Jump to content

Recommended Posts

Hi there,

 

I installed Cam Studio and suddenly noticed my computer lagging and Not responding when I am surfing the internet.., so when I uninstalled and ran Malwarebytes, it detected 4 registry files of PUP.Optional.InstallCore.A & PUP.Optional.OptimzerPro.A

and I clicked removed. Can you help me to see if everything is removed and I dont have any malware/viruses, etc!! Thanks!!!!

Link to post
Share on other sites

Welcome to the forum.

Please run a Quick Scan with Malwarebytes like this:

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

If you're using Malwarebytes 2.0, please run a Threat Scan

Then....please start HERE <--------

Post back the 2 logs here.....DDS.txt and Attach.txt

(please don't put logs in code or quotes and use the default font)

Don't forget to RogueKiller below

General P2P/Piracy Warning:

 

1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

2. If you have illegal/cracked software, cracks, keygens, custom (Adobe) host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Failure to remove such software will result in your topic being closed and no further assistance being provided.

<====><====><====><====><====><====><====><====>

Next................

Please download and run RogueKiller 32 bit to your desktop.

RogueKiller<---use this one for 64 bit systems

Which system am I using?

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes and use the default font)

MrC

Note:

Please read all of my instructions completely including these.

Make sure system restore is turned on and running. Create a new restore point

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs

<+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

Link to post
Share on other sites

Hi Mr Charlie,

 

Thank you so much for your reply. I have scanned again using Malwarebytes second time, No Threats found.  Also, Do I run Roguekiller now, or wait for your instructions? Thanks!

 

Here is my DDS LOG

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.51.2
Run by Owner at 13:03:20 on 2014-03-29
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.2046.1387 [GMT -4:00]
.
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.



uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com

uWinlogon: Shell = -
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mPolicies-System: EnableUIPI = dword:1
mPolicies-System: DisableCAD = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.




TCP: NameServer = 192.168.1.254
TCP: Interfaces\{B169077C-B8BA-4261-A7F8-0829245ABA8A} : DHCPNameServer = 192.168.1.254
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\xkw3v1z4.default-1376784065718\
FF - prefs.js: browser.search.selectedEngine - Search By ZoneAlarm
FF - prefs.js: browser.startup.homepage - about:home

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_94.dll
.
============= SERVICES / DRIVERS ===============
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2014-3-29 40776]
S3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys [2013-11-7 30976]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2002-9-3 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
S4 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
.
=============== Created Last 30 ================
.
2014-03-29 16:36:59    40776    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2014-03-29 06:53:04    --------    d-----w-    c:\windows\system32\QuickTime
2014-03-29 06:51:53    --------    d-----w-    c:\program files\common files\TechSmith Shared
2014-03-29 05:43:42    --------    d-----w-    c:\documents and settings\all users\application data\CheckPoint
2014-03-29 04:01:11    --------    d-----w-    c:\documents and settings\owner\application data\TechSmith
2014-03-21 06:12:04    --------    d-----w-    c:\documents and settings\owner\application data\Windows Search
2014-03-18 19:31:10    13312    -c----w-    c:\windows\system32\dllcache\xp_eos.exe
2014-03-18 19:31:10    13312    ------w-    c:\windows\system32\xp_eos.exe
.
==================== Find3M  ====================
.
2014-02-24 11:46:36    920064    ----a-w-    c:\windows\system32\wininet.dll
2014-02-24 11:45:58    43520    ----a-w-    c:\windows\system32\licmgr10.dll
2014-02-24 11:45:57    1469440    ----a-w-    c:\windows\system32\inetcpl.cpl
2014-02-24 11:45:42    18944    ----a-w-    c:\windows\system32\corpol.dll
2014-02-24 10:54:21    385024    ----a-w-    c:\windows\system32\html.iec
2014-02-23 00:30:29    103832    ----a-w-    c:\documents and settings\owner\GoToAssistDownloadHelper.exe
2014-02-18 01:18:08    867608    ----a-w-    c:\windows\DellClick2Fix_DownloadManager.exe
2014-02-18 01:17:52    379315    ----a-w-    c:\windows\DellClick2Fix_DownloadManager-1.bin
2014-02-18 01:17:52    12700    ----a-w-    c:\windows\DellClick2Fix_DownloadManager-0.bin
2014-02-07 02:01:37    1879040    ----a-w-    c:\windows\system32\win32k.sys
2014-02-05 08:55:04    562688    ----a-w-    c:\windows\system32\qedit.dll
2014-01-04 03:13:05    420864    ----a-w-    c:\windows\system32\vbscript.dll
.
============= FINISH: 13:04:26.10 ===============
 

ATTACH LOG

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 10/6/2011 5:29:00 PM
System Uptime: 3/29/2014 12:30:08 PM (1 hours ago)
.
Motherboard: Dell Computer Corp. |  | 0G1548
Processor:               Intel® Pentium® 4 CPU 2.20GHz | Microprocessor | 2192/400mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 75 GiB total, 4.74 GiB free.
D: is CDROM ()
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP112: 1/14/2014 12:49:57 PM - System Checkpoint
RP113: 1/15/2014 12:54:45 AM - Software Distribution Service 3.0
RP114: 1/16/2014 2:09:59 AM - Software Distribution Service 3.0
RP115: 1/17/2014 4:17:33 PM - System Checkpoint
RP116: 1/18/2014 5:58:06 PM - System Checkpoint
RP117: 1/19/2014 8:13:57 PM - System Checkpoint
RP118: 1/21/2014 1:25:08 AM - System Checkpoint
RP119: 1/22/2014 1:26:14 AM - System Checkpoint
RP120: 1/24/2014 3:28:07 PM - System Checkpoint
RP121: 1/25/2014 8:13:14 PM - System Checkpoint
RP122: 1/26/2014 8:44:57 PM - System Checkpoint
RP123: 1/28/2014 10:21:36 AM - System Checkpoint
RP124: 1/29/2014 5:51:49 PM - System Checkpoint
RP125: 1/30/2014 8:33:13 PM - System Checkpoint
RP126: 1/31/2014 8:42:05 PM - System Checkpoint
RP127: 2/1/2014 8:38:00 PM - Removed Bing Bar
RP128: 2/1/2014 8:41:29 PM - Removed HP Officejet 4620 series Basic Device Software
RP129: 2/1/2014 8:47:27 PM - Removed HP Officejet 4620 series Help
RP130: 2/2/2014 9:40:44 PM - System Checkpoint
RP131: 2/4/2014 4:11:53 PM - System Checkpoint
RP132: 2/5/2014 10:04:23 PM - System Checkpoint
RP133: 2/6/2014 2:03:59 AM - Removed I.R.I.S. OCR
RP134: 2/6/2014 2:08:26 AM - Removed HP Officejet 4620 series Product Improvement Study
RP135: 2/6/2014 2:11:03 AM - Removed HP Update.
RP136: 2/6/2014 2:11:45 AM - Removed Skype™ 6.13
RP137: 2/7/2014 3:00:36 AM - Software Distribution Service 3.0
RP138: 2/9/2014 12:42:28 AM - System Checkpoint
RP139: 2/10/2014 3:50:26 AM - System Checkpoint
RP140: 2/11/2014 6:23:49 PM - System Checkpoint
RP141: 2/12/2014 9:54:19 PM - System Checkpoint
RP142: 2/13/2014 3:01:12 AM - Software Distribution Service 3.0
RP143: 2/15/2014 12:33:36 AM - System Checkpoint
RP144: 2/17/2014 9:55:11 PM - System Checkpoint
RP145: 2/18/2014 12:35:50 AM - Installed Achiever
RP146: 2/18/2014 11:37:11 PM - Removed Achiever
RP147: 2/19/2014 11:53:35 PM - System Checkpoint
RP148: 2/21/2014 3:45:06 PM - System Checkpoint
RP149: 2/22/2014 5:21:19 PM - System Checkpoint
RP150: 2/22/2014 7:24:32 PM - Installed Java 7 Update 51
RP151: 2/22/2014 7:37:04 PM - Pre Install Click 2 Fix restore point
RP152: 2/22/2014 8:10:57 PM - Software Distribution Service 3.0
RP153: 2/23/2014 1:01:44 AM - Software Distribution Service 3.0
RP154: 2/23/2014 10:41:32 PM - Software Distribution Service 3.0
RP155: 2/24/2014 11:19:06 PM - System Checkpoint
RP156: 2/25/2014 11:54:36 PM - System Checkpoint
RP157: 2/28/2014 2:49:33 PM - System Checkpoint
RP158: 3/1/2014 6:21:00 PM - System Checkpoint
RP159: 3/2/2014 7:02:04 PM - System Checkpoint
RP160: 3/3/2014 9:44:31 PM - System Checkpoint
RP161: 3/4/2014 10:22:54 PM - System Checkpoint
RP162: 3/5/2014 1:48:36 PM - Removed Skype™ 6.14
RP163: 3/6/2014 4:14:35 PM - System Checkpoint
RP164: 3/7/2014 4:57:53 PM - System Checkpoint
RP165: 3/8/2014 8:47:24 PM - System Checkpoint
RP166: 3/10/2014 3:02:03 AM - System Checkpoint
RP167: 3/10/2014 5:15:08 PM - Software Distribution Service 3.0
RP168: 3/11/2014 9:43:49 PM - Software Distribution Service 3.0
RP169: 3/14/2014 2:44:02 PM - System Checkpoint
RP170: 3/16/2014 5:39:54 PM - System Checkpoint
RP171: 3/17/2014 7:51:10 PM - System Checkpoint
RP172: 3/18/2014 8:49:57 PM - Software Distribution Service 3.0
RP173: 3/20/2014 2:59:19 PM - System Checkpoint
RP174: 3/21/2014 3:24:05 PM - System Checkpoint
RP175: 3/22/2014 6:07:14 PM - System Checkpoint
RP176: 3/28/2014 11:46:25 PM - Installed Camtasia Studio 8
RP177: 3/29/2014 2:13:12 AM - Removed Camtasia Studio 8
RP178: 3/29/2014 2:38:58 AM - Restore Operation
RP179: 3/29/2014 2:51:15 AM - Installed Camtasia Studio 6
RP180: 3/29/2014 3:01:10 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS5
Adobe Reader X (10.1.9)
B57Inst
BCM V.92 56K Modem
Broadcom Driver Installer
Camtasia Studio 6
Crack the DAT 2013-2014
Crack the DAT 5.0.26
Dell ResourceCD
Google Talk Plugin
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Intel® Extreme Graphics Driver
Java 7 Update 51
Java Auto Updater
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office 2000 Professional
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox 28.0 (x86 en-US)
Mozilla Maintenance Service
PDF Settings CS5
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2901110v2)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB2817183)
Security Update for Windows Internet Explorer 8 (KB2829530)
Security Update for Windows Internet Explorer 8 (KB2838727)
Security Update for Windows Internet Explorer 8 (KB2846071)
Security Update for Windows Internet Explorer 8 (KB2847204)
Security Update for Windows Internet Explorer 8 (KB2862772)
Security Update for Windows Internet Explorer 8 (KB2870699)
Security Update for Windows Internet Explorer 8 (KB2879017)
Security Update for Windows Internet Explorer 8 (KB2888505)
Security Update for Windows Internet Explorer 8 (KB2898785)
Security Update for Windows Internet Explorer 8 (KB2909210)
Security Update for Windows Internet Explorer 8 (KB2909921)
Security Update for Windows Internet Explorer 8 (KB2925418)
Security Update for Windows Media Player (KB2834904-v2)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2544521)
Security Update for Windows XP (KB2559049)
Security Update for Windows XP (KB2586448)
Security Update for Windows XP (KB2618444)
Security Update for Windows XP (KB2647516)
Security Update for Windows XP (KB2847311)
Security Update for Windows XP (KB2862152)
Security Update for Windows XP (KB2862330)
Security Update for Windows XP (KB2862335)
Security Update for Windows XP (KB2864063)
Security Update for Windows XP (KB2868038)
Security Update for Windows XP (KB2868626)
Security Update for Windows XP (KB2876217)
Security Update for Windows XP (KB2876315)
Security Update for Windows XP (KB2876331)
Security Update for Windows XP (KB2883150)
Security Update for Windows XP (KB2892075)
Security Update for Windows XP (KB2893294)
Security Update for Windows XP (KB2893984)
Security Update for Windows XP (KB2898715)
Security Update for Windows XP (KB2900986)
Security Update for Windows XP (KB2914368)
Security Update for Windows XP (KB2916036)
Security Update for Windows XP (KB2929961)
Security Update for Windows XP (KB2930275)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB975713)
SoundMAX
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2904266)
Update for Windows XP (KB2934207)
Update for Windows XP (KB951978)
USB2.0 PC Camera (SN9C201&202)
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
Windows XP Service Pack 3
WinRAR 4.11 (32-bit)
.
==== End Of File ===========================
 

Link to post
Share on other sites

ROUGEKILLER LOG!

 

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Owner [Admin rights]
Mode : Scan -- Date : 03/29/2014 14:16:58
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 5 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤
[Address] EAT @firefox.exe (FREEBL_GetVector) : nssckbi.dll -> HOOKED (C:\Program Files\Mozilla Firefox\freebl3.dll @ 0x0C001000)

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1       localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST380215A +++++
--- User ---
[MBR] 73f987c631ba42764dce97e57309caf0
[bSP] 33e325a7d9768a4c0f3363561fe8019d : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76308 MB
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_03292014_141658.txt >>



 

Link to post
Share on other sites

Please download AdwCleaner from HERE or HERE to your desktop.

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select Run As Administrator

  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.
Then.......

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

Link to post
Share on other sites

Thank you so much Mr Charlie for helping me! My PC is fast again! All because of your magic. God bless you!!

 

# AdwCleaner v3.022 - Report created 29/03/2014 at 20:47:17
# Updated 13/03/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Owner - ANAM-RNFR3WMDD7
# Running from : C:\Documents and Settings\Owner\My Documents\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\xkw3v1z4.default-1376784065718\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Optimizer Pro v3.2
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7854F00C-DC77-477E-A10E-603F48442D3B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\xkw3v1z4.default-1376784065718\prefs.js ]


[ File : C:\Documents and Settings\Dena\Application Data\Mozilla\Firefox\Profiles\8boufv13.default\prefs.js ]


[ File : C:\Documents and Settings\SHAK\Application Data\Mozilla\Firefox\Profiles\vd8ncv3g.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1958 octets] - [20/02/2014 23:02:39]
AdwCleaner[R1].txt - [2886 octets] - [29/03/2014 20:43:28]
AdwCleaner[s0].txt - [2047 octets] - [20/02/2014 23:33:43]
AdwCleaner[s1].txt - [2843 octets] - [29/03/2014 20:47:17]

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [2903 octets] ##########
 

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.03.29.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Owner :: ANAM-RNFR3WMDD7 [administrator]

3/29/2014 9:10:20 PM
mbam-log-2014-03-29 (21-10-20).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 263065
Time elapsed: 24 minute(s), 38 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

Link to post
Share on other sites

OK..Next:

Please download Farbar Recovery Scan Tool (FRST) and save it to a folder.

(use correct version for your system.....Which system am I using?)

FRST <----for 32 bit systems

FRST64 <----for 64 bit systems

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
If the logs are large, you can attach them:

To attach a log:

Bottom right corner of this page.

reply1.jpg

New window that comes up.

replyer1.jpg

MrC

Link to post
Share on other sites

Hi MrCharlie!

 

Here are the logs!

