Jump to content

I have Astromenda on my Firefox Browser


Recommended Posts

I have run the Farbar Recovery Scan Tool as instructed. Here are my logs. Thank you for your help.
************************************************************************************************************************************************************************************

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2014
Ran by Nicole Worrall (administrator) on NICOLELAPTOP on 19-09-2014 16:15:30
Running from C:\Documents and Settings\Nicole Worrall\Desktop
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 6
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\WINDOWS\system32\WLTRYSVC.EXE
(Dell Inc.) C:\WINDOWS\system32\BCMWLTRY.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Creative Technology Ltd.) C:\WINDOWS\OA012Mon.exe
(Dell Inc.) C:\WINDOWS\system32\WLTRAY.EXE
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Dell) C:\Program Files\WSED\WSED.exe
(Dell) C:\Program Files\Battery Meter\BTMeter.exe
(Compal Electronics, Inc) C:\Program Files\CapsLKNotify\CapsLKNotify.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtcmd.exe
(LeapFrog Enterprises, Inc.) C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(LeapFrog Enterprises, Inc.) C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe


==================== Registry (All) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1434920 2009-03-15] (Synaptics Incorporated)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [17529856 2009-03-15] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [57344 2009-03-15] (Realtek Semiconductor Corp.)
HKLM\...\Run: [igfxTray] => C:\WINDOWS\system32\igfxtray.exe [141848 2009-02-15] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\WINDOWS\system32\hkcmd.exe [166424 2009-02-15] (Intel Corporation)
HKLM\...\Run: [Persistence] => C:\WINDOWS\system32\igfxpers.exe [137752 2009-02-15] (Intel Corporation)
HKLM\...\Run: [OA012Mon] => C:\WINDOWS\OA012Mon.exe [24576 2009-09-01] (Creative Technology Ltd.)
HKLM\...\Run: [broadcom Wireless Manager UI] => C:\WINDOWS\system32\WLTRAY.exe [2289664 2009-01-06] (Dell Inc.)
HKLM\...\Run: [WSED] => C:\Program Files\WSED\WSED.exe [247080 2009-05-27] (Dell)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [bTMeter] => C:\Program Files\Battery Meter\BTMeter.exe [623984 2009-07-22] (Dell)
HKLM\...\Run: [CapsLKNotify] => C:\Program Files\CapsLKNotify\CapsLKNotify.exe [320808 2009-02-23] (Compal Electronics, Inc)
HKLM\...\Run: [dellsupportcenter] => C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2009-06-03] (SupportSoft, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM\...\Run: [Monitor] => C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe [298616 2013-04-01] (LeapFrog Enterprises, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)
HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Winlogon: [userinit] C:\WINDOWS\system32\userinit.exe, [26112 2008-04-14] (Microsoft Corporation)
HKLM\...\Winlogon: [shell] Explorer.exe [1033728 2008-04-14] (Microsoft Corporation)
HKLM\...\Winlogon: [uIHost] logonui.exe [514560 2008-04-14] (Microsoft Corporation)
Winlogon\Notify\crypt32chain: C:\WINDOWS\system32\crypt32.dll (Microsoft Corporation)
Winlogon\Notify\cryptnet: C:\WINDOWS\system32\cryptnet.dll (Microsoft Corporation)
Winlogon\Notify\cscdll: C:\WINDOWS\system32\cscdll.dll (Microsoft Corporation)
Winlogon\Notify\dimsntfy: C:\WINDOWS\System32\dimsntfy.dll (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\Schedule: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\sclgntfy: C:\WINDOWS\system32\sclgntfy.dll (Microsoft Corporation)
Winlogon\Notify\SensLogn: C:\WINDOWS\system32\WlNotify.dll (Microsoft Corporation)
Winlogon\Notify\termsrv: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\wlballoon: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
HKLM\...99B7938DA9E4}\LocalServer32: [Default-wmiprvse]  <==== ATTENTION!
HKLM\...\Policies\Explorer: [HonorAutoRunSetting] 1
HKU\.DEFAULT\...\Policies\Explorer: [NoDriveTypeAutoRun] 145
HKU\S-1-5-19\...\Policies\Explorer: [NoDriveTypeAutoRun] 145
HKU\S-1-5-20\...\Policies\Explorer: [NoDriveTypeAutoRun] 145
HKU\S-1-5-21-2971838719-2136109147-1358944479-1006\...\Run: [ctfmon.exe] => C:\WINDOWS\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-2971838719-2136109147-1358944479-1006\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-2971838719-2136109147-1358944479-1006\...\Policies\Explorer: [NoDriveTypeAutoRun] 145
HKU\S-1-5-21-2971838719-2136109147-1358944479-1006\...\MountPoints2: {c0f4d6f6-1e87-11df-82ed-701a04931913} - "D:\WD SmartWare.exe" autoplay=true
IFEO\Your Image File Name Here without a path: [Debugger] ntsd -d
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDDMStatus.lnk
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDSmartWare.lnk
ShortcutTarget: WDSmartWare.lnk -> C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - %SystemRoot%\system32\webcheck.dll (Microsoft Corporation)
SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: Offline Files -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll (Microsoft Corporation)
BootExecute: autocheck autochk *
AlternateShell: cmd.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.live.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/sphome.aspx
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Nicole Worrall\Application Data\Mozilla\Firefox\Profiles\scpcfksx.default
FF NewTab: about:blank
FF DefaultSearchEngine: Astromenda
FF SelectedSearchEngine: Astromenda
FF Homepage: about:blank
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nielsen/FirefoxTracker -> C:\Program Files\NetRatingsNetSight\NetSight\meter3\FirefoxAddOns\npfirefoxtracker.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Documents and Settings\Nicole Worrall\Application Data\Mozilla\Firefox\Profiles\scpcfksx.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Nicole Worrall\Application Data\Mozilla\Firefox\Profiles\scpcfksx.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-06-17]
FF Extension: Astromenda NT - C:\Documents and Settings\Nicole Worrall\Application Data\Mozilla\Firefox\Profiles\scpcfksx.default\Extensions\{424b0d11-e7fe-4a04-b7df-8f2c77f58aaf} [2014-09-08]
FF Extension: Ghostery - C:\Documents and Settings\Nicole Worrall\Application Data\Mozilla\Firefox\Profiles\scpcfksx.default\Extensions\firefox@ghostery.com.xpi [2013-11-16]
FF Extension: Pin It Button - C:\Documents and Settings\Nicole Worrall\Application Data\Mozilla\Firefox\Profiles\scpcfksx.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2014-08-01]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-05-19]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-12-30]
FF HKLM\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files\NetRatingsNetSight\NetSight\meter3\FirefoxAddOns\netsight@nielsen.xpi
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\Documents and Settings\All Users\Application Data\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\Documents and Settings\All Users\Application Data\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR CustomProfile: C:\Documents and Settings\Nicole Worrall\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Documents and Settings\Nicole Worrall\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-26]
CHR Extension: (Google Drive) - C:\Documents and Settings\Nicole Worrall\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-26]
CHR Extension: (YouTube) - C:\Documents and Settings\Nicole Worrall\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-26]
CHR Extension: (McAfee Security Scan+) - C:\Documents and Settings\Nicole Worrall\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-04-08]
CHR Extension: (Google Search) - C:\Documents and Settings\Nicole Worrall\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-26]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Nicole Worrall\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-08]
CHR Extension: (Gmail) - C:\Documents and Settings\Nicole Worrall\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-26]

==================== Services (All) ========================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [267440 2014-09-10] (Adobe Systems Incorporated)
S4 Alerter; C:\WINDOWS\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Corporation)
S3 ALG; C:\WINDOWS\System32\alg.exe [44544 2008-04-14] (Microsoft Corporation)
R2 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336 2014-02-12] (Apple Inc.)
