:11 - 2013-01-23 06:11 - 00512949 _____ () C:\WINDOWS\tsoc.log

2014-02-13 08:11 - 2013-01-23 06:11 - 00378989 _____ () C:\WINDOWS\comsetup.log

2014-02-13 08:11 - 2013-01-23 06:11 - 00344934 _____ () C:\WINDOWS\msmqinst.log

2014-02-13 08:11 - 2013-01-23 06:11 - 00228133 _____ () C:\WINDOWS\ntdtcsetup.log

2014-02-13 08:11 - 2013-01-23 06:11 - 00195564 _____ () C:\WINDOWS\netfxocm.log

2014-02-13 08:11 - 2013-01-23 06:11 - 00077148 _____ () C:\WINDOWS\MedCtrOC.log

2014-02-13 08:11 - 2013-01-23 06:11 - 00061761 _____ () C:\WINDOWS\ocmsn.log

2014-02-13 08:11 - 2013-01-23 06:11 - 00056652 _____ () C:\WINDOWS\tabletoc.log

2014-02-13 08:11 - 2013-01-23 06:11 - 00055873 _____ () C:\WINDOWS\msgsocm.log

2014-02-13 08:11 - 2013-01-23 06:11 - 00001374 _____ () C:\WINDOWS\imsins.log

2014-02-13 08:02 - 2013-08-14 22:03 - 00000000 ____D () C:\WINDOWS\system32\MRT

2014-02-13 07:57 - 2013-03-20 16:08 - 85946576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2014-02-13 07:49 - 2014-02-13 07:48 - 00011030 _____ () C:\WINDOWS\KB2909921-IE8.log

2014-02-13 07:49 - 2013-01-23 06:11 - 00001374 _____ () C:\WINDOWS\imsins.BAK

2014-02-13 07:48 - 2014-02-13 07:48 - 00004144 _____ () C:\WINDOWS\KB2909210-IE8.log

2014-02-13 07:48 - 2013-03-20 16:10 - 00000000 ____D () C:\WINDOWS\ie8updates

2014-02-11 13:40 - 2014-02-02 14:23 - 00000000 ____D () C:\Documents and Settings\PETE\Application Data\Foxit Software

2014-02-11 08:37 - 2013-03-18 17:23 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

2014-02-10 07:23 - 2014-01-23 11:36 - 00000000 ____D () C:\Documents and Settings\PETE\My Documents\UI

2014-02-09 14:14 - 2014-02-09 10:30 - 00000000 ____D () C:\Documents and Settings\PETE\My Documents\RET

2014-02-09 11:36 - 2014-01-22 13:39 - 00000156 _____ () C:\Documents and Settings\PETE\My Documents\add.txt

2014-02-07 21:46 - 2013-05-21 20:36 - 00000000 ____D () C:\WINDOWS\system32\cache

2014-02-07 21:46 - 2013-03-18 17:07 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar

2014-02-07 08:11 - 2013-06-10 17:22 - 00000000 ____D () C:\Documents and Settings\PETE\Local Settings\Application Data\Google

2014-02-06 13:47 - 2014-02-06 13:47 - 00000000 ____D () C:\Documents and Settings\PETE\Application Data\Google

2014-02-06 13:46 - 2014-02-06 13:45 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Google

2014-02-06 13:46 - 2014-02-06 13:30 - 00000000 ____D () C:\Documents and Settings\PETE\Local Settings\Application Data\Adobe

2014-02-06 13:46 - 2013-06-10 17:22 - 00000000 ____D () C:\Program Files\Google

2014-02-06 13:41 - 2014-02-06 13:41 - 00000000 ____D () C:\Documents and Settings\PETE\Application Data\Adobe

2014-02-06 11:45 - 2014-02-01 13:27 - 00000000 ____D () C:\Documents and Settings\PETE\My Documents\New Job

2014-02-06 03:54 - 2008-04-14 07:00 - 00174592 ____N (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2014-02-06 03:54 - 2008-04-14 07:00 - 00174592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ie4uinit.exe

2014-02-05 18:26 - 2013-03-20 16:11 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll

2014-02-05 18:26 - 2013-03-20 16:10 - 11113472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll

2014-02-05 18:26 - 2013-03-20 16:10 - 02006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll

2014-02-05 18:26 - 2013-03-20 16:10 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll

2014-02-05 18:26 - 2013-03-20 16:10 - 00630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll

2014-02-05 18:26 - 2013-03-20 16:10 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll

2014-02-05 18:26 - 2013-03-20 16:10 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll

2014-02-05 18:26 - 2013-03-20 16:10 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll

2014-02-05 18:26 - 2013-01-23 11:22 - 00759296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll

2014-02-05 18:26 - 2009-03-08 03:39 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2014-02-05 18:26 - 2009-03-08 03:32 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2014-02-05 18:26 - 2009-03-08 03:32 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2014-02-05 18:26 - 2009-03-08 03:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll

2014-02-05 18:26 - 2008-04-14 07:00 - 06021120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll

2014-02-05 18:26 - 2008-04-14 07:00 - 06021120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-02-05 18:26 - 2008-04-14 07:00 - 01469440 ____N (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2014-02-05 18:26 - 2008-04-14 07:00 - 01469440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl

2014-02-05 18:26 - 2008-04-14 07:00 - 01216000 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll

2014-02-05 18:26 - 2008-04-14 07:00 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2014-02-05 18:26 - 2008-04-14 07:00 - 00920064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll

2014-02-05 18:26 - 2008-04-14 07:00 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2014-02-05 18:26 - 2008-04-14 07:00 - 00611840 ____N (Microsoft Corporation) C:\WINDOWS\system32\mstime.dll

2014-02-05 18:26 - 2008-04-14 07:00 - 00611840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstime.dll

2014-02-05 18:26 - 2008-04-14 07:00 - 00387584 ____N (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2014-02-05 18:26 - 2008-04-14 07:00 - 00387584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedkcs32.dll

2014-02-05 18:26 - 2008-04-14 07:00 - 00206848 ____N (Microsoft Corporation) C:\WINDOWS\system32\occache.dll

2014-02-05 18:26 - 2008-04-14 07:00 - 00206848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll

2014-02-05 18:26 - 2008-04-14 07:00 - 00184320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll

2014-02-05 18:26 - 2008-04-14 07:00 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll

2014-02-05 18:26 - 2008-04-14 07:00 - 00105984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll

2014-02-05 18:26 - 2008-04-14 07:00 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll

2014-02-05 18:26 - 2008-04-14 07:00 - 00067072 ____N (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2014-02-05 18:26 - 2008-04-14 07:00 - 00067072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtmled.dll

2014-02-05 18:26 - 2008-04-14 07:00 - 00043520 ____N (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll

2014-02-05 18:26 - 2008-04-14 07:00 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licmgr10.dll

2014-02-05 18:26 - 2008-04-14 07:00 - 00025600 ____N (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll

2014-02-05 18:26 - 2008-04-14 07:00 - 00025600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsproxy.dll

2014-02-05 18:26 - 2008-04-14 07:00 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\corpol.dll

2014-02-05 18:26 - 2008-04-14 07:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\corpol.dll

2014-02-05 17:24 - 2008-04-14 07:00 - 00385024 ____N (Microsoft Corporation) C:\WINDOWS\system32\html.iec

2014-02-04 14:51 - 2013-06-10 17:24 - 00001813 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk

2014-02-04 13:11 - 2013-02-09 22:04 - 00000000 ____D () C:\Documents and Settings\PETE\My Documents\Wondershare Video Converter Ultimate

2014-02-03 13:13 - 2014-02-03 13:13 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AI RoboForm

2014-02-03 13:11 - 2014-02-03 13:11 - 00000000 ____D () C:\Program Files\Siber Systems

2014-02-03 13:11 - 2014-02-03 11:38 - 00000000 ____D () C:\Documents and Settings\PETE\My Documents\My RoboForm Data

2014-02-03 12:33 - 2014-02-03 12:33 - 00000000 ____D () C:\_rf

2014-02-03 11:38 - 2014-02-03 11:38 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RoboForm

2014-02-02 18:57 - 2014-02-02 18:57 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\SearchProtect

2014-02-02 14:23 - 2014-02-02 14:23 - 00001703 _____ () C:\Documents and Settings\All Users\Desktop\Foxit Reader.lnk

2014-02-02 14:23 - 2014-02-02 14:23 - 00000000 ____D () C:\Program Files\Foxit Software

2014-02-02 14:23 - 2014-02-02 14:23 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Foxit Software

2014-02-02 14:23 - 2014-02-02 14:23 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Foxit Reader

2014-02-02 14:16 - 2014-02-02 14:16 - 00000000 ____D () C:\Program Files\7-Zip

2014-02-02 14:16 - 2014-02-02 14:16 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip

2014-02-02 13:02 - 2014-02-02 13:02 - 00000119 _____ () C:\Documents and Settings\PETE\My Documents\ADD2.txt

2014-01-25 15:18 - 2014-01-25 15:18 - 00000000 ____D () C:\Documents and Settings\PETE\Application Data\Macromedia

2014-01-25 13:24 - 2014-01-25 13:24 - 00307448 _____ () C:\WINDOWS\msxml4-KB973688-enu.LOG

2014-01-25 13:11 - 2013-12-23 21:13 - 00000000 ____D () C:\Documents and Settings\PETE\Local Settings\Application Data\Mobogenie

2014-01-25 13:08 - 2014-01-25 13:07 - 00000140 _____ () C:\Documents and Settings\NetworkService\Application Data\WB.CFG

2014-01-25 13:07 - 2014-01-25 13:07 - 00000005 _____ () C:\Documents and Settings\NetworkService\Application Data\WBPU-TTL.DAT

2014-01-25 13:06 - 2014-01-25 13:06 - 00000000 ____D () C:\Intel

2014-01-24 22:25 - 2014-01-24 22:25 - 00309220 _____ () C:\WINDOWS\msxml4-KB954430-enu.LOG

2014-01-24 22:25 - 2014-01-24 22:25 - 00005933 _____ () C:\WINDOWS\KB2868038.log

2014-01-24 22:25 - 2014-01-24 22:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$

2014-01-24 22:25 - 2014-01-24 22:25 - 00000000 ____D () C:\Program Files\MSXML 4.0

2014-01-24 21:24 - 2014-01-24 21:24 - 00000093 _____ () C:\Documents and Settings\PETE\My Documents\re.txt

2014-01-24 09:08 - 2014-01-24 09:08 - 00000144 _____ () C:\Documents and Settings\PETE\Application Data\WB.CFG

2014-01-24 09:07 - 2014-01-24 09:07 - 00000000 ____D () C:\Documents and Settings\PETE\Application Data\DigitalSites

2014-01-24 09:07 - 2014-01-24 09:07 - 00000000 ____D () C:\Documents and Settings\PETE\Application Data\0D0S1L2Z1P1B

2014-01-23 18:03 - 2014-01-23 18:03 - 00000000 ____D () C:\Documents and Settings\PETE\Local Settings\Application Data\TechSmith

2014-01-23 18:03 - 2014-01-23 18:03 - 00000000 ____D () C:\Documents and Settings\All Users\Application DataTechSmith

2014-01-23 18:02 - 2014-01-23 18:02 - 00000000 ____D () C:\Documents and Settings\PETE\My Documents\SnagIt Catalog

2014-01-23 18:01 - 2014-01-23 18:01 - 00001742 _____ () C:\Documents and Settings\All Users\Desktop\SnagIt 7.lnk

2014-01-23 18:01 - 2014-01-23 18:01 - 00000000 ____D () C:\Program Files\TechSmith

2014-01-23 18:01 - 2014-01-23 18:01 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\SnagIt 7

2014-01-23 17:59 - 2014-01-23 17:59 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard

2014-01-23 14:44 - 2014-01-23 14:44 - 00000000 ____D () C:\Documents and Settings\PETE\Application Data\Nuance

2014-01-23 14:44 - 2014-01-23 13:05 - 00002539 _____ () C:\Documents and Settings\All Users\Desktop\Dragon NaturallySpeaking 11.5.lnk

2014-01-23 13:05 - 2014-01-23 13:05 - 00001994 _____ () C:\Documents and Settings\All Users\Start Menu\Dragon NaturallySpeaking 11.5.lnk

2014-01-23 13:05 - 2014-01-23 13:05 - 00001980 _____ () C:\Documents and Settings\All Users\Start Menu\Software Updates.lnk

2014-01-23 13:05 - 2014-01-23 13:05 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Dragon NaturallySpeaking 11.5

2014-01-23 13:05 - 2014-01-23 13:01 - 00000000 ____D () C:\WINDOWS\Speech

2014-01-23 13:04 - 2014-01-23 13:04 - 00000000 ____D () C:\Program Files\Common Files\Nuance

2014-01-23 13:04 - 2014-01-23 13:04 - 00000000 ____D () C:\Program Files\Common Files\IVA

2014-01-23 13:01 - 2014-01-23 13:01 - 00000000 ____D () C:\Program Files\Nuance

2014-01-23 13:01 - 2014-01-23 13:01 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Nuance

2014-01-23 13:01 - 2014-01-23 13:01 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\FLEXnet

 

Files to move or delete:

====================

C:\Windows\Tasks\At1.job

C:\Windows\Tasks\At2.job

 

 

Some content of TEMP:

====================

C:\Documents and Settings\PETE\Local Settings\Temp\68654uninstall.exe

C:\Documents and Settings\PETE\Local Settings\Temp\cfgmgr32.dll

C:\Documents and Settings\PETE\Local Settings\Temp\Checkupdate.exe

C:\Documents and Settings\PETE\Local Settings\Temp\Foxit Reader Updater.exe

C:\Documents and Settings\PETE\Local Settings\Temp\gcapi_dll.dll

C:\Documents and Settings\PETE\Local Settings\Temp\gtapi_signed.dll

C:\Documents and Settings\PETE\Local Settings\Temp\nsa105.exe

C:\Documents and Settings\PETE\Local Settings\Temp\nsc1D.exe

C:\Documents and Settings\PETE\Local Settings\Temp\nsiF7.exe

C:\Documents and Settings\PETE\Local Settings\Temp\nspFA.exe

C:\Documents and Settings\PETE\Local Settings\Temp\nsu106.exe

C:\Documents and Settings\PETE\Local Settings\Temp\oi_{86839C8E-6854-4183-BA36-44726FDE618B}.exe