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01
Ran by Owner (administrator) on ANAM-RNFR3WMDD7 on 30-03-2014 23:12:25
Running from C:\Documents and Settings\Owner\My Documents\Downloads
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSConfig] - C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [169984 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxsrvc.dll (Intel Corporation)
HKU\S-1-5-21-1935655697-725345543-1398031866-1003\...\Winlogon: [shell] -

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - URL http://search.conduit.com/Results.aspx?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=58&CUI=&UM=5&UP=SP16BF35BB-350F-497B-BFE0-7A2F0AFFEB29&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKCU - {EEBA3501-49F3-4219-96B6-F8603AF1AD5C} URL = http://www.bing.com/search?q={searchTerms}&r=250
SearchScopes: HKCU - {F5C06B15-C34B-4DA9-B402-8E7E2E2D4463} URL = http://search.zonealarm.com/search?src=sp&tbid=goughDev3&Lan=en&q={searchTerms}&gu=00674ddf02a8433b9ed0a9291062edcc&tu=11J3y00DC2B0Ca0&sku=&tstsId=&ver=&&r=281
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} http://ax.emsisoft.com/asquared.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\i8j6xi5j.default-1396147886042
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @alibaba.com/nptrademanager;version=1.0 - C:\Program Files\TradeManager\nptrademanager.dll No File
FF Plugin: @alibaba.com/npwangwang;version=1.0 - C:\Program Files\TradeManager\npwangwang.dll No File
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @alibaba.com/npAliSSOLogin;version=1.0 - C:\Program Files\TradeManager\npAliSSOLogin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nptrademanager.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwangwang.dll ( )
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-03-18]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

Chrome:
=======
CHR HomePage:
CHR RestoreOnStartup: "sync_promo" :
    {
        "show_on_first_run_allowed"
CHR DefaultSearchProvider: Search By ZoneAlarm
CHR DefaultSearchURL: http://search.zonealarm.com/search?src=sp&tbid=goughDev3&Lan=en&q={searchTerms}&gu=00674ddf02a8433b9ed0a9291062edcc&tu=11J3y00DC2B0Ca0&sku=&tstsId=&ver=&
CHR HKLM\...\Chrome\Extension: [pbofibgamhkgoonaocfgemncghhadmgb] - C:\Documents and Settings\Owner\Local Settings\Application Data\CRE\pbofibgamhkgoonaocfgemncghhadmgb.crx []
CHR HKCU\...\Chrome\Extension: [pbofibgamhkgoonaocfgemncghhadmgb] - C:\Documents and Settings\Owner\Local Settings\Application Data\CRE\pbofibgamhkgoonaocfgemncghhadmgb.crx []

========================== Services (Whitelisted) =================

S4 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)
S2 OutfoxTvService; C:\Program Files\OutfoxTV\OutfoxTvService.exe [X]

==================== Drivers (Whitelisted) ====================

R3 BCMModem; C:\WINDOWS\System32\DRIVERS\BCMSM.sys [1101696 2003-08-29] (Broadcom Corporation)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 CVirtA; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [30976 2013-11-07] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 NuidFltr; C:\WINDOWS\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
S3 SNP2STD; C:\WINDOWS\System32\DRIVERS\snp2sxp.sys [10305280 2006-06-07] ()
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
R3 {6080A529-897E-4629-A488-ABA0C29B635E}; C:\WINDOWS\System32\drivers\ialmsbw.sys [113504 2003-04-15] (Intel Corporation)
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}; C:\WINDOWS\System32\drivers\ialmkchw.sys [78752 2003-04-15] (Intel Corporation)
U0 PROCMON23; System32\Drivers\PROCMON23.SYS [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-30 23:12 - 2014-03-30 23:12 - 00000000 ____D () C:\FRST
2014-03-30 22:33 - 2014-03-30 22:33 - 00002253 _____ () C:\Documents and Settings\Owner\Desktop\RKreport[0]_S_03302014_223328.txt
2014-03-30 22:29 - 2014-03-30 22:33 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\RK_Quarantine
2014-03-30 16:36 - 2014-03-30 16:35 - 142051374 _____ () C:\Documents and Settings\Owner\Desktop\Biology Quizzes Workshop.avi
2014-03-30 15:07 - 2014-03-30 15:07 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 13 Reading Comprehension 2 & Strategy 2
2014-03-30 15:06 - 2014-03-30 15:07 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 12 Schedule Your Organic Chemistry 2 Flex
2014-03-30 15:06 - 2014-03-30 15:07 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 11 General Chemistry 2
2014-03-30 15:06 - 2014-03-30 15:07 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 10 Quantitative Reasoning 2
2014-03-30 15:05 - 2014-03-30 15:05 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 9 Schedule Your Perceptual Ability 2 Flex
2014-03-30 15:04 - 2014-03-30 15:07 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 6 Schedule Your Organic Chemistry 1 Flex
2014-03-30 15:04 - 2014-03-30 15:04 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 7 Full Length 1 - Take at Home
2014-03-30 15:03 - 2014-03-30 15:05 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 8 Biology 2
2014-03-30 15:00 - 2014-03-30 15:02 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 5 General Chemistry 1
2014-03-30 14:58 - 2014-03-30 15:00 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 4 Quantitative Reasoning 1
2014-03-30 14:56 - 2014-03-30 14:57 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 3 Schedule Your Perceptual Ability 1 Flex
2014-03-30 14:49 - 2014-03-30 14:57 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 2 Biology 1
2014-03-30 14:44 - 2014-03-30 14:53 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 1 Strategy 1 & Reading Comprehension 1
2014-03-29 17:20 - 2014-03-29 22:54 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\General Chemistry Quizzes
2014-03-29 02:53 - 2014-03-29 02:53 - 00000000 ____D () C:\WINDOWS\system32\QuickTime
2014-03-29 02:52 - 2014-03-29 02:52 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Camtasia Studio 6
2014-03-29 02:51 - 2014-03-29 02:51 - 00000000 ____D () C:\Program Files\TechSmith
2014-03-29 02:51 - 2014-03-29 02:51 - 00000000 ____D () C:\Program Files\Common Files\TechSmith Shared
2014-03-29 01:49 - 2014-03-29 01:49 - 00000096 _____ () C:\Documents and Settings\Owner\Application Data\version2.xml
2014-03-29 01:43 - 2014-03-29 01:43 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CheckPoint
2014-03-29 00:01 - 2014-03-29 00:01 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\TechSmith
2014-03-29 00:00 - 2014-03-29 02:58 - 00000000 ____D () C:\Documents and Settings\Owner\My Documents\Camtasia Studio
2014-03-28 23:46 - 2014-03-29 02:35 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\TechSmith
2014-03-21 02:12 - 2014-03-21 02:12 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\Windows Search
2014-03-19 00:37 - 2014-03-30 22:47 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-03-19 00:37 - 2014-03-19 13:07 - 00000216 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-03-18 20:56 - 2014-03-18 20:56 - 00004870 _____ () C:\WINDOWS\KB2934207.log
2014-03-18 20:56 - 2014-03-18 20:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-03-18 17:43 - 2014-03-18 17:44 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-18 15:31 - 2014-02-25 21:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-03-18 15:31 - 2014-02-25 21:59 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-03-11 21:44 - 2014-03-11 21:46 - 00011599 _____ () C:\WINDOWS\KB2925418-IE8.log
2014-03-11 21:44 - 2014-03-11 21:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-11 21:44 - 2014-03-11 21:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-11 21:14 - 2014-03-11 21:44 - 00009105 _____ () C:\WINDOWS\KB2929961.log
2014-03-11 21:12 - 2014-03-11 21:44 - 00010423 _____ () C:\WINDOWS\KB2930275.log
2014-03-09 19:16 - 2014-03-09 19:16 - 00000129 _____ () C:\Shortcut to 3½ Floppy (A).lnk

==================== One Month Modified Files and Folders =======

2014-03-30 23:12 - 2014-03-30 23:12 - 00000000 ____D () C:\FRST
2014-03-30 22:48 - 2011-10-06 21:12 - 01736801 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-30 22:47 - 2014-03-19 00:37 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-03-30 22:47 - 2013-05-25 16:00 - 00000340 _____ () C:\WINDOWS\Tasks\AVG-Secure-Search-Update_MAY2013_TB_rel.job
2014-03-30 22:47 - 2011-10-06 17:27 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-30 22:47 - 2011-10-05 20:12 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-30 22:47 - 2011-10-05 20:12 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-03-30 22:45 - 2014-02-20 23:01 - 00000000 ____D () C:\AdwCleaner
2014-03-30 22:45 - 2011-10-06 17:29 - 00032112 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-30 22:45 - 2011-10-06 17:29 - 00000278 ___SH () C:\Documents and Settings\Owner\ntuser.ini
2014-03-30 22:38 - 2012-10-11 00:22 - 00000974 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-725345543-1398031866-1004UA.job
2014-03-30 22:33 - 2014-03-30 22:33 - 00002253 _____ () C:\Documents and Settings\Owner\Desktop\RKreport[0]_S_03302014_223328.txt
2014-03-30 22:33 - 2014-03-30 22:29 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\RK_Quarantine
2014-03-30 22:23 - 2012-02-22 00:31 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-03-30 20:50 - 2011-10-06 15:45 - 00215552 _____ () C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-30 18:38 - 2012-10-11 00:22 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-725345543-1398031866-1004Core.job
2014-03-30 16:35 - 2014-03-30 16:36 - 142051374 _____ () C:\Documents and Settings\Owner\Desktop\Biology Quizzes Workshop.avi
2014-03-30 15:07 - 2014-03-30 15:07 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 13 Reading Comprehension 2 & Strategy 2
2014-03-30 15:07 - 2014-03-30 15:06 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 12 Schedule Your Organic Chemistry 2 Flex
2014-03-30 15:07 - 2014-03-30 15:06 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 11 General Chemistry 2
2014-03-30 15:07 - 2014-03-30 15:06 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 10 Quantitative Reasoning 2
2014-03-30 15:07 - 2014-03-30 15:04 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 6 Schedule Your Organic Chemistry 1 Flex
2014-03-30 15:05 - 2014-03-30 15:05 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 9 Schedule Your Perceptual Ability 2 Flex
2014-03-30 15:05 - 2014-03-30 15:03 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 8 Biology 2
2014-03-30 15:04 - 2014-03-30 15:04 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 7 Full Length 1 - Take at Home
2014-03-30 15:02 - 2014-03-30 15:00 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 5 General Chemistry 1
2014-03-30 15:00 - 2014-03-30 14:58 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 4 Quantitative Reasoning 1
2014-03-30 14:57 - 2014-03-30 14:56 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 3 Schedule Your Perceptual Ability 1 Flex
2014-03-30 14:57 - 2014-03-30 14:49 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 2 Biology 1
2014-03-30 14:53 - 2014-03-30 14:44 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 1 Strategy 1 & Reading Comprehension 1
2014-03-30 02:00 - 2012-11-29 10:26 - 00000340 _____ () C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-ANAM-RNFR3WMDD7-Dena.job
2014-03-30 02:00 - 2012-11-21 02:21 - 00000340 _____ () C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-ANAM-RNFR3WMDD7-SHAK.job
2014-03-29 23:12 - 2013-04-10 17:58 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-03-29 22:54 - 2014-03-29 17:20 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\General Chemistry Quizzes
2014-03-29 21:44 - 2011-10-06 21:21 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\Macromedia
2014-03-29 18:52 - 2013-10-29 12:01 - 00001552 _____ () C:\Documents and Settings\Owner\Desktop\Dell TEch.txt
2014-03-29 14:25 - 2013-08-18 04:24 - 00235912 _____ () C:\WINDOWS\setupapi.log
2014-03-29 14:12 - 2002-09-03 13:14 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-03-29 02:58 - 2014-03-29 00:00 - 00000000 ____D () C:\Documents and Settings\Owner\My Documents\Camtasia Studio
2014-03-29 02:53 - 2014-03-29 02:53 - 00000000 ____D () C:\WINDOWS\system32\QuickTime
2014-03-29 02:52 - 2014-03-29 02:52 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Camtasia Studio 6
2014-03-29 02:51 - 2014-03-29 02:51 - 00000000 ____D () C:\Program Files\TechSmith
2014-03-29 02:51 - 2014-03-29 02:51 - 00000000 ____D () C:\Program Files\Common Files\TechSmith Shared
2014-03-29 02:51 - 2013-08-18 17:29 - 00011910 _____ () C:\WINDOWS\wmsetup.log
2014-03-29 02:35 - 2014-03-28 23:46 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\TechSmith
2014-03-29 02:21 - 2013-08-28 03:25 - 00254093 _____ () C:\WINDOWS\FaxSetup.log
2014-03-29 02:21 - 2013-08-28 03:25 - 00128021 _____ () C:\WINDOWS\ocgen.log
2014-03-29 02:21 - 2013-08-28 03:25 - 00098284 _____ () C:\WINDOWS\tsoc.log
2014-03-29 02:21 - 2013-08-28 03:25 - 00084046 _____ () C:\WINDOWS\comsetup.log
2014-03-29 02:21 - 2013-08-28 03:25 - 00051278 _____ () C:\WINDOWS\ntdtcsetup.log
2014-03-29 02:21 - 2013-08-28 03:25 - 00040105 _____ () C:\WINDOWS\iis6.log
2014-03-29 02:21 - 2013-08-28 03:25 - 00014149 _____ () C:\WINDOWS\ocmsn.log
2014-03-29 02:21 - 2013-08-28 03:25 - 00012839 _____ () C:\WINDOWS\msgsocm.log
2014-03-29 02:21 - 2013-08-28 03:25 - 00001917 _____ () C:\WINDOWS\imsins.log
2014-03-29 01:54 - 2013-04-09 22:49 - 00004534 _____ () C:\Documents and Settings\Owner\Application Data\CamStudio.cfg
2014-03-29 01:54 - 2013-04-09 22:46 - 00000408 _____ () C:\Documents and Settings\Owner\Application Data\CamShapes.ini
2014-03-29 01:54 - 2013-04-09 22:46 - 00000408 _____ () C:\Documents and Settings\Owner\Application Data\CamLayout.ini
2014-03-29 01:54 - 2013-04-09 22:46 - 00000120 _____ () C:\Documents and Settings\Owner\Application Data\Camdata.ini
2014-03-29 01:52 - 2013-04-09 22:42 - 00000000 ____D () C:\Program Files\CamStudio 2.7
2014-03-29 01:49 - 2014-03-29 01:49 - 00000096 _____ () C:\Documents and Settings\Owner\Application Data\version2.xml
2014-03-29 01:43 - 2014-03-29 01:43 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CheckPoint
2014-03-29 00:47 - 2013-04-11 03:28 - 00494206 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1935655697-725345543-1398031866-1003-0.dat
2014-03-29 00:47 - 2013-04-11 03:28 - 00214414 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-03-29 00:44 - 2013-02-28 05:15 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Shoes for ash
2014-03-29 00:01 - 2014-03-29 00:01 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\TechSmith
2014-03-28 23:37 - 2011-10-05 20:10 - 00007042 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-23 22:16 - 2012-11-11 19:16 - 00000309 _____ () C:\Documents and Settings\Owner\Application Data\com.crackdat.crackdatsuite.xml
2014-03-23 22:16 - 2012-11-11 19:15 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\Crack the DAT
2014-03-22 18:47 - 2013-04-15 18:12 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\DAT
2014-03-21 17:12 - 2012-09-18 20:07 - 00000178 ___SH () C:\Documents and Settings\SHAK\ntuser.ini
2014-03-21 02:12 - 2014-03-21 02:12 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\Windows Search
2014-03-20 01:38 - 2013-10-02 16:06 - 00000269 _____ () C:\Documents and Settings\Owner\Desktop\fax to chase.txt
2014-03-19 13:07 - 2014-03-19 00:37 - 00000216 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-03-19 00:36 - 2012-08-19 22:16 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-18 20:56 - 2014-03-18 20:56 - 00004870 _____ () C:\WINDOWS\KB2934207.log
2014-03-18 20:56 - 2014-03-18 20:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-03-18 20:56 - 2013-08-28 03:25 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-03-18 20:55 - 2013-07-13 03:01 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-18 20:51 - 2012-09-07 19:31 - 87350280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-18 17:44 - 2014-03-18 17:43 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-16 23:24 - 2013-01-01 02:23 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Puters
2014-03-16 23:22 - 2013-05-22 14:45 - 00000365 _____ () C:\Documents and Settings\Owner\Desktop\LOL999.txt
2014-03-16 23:18 - 2012-03-04 04:36 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Misc
2014-03-16 16:11 - 2013-09-28 20:05 - 00001269 _____ () C:\Documents and Settings\Owner\Desktop\cool.txt
2014-03-16 16:08 - 2013-03-18 19:51 - 00001785 _____ () C:\Documents and Settings\Owner\Desktop\BOUGHT!.txt
2014-03-15 19:01 - 2011-10-05 20:08 - 00000210 ___SH () C:\boot.ini
2014-03-15 19:01 - 2002-09-03 13:11 - 00000884 _____ () C:\WINDOWS\win.ini
2014-03-15 19:01 - 2002-09-03 13:06 - 00000227 _____ () C:\WINDOWS\system.ini
2014-03-12 22:58 - 2013-03-20 02:39 - 03444184 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-11 21:46 - 2014-03-11 21:44 - 00011599 _____ () C:\WINDOWS\KB2925418-IE8.log
2014-03-11 21:45 - 2013-09-13 01:32 - 00019755 _____ () C:\WINDOWS\updspapi.log
2014-03-11 21:45 - 2012-03-05 23:16 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-03-11 21:44 - 2014-03-11 21:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-11 21:44 - 2014-03-11 21:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-11 21:44 - 2014-03-11 21:14 - 00009105 _____ () C:\WINDOWS\KB2929961.log
2014-03-11 21:44 - 2014-03-11 21:12 - 00010423 _____ () C:\WINDOWS\KB2930275.log
2014-03-11 21:29 - 2011-10-11 22:01 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
2014-03-11 21:28 - 2011-10-10 01:43 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-03-10 17:16 - 2014-02-13 04:24 - 00019822 _____ () C:\WINDOWS\KB2909921-IE8.log
2014-03-10 16:51 - 2012-09-18 20:07 - 00000000 ____D () C:\Documents and Settings\SHAK\Application Data\Macromedia
2014-03-09 19:16 - 2014-03-09 19:16 - 00000129 _____ () C:\Shortcut to 3½ Floppy (A).lnk
2014-03-09 19:13 - 2013-08-17 18:26 - 00000420 _____ () C:\WINDOWS\setupact.log
2014-03-07 00:46 - 2012-02-15 23:07 - 00002479 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Word.lnk
2014-03-06 00:55 - 2013-08-07 17:38 - 00001544 _____ () C:\Documents and Settings\Owner\Desktop\Salonnnn.txt
2014-03-05 15:23 - 2012-01-26 06:01 - 00000132 _____ () C:\Documents and Settings\Owner\Application Data\Adobe PNG Format CS5 Prefs
2014-03-05 14:47 - 2011-10-08 03:47 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Skype
2014-03-05 13:40 - 2011-10-08 03:47 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\Skype
2014-03-04 21:14 - 2014-02-22 21:59 - 00024782 _____ () C:\WINDOWS\KB940157Uninst.log

Files to move or delete:
====================
C:\Documents and Settings\Owner\Application Data\CamLayout.ini
C:\Documents and Settings\Owner\Application Data\CamShapes.ini