S3 aspnet_state; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [34312 2008-07-25] (Microsoft Corporation)
R2 AudioSrv; C:\WINDOWS\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Corporation)
R2 BITS; C:\WINDOWS\system32\qmgr.dll [409088 2008-04-14] (Microsoft Corporation)
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [390504 2011-08-30] (Apple Inc.)
S2 Browser; C:\WINDOWS\System32\browser.dll [77824 2008-04-14] (Microsoft Corporation)
R2 btwdins; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [346720 2008-09-29] (Broadcom Corporation.)
S3 CiSvc; C:\WINDOWS\system32\cisvc.exe [5632 2008-04-14] (Microsoft Corporation)
S4 ClipSrv; C:\WINDOWS\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Corporation)
S3 clr_optimization_v2.0.50727_32; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [69632 2008-07-25] (Microsoft Corporation)
S3 COMSysApp; C:\WINDOWS\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation)
R2 CryptSvc; C:\WINDOWS\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Corporation)
R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation)
R2 Dhcp; C:\WINDOWS\System32\dhcpcsvc.dll [126976 2008-04-14] (Microsoft Corporation)
S3 dmadmin; C:\WINDOWS\System32\dmadmin.exe [224768 2008-04-14] (Microsoft Corp., Veritas Software)
S3 dmserver; C:\WINDOWS\System32\dmserver.dll [23552 2008-04-14] (Microsoft Corp.)
R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [45568 2009-04-20] (Microsoft Corporation)
S3 Dot3svc; C:\WINDOWS\System32\dot3svc.dll [132096 2008-04-14] (Microsoft Corporation)
S3 EapHost; C:\WINDOWS\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Corporation)
R2 ERSvc; C:\WINDOWS\System32\ersvc.dll [23040 2008-04-14] (Microsoft Corporation)
R2 Eventlog; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation)
R3 EventSystem; C:\WINDOWS\system32\es.dll [253952 2008-07-07] (Microsoft Corporation)
R3 FastUserSwitchingCompatibility; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation)
S2 Fax; C:\WINDOWS\system32\fxssvc.exe [267776 2008-04-14] (Microsoft Corporation)
S3 FontCache3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [46104 2008-07-29] (Microsoft Corporation)
S2 gupdate; C:\Program Files\Google\Update\GoogleUpdate.exe [116648 2013-01-26] (Google Inc.)
S3 gupdatem; C:\Program Files\Google\Update\GoogleUpdate.exe [116648 2013-01-26] (Google Inc.)
R2 helpsvc; C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Corporation)
R2 HidServ; C:\WINDOWS\System32\hidserv.dll [21504 2008-04-14] (Microsoft Corporation)
S3 hkmsvc; C:\WINDOWS\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Corporation)
S3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-03-12] (Hewlett-Packard Co.) [File not signed]
S3 HTTPFilter; C:\WINDOWS\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Corporation)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 idsvc; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [881664 2008-07-29] (Microsoft Corporation)
S3 ImapiService; C:\WINDOWS\system32\imapi.exe [150528 2008-04-14] (Microsoft Corporation)
S3 iPod Service; C:\Program Files\iPod\bin\iPodService.exe [553288 2014-05-15] (Apple Inc.)
S2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-08-15] (Oracle Corporation)
R2 LanmanServer; C:\WINDOWS\System32\srvsvc.dll [99840 2010-08-27] (Microsoft Corporation)
R2 lanmanworkstation; C:\WINDOWS\System32\wkssvc.dll [132096 2009-06-10] (Microsoft Corporation)
R2 LeapFrog Connect Device Service; C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe [7393912 2013-04-01] (LeapFrog Enterprises, Inc.)