C:\Documents and Settings\PETE\Local Settings\Temp\setupapi.dll

C:\Documents and Settings\PETE\Local Settings\Temp\SPSetup.exe

C:\Documents and Settings\PETE\Local Settings\Temp\SPStub.exe

C:\Documents and Settings\PETE\Local Settings\Temp\Sqlite3.dll

C:\Documents and Settings\PETE\Local Settings\Temp\System.Data.SQLite.dll

C:\Documents and Settings\PETE\Local Settings\Temp\System.Data.SQLite23515.dll

C:\Documents and Settings\PETE\Local Settings\Temp\System.Data.SQLite33017.dll

C:\Documents and Settings\PETE\Local Settings\Temp\System.Data.SQLite36733.dll

C:\Documents and Settings\PETE\Local Settings\Temp\System.Data.SQLite40426.dll

C:\Documents and Settings\PETE\Local Settings\Temp\System.Data.SQLite57696.dll

C:\Documents and Settings\PETE\Local Settings\Temp\System.Data.SQLite89446.dll

C:\Documents and Settings\PETE\Local Settings\Temp\System.Data.SQLite93162.dll

C:\Documents and Settings\PETE\Local Settings\Temp\tbConn.dll

 

 

==================== Bamital & volsnap Check =================

 

C:\WINDOWS\explorer.exe => MD5 is legit

C:\WINDOWS\system32\winlogon.exe => MD5 is legit

C:\WINDOWS\system32\svchost.exe => MD5 is legit

C:\WINDOWS\system32\services.exe => MD5 is legit

C:\WINDOWS\system32\User32.dll => MD5 is legit

C:\WINDOWS\system32\userinit.exe => MD5 is legit

C:\WINDOWS\system32\rpcss.dll => MD5 is legit

C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

 

==================== End Of Log ============================


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-02-2014 01

Ran by PETE at 2014-02-22 13:13:08

Running from C:\Documents and Settings\PETE\My Documents\MBAM\New Folder

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

 

==================== Installed Programs ======================

 

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )

ACDSee (HKLM\...\ACDSee) (Version:  - )

Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)

AI RoboForm (All Users) (HKLM\...\AI RoboForm) (Version:  - )

Any Video Converter 5.0.9 (HKLM\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)

Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)

Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ASPCA Reminder by We-Care.com v4.1.22.1 (HKLM\...\{DB9BF6DA-8030-4A21-9FF4-8856A7556FCF}) (Version: 4.1.22.1 - We-Care.com)

aTube Catcher (HKLM\...\aTube Catcher) (Version: 2.9.1462 - DsNET Corp)

AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4259 - AVG Technologies)

AVG 2014 (Version: 14.0.3705 - AVG Technologies) Hidden

AVG 2014 (Version: 14.0.4259 - AVG Technologies) Hidden

AVG SafeGuard toolbar (HKLM\...\AVG SafeGuard toolbar) (Version: 17.3.1.204 - AVG Technologies)

Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)

BrowserSafeguard with RocketTab (HKLM\...\Browsersafeguard) (Version:  - Browsersafeguard) <==== ATTENTION

Dragon NaturallySpeaking 11 (HKLM\...\{EFFA53BC-8C04-2E21-3D90-A13B1697B0CA}) (Version: 11.50.100 - Nuance Communications Inc.)

DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.60.48.35 - Dell Inc.)

File Opener Pro (HKLM\...\fileopenerpro) (Version:  - FileOpenerPro) <==== ATTENTION

FLAC 1.2.1b (remove only) (HKLM\...\FLAC) (Version: 1.2.1b - Xiph.org)

Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 6.0.6.722 - Foxit Corporation)

Free YouTube Downloader 3.5.136 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version:  - HOW Inc.)

Google Chrome (HKLM\...\Google Chrome) (Version: 32.0.1700.107 - Google Inc.)

Google Drive (HKLM\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)

Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)

Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden

IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6159.0 - IDT)

Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 16.1 - Intel)

iTunes (HKLM\...\{DF9C119C-7F26-45B9-93D4-7C372CBBBA11}) (Version: 11.1.0.126 - Apple Inc.)

Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)

Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)

Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)

Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

Newsbin Pro (HKLM\...\Newsbin6) (Version: 6.42 - DJI Interprises, LLC)

NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)

NVIDIA Performance Drivers (HKLM\...\{4C0A8D65-4286-4B58-87FE-18AD24289285}) (Version: 2.1.0.0 - NVIDIA Corporation)

QuickNote (HKLM\...\QuickNote) (Version:  - )

QuickPar 0.9 (HKLM\...\QuickPar) (Version: 0.9 - Peter B. Clements)

RightSurf (HKLM\...\RightSurf) (Version: 2014.01.23.231428 - RightSurf) <==== ATTENTION

SnagIt 7 (HKLM\...\{F1608947-B8A4-4D65-A7B8-8B1D669C0E2C}) (Version: 7.2.4 - TechSmith Corporation)

StuffIt Expander 2011 (HKLM\...\{59E98F3F-48D6-42A9-8250-079671E02B2D}) (Version: 15.0.7.2518 - Smith Micro Software, Inc.)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)

Update for Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)

Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden

Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)

Update for Zip Extractor (HKCU\...\Digital Sites) (Version:  - Update for Zip Extractor) <==== ATTENTION

Visual C++ 9.0 Runtime for Dragon NaturallySpeaking (HKLM\...\{4A5A427F-BA39-4BF0-9999-9A47FBE60C9F}) (Version: 11.0.200 - Nuance Communications Inc.)

Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

VLC media player 1.1.7 (HKLM\...\VLC media player) (Version: 1.1.7 - VideoLAN)

Vz In-Home Agent (HKLM\...\VzInHomeAgent) (Version: 9.0.55.0 - Verizon)

WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden

Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)

Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)

WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )

Wondershare Video Converter Ultimate(Build 6.0.1.0) (HKLM\...\Wondershare Video Converter Ultimate_is1) (Version: 6.0.1.0 - Wondershare Software)

XML Paper Specification Shared Components Pack 1.0 (Version:  - Microsoft Corporation) Hidden

xplorer² lite 32 bit (HKLM\...\xplorer2l) (Version: 2.3.0.1 - Zabkat)

Zip Extractor Packages (HKCU\...\Zip Extractor Packages) (Version:  - ) <==== ATTENTION

 

==================== Restore Points  =========================

 

02-12-2013 02:02:56 System Checkpoint

13-12-2013 13:57:45 System Checkpoint

14-12-2013 14:06:53 System Checkpoint

14-12-2013 18:40:44 Software Distribution Service 3.0

15-12-2013 19:05:17 System Checkpoint

19-12-2013 13:35:11 System Checkpoint

20-12-2013 14:29:41 Installed Java 7 Update 45

22-12-2013 11:41:52 System Checkpoint

27-12-2013 12:59:40 System Checkpoint

30-12-2013 16:01:22 System Checkpoint

06-01-2014 00:45:35 System Checkpoint

07-01-2014 14:23:55 System Checkpoint

16-01-2014 03:39:17 Software Distribution Service 3.0

17-01-2014 12:07:28 System Checkpoint

19-01-2014 18:55:53 System Checkpoint

20-01-2014 19:25:50 System Checkpoint

22-01-2014 14:24:06 System Checkpoint

23-01-2014 14:54:22 System Checkpoint

23-01-2014 17:51:53 Installed Visual C++ 9.0 Runtime for Dragon NaturallySpeaking.

23-01-2014 18:01:12 Installed Dragon NaturallySpeaking 11.