Some content of TEMP:
====================
C:\Documents and Settings\Owner\Local Settings\Temp\ntdll_dump.dll
C:\Documents and Settings\Owner\Local Settings\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014  01
Ran by Owner at 2014-03-30 23:13:51
Running from C:\Documents and Settings\Owner\My Documents\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================


==================== Installed Programs ======================

Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.6.0.6090 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.3.300.265 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
B57Inst (Version: 3.40 - Broadcom) Hidden
BCM V.92 56K Modem (HKLM\...\BCM V.92 56K Modem) (Version:  - )
Broadcom Driver Installer (HKLM\...\InstallShield_{BE6890C7-31EF-478C-812E-1E2899ABFCA9}) (Version: 3.40 - Broadcom)
Camtasia Studio 6 (HKLM\...\{A589DA26-51BD-475D-8C32-E19E34145842}) (Version: 6.0.3 - TechSmith Corporation)
Crack the DAT 2013-2014 (HKLM\...\Crack the DAT) (Version: 2013-2014 - Crack Exam Preparation Software)
Crack the DAT 5.0.26 (HKLM\...\{DCE61563-DA83-47CD-B6E6-D25BEC21B301}_is1) (Version:  - Crack DAT)
Dell ResourceCD (HKLM\...\{D78653C3-A8FF-415F-92E6-D774E634FF2D}) (Version:  - )
Google Talk Plugin (HKLM\...\{43D16DA8-BF42-3C62-89D3-3AD47829DC2E}) (Version: 3.10.2.10212 - Google)
Intel® Extreme Graphics Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version:  - )
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 (Version:  - Microsoft Corporation) Hidden
Microsoft Office 2000 Professional (HKLM\...\{00010409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 28.0 (x86 en-US) (HKLM\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version:  - )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Windows XP (KB2492386) (HKLM\...\KB2492386) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
USB2.0 PC Camera (SN9C201&202) (HKLM\...\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}) (Version: 5.7.3.102 - )
WebFldrs XP (Version: 9.50.6513 - Microsoft Corporation) Hidden
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version:  - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinRAR 4.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)

==================== Restore Points  =========================

14-01-2014 17:49:57 System Checkpoint
15-01-2014 05:54:45 Software Distribution Service 3.0
16-01-2014 07:09:59 Software Distribution Service 3.0
17-01-2014 21:17:33 System Checkpoint
18-01-2014 22:58:06 System Checkpoint
20-01-2014 01:13:57 System Checkpoint
21-01-2014 06:25:08 System Checkpoint
22-01-2014 06:26:14 System Checkpoint
24-01-2014 20:28:07 System Checkpoint
26-01-2014 01:13:14 System Checkpoint
27-01-2014 01:44:57 System Checkpoint
28-01-2014 15:21:36 System Checkpoint
29-01-2014 22:51:49 System Checkpoint
31-01-2014 01:33:13 System Checkpoint
01-02-2014 01:42:05 System Checkpoint
02-02-2014 01:38:00 Removed Bing Bar
02-02-2014 01:41:29 Removed HP Officejet 4620 series Basic Device Software
02-02-2014 01:47:27 Removed HP Officejet 4620 series Help
03-02-2014 02:40:44 System Checkpoint
04-02-2014 21:11:53 System Checkpoint
06-02-2014 03:04:23 System Checkpoint
06-02-2014 07:03:59 Removed I.R.I.S. OCR
06-02-2014 07:08:26 Removed HP Officejet 4620 series Product Improvement Study
06-02-2014 07:11:03 Removed HP Update.
06-02-2014 07:11:45 Removed Skype™ 6.13
07-02-2014 08:00:36 Software Distribution Service 3.0
09-02-2014 05:42:28 System Checkpoint
10-02-2014 08:50:26 System Checkpoint
11-02-2014 23:23:49 System Checkpoint
13-02-2014 02:54:19 System Checkpoint
13-02-2014 08:01:12 Software Distribution Service 3.0
15-02-2014 05:33:36 System Checkpoint
18-02-2014 02:55:11 System Checkpoint
18-02-2014 05:35:50 Installed Achiever
19-02-2014 04:37:11 Removed Achiever
20-02-2014 04:53:35 System Checkpoint
21-02-2014 20:45:06 System Checkpoint
22-02-2014 22:21:19 System Checkpoint
23-02-2014 00:24:32 Installed Java 7 Update 51
23-02-2014 00:37:04 Pre Install Click 2 Fix restore point
23-02-2014 01:10:57 Software Distribution Service 3.0
23-02-2014 06:01:44 Software Distribution Service 3.0
24-02-2014 03:41:32 Software Distribution Service 3.0
25-02-2014 04:19:06 System Checkpoint
26-02-2014 04:54:36 System Checkpoint
28-02-2014 19:49:33 System Checkpoint
01-03-2014 23:21:00 System Checkpoint
03-03-2014 00:02:04 System Checkpoint
04-03-2014 02:44:31 System Checkpoint
05-03-2014 03:22:54 System Checkpoint
05-03-2014 18:48:36 Removed Skype™ 6.14
06-03-2014 21:14:35 System Checkpoint
07-03-2014 21:57:53 System Checkpoint
09-03-2014 01:47:24 System Checkpoint
10-03-2014 07:02:03 System Checkpoint
10-03-2014 21:15:08 Software Distribution Service 3.0
12-03-2014 01:43:49 Software Distribution Service 3.0
14-03-2014 18:44:02 System Checkpoint
16-03-2014 21:39:54 System Checkpoint
17-03-2014 23:51:10 System Checkpoint
19-03-2014 00:49:57 Software Distribution Service 3.0
20-03-2014 18:59:19 System Checkpoint
21-03-2014 19:24:05 System Checkpoint
22-03-2014 22:07:14 System Checkpoint
29-03-2014 03:46:25 Installed Camtasia Studio 8
29-03-2014 06:13:12 Removed Camtasia Studio 8
29-03-2014 06:38:58 Restore Operation
29-03-2014 06:51:15 Installed Camtasia Studio 6
29-03-2014 07:01:10 Software Distribution Service 3.0
30-03-2014 02:02:19 Software Distribution Service 3.0
31-03-2014 02:21:48 System Checkpoint

==================== Hosts content: ==========================

2002-09-03 12:34 - 2011-01-12 19:45 - 00000734 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-ANAM-RNFR3WMDD7-Dena.job => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-ANAM-RNFR3WMDD7-SHAK.job => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_MAY2013_TB_rel.job => C:\Program Files\AVG SafeGuard toolbar\AVG-Secure-Search-Update_MAY2013_TB.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-725345543-1398031866-1004Core.job => C:\Documents and Settings\Dena\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-725345543-1398031866-1004UA.job => C:\Documents and Settings\Dena\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe

==================== Loaded Modules (whitelisted) =============

2012-04-25 22:21 - 2012-02-17 20:55 - 00166912 _____ () C:\Program Files\WinRAR\rarext.dll
2014-03-18 17:43 - 2014-03-18 17:44 - 03642480 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\02387577.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\83409464.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\02387577.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\83409464.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "DisplayName"="Dell"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "ErrorControl"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "ImagePath"="C:\Program Files\Dell\Click 2 Fix\srvc.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "ObjectName"="LocalSystem"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "Start"="2"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "Type"="272"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix\Parameters => "Application"="C:\Program Files\Dell\Click 2 Fix\srvc.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix\Parameters => "AppParameters"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "DisplayName"="Dell"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "ErrorControl"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "ImagePath"="C:\Program Files\Dell\Click 2 Fix+\srvc.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "ObjectName"="LocalSystem"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "Start"="2"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "Type"="272"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+\Parameters => "Application"="C:\Program Files\Dell\Click 2 Fix+\srvc.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+\Parameters => "AppParameters"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk => C:\WINDOWS\pss\Windows Search.lnkCommon Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: BCMSMMSG => BCMSMMSG.exe
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: FixCamera => C:\WINDOWS\FixCamera.exe
MSCONFIG\startupreg: HotKeysCmds => C:\WINDOWS\System32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\WINDOWS\System32\igfxtray.exe
MSCONFIG\startupreg: snp2std => C:\WINDOWS\vsnp2std.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: tsnp2std => C:\WINDOWS\tsnp2std.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/30/2014 10:57:16 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\OWNER\DESKTOP\NEW FOLDER> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/30/2014 10:57:15 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\OWNER\DESKTOP\NEW FOLDER> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/30/2014 10:57:13 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\OWNER\DESKTOP\NEW FOLDER> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/30/2014 10:57:13 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\OWNER\DESKTOP\NEW FOLDER> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/30/2014 10:57:12 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\OWNER\MY DOCUMENTS\DOWNLOADS\ADWCLEANER.EXE> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/30/2014 10:57:12 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\OWNER\MY DOCUMENTS\DOWNLOADS\ADWCLEANER.EXE> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/30/2014 10:49:45 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\OWNER\RECENT\1.4 NUCLEAR CHEMISTRY RADIOACTIVITY Q1.LNK> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/30/2014 10:49:42 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\OWNER\DESKTOP\RK_QUARANTINE\ROGUEKILLER.INI> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/30/2014 10:25:48 PM) (Source: Application Hang) (User: )
Description: Hanging application CamRecorder.exe, version 6.0.3.928, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/30/2014 10:25:35 PM) (Source: Application Hang) (User: )
Description: Hanging application CamRecorder.exe, version 6.0.3.928, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (03/30/2014 10:47:50 PM) (Source: Service Control Manager) (User: )
Description: The OutfoxTvService service failed to start due to the following error:
%%2

Error: (03/30/2014 02:36:36 PM) (Source: Service Control Manager) (User: )
Description: The OutfoxTvService service failed to start due to the following error:
%%2

Error: (03/30/2014 00:29:54 AM) (Source: Service Control Manager) (User: )
Description: The OutfoxTvService service failed to start due to the following error:
%%2

Error: (03/30/2014 00:28:01 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (03/30/2014 00:23:05 AM) (Source: DCOM) (User: ANAM-RNFR3WMDD7)
Description: DCOM got error "%%1084" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (03/30/2014 00:18:25 AM) (Source: DCOM) (User: ANAM-RNFR3WMDD7)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (03/30/2014 00:18:04 AM) (Source: DCOM) (User: ANAM-RNFR3WMDD7)
Description: DCOM got error "%%1084" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (03/30/2014 00:17:58 AM) (Source: DCOM) (User: ANAM-RNFR3WMDD7)
Description: DCOM got error "%%1084" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (03/30/2014 00:17:24 AM) (Source: DCOM) (User: ANAM-RNFR3WMDD7)
Description: DCOM got error "%%1084" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (03/30/2014 00:17:22 AM) (Source: DCOM) (User: ANAM-RNFR3WMDD7)
Description: DCOM got error "%%1084" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}


Microsoft Office Sessions:
=========================
Error: (03/30/2014 10:57:16 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\OWNER\DESKTOP\NEW FOLDER

Error: (03/30/2014 10:57:15 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\OWNER\DESKTOP\NEW FOLDER

Error: (03/30/2014 10:57:13 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\OWNER\DESKTOP\NEW FOLDER

Error: (03/30/2014 10:57:13 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\OWNER\DESKTOP\NEW FOLDER

Error: (03/30/2014 10:57:12 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\OWNER\MY DOCUMENTS\DOWNLOADS\ADWCLEANER.EXE

Error: (03/30/2014 10:57:12 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\OWNER\MY DOCUMENTS\DOWNLOADS\ADWCLEANER.EXE

Error: (03/30/2014 10:49:45 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\OWNER\RECENT\1.4 NUCLEAR CHEMISTRY RADIOACTIVITY Q1.LNK

Error: (03/30/2014 10:49:42 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\OWNER\DESKTOP\RK_QUARANTINE\ROGUEKILLER.INI

Error: (03/30/2014 10:25:48 PM) (Source: Application Hang)(User: )
Description: CamRecorder.exe6.0.3.928hungapp0.0.0.000000000

Error: (03/30/2014 10:25:35 PM) (Source: Application Hang)(User: )
Description: CamRecorder.exe6.0.3.928hungapp0.0.0.000000000


==================== Memory info ===========================

Percentage of memory in use: 27%
Total physical RAM: 2046 MB
Available physical RAM: 1481.41 MB
Total Pagefile: 4968.77 MB
Available Pagefile: 4578.3 MB
Total Virtual: 2047.88 MB
Available Virtual: 1950.31 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.52 GB) (Free:33.68 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 75 GB) (Disk ID: CBF3CBF3)

Partition: GPT Partition Type.

==================== End Of Log ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014  01
Ran by Owner at 2014-03-30 23:17:04
Running from C:\Documents and Settings\Owner\My Documents\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================


==================== Installed Programs ======================

Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.6.0.6090 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.3.300.265 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
B57Inst (Version: 3.40 - Broadcom) Hidden
BCM V.92 56K Modem (HKLM\...\BCM V.92 56K Modem) (Version:  - )
Broadcom Driver Installer (HKLM\...\InstallShield_{BE6890C7-31EF-478C-812E-1E2899ABFCA9}) (Version: 3.40 - Broadcom)
Camtasia Studio 6 (HKLM\...\{A589DA26-51BD-475D-8C32-E19E34145842}) (Version: 6.0.3 - TechSmith Corporation)
Crack the DAT 2013-2014 (HKLM\...\Crack the DAT) (Version: 2013-2014 - Crack Exam Preparation Software)
Crack the DAT 5.0.26 (HKLM\...\{DCE61563-DA83-47CD-B6E6-D25BEC21B301}_is1) (Version:  - Crack DAT)
Dell ResourceCD (HKLM\...\{D78653C3-A8FF-415F-92E6-D774E634FF2D}) (Version:  - )
Google Talk Plugin (HKLM\...\{43D16DA8-BF42-3C62-89D3-3AD47829DC2E}) (Version: 3.10.2.10212 - Google)
Intel® Extreme Graphics Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version:  - )
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 (Version:  - Microsoft Corporation) Hidden
Microsoft Office 2000 Professional (HKLM\...\{00010409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 28.0 (x86 en-US) (HKLM\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version:  - )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Windows XP (KB2492386) (HKLM\...\KB2492386) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
USB2.0 PC Camera (SN9C201&202) (HKLM\...\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}) (Version: 5.7.3.102 - )
WebFldrs XP (Version: 9.50.6513 - Microsoft Corporation) Hidden
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version:  - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinRAR 4.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)

==================== Restore Points  =========================

14-01-2014 17:49:57 System Checkpoint
15-01-2014 05:54:45 Software Distribution Service 3.0
16-01-2014 07:09:59 Software Distribution Service 3.0
17-01-2014 21:17:33 System Checkpoint
18-01-2014 22:58:06 System Checkpoint
20-01-2014 01:13:57 System Checkpoint
21-01-2014 06:25:08 System Checkpoint
22-01-2014 06:26:14 System Checkpoint
24-01-2014 20:28:07 System Checkpoint
26-01-2014 01:13:14 System Checkpoint
27-01-2014 01:44:57 System Checkpoint
28-01-2014 15:21:36 System Checkpoint
29-01-2014 22:51:49 System Checkpoint
31-01-2014 01:33:13 System Checkpoint
01-02-2014 01:42:05 System Checkpoint
02-02-2014 01:38:00 Removed Bing Bar
02-02-2014 01:41:29 Removed HP Officejet 4620 series Basic Device Software
02-02-2014 01:47:27 Removed HP Officejet 4620 series Help
03-02-2014 02:40:44 System Checkpoint
04-02-2014 21:11:53 System Checkpoint
06-02-2014 03:04:23 System Checkpoint
06-02-2014 07:03:59 Removed I.R.I.S. OCR
06-02-2014 07:08:26 Removed HP Officejet 4620 series Product Improvement Study
06-02-2014 07:11:03 Removed HP Update.
06-02-2014 07:11:45 Removed Skype™ 6.13
07-02-2014 08:00:36 Software Distribution Service 3.0
09-02-2014 05:42:28 System Checkpoint
10-02-2014 08:50:26 System Checkpoint
11-02-2014 23:23:49 System Checkpoint
13-02-2014 02:54:19 System Checkpoint
13-02-2014 08:01:12 Software Distribution Service 3.0
15-02-2014 05:33:36 System Checkpoint
18-02-2014 02:55:11 System Checkpoint
18-02-2014 05:35:50 Installed Achiever
19-02-2014 04:37:11 Removed Achiever
20-02-2014 04:53:35 System Checkpoint
21-02-2014 20:45:06 System Checkpoint
22-02-2014 22:21:19 System Checkpoint
23-02-2014 00:24:32 Installed Java 7 Update 51
23-02-2014 00:37:04 Pre Install Click 2 Fix restore point
23-02-2014 01:10:57 Software Distribution Service 3.0
23-02-2014 06:01:44 Software Distribution Service 3.0
24-02-2014 03:41:32 Software Distribution Service 3.0
25-02-2014 04:19:06 System Checkpoint
26-02-2014 04:54:36 System Checkpoint
28-02-2014 19:49:33 System Checkpoint
01-03-2014 23:21:00 System Checkpoint
03-03-2014 00:02:04 System Checkpoint
04-03-2014 02:44:31 System Checkpoint
05-03-2014 03:22:54 System Checkpoint
05-03-2014 18:48:36 Removed Skype™ 6.14
06-03-2014 21:14:35 System Checkpoint
07-03-2014 21:57:53 System Checkpoint
09-03-2014 01:47:24 System Checkpoint
10-03-2014 07:02:03 System Checkpoint
10-03-2014 21:15:08 Software Distribution Service 3.0
12-03-2014 01:43:49 Software Distribution Service 3.0
14-03-2014 18:44:02 System Checkpoint
16-03-2014 21:39:54 System Checkpoint
17-03-2014 23:51:10 System Checkpoint
19-03-2014 00:49:57 Software Distribution Service 3.0
20-03-2014 18:59:19 System Checkpoint
21-03-2014 19:24:05 System Checkpoint
22-03-2014 22:07:14 System Checkpoint
29-03-2014 03:46:25 Installed Camtasia Studio 8
29-03-2014 06:13:12 Removed Camtasia Studio 8
29-03-2014 06:38:58 Restore Operation
29-03-2014 06:51:15 Installed Camtasia Studio 6
29-03-2014 07:01:10 Software Distribution Service 3.0
30-03-2014 02:02:19 Software Distribution Service 3.0
31-03-2014 02:21:48 System Checkpoint