R2 LmHosts; C:\WINDOWS\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S4 Messenger; C:\WINDOWS\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Corporation)
S3 mnmsrvc; C:\WINDOWS\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [119408 2014-05-19] (Mozilla Foundation)
S3 MSDTC; C:\WINDOWS\system32\msdtc.exe [6144 2008-04-14] (Microsoft Corporation)
S3 MSIServer; C:\WINDOWS\System32\msiexec.exe [78848 2008-04-14] (Microsoft Corporation)
S3 napagent; C:\WINDOWS\System32\qagentrt.dll [291328 2008-04-14] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]
S4 NetDDE; C:\WINDOWS\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation)
S4 NetDDEdsdm; C:\WINDOWS\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation)
S3 Netlogon; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
R3 Netman; C:\WINDOWS\System32\netman.dll [198144 2008-04-14] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [132096 2008-07-29] (Microsoft Corporation)
R3 Nla; C:\WINDOWS\System32\mswsock.dll [245248 2008-06-20] (Microsoft Corporation)
S3 NtLmSsp; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 NtmsSvc; C:\WINDOWS\system32\ntmssvc.dll [435200 2008-04-14] (Microsoft Corporation)
R2 PlugPlay; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]
R2 PolicyAgent; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
R2 ProtectedStorage; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 RasAuto; C:\WINDOWS\System32\rasauto.dll [88576 2008-04-14] (Microsoft Corporation)
R3 RasMan; C:\WINDOWS\System32\rasmans.dll [186368 2008-04-14] (Microsoft Corporation)
S3 RDSessMgr; C:\WINDOWS\system32\sessmgr.exe [141312 2008-04-14] (Microsoft Corporation)
S4 RemoteAccess; C:\WINDOWS\System32\mprdim.dll [53248 2008-04-14] (Microsoft Corporation)
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [75264 2008-04-14] (Microsoft Corporation)
R2 RpcSs; C:\WINDOWS\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation)
S3 RSVP; C:\WINDOWS\system32\rsvp.exe [132608 2008-04-14] (Microsoft Corporation)
R2 SamSs; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 SCardSvr; C:\WINDOWS\System32\SCardSvr.exe [95744 2008-04-14] (Microsoft Corporation)
R2 Schedule; C:\WINDOWS\system32\schedsvc.dll [192512 2008-04-14] (Microsoft Corporation)
R2 seclogon; C:\WINDOWS\System32\seclogon.dll [18944 2008-04-14] (Microsoft Corporation)
R2 SENS; C:\WINDOWS\system32\sens.dll [39424 2008-04-14] (Microsoft Corporation)
R2 SharedAccess; C:\WINDOWS\System32\ipnathlp.dll [331264 2008-04-14] (Microsoft Corporation)
R2 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation)
R2 Spooler; C:\WINDOWS\system32\spoolsv.exe [58880 2010-08-17] (Microsoft Corporation)
R2 sprtsvc_DellSupportCenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2009-06-03] (SupportSoft, Inc.)
R2 srservice; C:\WINDOWS\system32\srsvc.dll [171008 2008-04-14] (Microsoft Corporation)
R3 SSDPSRV; C:\WINDOWS\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Corporation)
R2 stisvc; C:\WINDOWS\system32\wiaservc.dll [333824 2008-04-14] (Microsoft Corporation)
S3 SwPrv; C:\WINDOWS\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation)
S3 SysmonLog; C:\WINDOWS\system32\smlogsvc.exe [89600 2008-04-14] (Microsoft Corporation)
R3 TapiSrv; C:\WINDOWS\System32\tapisrv.dll [249856 2008-04-14] (Microsoft Corporation)
R2 TermService; C:\WINDOWS\System32\termsrv.dll [295424 2008-04-14] (Microsoft Corporation)
R2 Themes; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation)
R2 TrkWks; C:\WINDOWS\system32\trkwks.dll [90112 2008-04-14] (Microsoft Corporation)
R2 UMWdf; C:\WINDOWS\system32\wdfmgr.exe [38912 2004-10-11] (Microsoft Corporation)
S3 upnphost; C:\WINDOWS\System32\upnphost.dll [185856 2008-04-14] (Microsoft Corporation)
S3 UPS; C:\WINDOWS\System32\ups.exe [18432 2008-04-14] (Microsoft Corporation)
S3 VSS; C:\WINDOWS\System32\vssvc.exe [289792 2008-04-14] (Microsoft Corporation)
R2 w32time; C:\WINDOWS\system32\w32time.dll [175104 2008-04-14] (Microsoft Corporation)
S2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [110592 2009-11-13] (WDC) [File not signed]
S2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
R2 WebClient; C:\WINDOWS\System32\webclnt.dll [68096 2008-04-14] (Microsoft Corporation)
R2 winmgmt; C:\WINDOWS\system32\wbem\WMIsvc.dll [144896 2008-04-14] (Microsoft Corporation)
R2 wltrysvc; C:\WINDOWS\System32\bcmwltry.exe [2039808 2009-01-06] (Dell Inc.) [File not signed]
S3 WmdmPmSN; C:\WINDOWS\system32\MsPMSNSv.dll [25088 2004-10-11] (Microsoft Corporation)
S3 WmiApSrv; C:\WINDOWS\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Corporation)
R2 wscsvc; C:\WINDOWS\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Corporation)
R2 WSearch; C:\WINDOWS\system32\SearchIndexer.exe [439808 2008-05-26] (Microsoft Corporation)
R2 WZCSVC; C:\WINDOWS\System32\wzcsvc.dll [483840 2008-04-14] (Microsoft Corporation)
S3 xmlprov; C:\WINDOWS\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Corporation)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [X]
S2 ca82e1a5; "C:\WINDOWS\system32\rundll32.exe" "c:\Program Files\Optimizer Pro\OptProCrash.dll",ENT

==================== Drivers (All) ==========================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R0 ACPI; C:\WINDOWS\System32\DRIVERS\ACPI.sys [187776 2008-04-14] (Microsoft Corporation)
R0 ACPIEC; C:\WINDOWS\System32\DRIVERS\ACPIEC.sys [11648 2008-04-14] (Microsoft Corporation)
S4 adpu160m; C:\WINDOWS\system32\DRIVERS\adpu160m.sys [101888 2001-08-17] (Microsoft Corporation)
S3 aec; C:\WINDOWS\System32\drivers\aec.sys [142592 2008-04-14] (Microsoft Corporation)
R1 AFD; C:\WINDOWS\System32\drivers\afd.sys [138496 2008-10-16] (Microsoft Corporation)
S4 agp440; C:\WINDOWS\system32\DRIVERS\agp440.sys [42368 2008-04-14] (Microsoft Corporation)
S4 agpCPQ; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [44928 2008-04-14] (Microsoft Corporation)
S4 Aha154x; C:\WINDOWS\system32\DRIVERS\aha154x.sys [12800 2001-08-17] (Microsoft Corporation)
S4 aic78u2; C:\WINDOWS\system32\DRIVERS\aic78u2.sys [55168 2001-08-17] (Microsoft Corporation)
S4 aic78xx; C:\WINDOWS\system32\DRIVERS\aic78xx.sys [56960 2001-08-17] (Microsoft Corporation)
S4 AliIde; C:\WINDOWS\system32\DRIVERS\aliide.sys [5248 2001-08-17] (Acer Laboratories Inc.)