23-01-2014 23:01:22 Installed SnagIt 7

24-01-2014 23:38:08 System Checkpoint

25-01-2014 03:25:10 Software Distribution Service 3.0

25-01-2014 18:24:30 Software Distribution Service 3.0

29-01-2014 17:29:44 System Checkpoint

31-01-2014 00:56:17 System Checkpoint

01-02-2014 14:57:26 System Checkpoint

02-02-2014 19:23:57 Printer Driver Foxit Reader PDF Printer Driver Installed

06-02-2014 19:51:08 System Checkpoint

08-02-2014 13:30:02 System Checkpoint

09-02-2014 17:36:19 System Checkpoint

10-02-2014 17:52:45 System Checkpoint

11-02-2014 18:23:16 System Checkpoint

13-02-2014 01:29:59 System Checkpoint

13-02-2014 12:45:29 Software Distribution Service 3.0

14-02-2014 15:35:44 System Checkpoint

17-02-2014 16:45:42 System Checkpoint

20-02-2014 01:12:41 System Checkpoint

20-02-2014 13:50:50 before rouge kill

21-02-2014 14:41:26 Restore Operation

21-02-2014 14:44:27 Restore Operation

21-02-2014 14:52:01 Restore Operation

21-02-2014 14:57:01 Restore Operation

21-02-2014 15:02:54 Restore Operation

21-02-2014 15:05:44 Restore Operation

22-02-2014 11:59:14 Restore Operation

22-02-2014 13:34:35 Restore Operation

 

==================== Hosts content: ==========================

 

2008-04-14 07:00 - 2014-02-17 18:44 - 00000736 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

  

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe

Task: C:\WINDOWS\Tasks\At1.job => C:\DOCUME~1\PETE\APPLIC~1\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

Task: C:\WINDOWS\Tasks\At2.job => C:\DOCUME~1\PETE\APPLIC~1\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

Task: C:\WINDOWS\Tasks\BrowserSafeguard Update Task.job => C:\Program Files\Browsersafeguard\uninstall.BrowserSafeguard.exe <==== ATTENTION

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\PassShow Update.job => C:\Program Files\PassShow\PsUP.exe <==== ATTENTION

 

==================== Loaded Modules (whitelisted) =============

 

2013-12-20 08:11 - 2010-02-02 21:47 - 00025088 _____ () C:\WINDOWS\System32\WLTRYSVC.EXE

2013-12-20 08:11 - 2010-02-02 21:45 - 00757760 _____ () C:\WINDOWS\System32\bcm1xsup.dll

2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2013-02-09 22:04 - 2012-09-21 10:25 - 00159120 _____ () C:\WINDOWS\system32\WSCM32.dll

2013-07-17 08:56 - 2010-03-15 10:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll

2013-03-18 17:07 - 2014-02-07 21:46 - 02535448 _____ () C:\Program Files\AVG SafeGuard toolbar\vprot.exe

2014-01-20 13:22 - 2014-01-20 13:22 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\log4cplusU.dll

2009-12-08 07:14 - 2009-12-08 07:14 - 05241448 _____ () C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe

2014-01-24 10:08 - 2014-02-22 08:49 - 00080672 _____ () C:\Program Files\RightSurf\bin\utilRightSurf.exe

2014-01-20 13:22 - 2014-01-20 13:22 - 00159768 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe

2014-02-22 13:10 - 2014-02-22 13:10 - 00098816 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\win32api.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 00110080 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\PyWinTypes27.dll

2014-02-22 13:10 - 2014-02-22 13:10 - 00364544 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\pythoncom27.dll

2014-02-22 13:10 - 2014-02-22 13:10 - 00044032 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\_socket.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 01157120 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\_ssl.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 00320512 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\win32com.shell.shell.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 00712192 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\_hashlib.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 01175040 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\wx._core_.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 00805888 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\wx._gdi_.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 00811008 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\wx._windows_.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 01062400 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\wx._controls_.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 00735232 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\wx._misc_.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 00128512 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\_elementtree.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 00127488 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\pyexpat.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 00557056 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\pysqlite2._sqlite.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 00087040 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\_ctypes.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 00119808 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\win32file.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 00108544 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\win32security.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 00018432 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\win32event.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 00038912 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\win32inet.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 00122368 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\wx._wizard.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 00070656 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\wx._html2.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 00026624 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\_multiprocessing.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 00010240 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\select.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 00024064 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\win32pipe.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 00686080 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\unicodedata.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 00025600 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\win32pdh.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 00525640 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\windows._lib_cacheinvalidation.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 00011264 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\win32crypt.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 00035840 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\win32process.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 00017408 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\win32profile.pyd

2014-02-22 13:10 - 2014-02-22 13:10 - 00022528 _____ () C:\Documents and Settings\PETE\Local Settings\Temp\_MEI24682\win32ts.pyd

 

==================== Alternate Data Streams (whitelisted) =========

 

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:0FF263E8

 

==================== Safe Mode (whitelisted) ===================

 

 

==================== Disabled items from MSCONFIG ==============

 

MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: Broadcom Wireless Manager UI => C:\WINDOWS\system32\WLTRAY.exe

MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe

MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files\Mobogenie\DaemonProcess.exe

MSCONFIG\startupreg: NextLive => C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\PETE\Application Data\newnext.me\nengine.dll",EntryPoint -m l

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

MSCONFIG\startupreg: vProt => "C:\Program Files\AVG SafeGuard toolbar\vprot.exe"

MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

 

==================== Faulty Device Manager Devices =============

 

Name: Broadcom USH

Description: Broadcom USH

Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

 

Name: Base System Device

Description: Base System Device

Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

 

Name: SM Bus Controller

Description: SM Bus Controller

Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (02/22/2014 01:06:53 PM) (Source: Application Hang) (User: )

Description: Hanging application FRST.exe, version 3.3.10.2, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

 

Error: (02/22/2014 00:59:27 PM) (Source: Application Hang) (User: )

Description: Hanging application FRST.exe, version 3.3.10.2, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

 

Error: (02/22/2014 00:57:44 PM) (Source: Application Hang) (User: )

Description: Hanging application FRST.exe, version 3.3.10.2, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

 

Error: (02/16/2014 09:56:20 PM) (Source: Application Hang) (User: )

Description: Hanging application vlc.exe, version 1.1.7.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

 

Error: (02/04/2014 01:16:40 PM) (Source: Application Error) (User: )

Description: Faulting application wordpad.exe, version 5.1.2600.6010, faulting module unknown, version 0.0.0.0, fault address 0x00000000.

Processing media-specific event for [wordpad.exe!ws!]