==================== Hosts content: ==========================

2002-09-03 12:34 - 2011-01-12 19:45 - 00000734 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-ANAM-RNFR3WMDD7-Dena.job => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-ANAM-RNFR3WMDD7-SHAK.job => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_MAY2013_TB_rel.job => C:\Program Files\AVG SafeGuard toolbar\AVG-Secure-Search-Update_MAY2013_TB.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-725345543-1398031866-1004Core.job => C:\Documents and Settings\Dena\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-725345543-1398031866-1004UA.job => C:\Documents and Settings\Dena\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe

==================== Loaded Modules (whitelisted) =============

2012-04-25 22:21 - 2012-02-17 20:55 - 00166912 _____ () C:\Program Files\WinRAR\rarext.dll
2002-09-03 12:53 - 2014-02-05 04:55 - 00562688 _____ () C:\WINDOWS\System32\qedit.dll
2002-09-03 12:44 - 2008-04-14 08:42 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2002-09-03 12:53 - 2013-01-02 02:49 - 01292288 _____ () C:\WINDOWS\System32\quartz.dll
2002-09-03 12:30 - 2008-04-14 08:41 - 00059904 _____ () C:\WINDOWS\System32\devenum.dll
2014-03-18 17:43 - 2014-03-18 17:44 - 03642480 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\02387577.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\83409464.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\02387577.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\83409464.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "DisplayName"="Dell"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "ErrorControl"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "ImagePath"="C:\Program Files\Dell\Click 2 Fix\srvc.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "ObjectName"="LocalSystem"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "Start"="2"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "Type"="272"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix\Parameters => "Application"="C:\Program Files\Dell\Click 2 Fix\srvc.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix\Parameters => "AppParameters"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "DisplayName"="Dell"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "ErrorControl"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "ImagePath"="C:\Program Files\Dell\Click 2 Fix+\srvc.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "ObjectName"="LocalSystem"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "Start"="2"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "Type"="272"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+\Parameters => "Application"="C:\Program Files\Dell\Click 2 Fix+\srvc.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+\Parameters => "AppParameters"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk => C:\WINDOWS\pss\Windows Search.lnkCommon Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: BCMSMMSG => BCMSMMSG.exe
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: FixCamera => C:\WINDOWS\FixCamera.exe
MSCONFIG\startupreg: HotKeysCmds => C:\WINDOWS\System32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\WINDOWS\System32\igfxtray.exe
MSCONFIG\startupreg: snp2std => C:\WINDOWS\vsnp2std.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: tsnp2std => C:\WINDOWS\tsnp2std.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/30/2014 10:57:16 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\OWNER\DESKTOP\NEW FOLDER> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/30/2014 10:57:15 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\OWNER\DESKTOP\NEW FOLDER> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/30/2014 10:57:13 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\OWNER\DESKTOP\NEW FOLDER> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/30/2014 10:57:13 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\OWNER\DESKTOP\NEW FOLDER> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/30/2014 10:57:12 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\OWNER\MY DOCUMENTS\DOWNLOADS\ADWCLEANER.EXE> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/30/2014 10:57:12 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\OWNER\MY DOCUMENTS\DOWNLOADS\ADWCLEANER.EXE> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/30/2014 10:49:45 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\OWNER\RECENT\1.4 NUCLEAR CHEMISTRY RADIOACTIVITY Q1.LNK> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/30/2014 10:49:42 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\OWNER\DESKTOP\RK_QUARANTINE\ROGUEKILLER.INI> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (03/30/2014 10:25:48 PM) (Source: Application Hang) (User: )
Description: Hanging application CamRecorder.exe, version 6.0.3.928, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/30/2014 10:25:35 PM) (Source: Application Hang) (User: )
Description: Hanging application CamRecorder.exe, version 6.0.3.928, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (03/30/2014 10:47:50 PM) (Source: Service Control Manager) (User: )
Description: The OutfoxTvService service failed to start due to the following error:
%%2

Error: (03/30/2014 02:36:36 PM) (Source: Service Control Manager) (User: )
Description: The OutfoxTvService service failed to start due to the following error:
%%2

Error: (03/30/2014 00:29:54 AM) (Source: Service Control Manager) (User: )
Description: The OutfoxTvService service failed to start due to the following error:
%%2

Error: (03/30/2014 00:28:01 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (03/30/2014 00:23:05 AM) (Source: DCOM) (User: ANAM-RNFR3WMDD7)
Description: DCOM got error "%%1084" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (03/30/2014 00:18:25 AM) (Source: DCOM) (User: ANAM-RNFR3WMDD7)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (03/30/2014 00:18:04 AM) (Source: DCOM) (User: ANAM-RNFR3WMDD7)
Description: DCOM got error "%%1084" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (03/30/2014 00:17:58 AM) (Source: DCOM) (User: ANAM-RNFR3WMDD7)
Description: DCOM got error "%%1084" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (03/30/2014 00:17:24 AM) (Source: DCOM) (User: ANAM-RNFR3WMDD7)
Description: DCOM got error "%%1084" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (03/30/2014 00:17:22 AM) (Source: DCOM) (User: ANAM-RNFR3WMDD7)
Description: DCOM got error "%%1084" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}


Microsoft Office Sessions:
=========================
Error: (03/30/2014 10:57:16 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\OWNER\DESKTOP\NEW FOLDER

Error: (03/30/2014 10:57:15 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\OWNER\DESKTOP\NEW FOLDER

Error: (03/30/2014 10:57:13 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\OWNER\DESKTOP\NEW FOLDER

Error: (03/30/2014 10:57:13 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\OWNER\DESKTOP\NEW FOLDER

Error: (03/30/2014 10:57:12 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\OWNER\MY DOCUMENTS\DOWNLOADS\ADWCLEANER.EXE

Error: (03/30/2014 10:57:12 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\OWNER\MY DOCUMENTS\DOWNLOADS\ADWCLEANER.EXE

Error: (03/30/2014 10:49:45 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\OWNER\RECENT\1.4 NUCLEAR CHEMISTRY RADIOACTIVITY Q1.LNK

Error: (03/30/2014 10:49:42 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\OWNER\DESKTOP\RK_QUARANTINE\ROGUEKILLER.INI

Error: (03/30/2014 10:25:48 PM) (Source: Application Hang)(User: )
Description: CamRecorder.exe6.0.3.928hungapp0.0.0.000000000

Error: (03/30/2014 10:25:35 PM) (Source: Application Hang)(User: )
Description: CamRecorder.exe6.0.3.928hungapp0.0.0.000000000


==================== Memory info ===========================

Percentage of memory in use: 28%
Total physical RAM: 2046 MB
Available physical RAM: 1470.68 MB
Total Pagefile: 4968.77 MB
Available Pagefile: 4573.69 MB
Total Virtual: 2047.88 MB
Available Virtual: 1958.31 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.52 GB) (Free:33.68 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 75 GB) (Disk ID: CBF3CBF3)

Partition: GPT Partition Type.

==================== End Of Log ============================

Link to post
Share on other sites

Hi MrCharlie,

 

I noticed on my registry , I had OUTFoxTv registry.. Isnt that suppose to be malware ..I also noticed when I am watching educational videos on my computer, they are lagging. Especially on Youtube. It wasnt like that before.. :(  When I am surfing the internet, its super fast though...Any clues? Thanks!! :unsure:

Link to post
Share on other sites

I noticed on my registry , I had OUTFoxTv registry.. Isnt that suppose to be malware

There may be several references to it in your registry, they won't have any effect on your system.


..I also noticed when I am watching educational videos on my computer, they are lagging. Especially on Youtube. It wasnt like that before.. :( When I am surfing the internet, its super fast though...Any clues? Thanks!! :unsure:

If you're using Chrome to watch videos, most videos will lag. I would try Internet Explorer instead.

Try this though:

1: Clear your browser cache:
https://support.google.com/chrome/answer/95582?hl=en

2: Clear you temp files with CCleaner:
Download, install and run CCleaner free to clean out temp files.
Here's a Tutorial if needed.
You may want to uncheck "cookies" and please stay away from the registry cleaner.

3: Reset home and search pages:
https://support.google.com/chrome/answer/2765944?hl=en

(you can always reset Chrome if needed)
https://support.google.com/chrome/answer/3296214?hl=en

----------------------------------------

Download the attached fixlist.txt to the same folder as FRST.
Run FRST.exe and click Fix only once and wait
The tool will create a log (Fixlog.txt) in the folder, please post it to your reply.

MrC

Link to post
Share on other sites

Dear MrCharlie,

 

My brother accidnetally downloaded SUPERAntiSpyware Program on my computer, and now My computer is lagging again, super slow and the mouse is lagging. I am so upset right now. I can't believe it.  I think it gave me malware when he downloaded it from the internet!!!!

Link to post
Share on other sites

Thank god you are Life Saver. I have check boxed Addition.txt :)

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01
Ran by Owner (administrator) on ANAM-RNFR3WMDD7 on 31-03-2014 23:01:42
Running from C:\Documents and Settings\Owner\My Documents\Downloads
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Dell) C:\Program Files\Dell\Click 2 Fix+\srvc.exe
(Dell) C:\Program Files\Dell\Click 2 Fix+\cust.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Dell) C:\Program Files\Dell\Click 2 Fix+\capp.exe
(Dell) C:\Program Files\Dell\Click 2 Fix+\cutil.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe


==================== Registry (Whitelisted) ==================

Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxsrvc.dll (Intel Corporation)
HKU\S-1-5-21-1935655697-725345543-1398031866-1003\...\Winlogon: [shell] -

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - URL http://search.conduit.com/Results.aspx?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=58&CUI=&UM=5&UP=SP16BF35BB-350F-497B-BFE0-7A2F0AFFEB29&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} http://ax.emsisoft.com/asquared.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\i8j6xi5j.default-1396147886042
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @alibaba.com/nptrademanager;version=1.0 - C:\Program Files\TradeManager\nptrademanager.dll No File
FF Plugin: @alibaba.com/npwangwang;version=1.0 - C:\Program Files\TradeManager\npwangwang.dll No File
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @alibaba.com/npAliSSOLogin;version=1.0 - C:\Program Files\TradeManager\npAliSSOLogin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nptrademanager.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwangwang.dll ( )
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-03-18]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

========================== Services (Whitelisted) =================

R2 Dell Click 2 Fix+; C:\Program Files\Dell\Click 2 Fix+\srvc.exe [94016 2014-02-03] (Dell)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)

==================== Drivers (Whitelisted) ====================

R3 BCMModem; C:\WINDOWS\System32\DRIVERS\BCMSM.sys [1101696 2003-08-29] (Broadcom Corporation)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 CVirtA; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [30976 2013-11-07] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 NuidFltr; C:\WINDOWS\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
S3 SNP2STD; C:\WINDOWS\System32\DRIVERS\snp2sxp.sys [10305280 2006-06-07] ()
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
R3 {6080A529-897E-4629-A488-ABA0C29B635E}; C:\WINDOWS\System32\drivers\ialmsbw.sys [113504 2003-04-15] (Intel Corporation)
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}; C:\WINDOWS\System32\drivers\ialmkchw.sys [78752 2003-04-15] (Intel Corporation)
U0 PROCMON23; System32\Drivers\PROCMON23.SYS [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-31 22:18 - 2014-03-31 22:19 - 00003392 _____ () C:\Documents and Settings\Owner\Desktop\Rkill.txt
2014-03-31 22:13 - 2014-03-31 22:13 - 00000730 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2014-03-31 22:13 - 2014-03-31 22:13 - 00000724 _____ () C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2014-03-31 22:13 - 2014-03-31 22:13 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-31 20:41 - 2014-03-31 20:43 - 00000051 _____ () C:\Documents and Settings\Owner\Desktop\faisal.txt
2014-03-31 18:46 - 2014-03-31 18:46 - 00681062 _____ () C:\Documents and Settings\Owner\Desktop\bookmarks.html
2014-03-31 18:44 - 2014-03-31 18:44 - 00001644 _____ () C:\Documents and Settings\All Users\Desktop\Dell Click 2 Fix+.lnk
2014-03-31 18:44 - 2014-03-31 18:44 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Dell Click 2 Fix+
2014-03-31 18:43 - 2014-03-31 18:43 - 01006776 _____ (Dell ) C:\Documents and Settings\Owner\Desktop\DellClick2Fix+_DownloadManager_V1.0.0.5-7811e890c1c5a4013dd1f7708d2471ab.exe
2014-03-31 18:06 - 2014-03-31 18:07 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-03-31 17:21 - 2014-03-31 17:21 - 00000016 _____ () C:\Documents and Settings\Owner\Desktop\lol.txt
2014-03-31 17:20 - 2014-03-31 17:20 - 00000803 _____ () C:\Documents and Settings\Owner\Start Menu\Programs\Internet Explorer.lnk
2014-03-31 16:58 - 2014-03-31 16:58 - 00030329 _____ () C:\WINDOWS\KB940157Uninst.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00006182 _____ () C:\WINDOWS\FaxSetup.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00002956 _____ () C:\WINDOWS\ocgen.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00002359 _____ () C:\WINDOWS\tsoc.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00002052 _____ () C:\WINDOWS\comsetup.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00001361 _____ () C:\WINDOWS\setupapi.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00001248 _____ () C:\WINDOWS\ntdtcsetup.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00000971 _____ () C:\WINDOWS\iis6.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00000342 _____ () C:\WINDOWS\ocmsn.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00000309 _____ () C:\WINDOWS\msgsocm.log
2014-03-31 14:38 - 2014-03-31 16:06 - 00000120 _____ () C:\WINDOWS\setupact.log
2014-03-31 14:38 - 2014-03-31 14:38 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-03-30 23:23 - 2014-03-30 23:23 - 00000666 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\CourseSaver.lnk
2014-03-30 23:23 - 2014-03-30 23:23 - 00000660 _____ () C:\Documents and Settings\All Users\Desktop\CourseSaver.lnk
2014-03-30 23:23 - 2014-03-30 23:23 - 00000000 ____D () C:\Program Files\CourseSaver
2014-03-30 23:12 - 2014-03-31 23:01 - 00000000 ____D () C:\FRST
2014-03-30 15:07 - 2014-03-30 15:07 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 13 Reading Comprehension 2 & Strategy 2
2014-03-30 15:06 - 2014-03-30 15:07 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 12 Schedule Your Organic Chemistry 2 Flex
2014-03-30 15:06 - 2014-03-30 15:07 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 11 General Chemistry 2
2014-03-30 15:06 - 2014-03-30 15:07 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 10 Quantitative Reasoning 2
2014-03-30 15:05 - 2014-03-30 15:05 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 9 Schedule Your Perceptual Ability 2 Flex
2014-03-30 15:04 - 2014-03-30 15:07 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 6 Schedule Your Organic Chemistry 1 Flex
2014-03-30 15:04 - 2014-03-30 15:04 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 7 Full Length 1 - Take at Home
2014-03-30 15:03 - 2014-03-30 15:05 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 8 Biology 2
2014-03-30 15:00 - 2014-03-30 15:02 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 5 General Chemistry 1
2014-03-30 14:58 - 2014-03-30 15:00 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 4 Quantitative Reasoning 1
2014-03-30 14:56 - 2014-03-30 14:57 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 3 Schedule Your Perceptual Ability 1 Flex
2014-03-30 14:49 - 2014-03-31 14:11 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 2 Biology 1
2014-03-30 14:44 - 2014-03-30 14:53 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 1 Strategy 1 & Reading Comprehension 1
2014-03-29 17:20 - 2014-03-29 22:54 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\General Chemistry Quizzes
2014-03-29 02:53 - 2014-03-29 02:53 - 00000000 ____D () C:\WINDOWS\system32\QuickTime
2014-03-29 02:52 - 2014-03-29 02:52 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Camtasia Studio 6
2014-03-29 02:51 - 2014-03-29 02:51 - 00000000 ____D () C:\Program Files\TechSmith
2014-03-29 02:51 - 2014-03-29 02:51 - 00000000 ____D () C:\Program Files\Common Files\TechSmith Shared
2014-03-29 01:49 - 2014-03-29 01:49 - 00000096 _____ () C:\Documents and Settings\Owner\Application Data\version2.xml
2014-03-29 01:43 - 2014-03-29 01:43 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CheckPoint
2014-03-29 00:01 - 2014-03-29 00:01 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\TechSmith
2014-03-29 00:00 - 2014-03-29 02:58 - 00000000 ____D () C:\Documents and Settings\Owner\My Documents\Camtasia Studio
2014-03-28 23:46 - 2014-03-29 02:35 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\TechSmith
2014-03-21 02:12 - 2014-03-21 02:12 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\Windows Search
2014-03-19 00:37 - 2014-03-31 22:47 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-03-19 00:37 - 2014-03-19 13:07 - 00000216 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-03-18 20:56 - 2014-03-18 20:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-03-18 17:43 - 2014-03-31 22:13 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-18 15:31 - 2014-02-25 21:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-03-18 15:31 - 2014-02-25 21:59 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-03-11 21:44 - 2014-03-11 21:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-11 21:44 - 2014-03-11 21:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-09 19:16 - 2014-03-09 19:16 - 00000129 _____ () C:\Shortcut to 3½ Floppy (A).lnk