S4 alim1541; C:\WINDOWS\system32\DRIVERS\alim1541.sys [42752 2008-04-14] (Microsoft Corporation)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2009-03-15] (Creative)
S4 amdagp; C:\WINDOWS\system32\DRIVERS\amdagp.sys [43008 2008-04-14] (Advanced Micro Devices, Inc.)
S4 amsint; C:\WINDOWS\system32\DRIVERS\amsint.sys [12032 2001-08-17] (Microsoft Corporation)
S4 asc; C:\WINDOWS\system32\DRIVERS\asc.sys [26496 2001-08-17] (Advanced System Products, Inc.)
S4 asc3350p; C:\WINDOWS\system32\DRIVERS\asc3350p.sys [22400 2001-08-17] (Microsoft Corporation)
S4 asc3550; C:\WINDOWS\system32\DRIVERS\asc3550.sys [14848 2001-08-17] (Advanced System Products, Inc.)
S3 AsyncMac; C:\WINDOWS\System32\DRIVERS\asyncmac.sys [14336 2008-04-14] (Microsoft Corporation)
R0 atapi; C:\WINDOWS\System32\DRIVERS\atapi.sys [96512 2008-04-14] (Microsoft Corporation)
S3 Atmarpc; C:\WINDOWS\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] (Microsoft Corporation)
R3 audstub; C:\WINDOWS\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation)
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [1391104 2009-01-06] (Broadcom Corporation)
R1 Beep; C:\WINDOWS\system32\Drivers\Beep.sys [4224 2008-04-14] (Microsoft Corporation)
R3 btaudio; C:\WINDOWS\System32\drivers\btaudio.sys [534568 2009-02-15] (Broadcom Corporation.)
R3 BTDriver; C:\WINDOWS\System32\DRIVERS\btport.sys [37160 2009-02-15] (Broadcom Corporation.)
R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [991656 2009-02-15] (Broadcom Corporation.)
S3 BTWDNDIS; C:\WINDOWS\System32\DRIVERS\btwdndis.sys [156816 2009-02-15] (Broadcom Corporation.)
R3 btwhid; C:\WINDOWS\System32\DRIVERS\btwhid.sys [57384 2009-02-15] (Broadcom Corporation.)
R3 btwmodem; C:\WINDOWS\System32\DRIVERS\btwmodem.sys [37032 2009-02-15] (Broadcom Corporation.)
R3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [47272 2009-02-15] (Broadcom Corporation.)
S4 cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [13952 2001-08-17] (Microsoft Corporation)
S4 cbidf2k; C:\WINDOWS\system32\Drivers\cbidf2k.sys [13952 2001-08-17] (Microsoft Corporation)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S4 cd20xrnt; C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys [7680 2001-08-17] (Microsoft Corporation)
S1 Cdaudio; C:\WINDOWS\system32\Drivers\Cdaudio.sys [18688 2008-04-14] (Microsoft Corporation)
S4 Cdfs; C:\WINDOWS\system32\Drivers\Cdfs.sys [63744 2008-04-14] (Microsoft Corporation)
S1 Cdrom; C:\WINDOWS\System32\DRIVERS\cdrom.sys [62976 2008-04-14] (Microsoft Corporation)
R3 CmBatt; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [13952 2008-04-14] (Microsoft Corporation)
S4 CmdIde; C:\WINDOWS\system32\DRIVERS\cmdide.sys [6656 2001-08-17] (CMD Technology, Inc.)
R0 Compbatt; C:\WINDOWS\System32\DRIVERS\compbatt.sys [10240 2008-04-14] (Microsoft Corporation)
S4 Cpqarray; C:\WINDOWS\system32\DRIVERS\cpqarray.sys [14976 2001-08-17] (Microsoft Corporation)
R3 CtClsFlt; C:\WINDOWS\System32\DRIVERS\CtClsFlt.sys [143840 2009-03-12] (Creative Technology Ltd.)
S4 dac2w2k; C:\WINDOWS\system32\DRIVERS\dac2w2k.sys [179584 2001-08-17] (Mylex Corporation)
S4 dac960nt; C:\WINDOWS\system32\DRIVERS\dac960nt.sys [14720 2001-08-17] (Microsoft Corporation)
R0 Disk; C:\WINDOWS\System32\DRIVERS\disk.sys [36352 2008-04-14] (Microsoft Corporation)
S4 dmboot; C:\WINDOWS\System32\drivers\dmboot.sys [799744 2008-04-14] (Microsoft Corp., Veritas Software)
S4 dmio; C:\WINDOWS\System32\drivers\dmio.sys [153344 2008-04-14] (Microsoft Corp., Veritas Software)
S4 dmload; C:\WINDOWS\System32\drivers\dmload.sys [5888 2008-04-14] (Microsoft Corp., Veritas Software.)
S3 DMusic; C:\WINDOWS\System32\drivers\DMusic.sys [52864 2008-04-14] (Microsoft Corporation)
S4 dpti2o; C:\WINDOWS\system32\DRIVERS\dpti2o.sys [20192 2001-08-17] (Microsoft Corporation)
S3 drmkaud; C:\WINDOWS\System32\drivers\drmkaud.sys [2944 2008-04-14] (Microsoft Corporation)
R0 EMSC; C:\WINDOWS\System32\DRIVERS\EMSC.SYS [14248 2008-11-04] (Windows ® Codename Longhorn DDK provider)
S4 Fastfat; C:\WINDOWS\system32\Drivers\Fastfat.sys [143744 2008-04-14] (Microsoft Corporation)
S1 Fdc; C:\WINDOWS\system32\Drivers\Fdc.sys [27392 2008-04-14] (Microsoft Corporation)
R1 Fips; C:\WINDOWS\system32\Drivers\Fips.sys [44544 2008-04-14] (Microsoft Corporation)
S1 Flpydisk; C:\WINDOWS\system32\Drivers\Flpydisk.sys [20480 2008-04-14] (Microsoft Corporation)
R0 FltMgr; C:\WINDOWS\System32\DRIVERS\fltMgr.sys [129792 2008-04-14] (Microsoft Corporation)
S3 FlyUsb; C:\WINDOWS\System32\DRIVERS\FlyUsb.sys [18560 2011-11-12] (LeapFrog)
U1 Fs_Rec; C:\WINDOWS\system32\Drivers\Fs_Rec.sys [7936 2008-04-14] (Microsoft Corporation)
R0 Ftdisk; C:\WINDOWS\System32\DRIVERS\ftdisk.sys [125056 2001-08-17] (Microsoft Corporation)
S3 GEARAspiWDM; C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys [26840 2012-08-21] (GEAR Software Inc.)