 

Error: (02/04/2014 01:15:06 PM) (Source: Application Hang) (User: )

Description: Hanging application VideoConverterUltimate.exe, version 6.0.1.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

 

Error: (02/01/2014 09:16:17 AM) (Source: Application Hang) (User: )

Description: Hanging application chrome.exe, version 32.0.1700.102, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

 

Error: (12/30/2013 09:42:48 AM) (Source: Application Hang) (User: )

Description: Hanging application DaemonProcess.exe, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

 

Error: (12/29/2013 02:44:50 PM) (Source: Application Hang) (User: )

Description: Hanging application vlc.exe, version 1.1.7.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

 

Error: (12/29/2013 01:58:29 PM) (Source: Application Hang) (User: )

Description: Hanging application vlc.exe, version 1.1.7.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

 

 

System errors:

=============

Error: (02/22/2014 01:10:27 PM) (Source: Service Control Manager) (User: )

Description: The Update RightSurf service failed to start due to the following error: 

%%5

 

Error: (02/22/2014 01:08:00 PM) (Source: Schedule) (User: )

Description: The At2.job command failed to start due to the following error: 

%%2147942402

 

Error: (02/22/2014 01:07:00 PM) (Source: Schedule) (User: )

Description: The At1.job command failed to start due to the following error: 

%%2147942402

 

Error: (02/22/2014 00:08:00 PM) (Source: Schedule) (User: )

Description: The At2.job command failed to start due to the following error: 

%%2147942402

 

Error: (02/22/2014 00:07:00 PM) (Source: Schedule) (User: )

Description: The At1.job command failed to start due to the following error: 

%%2147942402

 

Error: (02/22/2014 11:08:00 AM) (Source: Schedule) (User: )

Description: The At2.job command failed to start due to the following error: 

%%2147942402

 

Error: (02/22/2014 11:07:00 AM) (Source: Schedule) (User: )

Description: The At1.job command failed to start due to the following error: 

%%2147942402

 

Error: (02/22/2014 10:08:00 AM) (Source: Schedule) (User: )

Description: The At2.job command failed to start due to the following error: 

%%2147942402

 

Error: (02/22/2014 10:07:01 AM) (Source: Schedule) (User: )

Description: The At1.job command failed to start due to the following error: 

%%2147942402

 

Error: (02/22/2014 09:08:00 AM) (Source: Schedule) (User: )

Description: The At2.job command failed to start due to the following error: 

%%2147942402

 

 

Microsoft Office Sessions:

=========================

Error: (02/22/2014 01:06:53 PM) (Source: Application Hang)(User: )

Description: FRST.exe3.3.10.2hungapp0.0.0.000000000

 

Error: (02/22/2014 00:59:27 PM) (Source: Application Hang)(User: )

Description: FRST.exe3.3.10.2hungapp0.0.0.000000000

 

Error: (02/22/2014 00:57:44 PM) (Source: Application Hang)(User: )

Description: FRST.exe3.3.10.2hungapp0.0.0.000000000

 

Error: (02/16/2014 09:56:20 PM) (Source: Application Hang)(User: )

Description: vlc.exe1.1.7.0hungapp0.0.0.000000000

 

Error: (02/04/2014 01:16:40 PM) (Source: Application Error)(User: )

Description: wordpad.exe5.1.2600.6010unknown0.0.0.000000000

 

Error: (02/04/2014 01:15:06 PM) (Source: Application Hang)(User: )

Description: VideoConverterUltimate.exe6.0.1.0hungapp0.0.0.000000000

 

Error: (02/01/2014 09:16:17 AM) (Source: Application Hang)(User: )

Description: chrome.exe32.0.1700.102hungapp0.0.0.000000000

 

Error: (12/30/2013 09:42:48 AM) (Source: Application Hang)(User: )

Description: DaemonProcess.exe0.0.0.0hungapp0.0.0.000000000

 

Error: (12/29/2013 02:44:50 PM) (Source: Application Hang)(User: )

Description: vlc.exe1.1.7.0hungapp0.0.0.000000000

 

Error: (12/29/2013 01:58:29 PM) (Source: Application Hang)(User: )

Description: vlc.exe1.1.7.0hungapp0.0.0.000000000

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 40%

Total physical RAM: 2035.84 MB

Available physical RAM: 1218.31 MB

Total Pagefile: 3927.6 MB

Available Pagefile: 3215.4 MB

Total Virtual: 2047.88 MB

Available Virtual: 1940.8 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:149.04 GB) (Free:39.08 GB) NTFS ==>[Drive with boot components (Windows XP)]

Drive e: () (Removable) (Total:14.89 GB) (Free:10.33 GB) FAT32

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: A42D04A3)

 

Partition: GPT Partition Type.

 

========================================================

Disk: 1 (Size: 15 GB) (Disk ID: 00000000)

 

Partition: GPT Partition Type.

 

==================== End Of Log ============================


 

Addition.txt

FRST.txt

Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_x86 

Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.45.2

Run by PETE at 14:44:41 on 2014-02-22

Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.2036.1250 [GMT -5:00]

.

AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

============== Running Processes ================

.

C:\WINDOWS\system32\savedump.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\WLTRYSVC.EXE

C:\WINDOWS\System32\bcmwltry.exe

C:\WINDOWS\system32\spoolsv.exe

c:\program files\idt\dellxpm09b_6159v043\wdm\stacsv.exe

C:\WINDOWS\System32\SCardSvr.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Common Files\Nuance\dgnsvc.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\IDT\WDM\sttray.exe

C:\WINDOWS\system32\AESTFltr.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\AVG SafeGuard toolbar\vprot.exe

C:\Program Files\Browsersafeguard\BrowserSafeguard.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\Drive\googledrivesync.exe

C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe

C:\Program Files\Google\Drive\googledrivesync.exe

C:\Program Files\RightSurf\bin\utilRightSurf.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe

C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

.

============== Pseudo HJT Report ===============

.



uProxyServer = hxxp=127.0.0.1:1049;https=127.0.0.1:1049;

uProxyOverride = <-loopback>

BHO: HelperObject Class: {00C6482D-C502-44C8-8409-FCE54AD9C208} - c:\program files\techsmith\snagit 7\SnagItBHO.dll

BHO: Wondershare Video Converter Ultimate: {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - c:\program files\wondershare\video converter ultimate\SVRIEPlugin.dll

BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\17.3.1.204\AVG SafeGuard toolbar_toolbar.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.9012.1008\swg.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>

TB: &RoboForm: {724D43A0-0D85-11D4-9908-00400523E39A} - c:\program files\siber systems\ai roboform\roboform.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg safeguard toolbar\17.3.1.204\AVG SafeGuard toolbar_toolbar.dll

TB: SnagIt: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - c:\program files\techsmith\snagit 7\SnagItIEAddin.dll

TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [GoogleDriveSync] "c:\program files\google\drive\googledrivesync.exe" /autostart

uRun: [iSUSPM] c:\documents and settings\all users\application data\flexnet\connect\11\ISUSPM.exe -scheduler

uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

mRun: [nwiz] nwiz.exe /installquiet

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [sysTrayApp] c:\program files\idt\wdm\sttray.exe

mRun: [AESTFltr] c:\windows\system32\AESTFltr.exe /NoDlg

mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [vProt] "c:\program files\avg safeguard toolbar\vprot.exe"

mRun: [DNS7reminder] "c:\program files\nuance\naturallyspeaking11\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\nuance\naturallyspeaking11\Ereg.ini"

mRun: [browserSafeguard] "c:\program files\browsersafeguard\BrowserSafeguard.exe"

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: Customize Menu - c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html

IE: Fill Forms - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html

IE: RoboForm Toolbar - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html

IE: Save Forms - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html

IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html

IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html

IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe


Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\17.3.0\ViProtocol.dll

AppInit_DLLs= c:\progra~1\settin~1\datamngr\mgrldr.dll

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\32.0.1700.107\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-2-8 147768]

R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-2-8 222520]

R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-2-8 102712]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-2-8 27448]

R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2013-8-1 120600]

R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-2-26 209176]

R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22840]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-2-8 176952]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-2-14 193848]

R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-3-18 37664]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2014\avgidsagent.exe [2013-11-11 3478544]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg2014\avgwdsvc.exe [2013-9-24 348008]

R2 DragonSvc;Dragon Service;c:\program files\common files\nuance\dgnsvc.exe [2011-6-4 296808]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-9-8 418376]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-9-8 701512]

R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\nvidia corporation\performance drivers\nvPDsvc.exe [2009-12-8 5241448]

R2 Util RightSurf;Util RightSurf;c:\program files\rightsurf\bin\utilRightSurf.exe [2014-1-24 80672]

R2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0;c:\program files\common files\avg secure search\vtoolbarupdater\17.3.0\ToolbarUpdater.exe [2014-1-20 1771544]

R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [2013-1-27 112512]

R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [2013-3-18 241880]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-9-8 22856]

S0 cerc6;cerc6; [x]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 Update RightSurf;Update RightSurf;c:\program files\rightsurf\updateRightSurf.exe [2014-2-22 80160]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]

.