==================== One Month Modified Files and Folders =======

2014-03-31 23:01 - 2014-03-30 23:12 - 00000000 ____D () C:\FRST
2014-03-31 23:00 - 2011-10-06 21:12 - 01807447 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-31 22:47 - 2014-03-19 00:37 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-03-31 22:47 - 2013-05-25 16:00 - 00000340 _____ () C:\WINDOWS\Tasks\AVG-Secure-Search-Update_MAY2013_TB_rel.job
2014-03-31 22:47 - 2011-10-05 20:12 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-31 22:47 - 2011-10-05 20:12 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-03-31 22:46 - 2011-10-06 17:27 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-31 22:45 - 2011-10-06 17:29 - 00032320 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-31 22:45 - 2011-10-06 17:29 - 00000278 ___SH () C:\Documents and Settings\Owner\ntuser.ini
2014-03-31 22:38 - 2012-10-11 00:22 - 00000974 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-725345543-1398031866-1004UA.job
2014-03-31 22:21 - 2011-10-06 17:29 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-03-31 22:19 - 2014-03-31 22:18 - 00003392 _____ () C:\Documents and Settings\Owner\Desktop\Rkill.txt
2014-03-31 22:13 - 2014-03-31 22:13 - 00000730 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2014-03-31 22:13 - 2014-03-31 22:13 - 00000724 _____ () C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2014-03-31 22:13 - 2014-03-31 22:13 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-31 22:13 - 2014-03-18 17:43 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-31 20:43 - 2014-03-31 20:41 - 00000051 _____ () C:\Documents and Settings\Owner\Desktop\faisal.txt
2014-03-31 18:52 - 2014-02-22 20:59 - 00023392 _____ () C:\WINDOWS\system32\nscompat.tlb
2014-03-31 18:52 - 2014-02-22 20:59 - 00016832 _____ () C:\WINDOWS\system32\amcompat.tlb
2014-03-31 18:46 - 2014-03-31 18:46 - 00681062 _____ () C:\Documents and Settings\Owner\Desktop\bookmarks.html
2014-03-31 18:44 - 2014-03-31 18:44 - 00001644 _____ () C:\Documents and Settings\All Users\Desktop\Dell Click 2 Fix+.lnk
2014-03-31 18:44 - 2014-03-31 18:44 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Dell Click 2 Fix+
2014-03-31 18:43 - 2014-03-31 18:43 - 01006776 _____ (Dell ) C:\Documents and Settings\Owner\Desktop\DellClick2Fix+_DownloadManager_V1.0.0.5-7811e890c1c5a4013dd1f7708d2471ab.exe
2014-03-31 18:38 - 2012-10-11 00:22 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-725345543-1398031866-1004Core.job
2014-03-31 18:16 - 2011-10-05 20:08 - 00000210 ___SH () C:\boot.ini
2014-03-31 18:16 - 2002-09-03 13:11 - 00000884 _____ () C:\WINDOWS\win.ini
2014-03-31 18:16 - 2002-09-03 13:06 - 00000227 _____ () C:\WINDOWS\system.ini
2014-03-31 18:10 - 2013-10-29 11:17 - 00000000 ____D () C:\Program Files\Dell
2014-03-31 18:07 - 2014-03-31 18:06 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-03-31 17:21 - 2014-03-31 17:21 - 00000016 _____ () C:\Documents and Settings\Owner\Desktop\lol.txt
2014-03-31 17:20 - 2014-03-31 17:20 - 00000803 _____ () C:\Documents and Settings\Owner\Start Menu\Programs\Internet Explorer.lnk
2014-03-31 17:20 - 2011-10-08 03:50 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Application Data\Google
2014-03-31 17:20 - 2011-10-08 03:49 - 00000000 ____D () C:\Program Files\Google
2014-03-31 16:58 - 2014-03-31 16:58 - 00030329 _____ () C:\WINDOWS\KB940157Uninst.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00006182 _____ () C:\WINDOWS\FaxSetup.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00002956 _____ () C:\WINDOWS\ocgen.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00002359 _____ () C:\WINDOWS\tsoc.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00002052 _____ () C:\WINDOWS\comsetup.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00001361 _____ () C:\WINDOWS\setupapi.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00001248 _____ () C:\WINDOWS\ntdtcsetup.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00000971 _____ () C:\WINDOWS\iis6.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00000342 _____ () C:\WINDOWS\ocmsn.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00000309 _____ () C:\WINDOWS\msgsocm.log
2014-03-31 16:58 - 2014-02-22 21:14 - 00000000 ____D () C:\Program Files\Windows Desktop Search
2014-03-31 16:06 - 2014-03-31 14:38 - 00000120 _____ () C:\WINDOWS\setupact.log
2014-03-31 14:38 - 2014-03-31 14:38 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-03-31 14:33 - 2012-02-22 00:31 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-03-31 14:20 - 2011-10-06 17:29 - 00000000 ____D () C:\Documents and Settings\Owner
2014-03-31 14:11 - 2014-03-30 14:49 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 2 Biology 1
2014-03-31 02:00 - 2012-11-29 10:26 - 00000340 _____ () C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-ANAM-RNFR3WMDD7-Dena.job
2014-03-31 02:00 - 2012-11-21 02:21 - 00000340 _____ () C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-ANAM-RNFR3WMDD7-SHAK.job
2014-03-31 01:14 - 2012-07-08 21:56 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\white
2014-03-31 00:48 - 2011-10-06 15:45 - 00215552 _____ () C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-30 23:23 - 2014-03-30 23:23 - 00000666 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\CourseSaver.lnk
2014-03-30 23:23 - 2014-03-30 23:23 - 00000660 _____ () C:\Documents and Settings\All Users\Desktop\CourseSaver.lnk
2014-03-30 23:23 - 2014-03-30 23:23 - 00000000 ____D () C:\Program Files\CourseSaver
2014-03-30 15:07 - 2014-03-30 15:07 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 13 Reading Comprehension 2 & Strategy 2
2014-03-30 15:07 - 2014-03-30 15:06 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 12 Schedule Your Organic Chemistry 2 Flex
2014-03-30 15:07 - 2014-03-30 15:06 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 11 General Chemistry 2
2014-03-30 15:07 - 2014-03-30 15:06 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 10 Quantitative Reasoning 2
2014-03-30 15:07 - 2014-03-30 15:04 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 6 Schedule Your Organic Chemistry 1 Flex
2014-03-30 15:05 - 2014-03-30 15:05 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 9 Schedule Your Perceptual Ability 2 Flex
2014-03-30 15:05 - 2014-03-30 15:03 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 8 Biology 2
2014-03-30 15:04 - 2014-03-30 15:04 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 7 Full Length 1 - Take at Home
2014-03-30 15:02 - 2014-03-30 15:00 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 5 General Chemistry 1
2014-03-30 15:00 - 2014-03-30 14:58 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 4 Quantitative Reasoning 1
2014-03-30 14:57 - 2014-03-30 14:56 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 3 Schedule Your Perceptual Ability 1 Flex
2014-03-30 14:53 - 2014-03-30 14:44 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 1 Strategy 1 & Reading Comprehension 1
2014-03-29 23:12 - 2013-04-10 17:58 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-03-29 22:54 - 2014-03-29 17:20 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\General Chemistry Quizzes
2014-03-29 21:44 - 2011-10-06 21:21 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\Macromedia
2014-03-29 18:52 - 2013-10-29 12:01 - 00001552 _____ () C:\Documents and Settings\Owner\Desktop\Dell TEch.txt
2014-03-29 14:12 - 2002-09-03 13:14 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-03-29 02:58 - 2014-03-29 00:00 - 00000000 ____D () C:\Documents and Settings\Owner\My Documents\Camtasia Studio
2014-03-29 02:53 - 2014-03-29 02:53 - 00000000 ____D () C:\WINDOWS\system32\QuickTime
2014-03-29 02:52 - 2014-03-29 02:52 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Camtasia Studio 6
2014-03-29 02:51 - 2014-03-29 02:51 - 00000000 ____D () C:\Program Files\TechSmith
2014-03-29 02:51 - 2014-03-29 02:51 - 00000000 ____D () C:\Program Files\Common Files\TechSmith Shared
2014-03-29 02:35 - 2014-03-28 23:46 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\TechSmith
2014-03-29 01:54 - 2013-04-09 22:49 - 00004534 _____ () C:\Documents and Settings\Owner\Application Data\CamStudio.cfg
2014-03-29 01:54 - 2013-04-09 22:46 - 00000408 _____ () C:\Documents and Settings\Owner\Application Data\CamShapes.ini
2014-03-29 01:54 - 2013-04-09 22:46 - 00000408 _____ () C:\Documents and Settings\Owner\Application Data\CamLayout.ini
2014-03-29 01:54 - 2013-04-09 22:46 - 00000120 _____ () C:\Documents and Settings\Owner\Application Data\Camdata.ini
2014-03-29 01:52 - 2013-04-09 22:42 - 00000000 ____D () C:\Program Files\CamStudio 2.7
2014-03-29 01:49 - 2014-03-29 01:49 - 00000096 _____ () C:\Documents and Settings\Owner\Application Data\version2.xml
2014-03-29 01:43 - 2014-03-29 01:43 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CheckPoint
2014-03-29 00:47 - 2013-04-11 03:28 - 00494206 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1935655697-725345543-1398031866-1003-0.dat
2014-03-29 00:47 - 2013-04-11 03:28 - 00214414 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-03-29 00:44 - 2013-02-28 05:15 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Shoes for ash
2014-03-29 00:01 - 2014-03-29 00:01 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\TechSmith
2014-03-28 23:37 - 2011-10-05 20:10 - 00007042 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-23 22:16 - 2012-11-11 19:16 - 00000309 _____ () C:\Documents and Settings\Owner\Application Data\com.crackdat.crackdatsuite.xml
2014-03-23 22:16 - 2012-11-11 19:15 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\Crack the DAT
2014-03-22 18:47 - 2013-04-15 18:12 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\DAT
2014-03-21 17:12 - 2012-09-18 20:07 - 00000178 ___SH () C:\Documents and Settings\SHAK\ntuser.ini
2014-03-21 02:12 - 2014-03-21 02:12 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\Windows Search
2014-03-20 01:38 - 2013-10-02 16:06 - 00000269 _____ () C:\Documents and Settings\Owner\Desktop\fax to chase.txt
2014-03-19 13:07 - 2014-03-19 00:37 - 00000216 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-03-18 20:56 - 2014-03-18 20:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-03-18 20:55 - 2013-07-13 03:01 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-18 20:51 - 2012-09-07 19:31 - 87350280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-16 23:24 - 2013-01-01 02:23 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Puters
2014-03-16 23:22 - 2013-05-22 14:45 - 00000365 _____ () C:\Documents and Settings\Owner\Desktop\LOL999.txt
2014-03-16 23:18 - 2012-03-04 04:36 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Misc
2014-03-16 16:11 - 2013-09-28 20:05 - 00001269 _____ () C:\Documents and Settings\Owner\Desktop\cool.txt
2014-03-16 16:08 - 2013-03-18 19:51 - 00001785 _____ () C:\Documents and Settings\Owner\Desktop\BOUGHT!.txt
2014-03-12 22:58 - 2013-03-20 02:39 - 03444184 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-11 21:45 - 2012-03-05 23:16 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-03-11 21:44 - 2014-03-11 21:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-11 21:44 - 2014-03-11 21:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-11 21:29 - 2011-10-11 22:01 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
2014-03-11 21:28 - 2011-10-10 01:43 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-03-10 16:51 - 2012-09-18 20:07 - 00000000 ____D () C:\Documents and Settings\SHAK\Application Data\Macromedia
2014-03-09 19:16 - 2014-03-09 19:16 - 00000129 _____ () C:\Shortcut to 3½ Floppy (A).lnk
2014-03-07 00:46 - 2012-02-15 23:07 - 00002479 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Word.lnk
2014-03-06 00:55 - 2013-08-07 17:38 - 00001544 _____ () C:\Documents and Settings\Owner\Desktop\Salonnnn.txt
2014-03-05 15:23 - 2012-01-26 06:01 - 00000132 _____ () C:\Documents and Settings\Owner\Application Data\Adobe PNG Format CS5 Prefs
2014-03-05 14:47 - 2011-10-08 03:47 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Skype
2014-03-05 13:40 - 2011-10-08 03:47 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\Skype

Files to move or delete:
====================
C:\Documents and Settings\Owner\Application Data\CamLayout.ini
C:\Documents and Settings\Owner\Application Data\CamShapes.ini


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

 

 

Addition LOG

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014  01
Ran by Owner at 2014-03-31 23:03:07
Running from C:\Documents and Settings\Owner\My Documents\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================


==================== Installed Programs ======================

Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.6.0.6090 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.3.300.265 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
B57Inst (Version: 3.40 - Broadcom) Hidden
BCM V.92 56K Modem (HKLM\...\BCM V.92 56K Modem) (Version:  - )
Broadcom Driver Installer (HKLM\...\InstallShield_{BE6890C7-31EF-478C-812E-1E2899ABFCA9}) (Version: 3.40 - Broadcom)
Camtasia Studio 6 (HKLM\...\{A589DA26-51BD-475D-8C32-E19E34145842}) (Version: 6.0.3 - TechSmith Corporation)
Course Saver Desktop (HKLM\...\com.coursesaver.desktop) (Version: 2.1.18 - UNKNOWN)
Course Saver Desktop (Version: 2.1.18 - UNKNOWN) Hidden
Crack the DAT 2013-2014 (HKLM\...\Crack the DAT) (Version: 2013-2014 - Crack Exam Preparation Software)
Crack the DAT 5.0.26 (HKLM\...\{DCE61563-DA83-47CD-B6E6-D25BEC21B301}_is1) (Version:  - Crack DAT)
Dell Click 2 Fix+ (HKLM\...\Dell Click 2 Fix+_is1) (Version: 2.004.032.2546.03 - Dell)
Dell ResourceCD (HKLM\...\{D78653C3-A8FF-415F-92E6-D774E634FF2D}) (Version:  - )
Google Talk Plugin (HKLM\...\{43D16DA8-BF42-3C62-89D3-3AD47829DC2E}) (Version: 3.10.2.10212 - Google)
Intel® Extreme Graphics Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version:  - )
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Office 2000 Professional (HKLM\...\{00010409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 28.0 (x86 en-US) (HKLM\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version:  - )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Windows XP (KB2492386) (HKLM\...\KB2492386) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
USB2.0 PC Camera (SN9C201&202) (HKLM\...\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}) (Version: 5.7.3.102 - )
WebFldrs XP (Version: 9.50.6513 - Microsoft Corporation) Hidden
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version:  - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
WinRAR 4.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)