R3 Gpc; C:\WINDOWS\System32\DRIVERS\msgpc.sys [35072 2008-04-14] (Microsoft Corporation)
R3 HDAudBus; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [144384 2008-04-14] (Windows ® Server 2003 DDK provider)
R3 hidusb; C:\WINDOWS\System32\DRIVERS\hidusb.sys [10368 2008-04-14] (Microsoft Corporation)
S4 hpn; C:\WINDOWS\system32\DRIVERS\hpn.sys [25952 2001-08-17] (Microsoft Corporation)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-03-08] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-03-08] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-03-08] (HP)
R3 HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [265728 2009-10-20] (Microsoft Corporation)
R1 i2omgmt; C:\WINDOWS\system32\Drivers\i2omgmt.sys [8576 2008-04-14] (Microsoft Corporation)
S4 i2omp; C:\WINDOWS\system32\DRIVERS\i2omp.sys [18560 2008-04-14] (Microsoft Corporation)
R1 i8042prt; C:\WINDOWS\System32\DRIVERS\i8042prt.sys [52480 2008-04-14] (Microsoft Corporation)
R3 ialm; C:\WINDOWS\System32\DRIVERS\igxpmp32.sys [5854752 2009-02-15] (Intel Corporation)
S1 Imapi; C:\WINDOWS\System32\DRIVERS\imapi.sys [42112 2008-04-14] (Microsoft Corporation)
S4 ini910u; C:\WINDOWS\system32\DRIVERS\ini910u.sys [16000 2001-08-17] (Microsoft Corporation)
R3 IntcAzAudAddService; C:\WINDOWS\System32\drivers\RtkHDAud.sys [5032448 2009-03-15] (Realtek Semiconductor Corp.)
S4 IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [5504 2008-04-14] (Microsoft Corporation)
R1 intelppm; C:\WINDOWS\System32\DRIVERS\intelppm.sys [36352 2008-04-14] (Microsoft Corporation)
S3 Ip6Fw; C:\WINDOWS\System32\DRIVERS\Ip6Fw.sys [36608 2008-04-14] (Microsoft Corporation)
R3 IpFilterDriver; C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [32896 2008-04-14] (Microsoft Corporation)
S3 IpInIp; C:\WINDOWS\System32\DRIVERS\ipinip.sys [20864 2008-04-14] (Microsoft Corporation)
R3 IpNat; C:\WINDOWS\System32\DRIVERS\ipnat.sys [152832 2008-04-14] (Microsoft Corporation)
R1 IPSec; C:\WINDOWS\System32\DRIVERS\ipsec.sys [75264 2008-04-14] (Microsoft Corporation)
S3 IRENUM; C:\WINDOWS\System32\DRIVERS\irenum.sys [11264 2008-04-14] (Microsoft Corporation)
R0 isapnp; C:\WINDOWS\System32\DRIVERS\isapnp.sys [37248 2008-04-14] (Microsoft Corporation)
R1 Kbdclass; C:\WINDOWS\System32\DRIVERS\kbdclass.sys [24576 2008-04-14] (Microsoft Corporation)
S1 kbdhid; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [14592 2008-04-14] (Microsoft Corporation)
S3 kmixer; C:\WINDOWS\System32\drivers\kmixer.sys [172416 2008-04-14] (Microsoft Corporation)
R0 KSecDD; C:\WINDOWS\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation)
S3 Leapfrog-USBLAN; C:\WINDOWS\System32\DRIVERS\btblan.sys [33792 2011-11-12] (Belcarra Technologies)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [110296 2014-09-19] (Malwarebytes Corporation)
R1 mnmdd; C:\WINDOWS\system32\Drivers\mnmdd.sys [4224 2008-04-14] (Microsoft Corporation)
R3 Modem; C:\WINDOWS\system32\Drivers\Modem.sys [30080 2008-04-14] (Microsoft Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2009-03-15] (Creative Technology Ltd.)
R1 Mouclass; C:\WINDOWS\System32\DRIVERS\mouclass.sys [23040 2008-04-14] (Microsoft Corporation)
R3 mouhid; C:\WINDOWS\System32\DRIVERS\mouhid.sys [12160 2008-04-14] (Microsoft Corporation)
R0 MountMgr; C:\WINDOWS\system32\Drivers\MountMgr.sys [42368 2008-04-14] (Microsoft Corporation)
S4 mraid35x; C:\WINDOWS\system32\DRIVERS\mraid35x.sys [17280 2001-08-17] (American Megatrends Inc.)