=============== Created Last 30 ================

.

2014-02-22 18:12:18 -------- d-----w- C:\FRST

2014-02-22 13:49:58 -------- d-----w- c:\documents and settings\all users\application data\WeCareReminder

2014-02-22 13:49:55 -------- d-----w- c:\documents and settings\pete\application data\newnext.me

2014-02-22 13:49:54 -------- d-----w- c:\program files\PassShow

2014-02-22 13:49:53 -------- d-----w- c:\documents and settings\pete\application data\mysearchdial

2014-02-06 18:33:52 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2014-02-06 18:33:52 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2014-02-06 18:30:13 -------- d-----w- c:\documents and settings\pete\local settings\application data\Adobe

2014-02-03 18:11:38 -------- d-----w- c:\program files\Siber Systems

2014-02-03 17:33:16 -------- d-----w- C:\_rf

2014-02-02 19:23:39 216064 ----a-w- c:\windows\system32\gcapi_dll.dll

2014-02-02 19:23:27 -------- d-----w- c:\documents and settings\pete\application data\Foxit Software

2014-02-02 19:23:26 -------- d-----w- c:\program files\Foxit Software

2014-02-01 17:12:50 -------- d-----w- c:\program files\Browsersafeguard

2014-01-29 21:57:17 529296 ----a-r- c:\windows\system32\hpinksts8811.dll

2014-01-29 21:57:17 269200 ----a-r- c:\windows\system32\hpinksts8811LM.dll

2014-01-29 21:57:16 2216848 ----a-r- c:\windows\system32\hpinkins8811.exe

2014-01-29 21:57:13 221072 ----a-r- c:\windows\system32\hpinkcoi8811.dll

2014-01-25 18:06:48 -------- d-----w- C:\Intel

2014-01-25 03:25:16 -------- d-----w- c:\program files\MSXML 4.0

2014-01-24 14:07:59 -------- d-----w- c:\documents and settings\pete\application data\DigitalSites

2014-01-24 14:07:52 -------- d-----w- c:\program files\RightSurf

2014-01-24 14:07:49 -------- d-----w- c:\documents and settings\pete\application data\0D0S1L2Z1P1B

2014-01-24 12:46:33 46848 -c----w- c:\windows\system32\dllcache\irbus.sys

2014-01-24 12:46:33 123008 -c----w- c:\windows\system32\dllcache\usbvideo.sys

2014-01-23 23:03:22 -------- d-----w- c:\documents and settings\pete\local settings\application data\TechSmith

2014-01-23 23:03:01 -------- d-----w- c:\documents and settings\all users\Application DataTechSmith

2014-01-23 22:59:40 -------- d-----w- c:\program files\common files\Wise Installation Wizard

2014-01-23 19:46:42 60160 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys

2014-01-23 19:46:42 60160 ----a-w- c:\windows\system32\drivers\usbaudio.sys

2014-01-23 19:44:53 -------- d-----w- c:\documents and settings\pete\application data\Nuance

.

==================== Find3M  ====================

.

2014-02-05 23:26:52 920064 ----a-w- c:\windows\system32\wininet.dll

2014-02-05 23:26:43 43520 ------w- c:\windows\system32\licmgr10.dll

2014-02-05 23:26:42 1469440 ------w- c:\windows\system32\inetcpl.cpl

2014-02-05 23:26:37 18944 ----a-w- c:\windows\system32\corpol.dll

2014-02-05 22:24:05 385024 ------w- c:\windows\system32\html.iec

2014-01-04 03:13:05 420864 ----a-w- c:\windows\system32\vbscript.dll

2013-12-20 14:29:47 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-12-20 14:29:47 145408 ----a-w- c:\windows\system32\javacpl.cpl

2013-12-05 11:26:06 1172992 ----a-w- c:\windows\system32\msxml3.dll

2013-11-27 20:21:06 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys

.

============= FINISH: 14:45:32.78 ===============

 


.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 1/23/2013 11:25:36 AM

System Uptime: 2/22/2014 2:42:00 PM (0 hours ago)

.

Motherboard: Dell Inc. |  | 0NY980

Processor: Intel Pentium III Xeon processor | Microprocessor | 1582/266mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 149 GiB total, 39.027 GiB free.

D: is CDROM ()

E: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}

Description: Broadcom USH

Device ID: USB\VID_0A5C&PID_5800&MI_00\6&66DE6C9&0&0000

Manufacturer: 

Name: Broadcom USH

PNP Device ID: USB\VID_0A5C&PID_5800&MI_00\6&66DE6C9&0&0000

Service: 

.

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}

Description: Base System Device

Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_02501028&REV_11\4&A85581B&0&0BF0

Manufacturer: 

Name: Base System Device

PNP Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_02501028&REV_11\4&A85581B&0&0BF0

Service: 

.

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}

Description: SM Bus Controller

Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_02501028&REV_03\3&61AAA01&0&FB

Manufacturer: 

Name: SM Bus Controller

PNP Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_02501028&REV_03\3&61AAA01&0&FB

Service: 

.

==== System Restore Points ===================

.

RP166: 12/1/2013 9:02:56 PM - System Checkpoint

RP167: 12/13/2013 8:57:45 AM - System Checkpoint

RP168: 12/14/2013 9:06:53 AM - System Checkpoint

RP169: 12/14/2013 1:40:44 PM - Software Distribution Service 3.0

RP170: 12/15/2013 2:05:17 PM - System Checkpoint

RP171: 12/19/2013 8:35:11 AM - System Checkpoint

RP172: 12/20/2013 9:29:41 AM - Installed Java 7 Update 45

RP173: 12/22/2013 6:41:52 AM - System Checkpoint

RP174: 12/27/2013 7:59:40 AM - System Checkpoint

RP175: 12/30/2013 11:01:22 AM - System Checkpoint

RP176: 1/5/2014 7:45:35 PM - System Checkpoint

RP177: 1/7/2014 9:23:55 AM - System Checkpoint

RP178: 1/15/2014 10:39:17 PM - Software Distribution Service 3.0

RP179: 1/17/2014 7:07:28 AM - System Checkpoint

RP180: 1/19/2014 1:55:53 PM - System Checkpoint

RP181: 1/20/2014 2:25:50 PM - System Checkpoint

RP182: 1/22/2014 9:24:06 AM - System Checkpoint

RP183: 1/23/2014 9:54:22 AM - System Checkpoint

RP184: 1/23/2014 12:51:53 PM - Installed Visual C++ 9.0 Runtime for Dragon NaturallySpeaking.