==================== Restore Points  =========================

14-01-2014 17:49:57 System Checkpoint
15-01-2014 05:54:45 Software Distribution Service 3.0
16-01-2014 07:09:59 Software Distribution Service 3.0
17-01-2014 21:17:33 System Checkpoint
18-01-2014 22:58:06 System Checkpoint
20-01-2014 01:13:57 System Checkpoint
21-01-2014 06:25:08 System Checkpoint
22-01-2014 06:26:14 System Checkpoint
24-01-2014 20:28:07 System Checkpoint
26-01-2014 01:13:14 System Checkpoint
27-01-2014 01:44:57 System Checkpoint
28-01-2014 15:21:36 System Checkpoint
29-01-2014 22:51:49 System Checkpoint
31-01-2014 01:33:13 System Checkpoint
01-02-2014 01:42:05 System Checkpoint
02-02-2014 01:38:00 Removed Bing Bar
02-02-2014 01:41:29 Removed HP Officejet 4620 series Basic Device Software
02-02-2014 01:47:27 Removed HP Officejet 4620 series Help
03-02-2014 02:40:44 System Checkpoint
04-02-2014 21:11:53 System Checkpoint
06-02-2014 03:04:23 System Checkpoint
06-02-2014 07:03:59 Removed I.R.I.S. OCR
06-02-2014 07:08:26 Removed HP Officejet 4620 series Product Improvement Study
06-02-2014 07:11:03 Removed HP Update.
06-02-2014 07:11:45 Removed Skype™ 6.13
07-02-2014 08:00:36 Software Distribution Service 3.0
09-02-2014 05:42:28 System Checkpoint
10-02-2014 08:50:26 System Checkpoint
11-02-2014 23:23:49 System Checkpoint
13-02-2014 02:54:19 System Checkpoint
13-02-2014 08:01:12 Software Distribution Service 3.0
15-02-2014 05:33:36 System Checkpoint
18-02-2014 02:55:11 System Checkpoint
18-02-2014 05:35:50 Installed Achiever
19-02-2014 04:37:11 Removed Achiever
20-02-2014 04:53:35 System Checkpoint
21-02-2014 20:45:06 System Checkpoint
22-02-2014 22:21:19 System Checkpoint
23-02-2014 00:24:32 Installed Java 7 Update 51
23-02-2014 00:37:04 Pre Install Click 2 Fix restore point
23-02-2014 01:10:57 Software Distribution Service 3.0
23-02-2014 06:01:44 Software Distribution Service 3.0
24-02-2014 03:41:32 Software Distribution Service 3.0
25-02-2014 04:19:06 System Checkpoint
26-02-2014 04:54:36 System Checkpoint
28-02-2014 19:49:33 System Checkpoint
01-03-2014 23:21:00 System Checkpoint
03-03-2014 00:02:04 System Checkpoint
04-03-2014 02:44:31 System Checkpoint
05-03-2014 03:22:54 System Checkpoint
05-03-2014 18:48:36 Removed Skype™ 6.14
06-03-2014 21:14:35 System Checkpoint
07-03-2014 21:57:53 System Checkpoint
09-03-2014 01:47:24 System Checkpoint
10-03-2014 07:02:03 System Checkpoint
10-03-2014 21:15:08 Software Distribution Service 3.0
12-03-2014 01:43:49 Software Distribution Service 3.0
14-03-2014 18:44:02 System Checkpoint
16-03-2014 21:39:54 System Checkpoint
17-03-2014 23:51:10 System Checkpoint
19-03-2014 00:49:57 Software Distribution Service 3.0
20-03-2014 18:59:19 System Checkpoint
21-03-2014 19:24:05 System Checkpoint
22-03-2014 22:07:14 System Checkpoint
29-03-2014 03:46:25 Installed Camtasia Studio 8
29-03-2014 06:13:12 Removed Camtasia Studio 8
29-03-2014 06:38:58 Restore Operation
29-03-2014 06:51:15 Installed Camtasia Studio 6
29-03-2014 07:01:10 Software Distribution Service 3.0
30-03-2014 02:02:19 Software Distribution Service 3.0
31-03-2014 02:21:48 System Checkpoint
31-03-2014 20:19:53 Pre Install Click 2 Fix restore point
31-03-2014 22:11:12 Pre Install Click 2 Fix+ restore point
31-03-2014 22:44:06 Pre Install Click 2 Fix+ restore point
01-04-2014 02:34:09 Dell Click 2 Fix+ restore point

==================== Hosts content: ==========================

2002-09-03 12:34 - 2011-01-12 18:45 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-ANAM-RNFR3WMDD7-Dena.job => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-ANAM-RNFR3WMDD7-SHAK.job => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_MAY2013_TB_rel.job => C:\Program Files\AVG SafeGuard toolbar\AVG-Secure-Search-Update_MAY2013_TB.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-725345543-1398031866-1004Core.job => C:\Documents and Settings\Dena\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-725345543-1398031866-1004UA.job => C:\Documents and Settings\Dena\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe

==================== Loaded Modules (whitelisted) =============

2014-03-31 18:44 - 2014-02-03 23:33 - 00166216 _____ () C:\Program Files\Dell\Click 2 Fix+\SSLEAY32.DLL
2014-03-31 18:44 - 2014-02-03 23:29 - 00833856 _____ () C:\Program Files\Dell\Click 2 Fix+\LIBEAY32.dll
2014-03-31 18:44 - 2014-02-03 23:32 - 00579576 _____ () C:\Program Files\Dell\Click 2 Fix+\sqlite3.dll
2014-03-31 18:44 - 2014-02-03 23:30 - 00018240 _____ () C:\Program Files\Dell\Click 2 Fix+\node.dll
2014-03-31 22:13 - 2014-03-15 04:40 - 03642480 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-08-19 23:01 - 2013-08-19 23:01 - 16166280 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\02387577.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\83409464.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\02387577.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\83409464.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "DisplayName"="Dell"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "ErrorControl"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "ImagePath"="C:\Program Files\Dell\Click 2 Fix\srvc.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "ObjectName"="LocalSystem"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "Start"="2"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "Type"="272"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix\Parameters => "Application"="C:\Program Files\Dell\Click 2 Fix\srvc.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix\Parameters => "AppParameters"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "DisplayName"="Dell"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "ErrorControl"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "ImagePath"="C:\Program Files\Dell\Click 2 Fix+\srvc.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "ObjectName"="LocalSystem"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "Start"="2"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "Type"="272"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+\Parameters => "Application"="C:\Program Files\Dell\Click 2 Fix+\srvc.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+\Parameters => "AppParameters"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk => C:\WINDOWS\pss\Windows Search.lnkCommon Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: BCMSMMSG => BCMSMMSG.exe
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: FixCamera => C:\WINDOWS\FixCamera.exe
MSCONFIG\startupreg: HotKeysCmds => C:\WINDOWS\System32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\WINDOWS\System32\igfxtray.exe
MSCONFIG\startupreg: snp2std => C:\WINDOWS\vsnp2std.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: tsnp2std => C:\WINDOWS\tsnp2std.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/31/2014 04:58:25 PM) (Source: LoadPerf) (User: )
Description: Unloading the performance counter strings for service wsearchidxpi (wsearchidxpi) failed. The
Error code is the first DWORD in Data section.

Error: (03/31/2014 04:58:25 PM) (Source: LoadPerf) (User: )
Description: The performance strings in the Performance registry value is corrupted when
process Performance extension counter provider. BaseIndex value from Performance
registry is the first DWORD in Data section, LastCounter value is the second
DWORD in Data section, and LastHelp value is the third DWORD in Data section.

Error: (03/31/2014 04:58:25 PM) (Source: LoadPerf) (User: )
Description: Unloading the performance counter strings for service UGTHRSVC (UGTHRSVC) failed. The
Error code is the first DWORD in Data section.

Error: (03/31/2014 04:58:25 PM) (Source: LoadPerf) (User: )
Description: The performance strings in the Performance registry value is corrupted when
process Performance extension counter provider. BaseIndex value from Performance
registry is the first DWORD in Data section, LastCounter value is the second
DWORD in Data section, and LastHelp value is the third DWORD in Data section.

Error: (03/31/2014 04:58:25 PM) (Source: LoadPerf) (User: )
Description: Unloading the performance counter strings for service UGatherer (UGatherer) failed. The
Error code is the first DWORD in Data section.

Error: (03/31/2014 04:58:25 PM) (Source: LoadPerf) (User: )
Description: The performance strings in the Performance registry value is corrupted when
process Performance extension counter provider. BaseIndex value from Performance
registry is the first DWORD in Data section, LastCounter value is the second
DWORD in Data section, and LastHelp value is the third DWORD in Data section.

Error: (03/31/2014 04:35:38 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Fix it 50226 -- This Microsoft Fix it does not apply because the computer requires a Microsoft download or Microsoft Update.

Error: (03/31/2014 03:39:22 PM) (Source: Windows Search Service) (User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\OWNER\RECENT\3.3 GAS Q1.LNK

Error: (03/31/2014 03:39:22 PM) (Source: Windows Search Service) (User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\OWNER\RECENT\3.3 GAS Q1.LNK

Error: (03/31/2014 02:36:03 PM) (Source: Application Hang) (User: )
Description: Fault bucket 1432846009.


System errors:
=============
Error: (03/31/2014 10:34:23 PM) (Source: SideBySide) (User: )
Description: Generate Activation Context failed for C:\DOCUME~1\Owner\LOCALS~1\Temp\is-05DLU.tmp\Screen_resolution.dll.
Reference error message: The operation completed successfully.
.

Error: (03/31/2014 10:34:23 PM) (Source: SideBySide) (User: )
Description: Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT.
Reference error message: The referenced assembly is not installed on your system.
.

Error: (03/31/2014 10:34:23 PM) (Source: SideBySide) (User: )
Description: Dependent Assembly Microsoft.VC90.DebugCRT could not be found and Last Error was The referenced assembly is not installed on your system.

Error: (03/31/2014 10:34:23 PM) (Source: SideBySide) (User: )
Description: Generate Activation Context failed for C:\DOCUME~1\Owner\LOCALS~1\Temp\is-05DLU.tmp\Screen_resolution.dll.
Reference error message: The operation completed successfully.
.

Error: (03/31/2014 10:34:23 PM) (Source: SideBySide) (User: )
Description: Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT.
Reference error message: The referenced assembly is not installed on your system.
.

Error: (03/31/2014 10:34:23 PM) (Source: SideBySide) (User: )
Description: Dependent Assembly Microsoft.VC90.DebugCRT could not be found and Last Error was The referenced assembly is not installed on your system.

Error: (03/31/2014 10:25:02 PM) (Source: SideBySide) (User: )
Description: Generate Activation Context failed for C:\DOCUME~1\Owner\LOCALS~1\Temp\is-C9NBA.tmp\Screen_resolution.dll.
Reference error message: The operation completed successfully.
.

Error: (03/31/2014 10:25:02 PM) (Source: SideBySide) (User: )
Description: Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT.
Reference error message: The referenced assembly is not installed on your system.
.

Error: (03/31/2014 10:25:02 PM) (Source: SideBySide) (User: )
Description: Dependent Assembly Microsoft.VC90.DebugCRT could not be found and Last Error was The referenced assembly is not installed on your system.

Error: (03/31/2014 10:25:02 PM) (Source: SideBySide) (User: )
Description: Generate Activation Context failed for C:\DOCUME~1\Owner\LOCALS~1\Temp\is-C9NBA.tmp\Screen_resolution.dll.
Reference error message: The operation completed successfully.
.


Microsoft Office Sessions:
=========================
Error: (03/31/2014 04:58:25 PM) (Source: LoadPerf)(User: )
Description: wsearchidxpiwsearchidxpi

Error: (03/31/2014 04:58:25 PM) (Source: LoadPerf)(User: )
Description: Performance

Error: (03/31/2014 04:58:25 PM) (Source: LoadPerf)(User: )
Description: UGTHRSVCUGTHRSVC

Error: (03/31/2014 04:58:25 PM) (Source: LoadPerf)(User: )
Description: Performance

Error: (03/31/2014 04:58:25 PM) (Source: LoadPerf)(User: )
Description: UGathererUGatherer

Error: (03/31/2014 04:58:25 PM) (Source: LoadPerf)(User: )
Description: Performance

Error: (03/31/2014 04:35:38 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Microsoft Fix it 50226 -- This Microsoft Fix it does not apply because the computer requires a Microsoft download or Microsoft Update.(NULL)(NULL)(NULL)

Error: (03/31/2014 03:39:22 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\OWNER\RECENT\3.3 GAS Q1.LNK

Error: (03/31/2014 03:39:22 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\OWNER\RECENT\3.3 GAS Q1.LNK

Error: (03/31/2014 02:36:03 PM) (Source: Application Hang)(User: )
Description: 1432846009


==================== Memory info ===========================

Percentage of memory in use: 27%
Total physical RAM: 2046 MB
Available physical RAM: 1481.77 MB
Total Pagefile: 4968.77 MB
Available Pagefile: 4592.5 MB
Total Virtual: 2047.88 MB
Available Virtual: 1950.11 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.52 GB) (Free:34.04 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 75 GB) (Disk ID: CBF3CBF3)

Partition: GPT Partition Type.

==================== End Of Log ============================

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01
Ran by Owner (administrator) on ANAM-RNFR3WMDD7 on 31-03-2014 23:12:42
Running from C:\Documents and Settings\Owner\My Documents\Downloads
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Dell) C:\Program Files\Dell\Click 2 Fix+\srvc.exe
(Dell) C:\Program Files\Dell\Click 2 Fix+\cust.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Dell) C:\Program Files\Dell\Click 2 Fix+\capp.exe
(Dell) C:\Program Files\Dell\Click 2 Fix+\cutil.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe


==================== Registry (Whitelisted) ==================

Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxsrvc.dll (Intel Corporation)
HKU\S-1-5-21-1935655697-725345543-1398031866-1003\...\Winlogon: [shell] -

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - URL http://search.conduit.com/Results.aspx?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=58&CUI=&UM=5&UP=SP16BF35BB-350F-497B-BFE0-7A2F0AFFEB29&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} http://ax.emsisoft.com/asquared.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\i8j6xi5j.default-1396147886042
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @alibaba.com/nptrademanager;version=1.0 - C:\Program Files\TradeManager\nptrademanager.dll No File
FF Plugin: @alibaba.com/npwangwang;version=1.0 - C:\Program Files\TradeManager\npwangwang.dll No File
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @alibaba.com/npAliSSOLogin;version=1.0 - C:\Program Files\TradeManager\npAliSSOLogin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nptrademanager.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwangwang.dll ( )
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-03-18]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

========================== Services (Whitelisted) =================

R2 Dell Click 2 Fix+; C:\Program Files\Dell\Click 2 Fix+\srvc.exe [94016 2014-02-03] (Dell)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)

==================== Drivers (Whitelisted) ====================

R3 BCMModem; C:\WINDOWS\System32\DRIVERS\BCMSM.sys [1101696 2003-08-29] (Broadcom Corporation)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 CVirtA; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [30976 2013-11-07] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 NuidFltr; C:\WINDOWS\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
S3 SNP2STD; C:\WINDOWS\System32\DRIVERS\snp2sxp.sys [10305280 2006-06-07] ()
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
R3 {6080A529-897E-4629-A488-ABA0C29B635E}; C:\WINDOWS\System32\drivers\ialmsbw.sys [113504 2003-04-15] (Intel Corporation)
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}; C:\WINDOWS\System32\drivers\ialmkchw.sys [78752 2003-04-15] (Intel Corporation)
U0 PROCMON23; System32\Drivers\PROCMON23.SYS [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-31 22:18 - 2014-03-31 22:19 - 00003392 _____ () C:\Documents and Settings\Owner\Desktop\Rkill.txt
2014-03-31 22:13 - 2014-03-31 22:13 - 00000730 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2014-03-31 22:13 - 2014-03-31 22:13 - 00000724 _____ () C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2014-03-31 22:13 - 2014-03-31 22:13 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-31 20:41 - 2014-03-31 20:43 - 00000051 _____ () C:\Documents and Settings\Owner\Desktop\faisal.txt
2014-03-31 18:46 - 2014-03-31 18:46 - 00681062 _____ () C:\Documents and Settings\Owner\Desktop\bookmarks.html
2014-03-31 18:44 - 2014-03-31 18:44 - 00001644 _____ () C:\Documents and Settings\All Users\Desktop\Dell Click 2 Fix+.lnk
2014-03-31 18:44 - 2014-03-31 18:44 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Dell Click 2 Fix+
2014-03-31 18:43 - 2014-03-31 18:43 - 01006776 _____ (Dell ) C:\Documents and Settings\Owner\Desktop\DellClick2Fix+_DownloadManager_V1.0.0.5-7811e890c1c5a4013dd1f7708d2471ab.exe
2014-03-31 18:06 - 2014-03-31 18:07 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-03-31 17:21 - 2014-03-31 17:21 - 00000016 _____ () C:\Documents and Settings\Owner\Desktop\lol.txt
2014-03-31 17:20 - 2014-03-31 17:20 - 00000803 _____ () C:\Documents and Settings\Owner\Start Menu\Programs\Internet Explorer.lnk
2014-03-31 16:58 - 2014-03-31 16:58 - 00030329 _____ () C:\WINDOWS\KB940157Uninst.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00006182 _____ () C:\WINDOWS\FaxSetup.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00002956 _____ () C:\WINDOWS\ocgen.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00002359 _____ () C:\WINDOWS\tsoc.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00002052 _____ () C:\WINDOWS\comsetup.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00001361 _____ () C:\WINDOWS\setupapi.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00001248 _____ () C:\WINDOWS\ntdtcsetup.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00000971 _____ () C:\WINDOWS\iis6.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00000342 _____ () C:\WINDOWS\ocmsn.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00000309 _____ () C:\WINDOWS\msgsocm.log
2014-03-31 14:38 - 2014-03-31 16:06 - 00000120 _____ () C:\WINDOWS\setupact.log
2014-03-31 14:38 - 2014-03-31 14:38 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-03-30 23:23 - 2014-03-30 23:23 - 00000666 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\CourseSaver.lnk
2014-03-30 23:23 - 2014-03-30 23:23 - 00000660 _____ () C:\Documents and Settings\All Users\Desktop\CourseSaver.lnk
2014-03-30 23:23 - 2014-03-30 23:23 - 00000000 ____D () C:\Program Files\CourseSaver
2014-03-30 23:12 - 2014-03-31 23:12 - 00000000 ____D () C:\FRST
2014-03-30 15:07 - 2014-03-30 15:07 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 13 Reading Comprehension 2 & Strategy 2
2014-03-30 15:06 - 2014-03-30 15:07 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 12 Schedule Your Organic Chemistry 2 Flex
2014-03-30 15:06 - 2014-03-30 15:07 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 11 General Chemistry 2
2014-03-30 15:06 - 2014-03-30 15:07 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 10 Quantitative Reasoning 2
2014-03-30 15:05 - 2014-03-30 15:05 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 9 Schedule Your Perceptual Ability 2 Flex
2014-03-30 15:04 - 2014-03-30 15:07 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 6 Schedule Your Organic Chemistry 1 Flex
2014-03-30 15:04 - 2014-03-30 15:04 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 7 Full Length 1 - Take at Home
2014-03-30 15:03 - 2014-03-30 15:05 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 8 Biology 2
2014-03-30 15:00 - 2014-03-30 15:02 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 5 General Chemistry 1
2014-03-30 14:58 - 2014-03-30 15:00 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 4 Quantitative Reasoning 1
2014-03-30 14:56 - 2014-03-30 14:57 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 3 Schedule Your Perceptual Ability 1 Flex
2014-03-30 14:49 - 2014-03-31 14:11 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 2 Biology 1
2014-03-30 14:44 - 2014-03-30 14:53 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 1 Strategy 1 & Reading Comprehension 1
2014-03-29 17:20 - 2014-03-29 22:54 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\General Chemistry Quizzes
2014-03-29 02:53 - 2014-03-29 02:53 - 00000000 ____D () C:\WINDOWS\system32\QuickTime
2014-03-29 02:52 - 2014-03-29 02:52 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Camtasia Studio 6
2014-03-29 02:51 - 2014-03-29 02:51 - 00000000 ____D () C:\Program Files\TechSmith
2014-03-29 02:51 - 2014-03-29 02:51 - 00000000 ____D () C:\Program Files\Common Files\TechSmith Shared
2014-03-29 01:49 - 2014-03-29 01:49 - 00000096 _____ () C:\Documents and Settings\Owner\Application Data\version2.xml
2014-03-29 01:43 - 2014-03-29 01:43 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CheckPoint
2014-03-29 00:01 - 2014-03-29 00:01 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\TechSmith
2014-03-29 00:00 - 2014-03-29 02:58 - 00000000 ____D () C:\Documents and Settings\Owner\My Documents\Camtasia Studio
2014-03-28 23:46 - 2014-03-29 02:35 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\TechSmith
2014-03-21 02:12 - 2014-03-21 02:12 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\Windows Search
2014-03-19 00:37 - 2014-03-31 22:47 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-03-19 00:37 - 2014-03-19 13:07 - 00000216 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-03-18 20:56 - 2014-03-18 20:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-03-18 17:43 - 2014-03-31 22:13 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-18 15:31 - 2014-02-25 21:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-03-18 15:31 - 2014-02-25 21:59 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-03-11 21:44 - 2014-03-11 21:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-11 21:44 - 2014-03-11 21:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-09 19:16 - 2014-03-09 19:16 - 00000129 _____ () C:\Shortcut to 3½ Floppy (A).lnk