R3 MRxDAV; C:\WINDOWS\System32\DRIVERS\mrxdav.sys [180608 2008-04-14] (Microsoft Corporation)
R1 MRxSmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [455936 2011-02-17] (Microsoft Corporation)
R1 Msfs; C:\WINDOWS\system32\Drivers\Msfs.sys [19072 2008-04-14] (Microsoft Corporation)
S3 MSKSSRV; C:\WINDOWS\System32\drivers\MSKSSRV.sys [7552 2008-04-14] (Microsoft Corporation)
S3 MSPCLOCK; C:\WINDOWS\System32\drivers\MSPCLOCK.sys [5376 2008-04-14] (Microsoft Corporation)
S3 MSPQM; C:\WINDOWS\System32\drivers\MSPQM.sys [4992 2008-04-14] (Microsoft Corporation)
R3 mssmbios; C:\WINDOWS\System32\DRIVERS\mssmbios.sys [15488 2008-04-14] (Microsoft Corporation)
S3 MSTEE; C:\WINDOWS\System32\drivers\MSTEE.sys [5504 2008-04-14] (Microsoft Corporation)
R0 Mup; C:\WINDOWS\system32\Drivers\Mup.sys [105344 2008-04-14] (Microsoft Corporation)
S3 NABTSFEC; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation)
R0 NDIS; C:\WINDOWS\system32\Drivers\NDIS.sys [182656 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [10112 2008-04-14] (Microsoft Corporation)
R3 Ndisuio; C:\WINDOWS\System32\DRIVERS\ndisuio.sys [14592 2008-04-14] (Microsoft Corporation)
R3 NdisWan; C:\WINDOWS\System32\DRIVERS\ndiswan.sys [91520 2008-04-14] (Microsoft Corporation)
R3 NDProxy; C:\WINDOWS\system32\Drivers\NDProxy.sys [40960 2010-11-02] (Microsoft Corporation)
R1 NetBIOS; C:\WINDOWS\System32\DRIVERS\netbios.sys [34688 2008-04-14] (Microsoft Corporation)
R1 NetBT; C:\WINDOWS\System32\DRIVERS\netbt.sys [162816 2008-04-14] (Microsoft Corporation)
R1 Npfs; C:\WINDOWS\system32\Drivers\Npfs.sys [30848 2008-04-14] (Microsoft Corporation)
R4 Ntfs; C:\WINDOWS\system32\Drivers\Ntfs.sys [574976 2008-04-14] (Microsoft Corporation)
R1 Null; C:\WINDOWS\system32\Drivers\Null.sys [2944 2008-04-14] (Microsoft Corporation)
S3 NwlnkFlt; C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys [12416 2008-04-14] (Microsoft Corporation)
S3 NwlnkFwd; C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys [32512 2008-04-14] (Microsoft Corporation)
R3 OA012Afx; C:\WINDOWS\system32\Drivers\OA012Afx.sys [134144 2009-09-01] (Creative Technology Ltd.)
R3 OA012Ufd; C:\WINDOWS\System32\DRIVERS\OA012Ufd.sys [133632 2009-09-01] (Creative Technology Ltd.)
R3 OA012Vid; C:\WINDOWS\System32\DRIVERS\OA012Vid.sys [272256 2009-09-01] (Creative Technology Ltd.)
S3 Parport; C:\WINDOWS\system32\Drivers\Parport.sys [80128 2008-04-14] (Microsoft Corporation)
R0 PartMgr; C:\WINDOWS\system32\Drivers\PartMgr.sys [19712 2008-04-14] (Microsoft Corporation)
S4 ParVdm; C:\WINDOWS\system32\Drivers\ParVdm.sys [6784 2008-04-14] (Microsoft Corporation)
R0 PCI; C:\WINDOWS\System32\DRIVERS\pci.sys [68224 2008-04-14] (Microsoft Corporation)
R0 PCIIde; C:\WINDOWS\System32\DRIVERS\pciide.sys [3328 2001-08-17] (Microsoft Corporation)
S4 Pcmcia; C:\WINDOWS\system32\Drivers\Pcmcia.sys [120192 2008-04-14] (Microsoft Corporation)
S4 perc2; C:\WINDOWS\system32\DRIVERS\perc2.sys [27296 2001-08-17] (Microsoft Corporation)
S4 perc2hib; C:\WINDOWS\system32\DRIVERS\perc2hib.sys [5504 2001-08-17] (Microsoft Corporation)
R3 PptpMiniport; C:\WINDOWS\System32\DRIVERS\raspptp.sys [48384 2008-04-14] (Microsoft Corporation)
R3 PSched; C:\WINDOWS\System32\DRIVERS\psched.sys [69120 2008-04-14] (Microsoft Corporation)
R3 Ptilink; C:\WINDOWS\System32\DRIVERS\ptilink.sys [17792 2008-04-14] (Parallel Technologies, Inc.)
S4 ql1080; C:\WINDOWS\system32\DRIVERS\ql1080.sys [40320 2001-08-17] (QLogic Corporation)
S4 Ql10wnt; C:\WINDOWS\system32\DRIVERS\ql10wnt.sys [33152 2001-08-17] (Microsoft Corporation)
S4 ql12160; C:\WINDOWS\system32\DRIVERS\ql12160.sys [45312 2001-08-17] (QLogic Corporation)
S4 ql1240; C:\WINDOWS\system32\DRIVERS\ql1240.sys [40448 2001-08-17] (Microsoft Corporation)
S4 ql1280; C:\WINDOWS\system32\DRIVERS\ql1280.sys [49024 2001-08-17] (QLogic Corporation)
R1 RasAcd; C:\WINDOWS\System32\DRIVERS\rasacd.sys [8832 2008-04-14] (Microsoft Corporation)
R3 Rasl2tp; C:\WINDOWS\System32\DRIVERS\rasl2tp.sys [51328 2008-04-14] (Microsoft Corporation)
R3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [41472 2008-04-14] (Microsoft Corporation)
R3 Raspti; C:\WINDOWS\System32\DRIVERS\raspti.sys [16512 2008-04-14] (Microsoft Corporation)
R1 Rdbss; C:\WINDOWS\System32\DRIVERS\rdbss.sys [175744 2008-04-14] (Microsoft Corporation)
R1 RDPCDD; C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [4224 2008-04-14] (Microsoft Corporation)
S3 rdpdr; C:\WINDOWS\System32\DRIVERS\rdpdr.sys [196224 2008-04-14] (Microsoft Corporation)
S3 RDPWD; C:\WINDOWS\system32\Drivers\RDPWD.sys [139656 2008-04-14] (Microsoft Corporation)
S1 redbook; C:\WINDOWS\System32\DRIVERS\redbook.sys [57600 2008-04-13] (Microsoft Corporation)
R3 ROOTMODEM; C:\WINDOWS\System32\Drivers\RootMdm.sys [5888 2008-04-14] (Microsoft Corporation)
R3 RSUSBSTOR; C:\WINDOWS\System32\Drivers\RtsUStor.sys [162816 2009-03-15] (Realtek Semiconductor Corp.)