RP185: 1/23/2014 1:01:12 PM - Installed Dragon NaturallySpeaking 11.

RP186: 1/23/2014 6:01:22 PM - Installed SnagIt 7

RP187: 1/24/2014 6:38:08 PM - System Checkpoint

RP188: 1/24/2014 10:25:10 PM - Software Distribution Service 3.0

RP189: 1/25/2014 1:24:30 PM - Software Distribution Service 3.0

RP190: 1/29/2014 12:29:44 PM - System Checkpoint

RP191: 1/30/2014 7:56:17 PM - System Checkpoint

RP192: 2/1/2014 9:57:26 AM - System Checkpoint

RP193: 2/2/2014 2:23:57 PM - Printer Driver Foxit Reader PDF Printer Driver Installed

RP194: 2/6/2014 2:51:08 PM - System Checkpoint

RP195: 2/8/2014 8:30:02 AM - System Checkpoint

RP196: 2/9/2014 12:36:19 PM - System Checkpoint

RP197: 2/10/2014 12:52:45 PM - System Checkpoint

RP198: 2/11/2014 1:23:16 PM - System Checkpoint

RP199: 2/12/2014 8:29:59 PM - System Checkpoint

RP200: 2/13/2014 7:45:29 AM - Software Distribution Service 3.0

RP201: 2/14/2014 10:35:44 AM - System Checkpoint

RP202: 2/17/2014 11:45:42 AM - System Checkpoint

RP203: 2/19/2014 8:12:41 PM - System Checkpoint

RP204: 2/20/2014 8:50:50 AM - before rouge kill

RP205: 2/21/2014 9:41:26 AM - Restore Operation

RP206: 2/21/2014 9:44:27 AM - Restore Operation

RP207: 2/21/2014 9:52:01 AM - Restore Operation

RP208: 2/21/2014 9:57:01 AM - Restore Operation

RP209: 2/21/2014 10:02:54 AM - Restore Operation

RP210: 2/21/2014 10:05:44 AM - Restore Operation

RP211: 2/22/2014 6:59:14 AM - Restore Operation

RP212: 2/22/2014 8:34:35 AM - Restore Operation

.

==== Installed Programs ======================

.

7-Zip 9.20

ACDSee

Adobe Flash Player 12 ActiveX

AI RoboForm (All Users)

Any Video Converter 5.0.9

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ASPCA Reminder by We-Care.com v4.1.22.1

aTube Catcher

AVG 2014

AVG SafeGuard toolbar

Bonjour

BrowserSafeguard with RocketTab

Dragon NaturallySpeaking 11

DW WLAN Card Utility

File Opener Pro

FLAC 1.2.1b (remove only)

Foxit Reader

Free YouTube Downloader 3.5.136

Google Chrome

Google Drive

Google Toolbar for Internet Explorer

Google Update Helper

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows XP (KB2779562)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

IDT Audio

Intel® Network Connections Drivers

iTunes

Java 7 Update 45

Java Auto Updater

Malwarebytes Anti-Malware version 1.75.0.1300

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Newsbin Pro

NVIDIA Drivers

NVIDIA Performance Drivers

QuickNote

QuickPar 0.9

RightSurf

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)

Security Update for Microsoft .NET Framework 4 Extended (KB2901110v2)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2744842)

Security Update for Windows Internet Explorer 8 (KB2809289)

Security Update for Windows Internet Explorer 8 (KB2817183)

Security Update for Windows Internet Explorer 8 (KB2829530)

Security Update for Windows Internet Explorer 8 (KB2838727)

Security Update for Windows Internet Explorer 8 (KB2846071)

Security Update for Windows Internet Explorer 8 (KB2847204)

Security Update for Windows Internet Explorer 8 (KB2862772)

Security Update for Windows Internet Explorer 8 (KB2870699)

Security Update for Windows Internet Explorer 8 (KB2879017)

Security Update for Windows Internet Explorer 8 (KB2888505)

Security Update for Windows Internet Explorer 8 (KB2898785)

Security Update for Windows Internet Explorer 8 (KB2909210)

Security Update for Windows Internet Explorer 8 (KB2909921)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB2803821-v2)

Security Update for Windows Media Player (KB2803821)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2510581)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2705219-v2)

Security Update for Windows XP (KB2712808)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB2723135-v2)

Security Update for Windows XP (KB2727528)

Security Update for Windows XP (KB2753842-v2)

Security Update for Windows XP (KB2757638)

Security Update for Windows XP (KB2758857)

Security Update for Windows XP (KB2770660)

Security Update for Windows XP (KB2778344)

Security Update for Windows XP (KB2780091)

Security Update for Windows XP (KB2797052)

Security Update for Windows XP (KB2799494)

Security Update for Windows XP (KB2802968)

Security Update for Windows XP (KB2807986)

Security Update for Windows XP (KB2808735)

Security Update for Windows XP (KB2809289)

Security Update for Windows XP (KB2813170)

Security Update for Windows XP (KB2813345)

Security Update for Windows XP (KB2820197)

Security Update for Windows XP (KB2820917)

Security Update for Windows XP (KB2829361)

Security Update for Windows XP (KB2834886)

Security Update for Windows XP (KB2839229)

Security Update for Windows XP (KB2845187)

Security Update for Windows XP (KB2847311)

Security Update for Windows XP (KB2849470)

Security Update for Windows XP (KB2850851)

Security Update for Windows XP (KB2850869)

Security Update for Windows XP (KB2859537)

Security Update for Windows XP (KB2862152)

Security Update for Windows XP (KB2862330)

Security Update for Windows XP (KB2862335)

Security Update for Windows XP (KB2864063)

Security Update for Windows XP (KB2868038)

Security Update for Windows XP (KB2868626)

Security Update for Windows XP (KB2876217)

Security Update for Windows XP (KB2876315)

Security Update for Windows XP (KB2876331)

Security Update for Windows XP (KB2883150)

Security Update for Windows XP (KB2892075)

Security Update for Windows XP (KB2893294)

Security Update for Windows XP (KB2893984)

Security Update for Windows XP (KB2898715)

Security Update for Windows XP (KB2900986)

Security Update for Windows XP (KB2914368)

Security Update for Windows XP (KB2916036)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923789)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982665)

SnagIt 7

StuffIt Expander 2011

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB2598845)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2661254-v2)

Update for Windows XP (KB2736233)

Update for Windows XP (KB2749655)

Update for Windows XP (KB2863058)

Update for Windows XP (KB2904266)

Update for Windows XP (KB898461)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB973815)

Update for Zip Extractor

Visual C++ 9.0 Runtime for Dragon NaturallySpeaking

Visual Studio 2012 x86 Redistributables

VLC media player 1.1.7

Vz In-Home Agent

WebFldrs XP

Windows Genuine Advantage Notifications (KB905474)

Windows Internet Explorer 8

WinRAR archiver

Wondershare Video Converter Ultimate(Build 6.0.1.0)

XML Paper Specification Shared Components Pack 1.0

xplorer² lite 32 bit

Zip Extractor Packages

.

==== Event Viewer Messages From Past Week ========

.

2/22/2014 9:08:00 AM, error: Schedule [7901]  - The At2.job command failed to start due to the following error:  %%2147942402

2/22/2014 8:52:36 AM, error: Service Control Manager [7000]  - The Update RightSurf service failed to start due to the following error:  Access is denied.