==================== One Month Modified Files and Folders =======

2014-03-31 23:12 - 2014-03-30 23:12 - 00000000 ____D () C:\FRST
2014-03-31 23:00 - 2011-10-06 21:12 - 01807447 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-31 22:47 - 2014-03-19 00:37 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-03-31 22:47 - 2013-05-25 16:00 - 00000340 _____ () C:\WINDOWS\Tasks\AVG-Secure-Search-Update_MAY2013_TB_rel.job
2014-03-31 22:47 - 2011-10-05 20:12 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-31 22:47 - 2011-10-05 20:12 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-03-31 22:46 - 2011-10-06 17:27 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-31 22:45 - 2011-10-06 17:29 - 00032320 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-31 22:45 - 2011-10-06 17:29 - 00000278 ___SH () C:\Documents and Settings\Owner\ntuser.ini
2014-03-31 22:38 - 2012-10-11 00:22 - 00000974 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-725345543-1398031866-1004UA.job
2014-03-31 22:21 - 2011-10-06 17:29 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-03-31 22:19 - 2014-03-31 22:18 - 00003392 _____ () C:\Documents and Settings\Owner\Desktop\Rkill.txt
2014-03-31 22:13 - 2014-03-31 22:13 - 00000730 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2014-03-31 22:13 - 2014-03-31 22:13 - 00000724 _____ () C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2014-03-31 22:13 - 2014-03-31 22:13 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-31 22:13 - 2014-03-18 17:43 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-31 20:43 - 2014-03-31 20:41 - 00000051 _____ () C:\Documents and Settings\Owner\Desktop\faisal.txt
2014-03-31 18:52 - 2014-02-22 20:59 - 00023392 _____ () C:\WINDOWS\system32\nscompat.tlb
2014-03-31 18:52 - 2014-02-22 20:59 - 00016832 _____ () C:\WINDOWS\system32\amcompat.tlb
2014-03-31 18:46 - 2014-03-31 18:46 - 00681062 _____ () C:\Documents and Settings\Owner\Desktop\bookmarks.html
2014-03-31 18:44 - 2014-03-31 18:44 - 00001644 _____ () C:\Documents and Settings\All Users\Desktop\Dell Click 2 Fix+.lnk
2014-03-31 18:44 - 2014-03-31 18:44 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Dell Click 2 Fix+
2014-03-31 18:43 - 2014-03-31 18:43 - 01006776 _____ (Dell ) C:\Documents and Settings\Owner\Desktop\DellClick2Fix+_DownloadManager_V1.0.0.5-7811e890c1c5a4013dd1f7708d2471ab.exe
2014-03-31 18:38 - 2012-10-11 00:22 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-725345543-1398031866-1004Core.job
2014-03-31 18:16 - 2011-10-05 20:08 - 00000210 ___SH () C:\boot.ini
2014-03-31 18:16 - 2002-09-03 13:11 - 00000884 _____ () C:\WINDOWS\win.ini
2014-03-31 18:16 - 2002-09-03 13:06 - 00000227 _____ () C:\WINDOWS\system.ini
2014-03-31 18:10 - 2013-10-29 11:17 - 00000000 ____D () C:\Program Files\Dell
2014-03-31 18:07 - 2014-03-31 18:06 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-03-31 17:21 - 2014-03-31 17:21 - 00000016 _____ () C:\Documents and Settings\Owner\Desktop\lol.txt
2014-03-31 17:20 - 2014-03-31 17:20 - 00000803 _____ () C:\Documents and Settings\Owner\Start Menu\Programs\Internet Explorer.lnk
2014-03-31 17:20 - 2011-10-08 03:50 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Application Data\Google
2014-03-31 17:20 - 2011-10-08 03:49 - 00000000 ____D () C:\Program Files\Google
2014-03-31 16:58 - 2014-03-31 16:58 - 00030329 _____ () C:\WINDOWS\KB940157Uninst.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00006182 _____ () C:\WINDOWS\FaxSetup.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00002956 _____ () C:\WINDOWS\ocgen.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00002359 _____ () C:\WINDOWS\tsoc.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00002052 _____ () C:\WINDOWS\comsetup.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00001361 _____ () C:\WINDOWS\setupapi.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00001248 _____ () C:\WINDOWS\ntdtcsetup.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00000971 _____ () C:\WINDOWS\iis6.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00000342 _____ () C:\WINDOWS\ocmsn.log
2014-03-31 16:58 - 2014-03-31 16:58 - 00000309 _____ () C:\WINDOWS\msgsocm.log
2014-03-31 16:58 - 2014-02-22 21:14 - 00000000 ____D () C:\Program Files\Windows Desktop Search
2014-03-31 16:06 - 2014-03-31 14:38 - 00000120 _____ () C:\WINDOWS\setupact.log
2014-03-31 14:38 - 2014-03-31 14:38 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-03-31 14:33 - 2012-02-22 00:31 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-03-31 14:20 - 2011-10-06 17:29 - 00000000 ____D () C:\Documents and Settings\Owner
2014-03-31 14:11 - 2014-03-30 14:49 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 2 Biology 1
2014-03-31 02:00 - 2012-11-29 10:26 - 00000340 _____ () C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-ANAM-RNFR3WMDD7-Dena.job
2014-03-31 02:00 - 2012-11-21 02:21 - 00000340 _____ () C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-ANAM-RNFR3WMDD7-SHAK.job
2014-03-31 01:14 - 2012-07-08 21:56 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\white
2014-03-31 00:48 - 2011-10-06 15:45 - 00215552 _____ () C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-30 23:23 - 2014-03-30 23:23 - 00000666 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\CourseSaver.lnk
2014-03-30 23:23 - 2014-03-30 23:23 - 00000660 _____ () C:\Documents and Settings\All Users\Desktop\CourseSaver.lnk
2014-03-30 23:23 - 2014-03-30 23:23 - 00000000 ____D () C:\Program Files\CourseSaver
2014-03-30 15:07 - 2014-03-30 15:07 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 13 Reading Comprehension 2 & Strategy 2
2014-03-30 15:07 - 2014-03-30 15:06 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 12 Schedule Your Organic Chemistry 2 Flex
2014-03-30 15:07 - 2014-03-30 15:06 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 11 General Chemistry 2
2014-03-30 15:07 - 2014-03-30 15:06 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 10 Quantitative Reasoning 2
2014-03-30 15:07 - 2014-03-30 15:04 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 6 Schedule Your Organic Chemistry 1 Flex
2014-03-30 15:05 - 2014-03-30 15:05 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 9 Schedule Your Perceptual Ability 2 Flex
2014-03-30 15:05 - 2014-03-30 15:03 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 8 Biology 2
2014-03-30 15:04 - 2014-03-30 15:04 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 7 Full Length 1 - Take at Home
2014-03-30 15:02 - 2014-03-30 15:00 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 5 General Chemistry 1
2014-03-30 15:00 - 2014-03-30 14:58 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 4 Quantitative Reasoning 1
2014-03-30 14:57 - 2014-03-30 14:56 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 3 Schedule Your Perceptual Ability 1 Flex
2014-03-30 14:53 - 2014-03-30 14:44 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Session 1 Strategy 1 & Reading Comprehension 1
2014-03-29 23:12 - 2013-04-10 17:58 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-03-29 22:54 - 2014-03-29 17:20 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\General Chemistry Quizzes
2014-03-29 21:44 - 2011-10-06 21:21 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\Macromedia
2014-03-29 18:52 - 2013-10-29 12:01 - 00001552 _____ () C:\Documents and Settings\Owner\Desktop\Dell TEch.txt
2014-03-29 14:12 - 2002-09-03 13:14 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-03-29 02:58 - 2014-03-29 00:00 - 00000000 ____D () C:\Documents and Settings\Owner\My Documents\Camtasia Studio
2014-03-29 02:53 - 2014-03-29 02:53 - 00000000 ____D () C:\WINDOWS\system32\QuickTime
2014-03-29 02:52 - 2014-03-29 02:52 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Camtasia Studio 6
2014-03-29 02:51 - 2014-03-29 02:51 - 00000000 ____D () C:\Program Files\TechSmith
2014-03-29 02:51 - 2014-03-29 02:51 - 00000000 ____D () C:\Program Files\Common Files\TechSmith Shared
2014-03-29 02:35 - 2014-03-28 23:46 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\TechSmith
2014-03-29 01:54 - 2013-04-09 22:49 - 00004534 _____ () C:\Documents and Settings\Owner\Application Data\CamStudio.cfg
2014-03-29 01:54 - 2013-04-09 22:46 - 00000408 _____ () C:\Documents and Settings\Owner\Application Data\CamShapes.ini
2014-03-29 01:54 - 2013-04-09 22:46 - 00000408 _____ () C:\Documents and Settings\Owner\Application Data\CamLayout.ini
2014-03-29 01:54 - 2013-04-09 22:46 - 00000120 _____ () C:\Documents and Settings\Owner\Application Data\Camdata.ini
2014-03-29 01:52 - 2013-04-09 22:42 - 00000000 ____D () C:\Program Files\CamStudio 2.7
2014-03-29 01:49 - 2014-03-29 01:49 - 00000096 _____ () C:\Documents and Settings\Owner\Application Data\version2.xml
2014-03-29 01:43 - 2014-03-29 01:43 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CheckPoint
2014-03-29 00:47 - 2013-04-11 03:28 - 00494206 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1935655697-725345543-1398031866-1003-0.dat
2014-03-29 00:47 - 2013-04-11 03:28 - 00214414 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-03-29 00:44 - 2013-02-28 05:15 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Shoes for ash
2014-03-29 00:01 - 2014-03-29 00:01 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\TechSmith
2014-03-28 23:37 - 2011-10-05 20:10 - 00007042 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-23 22:16 - 2012-11-11 19:16 - 00000309 _____ () C:\Documents and Settings\Owner\Application Data\com.crackdat.crackdatsuite.xml
2014-03-23 22:16 - 2012-11-11 19:15 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\Crack the DAT
2014-03-22 18:47 - 2013-04-15 18:12 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\DAT
2014-03-21 17:12 - 2012-09-18 20:07 - 00000178 ___SH () C:\Documents and Settings\SHAK\ntuser.ini
2014-03-21 02:12 - 2014-03-21 02:12 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\Windows Search
2014-03-20 01:38 - 2013-10-02 16:06 - 00000269 _____ () C:\Documents and Settings\Owner\Desktop\fax to chase.txt
2014-03-19 13:07 - 2014-03-19 00:37 - 00000216 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-03-18 20:56 - 2014-03-18 20:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-03-18 20:55 - 2013-07-13 03:01 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-18 20:51 - 2012-09-07 19:31 - 87350280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-16 23:24 - 2013-01-01 02:23 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Puters
2014-03-16 23:22 - 2013-05-22 14:45 - 00000365 _____ () C:\Documents and Settings\Owner\Desktop\LOL999.txt
2014-03-16 23:18 - 2012-03-04 04:36 - 00000000 ____D () C:\Documents and Settings\Owner\Desktop\Misc
2014-03-16 16:11 - 2013-09-28 20:05 - 00001269 _____ () C:\Documents and Settings\Owner\Desktop\cool.txt
2014-03-16 16:08 - 2013-03-18 19:51 - 00001785 _____ () C:\Documents and Settings\Owner\Desktop\BOUGHT!.txt
2014-03-12 22:58 - 2013-03-20 02:39 - 03444184 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-11 21:45 - 2012-03-05 23:16 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-03-11 21:44 - 2014-03-11 21:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-11 21:44 - 2014-03-11 21:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-11 21:29 - 2011-10-11 22:01 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
2014-03-11 21:28 - 2011-10-10 01:43 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-03-10 16:51 - 2012-09-18 20:07 - 00000000 ____D () C:\Documents and Settings\SHAK\Application Data\Macromedia
2014-03-09 19:16 - 2014-03-09 19:16 - 00000129 _____ () C:\Shortcut to 3½ Floppy (A).lnk
2014-03-07 00:46 - 2012-02-15 23:07 - 00002479 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Word.lnk
2014-03-06 00:55 - 2013-08-07 17:38 - 00001544 _____ () C:\Documents and Settings\Owner\Desktop\Salonnnn.txt
2014-03-05 15:23 - 2012-01-26 06:01 - 00000132 _____ () C:\Documents and Settings\Owner\Application Data\Adobe PNG Format CS5 Prefs
2014-03-05 14:47 - 2011-10-08 03:47 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Skype
2014-03-05 13:40 - 2011-10-08 03:47 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\Skype

Files to move or delete:
====================
C:\Documents and Settings\Owner\Application Data\CamLayout.ini
C:\Documents and Settings\Owner\Application Data\CamShapes.ini


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014  01
Ran by Owner at 2014-03-31 23:13:45
Running from C:\Documents and Settings\Owner\My Documents\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================


==================== Installed Programs ======================

Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.6.0.6090 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.3.300.265 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
B57Inst (Version: 3.40 - Broadcom) Hidden
BCM V.92 56K Modem (HKLM\...\BCM V.92 56K Modem) (Version:  - )
Broadcom Driver Installer (HKLM\...\InstallShield_{BE6890C7-31EF-478C-812E-1E2899ABFCA9}) (Version: 3.40 - Broadcom)
Camtasia Studio 6 (HKLM\...\{A589DA26-51BD-475D-8C32-E19E34145842}) (Version: 6.0.3 - TechSmith Corporation)
Course Saver Desktop (HKLM\...\com.coursesaver.desktop) (Version: 2.1.18 - UNKNOWN)
Course Saver Desktop (Version: 2.1.18 - UNKNOWN) Hidden
Crack the DAT 2013-2014 (HKLM\...\Crack the DAT) (Version: 2013-2014 - Crack Exam Preparation Software)
Crack the DAT 5.0.26 (HKLM\...\{DCE61563-DA83-47CD-B6E6-D25BEC21B301}_is1) (Version:  - Crack DAT)
Dell Click 2 Fix+ (HKLM\...\Dell Click 2 Fix+_is1) (Version: 2.004.032.2546.03 - Dell)
Dell ResourceCD (HKLM\...\{D78653C3-A8FF-415F-92E6-D774E634FF2D}) (Version:  - )
Google Talk Plugin (HKLM\...\{43D16DA8-BF42-3C62-89D3-3AD47829DC2E}) (Version: 3.10.2.10212 - Google)
Intel® Extreme Graphics Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version:  - )
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Office 2000 Professional (HKLM\...\{00010409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 28.0 (x86 en-US) (HKLM\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version:  - )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Windows XP (KB2492386) (HKLM\...\KB2492386) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
USB2.0 PC Camera (SN9C201&202) (HKLM\...\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}) (Version: 5.7.3.102 - )
WebFldrs XP (Version: 9.50.6513 - Microsoft Corporation) Hidden
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version:  - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
WinRAR 4.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)