R3 RTLE8023xp; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [120064 2009-03-15] (Realtek Semiconductor Corporation                           )
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [20480 2008-04-14] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S2 Serial; C:\WINDOWS\system32\Drivers\Serial.sys [64512 2008-04-14] (Microsoft Corporation)
S1 Sfloppy; C:\WINDOWS\system32\Drivers\Sfloppy.sys [11392 2008-04-14] (Microsoft Corporation)
S4 sisagp; C:\WINDOWS\system32\DRIVERS\sisagp.sys [40960 2008-04-14] (Silicon Integrated Systems Corporation)
S3 SLIP; C:\WINDOWS\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation)
S4 Sparrow; C:\WINDOWS\system32\DRIVERS\sparrow.sys [19072 2001-08-17] (Adaptec, Inc.)
S3 splitter; C:\WINDOWS\System32\drivers\splitter.sys [6272 2008-04-14] (Microsoft Corporation)
R0 sr; C:\WINDOWS\System32\DRIVERS\sr.sys [73472 2008-04-14] (Microsoft Corporation)
R3 Srv; C:\WINDOWS\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation)
S3 streamip; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation)
R3 swenum; C:\WINDOWS\System32\DRIVERS\swenum.sys [4352 2008-04-14] (Microsoft Corporation)
S3 swmidi; C:\WINDOWS\System32\drivers\swmidi.sys [56576 2008-04-14] (Microsoft Corporation)
S4 symc810; C:\WINDOWS\system32\DRIVERS\symc810.sys [16256 2001-08-17] (Symbios Logic Inc.)
S4 symc8xx; C:\WINDOWS\system32\DRIVERS\symc8xx.sys [32640 2001-08-17] (LSI Logic)
S4 sym_hi; C:\WINDOWS\system32\DRIVERS\sym_hi.sys [28384 2001-08-17] (LSI Logic)
S4 sym_u3; C:\WINDOWS\system32\DRIVERS\sym_u3.sys [30688 2001-08-17] (LSI Logic)
R3 SynTP; C:\WINDOWS\System32\DRIVERS\SynTP.sys [208304 2009-03-15] (Synaptics Incorporated)
R3 sysaudio; C:\WINDOWS\System32\drivers\sysaudio.sys [60800 2008-04-14] (Microsoft Corporation)
R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2008-06-20] (Microsoft Corporation)
S3 TDPIPE; C:\WINDOWS\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Corporation)
S3 TDTCP; C:\WINDOWS\system32\Drivers\TDTCP.sys [21896 2008-04-14] (Microsoft Corporation)
R1 TermDD; C:\WINDOWS\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation)
S4 TosIde; C:\WINDOWS\system32\DRIVERS\toside.sys [4992 2001-08-17] (Microsoft Corporation)
S4 Udfs; C:\WINDOWS\system32\Drivers\Udfs.sys [66048 2008-04-14] (Microsoft Corporation)
S4 ultra; C:\WINDOWS\system32\DRIVERS\ultra.sys [36736 2001-08-17] (Promise Technology, Inc.)
R3 Update; C:\WINDOWS\System32\DRIVERS\update.sys [384768 2008-04-14] (Microsoft Corporation)
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.)
R3 usbccgp; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [32128 2008-04-14] (Microsoft Corporation)
R3 usbehci; C:\WINDOWS\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation)
R3 usbhub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [59520 2008-04-14] (Microsoft Corporation)
S3 usbprint; C:\WINDOWS\System32\DRIVERS\usbprint.sys [25856 2008-04-13] (Microsoft Corporation)
S3 usbscan; C:\WINDOWS\System32\DRIVERS\usbscan.sys [15104 2008-04-14] (Microsoft Corporation)
S3 USBSTOR; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-14] (Microsoft Corporation)
R3 usbuhci; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [20608 2008-04-14] (Microsoft Corporation)
S3 usbvideo; C:\WINDOWS\System32\Drivers\usbvideo.sys [121984 2008-04-14] (Microsoft Corporation)
R1 VgaSave; C:\WINDOWS\System32\drivers\vga.sys [20992 2008-04-14] (Microsoft Corporation)
S4 viaagp; C:\WINDOWS\system32\DRIVERS\viaagp.sys [42240 2008-04-14] (Microsoft Corporation)
S4 ViaIde; C:\WINDOWS\system32\DRIVERS\viaide.sys [5376 2008-04-14] (Microsoft Corporation)
R0 VolSnap; C:\WINDOWS\system32\Drivers\VolSnap.sys [52352 2008-04-14] (Microsoft Corporation)
R3 Wanarp; C:\WINDOWS\System32\DRIVERS\wanarp.sys [34560 2008-04-14] (Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\DRIVERS\wdcsam.sys [11520 2009-02-13] (Western Digital Technologies)
R0 Wdf01000; C:\WINDOWS\System32\Drivers\wdf01000.sys [503008 2008-03-27] (Microsoft Corporation)
R3 wdmaud; C:\WINDOWS\System32\drivers\wdmaud.sys [83072 2008-04-14] (Microsoft Corporation)
U3 Winsock; No ImagePath
S3 WSTCODEC; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation)
S4 Abiosdsk; No ImagePath
S4 Atdisk; No ImagePath
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [14208 2008-04-14] (Microsoft Corporation)
S1 Changer; No ImagePath
S1 lbrtfdc; No ImagePath
S3 NielGfx; system32\drivers\nielgfx.sys [X]
S0 nielprt; system32\DRIVERS\nielprt.sys [X]
S1 PCIDump; No ImagePath
S3 PDCOMP; No ImagePath
S3 PDFRAME; No ImagePath
S3 PDRELI; No ImagePath
S3 PDRFRAME; No ImagePath
S4 Simbad; No ImagePath
S3 WDICA; No ImagePath
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-19 06:37 - 2014-09-19 16:15 - 00047884 _____ () C:\Documents and Settings\Nicole Worrall\Desktop\FRST.txt
2014-09-19 06:36 - 2014-09-19 16:15 - 00000000 ____D () C:\FRST
2014-09-19 06:34 - 2014-09-19 06:34 - 01097728 _____ (Farbar) C:\Documents and Settings\Nicole Worrall\Desktop\FRST.exe
2014-09-09 14:35 - 2014-09-09 14:37 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-09 14:35 - 2014-09-09 14:35 - 00001736 _____ () C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
2014-09-08 18:27 - 2014-09-08 18:28 - 00000000 ____D () C:\Avenger