2/22/2014 2:43:54 PM, error: System Error [1003]  - Error code 1000000a, parameter1 00461000, parameter2 0000001c, parameter3 00000000, parameter4 80616561.

2/20/2014 8:55:03 AM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  Avgdiskx AVGIDSDriver AVGIDSShim Avgldx86 Fips intelppm

2/20/2014 8:55:03 AM, error: Service Control Manager [7001]  - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error:  A device attached to the system is not functioning.

2/20/2014 8:54:01 AM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

2/20/2014 8:46:56 AM, error: Service Control Manager [7000]  - The Util RightSurf service failed to start due to the following error:  Access is denied.

2/19/2014 10:08:00 PM, error: Schedule [7901]  - The At2.job command failed to start due to the following error:  %%2147942403

2/19/2014 10:07:00 PM, error: Schedule [7901]  - The At1.job command failed to start due to the following error:  %%2147942402

2/17/2014 6:58:25 PM, error: DCOM [10000]  - Unable to start a DCOM Server: {B906071E-9281-44B9-BBDB-98893081D222}. The error: "%193" Happened while starting this command: C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\agent.exe -Embedding

.

==== End Of File ===========================

 

Link to post
Share on other sites

First, let clear out system restore:
Right click on My Computer > Properties > System Restore > Turn off System Restore > Reboot the computer
Now turn System Restore back on
You want to keep the slider on around 3%

Now create a new system restore point:

Close any programs that are open.
Click Start, point to All Programs, point to Accessories, point to System Tools, and then click System Restore. The System Restore Wizard opens.
Click Create a restore point, and then click Next....etc

----------------------------------------

Next:

Please backup the registry with ERUNT before continuing:
http://www.geekstogo.com/forum/topic/208859-backing-up-the-registry-using-erunt/

----------------------------------

Please uninstall these from your add/remove programs if you can:

BrowserSafeguard with RocketTab
File Opener Pro
Update for Zip Extractor
Zip Extractor Packages
RightSurf


------------------------------

Next..........

Lets clean out any adware/spyware now: (this will require a reboot so save all your work)

Please download AdwCleaner from HERE or HERE to your desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

Link to post
Share on other sites

everything seems to be working fine now. I attached two screenshots of the quarantine list of the threads I removed yesterday.

Thanks so much for all your help

 

# AdwCleaner v3.019 - Report created 22/02/2014 at 18:33:06
# Updated 17/02/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : PETE - SINGHI
# Running from : C:\Documents and Settings\PETE\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : Update RightSurf
Service Found : vToolbarUpdater17.3.0
 
***** [ Files / Folders ] *****
 
File Found : C:\Documents and Settings\PETE\Local Settings\Application Data\mysearchdial-speeddial.crx
File Found : C:\END
Folder Found : C:\Documents and Settings\PETE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Found C:\DOCUME~1\PETE\LOCALS~1\Temp\NativeMessaging
Folder Found C:\DOCUME~1\PETE\LOCALS~1\Temp\TempDir
Folder Found C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar
Folder Found C:\Documents and Settings\All Users\Application Data\Conduit
Folder Found C:\Documents and Settings\All Users\Application Data\WeCareReminder
Folder Found C:\Documents and Settings\LocalService\Local Settings\Application Data\Searchprotect
Folder Found C:\Documents and Settings\PETE\Application Data\AVG SafeGuard toolbar
Folder Found C:\Documents and Settings\PETE\Application Data\DigitalSites
Folder Found C:\Documents and Settings\PETE\Application Data\Mysearchdial
Folder Found C:\Documents and Settings\PETE\Application Data\newnext.me
Folder Found C:\Documents and Settings\PETE\Application Data\Searchprotect
Folder Found C:\Documents and Settings\PETE\Local Settings\Application Data\AVG SafeGuard toolbar
Folder Found C:\Documents and Settings\PETE\Local Settings\Application Data\BrowserSafeguard
Folder Found C:\Documents and Settings\PETE\Local Settings\Application Data\Conduit
Folder Found C:\Documents and Settings\PETE\Local Settings\Application Data\genienext
Folder Found C:\Documents and Settings\PETE\Local Settings\Application Data\Mobogenie
Folder Found C:\Documents and Settings\PETE\Local Settings\Application Data\NativeMessaging
Folder Found C:\Documents and Settings\PETE\Local Settings\Application Data\TechSmith
Folder Found C:\Documents and Settings\PETE\My Documents\Mobogenie
Folder Found C:\Program Files\AVG SafeGuard toolbar
Folder Found C:\Program Files\BrowserSafeguard
Folder Found C:\Program Files\Common Files\AVG Secure Search
Folder Found C:\Program Files\Conduit
Folder Found C:\Program Files\TechSmith
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AVG SafeGuard toolbar
Key Found : HKCU\Software\ConduitSearchScopes
Key Found : HKCU\Software\dsiteproducts
Key Found : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{88BE1AA9-6740-461C-9E3E-F35EB8FA741C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\wecarereminder
Key Found : HKLM\Software\AVG SafeGuard toolbar
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3306061
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Mobogenie
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mysearchdial
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
 
-\\ Google Chrome v32.0.1700.107
 
[ File : C:\Documents and Settings\PETE\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
 
Found : homepage
Found : homepage
Found : homepage
 
*************************
 
AdwCleaner[R0].txt - [10063 octets] - [22/02/2014 17:04:41]
AdwCleaner[R1].txt - [9984 octets] - [22/02/2014 18:33:06]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [10044 octets] ##########
 
2014/02/22 08:58:12 -0500 SINGHI PETE MESSAGE Starting database refresh
2014/02/22 08:58:19 -0500 SINGHI PETE MESSAGE Database refreshed successfully
 

post-156568-0-07617200-1393169125_thumb.

post-156568-0-78540000-1393169125_thumb.

Link to post
Share on other sites

Just to be clear, you had AdwCleaner clean all of those up and you had Malwarebytes quarantine everything...correct?

If everything is OK now........

Lets check your computers security before you go and we have a little cleanup to do also:

Download Security Check by screen317 from HERE or HERE.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • If you get Unsupported operating system. Aborting now, just reboot and try again.
  • A Notepad document should open automatically called checkup.txt.
  • Please Post the contents of that document.
  • Do Not Attach It!!!
MrC
Link to post
Share on other sites

 Results of screen317's Security Check version 0.99.79  

 Windows XP Service Pack 3 x86   

 Internet Explorer 8  

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Firewall Enabled!  

Please wait while WMIC is being installed.d 











ECHO is off.




ECHO is off.










ECHO is off.




ECHO is off.








ECHO is off.





ECHO is off.

 Antivirus up to date!  

`````````Anti-malware/Other Utilities Check:````````` 

 Malwarebytes Anti-Malware version 1.75.0.1300  

 Java 7 Update 45  

 Java version out of Date! 

 Google Chrome 32.0.1700.107  

 Google Chrome 33.0.1750.117  

````````Process Check: objlist.exe by Laurent````````  

 Malwarebytes Anti-Malware mbamservice.exe  

 Malwarebytes Anti-Malware mbamgui.exe  

 AVG avgwdsvc.exe 

 AVG avgrsx.exe 

 AVG avgnsx.exe 

 AVG avgemc.exe 

 Malwarebytes' Anti-Malware mbamscheduler.exe   

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:: 24% Defragment your hard drive soon! (Do NOT defrag if SSD!)

````````````````````End of Log`````````````````````` 
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.