==================== Restore Points  =========================

14-01-2014 17:49:57 System Checkpoint
15-01-2014 05:54:45 Software Distribution Service 3.0
16-01-2014 07:09:59 Software Distribution Service 3.0
17-01-2014 21:17:33 System Checkpoint
18-01-2014 22:58:06 System Checkpoint
20-01-2014 01:13:57 System Checkpoint
21-01-2014 06:25:08 System Checkpoint
22-01-2014 06:26:14 System Checkpoint
24-01-2014 20:28:07 System Checkpoint
26-01-2014 01:13:14 System Checkpoint
27-01-2014 01:44:57 System Checkpoint
28-01-2014 15:21:36 System Checkpoint
29-01-2014 22:51:49 System Checkpoint
31-01-2014 01:33:13 System Checkpoint
01-02-2014 01:42:05 System Checkpoint
02-02-2014 01:38:00 Removed Bing Bar
02-02-2014 01:41:29 Removed HP Officejet 4620 series Basic Device Software
02-02-2014 01:47:27 Removed HP Officejet 4620 series Help
03-02-2014 02:40:44 System Checkpoint
04-02-2014 21:11:53 System Checkpoint
06-02-2014 03:04:23 System Checkpoint
06-02-2014 07:03:59 Removed I.R.I.S. OCR
06-02-2014 07:08:26 Removed HP Officejet 4620 series Product Improvement Study
06-02-2014 07:11:03 Removed HP Update.
06-02-2014 07:11:45 Removed Skype™ 6.13
07-02-2014 08:00:36 Software Distribution Service 3.0
09-02-2014 05:42:28 System Checkpoint
10-02-2014 08:50:26 System Checkpoint
11-02-2014 23:23:49 System Checkpoint
13-02-2014 02:54:19 System Checkpoint
13-02-2014 08:01:12 Software Distribution Service 3.0
15-02-2014 05:33:36 System Checkpoint
18-02-2014 02:55:11 System Checkpoint
18-02-2014 05:35:50 Installed Achiever
19-02-2014 04:37:11 Removed Achiever
20-02-2014 04:53:35 System Checkpoint
21-02-2014 20:45:06 System Checkpoint
22-02-2014 22:21:19 System Checkpoint
23-02-2014 00:24:32 Installed Java 7 Update 51
23-02-2014 00:37:04 Pre Install Click 2 Fix restore point
23-02-2014 01:10:57 Software Distribution Service 3.0
23-02-2014 06:01:44 Software Distribution Service 3.0
24-02-2014 03:41:32 Software Distribution Service 3.0
25-02-2014 04:19:06 System Checkpoint
26-02-2014 04:54:36 System Checkpoint
28-02-2014 19:49:33 System Checkpoint
01-03-2014 23:21:00 System Checkpoint
03-03-2014 00:02:04 System Checkpoint
04-03-2014 02:44:31 System Checkpoint
05-03-2014 03:22:54 System Checkpoint
05-03-2014 18:48:36 Removed Skype™ 6.14
06-03-2014 21:14:35 System Checkpoint
07-03-2014 21:57:53 System Checkpoint
09-03-2014 01:47:24 System Checkpoint
10-03-2014 07:02:03 System Checkpoint
10-03-2014 21:15:08 Software Distribution Service 3.0
12-03-2014 01:43:49 Software Distribution Service 3.0
14-03-2014 18:44:02 System Checkpoint
16-03-2014 21:39:54 System Checkpoint
17-03-2014 23:51:10 System Checkpoint
19-03-2014 00:49:57 Software Distribution Service 3.0
20-03-2014 18:59:19 System Checkpoint
21-03-2014 19:24:05 System Checkpoint
22-03-2014 22:07:14 System Checkpoint
29-03-2014 03:46:25 Installed Camtasia Studio 8
29-03-2014 06:13:12 Removed Camtasia Studio 8
29-03-2014 06:38:58 Restore Operation
29-03-2014 06:51:15 Installed Camtasia Studio 6
29-03-2014 07:01:10 Software Distribution Service 3.0
30-03-2014 02:02:19 Software Distribution Service 3.0
31-03-2014 02:21:48 System Checkpoint
31-03-2014 20:19:53 Pre Install Click 2 Fix restore point
31-03-2014 22:11:12 Pre Install Click 2 Fix+ restore point
31-03-2014 22:44:06 Pre Install Click 2 Fix+ restore point
01-04-2014 02:34:09 Dell Click 2 Fix+ restore point

==================== Hosts content: ==========================

2002-09-03 12:34 - 2011-01-12 18:45 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-ANAM-RNFR3WMDD7-Dena.job => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-ANAM-RNFR3WMDD7-SHAK.job => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_MAY2013_TB_rel.job => C:\Program Files\AVG SafeGuard toolbar\AVG-Secure-Search-Update_MAY2013_TB.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-725345543-1398031866-1004Core.job => C:\Documents and Settings\Dena\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-725345543-1398031866-1004UA.job => C:\Documents and Settings\Dena\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe

==================== Loaded Modules (whitelisted) =============

2014-03-31 18:44 - 2014-02-03 23:33 - 00166216 _____ () C:\Program Files\Dell\Click 2 Fix+\SSLEAY32.DLL
2014-03-31 18:44 - 2014-02-03 23:29 - 00833856 _____ () C:\Program Files\Dell\Click 2 Fix+\LIBEAY32.dll
2014-03-31 18:44 - 2014-02-03 23:32 - 00579576 _____ () C:\Program Files\Dell\Click 2 Fix+\sqlite3.dll
2014-03-31 18:44 - 2014-02-03 23:30 - 00018240 _____ () C:\Program Files\Dell\Click 2 Fix+\node.dll
2014-03-31 22:13 - 2014-03-15 04:40 - 03642480 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-08-19 23:01 - 2013-08-19 23:01 - 16166280 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\02387577.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\83409464.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\02387577.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\83409464.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "DisplayName"="Dell"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "ErrorControl"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "ImagePath"="C:\Program Files\Dell\Click 2 Fix\srvc.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "ObjectName"="LocalSystem"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "Start"="2"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix => "Type"="272"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix\Parameters => "Application"="C:\Program Files\Dell\Click 2 Fix\srvc.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix\Parameters => "AppParameters"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "DisplayName"="Dell"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "ErrorControl"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "ImagePath"="C:\Program Files\Dell\Click 2 Fix+\srvc.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "ObjectName"="LocalSystem"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "Start"="2"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+ => "Type"="272"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+\Parameters => "Application"="C:\Program Files\Dell\Click 2 Fix+\srvc.exe"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dell Click 2 Fix+\Parameters => "AppParameters"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk => C:\WINDOWS\pss\Windows Search.lnkCommon Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: BCMSMMSG => BCMSMMSG.exe
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: FixCamera => C:\WINDOWS\FixCamera.exe
MSCONFIG\startupreg: HotKeysCmds => C:\WINDOWS\System32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\WINDOWS\System32\igfxtray.exe
MSCONFIG\startupreg: snp2std => C:\WINDOWS\vsnp2std.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: tsnp2std => C:\WINDOWS\tsnp2std.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/31/2014 04:58:25 PM) (Source: LoadPerf) (User: )
Description: Unloading the performance counter strings for service wsearchidxpi (wsearchidxpi) failed. The
Error code is the first DWORD in Data section.

Error: (03/31/2014 04:58:25 PM) (Source: LoadPerf) (User: )
Description: The performance strings in the Performance registry value is corrupted when
process Performance extension counter provider. BaseIndex value from Performance
registry is the first DWORD in Data section, LastCounter value is the second
DWORD in Data section, and LastHelp value is the third DWORD in Data section.

Error: (03/31/2014 04:58:25 PM) (Source: LoadPerf) (User: )
Description: Unloading the performance counter strings for service UGTHRSVC (UGTHRSVC) failed. The
Error code is the first DWORD in Data section.

Error: (03/31/2014 04:58:25 PM) (Source: LoadPerf) (User: )
Description: The performance strings in the Performance registry value is corrupted when
process Performance extension counter provider. BaseIndex value from Performance
registry is the first DWORD in Data section, LastCounter value is the second
DWORD in Data section, and LastHelp value is the third DWORD in Data section.

Error: (03/31/2014 04:58:25 PM) (Source: LoadPerf) (User: )
Description: Unloading the performance counter strings for service UGatherer (UGatherer) failed. The
Error code is the first DWORD in Data section.

Error: (03/31/2014 04:58:25 PM) (Source: LoadPerf) (User: )
Description: The performance strings in the Performance registry value is corrupted when
process Performance extension counter provider. BaseIndex value from Performance
registry is the first DWORD in Data section, LastCounter value is the second
DWORD in Data section, and LastHelp value is the third DWORD in Data section.

Error: (03/31/2014 04:35:38 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Fix it 50226 -- This Microsoft Fix it does not apply because the computer requires a Microsoft download or Microsoft Update.

Error: (03/31/2014 03:39:22 PM) (Source: Windows Search Service) (User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\OWNER\RECENT\3.3 GAS Q1.LNK

Error: (03/31/2014 03:39:22 PM) (Source: Windows Search Service) (User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\OWNER\RECENT\3.3 GAS Q1.LNK

Error: (03/31/2014 02:36:03 PM) (Source: Application Hang) (User: )
Description: Fault bucket 1432846009.


System errors:
=============
Error: (03/31/2014 10:34:23 PM) (Source: SideBySide) (User: )
Description: Generate Activation Context failed for C:\DOCUME~1\Owner\LOCALS~1\Temp\is-05DLU.tmp\Screen_resolution.dll.
Reference error message: The operation completed successfully.
.

Error: (03/31/2014 10:34:23 PM) (Source: SideBySide) (User: )
Description: Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT.
Reference error message: The referenced assembly is not installed on your system.
.

Error: (03/31/2014 10:34:23 PM) (Source: SideBySide) (User: )
Description: Dependent Assembly Microsoft.VC90.DebugCRT could not be found and Last Error was The referenced assembly is not installed on your system.

Error: (03/31/2014 10:34:23 PM) (Source: SideBySide) (User: )
Description: Generate Activation Context failed for C:\DOCUME~1\Owner\LOCALS~1\Temp\is-05DLU.tmp\Screen_resolution.dll.
Reference error message: The operation completed successfully.
.

Error: (03/31/2014 10:34:23 PM) (Source: SideBySide) (User: )
Description: Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT.
Reference error message: The referenced assembly is not installed on your system.
.

Error: (03/31/2014 10:34:23 PM) (Source: SideBySide) (User: )
Description: Dependent Assembly Microsoft.VC90.DebugCRT could not be found and Last Error was The referenced assembly is not installed on your system.

Error: (03/31/2014 10:25:02 PM) (Source: SideBySide) (User: )
Description: Generate Activation Context failed for C:\DOCUME~1\Owner\LOCALS~1\Temp\is-C9NBA.tmp\Screen_resolution.dll.
Reference error message: The operation completed successfully.
.

Error: (03/31/2014 10:25:02 PM) (Source: SideBySide) (User: )
Description: Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT.
Reference error message: The referenced assembly is not installed on your system.
.

Error: (03/31/2014 10:25:02 PM) (Source: SideBySide) (User: )
Description: Dependent Assembly Microsoft.VC90.DebugCRT could not be found and Last Error was The referenced assembly is not installed on your system.

Error: (03/31/2014 10:25:02 PM) (Source: SideBySide) (User: )
Description: Generate Activation Context failed for C:\DOCUME~1\Owner\LOCALS~1\Temp\is-C9NBA.tmp\Screen_resolution.dll.
Reference error message: The operation completed successfully.
.


Microsoft Office Sessions:
=========================
Error: (03/31/2014 04:58:25 PM) (Source: LoadPerf)(User: )
Description: wsearchidxpiwsearchidxpi

Error: (03/31/2014 04:58:25 PM) (Source: LoadPerf)(User: )
Description: Performance

Error: (03/31/2014 04:58:25 PM) (Source: LoadPerf)(User: )
Description: UGTHRSVCUGTHRSVC

Error: (03/31/2014 04:58:25 PM) (Source: LoadPerf)(User: )
Description: Performance

Error: (03/31/2014 04:58:25 PM) (Source: LoadPerf)(User: )
Description: UGathererUGatherer

Error: (03/31/2014 04:58:25 PM) (Source: LoadPerf)(User: )
Description: Performance

Error: (03/31/2014 04:35:38 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Microsoft Fix it 50226 -- This Microsoft Fix it does not apply because the computer requires a Microsoft download or Microsoft Update.(NULL)(NULL)(NULL)

Error: (03/31/2014 03:39:22 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\OWNER\RECENT\3.3 GAS Q1.LNK

Error: (03/31/2014 03:39:22 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\OWNER\RECENT\3.3 GAS Q1.LNK

Error: (03/31/2014 02:36:03 PM) (Source: Application Hang)(User: )
Description: 1432846009


==================== Memory info ===========================

Percentage of memory in use: 27%
Total physical RAM: 2046 MB
Available physical RAM: 1473.93 MB
Total Pagefile: 4968.77 MB
Available Pagefile: 4585.54 MB
Total Virtual: 2047.88 MB
Available Virtual: 1958.11 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.52 GB) (Free:34.04 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 75 GB) (Disk ID: CBF3CBF3)

Partition: GPT Partition Type.

==================== End Of Log ============================

Link to post
Share on other sites

Download the attached fixlist.txt to the same folder as FRST.
Run FRST.exe and click Fix only once and wait
The tool will create a log (Fixlog.txt) in the folder, please post it to your reply.

-------------------

(Delete your copy and download a fresh one)
Please download AdwCleaner from HERE or HERE to your desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

-------------------------------------

Please run a Quick Scan with Malwarebytes like this:
Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.
Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.
Make sure that everything is checked, and click Remove Selected.

 

If you're using Malwarebytes 2.0, please run a Threat Scan
 

Let me know how it is, MrC

Link to post
Share on other sites

Hi MrCharlie,

 

Thank you once again for all your help.  :D:wub:  Here are the following logs you've requested:

 

Fixlist LOG

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-03-2014  01
Ran by Owner at 2014-04-03 16:06:00 Run:1
Running from C:\Documents and Settings\Owner\Desktop\FRST
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - URL http://search.condui...7A2F0AFFEB29&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON http://search.zoneal...hDev3&Lan=en&q={searchTerms}&gu=00674ddf02a8433b9ed0a9291062edcc&tu=11J3y00DC2B0Ca0&sku=&tstsId=&ver=&&r=281
CHR HKCU\...\Chrome\Extension: [pbofibgamhkgoonaocfgemncghhadmgb] - C:\Documents and Settings\Owner\Local Settings\Application Data\CRE\pbofibgamhkgoonaocfgemncghhadmgb.crx
CHR HKLM\...\Chrome\Extension: [pbofibgamhkgoonaocfgemncghhadmgb] - C:\Documents and Settings\Owner\Local Settings\Application Data\CRE\pbofibgamhkgoonaocfgemncghhadmgb.crx
C:\Documents and Settings\Owner\Local Settings\Temp\ntdll_dump.dll
C:\Documents and Settings\Owner\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Owner\Application Data\CamLayout.ini
C:\Documents and Settings\Owner\Application Data\CamShapes.ini
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
*****************

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\URL => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SuggestionsURL_JSON => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F5C06B15-C34B-4DA9-B402-8E7E2E2D4463} => Key not found.
HKCR\Wow6432Node\CLSID\{F5C06B15-C34B-4DA9-B402-8E7E2E2D4463} => Key not found.
HKCU\SOFTWARE\Google\Chrome\Extensions\pbofibgamhkgoonaocfgemncghhadmgb => Key deleted successfully.
"CHR HKCU\...\Chrome\Extension: [pbofibgamhkgoonaocfgemncghhadmgb] - C:\Documents and Settings\Owner\Local Settings\Application Data\CRE\pbofibgamhkgoonaocfgemncghhadmgb.crx" => File/Directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\pbofibgamhkgoonaocfgemncghhadmgb => Key deleted successfully.
"CHR HKLM\...\Chrome\Extension: [pbofibgamhkgoonaocfgemncghhadmgb] - C:\Documents and Settings\Owner\Local Settings\Application Data\CRE\pbofibgamhkgoonaocfgemncghhadmgb.crx" => File/Directory not found.
"C:\Documents and Settings\Owner\Local Settings\Temp\ntdll_dump.dll" => File/Directory not found.
"C:\Documents and Settings\Owner\Local Settings\Temp\Quarantine.exe" => File/Directory not found.
C:\Documents and Settings\Owner\Application Data\CamLayout.ini => Moved successfully.
C:\Documents and Settings\Owner\Application Data\CamShapes.ini => Moved successfully.
C:\Documents and Settings\All Users\Application Data\TEMP => ":0B4227B4" ADS removed successfully.

==== End of Fixlog ====

 

AdwCleaner LOG

# AdwCleaner v3.023 - Report created 03/04/2014 at 16:11:13
# Updated 01/04/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Owner - ANAM-RNFR3WMDD7
# Running from : C:\Documents and Settings\Owner\My Documents\Downloads\adwcleaner(1).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel [Homepage]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\i8j6xi5j.default-1396147886042\prefs.js ]


[ File : C:\Documents and Settings\Dena\Application Data\Mozilla\Firefox\Profiles\8boufv13.default\prefs.js ]


[ File : C:\Documents and Settings\SHAK\Application Data\Mozilla\Firefox\Profiles\vd8ncv3g.default\prefs.js ]


*************************

AdwCleaner[R5].txt - [1274 octets] - [03/04/2014 16:07:58]
AdwCleaner[s4].txt - [1199 octets] - [03/04/2014 16:11:13]

########## EOF - C:\AdwCleaner\AdwCleaner[s4].txt - [1259 octets] ##########
 

 

Malwarebytes LOG

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.04.01.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Owner :: ANAM-RNFR3WMDD7 [administrator]

4/3/2014 4:17:53 PM
mbam-log-2014-04-03 (16-17-53).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 264231
Time elapsed: 16 minute(s), 53 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.