2014-09-08 17:40 - 2014-09-19 15:34 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-08 17:39 - 2014-09-08 17:39 - 00000779 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-08 17:39 - 2014-09-08 17:39 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-09-08 17:39 - 2014-09-08 17:39 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-08 17:39 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-09-08 15:50 - 2014-09-08 15:50 - 00000068 _____ () C:\Documents and Settings\Nicole Worrall\Application Data\WB.CFG
2014-09-08 09:43 - 2014-09-08 09:43 - 00000943 _____ () C:\Documents and Settings\Nicole Worrall\Desktop\Continue Java Installation.lnk
2014-09-08 09:42 - 2014-09-08 18:27 - 00065536 _____ () C:\WINDOWS\system32\config\Nano.evt
2014-09-08 09:42 - 2014-09-08 15:09 - 00000000 ____D () C:\Documents and Settings\Nicole Worrall\Application Data\Panda Security
2014-09-08 09:39 - 2014-09-08 18:27 - 00000000 ____D () C:\Program Files\Panda Security
2014-09-08 09:34 - 2014-09-08 15:09 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Panda Security
2014-09-08 09:26 - 2014-09-08 09:26 - 00000000 ____D () C:\Documents and Settings\Nicole Worrall\My Documents\Optimizer Pro
2014-09-08 09:21 - 2014-09-08 09:21 - 00000233 _____ () C:\Documents and Settings\Nicole Worrall\Desktop\Cut the Rope.url
2014-09-08 09:20 - 2014-09-08 17:32 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-09-05 16:38 - 2014-09-15 18:29 - 00000000 ____D () C:\Documents and Settings\Nicole Worrall\My Documents\Mortgage 2014
2014-09-02 15:23 - 2014-09-09 14:34 - 00000000 ____D () C:\Documents and Settings\Nicole Worrall\Local Settings\Application Data\Adobe
2014-08-21 14:22 - 2014-08-21 14:22 - 00082440 _____ (Microsoft Corporation) C:\Documents and Settings\Nicole Worrall\Desktop\KB943290_en-US.EXE

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-19 16:15 - 2014-09-19 06:37 - 00047884 _____ () C:\Documents and Settings\Nicole Worrall\Desktop\FRST.txt
2014-09-19 16:15 - 2014-09-19 06:36 - 00000000 ____D () C:\FRST
2014-09-19 16:15 - 2009-12-27 18:28 - 00000000 ____D () C:\Documents and Settings\Nicole Worrall\Local Settings\Temp
2014-09-19 15:40 - 2013-01-26 17:43 - 00000902 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-19 15:34 - 2014-09-08 17:40 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-19 15:17 - 2013-01-21 14:19 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-09-19 14:28 - 2008-04-25 08:41 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-09-19 14:28 - 2008-04-25 08:41 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-09-19 14:27 - 2013-01-26 17:43 - 00000898 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-19 14:27 - 2008-04-25 20:48 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-19 14:26 - 2009-12-27 18:28 - 00000178 ___SH () C:\Documents and Settings\Nicole Worrall\ntuser.ini
2014-09-19 14:26 - 2008-04-25 20:48 - 00032458 _____ () C:\WINDOWS\SchedLgU.Txt
2014-09-19 14:26 - 2008-04-25 20:44 - 01546264 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-19 06:34 - 2014-09-19 06:34 - 01097728 _____ (Farbar) C:\Documents and Settings\Nicole Worrall\Desktop\FRST.exe
2014-09-18 20:54 - 2008-04-25 20:50 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-09-18 20:28 - 2014-08-17 20:18 - 00000000 ____D () C:\Documents and Settings\Nicole Worrall\Desktop\Origami Owl
2014-09-18 20:24 - 2009-12-27 18:28 - 00000000 ____D () C:\Documents and Settings\Nicole Worrall
2014-09-18 19:52 - 2008-04-25 08:39 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-18 19:50 - 2012-06-05 12:38 - 00000000 ____D () C:\Documents and Settings\Nicole Worrall\Local Settings\Application Data\Unity
2014-09-15 18:29 - 2014-09-05 16:38 - 00000000 ____D () C:\Documents and Settings\Nicole Worrall\My Documents\Mortgage 2014
2014-09-14 10:00 - 2009-12-02 00:37 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Adobe
2014-09-13 18:59 - 2011-09-30 17:49 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2014-09-10 11:17 - 2012-09-07 19:13 - 00701104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-09-10 11:17 - 2011-06-03 09:17 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-09-09 17:04 - 2009-12-27 18:28 - 00000000 ____D () C:\Documents and Settings\Nicole Worrall\Application Data\Adobe
2014-09-09 14:37 - 2014-09-09 14:35 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-09 14:35 - 2014-09-09 14:35 - 00001736 _____ () C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
2014-09-09 14:35 - 2010-10-16 12:35 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-09-09 14:35 - 2009-12-02 00:37 - 00000000 ____D () C:\Program Files\Adobe
2014-09-09 14:34 - 2014-09-02 15:23 - 00000000 ____D () C:\Documents and Settings\Nicole Worrall\Local Settings\Application Data\Adobe
2014-09-08 18:28 - 2014-09-08 18:27 - 00000000 ____D () C:\Avenger
2014-09-08 18:28 - 2009-12-27 18:28 - 00041352 _____ () C:\Documents and Settings\Nicole Worrall\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-09-08 18:27 - 2014-09-08 09:42 - 00065536 _____ () C:\WINDOWS\system32\config\Nano.evt
2014-09-08 18:27 - 2014-09-08 09:39 - 00000000 ____D () C:\Program Files\Panda Security
2014-09-08 18:27 - 2008-04-25 08:38 - 00173080 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-08 18:27 - 2008-04-25 08:34 - 00000000 ____D () C:\WINDOWS\security
2014-09-08 18:26 - 2008-04-25 15:33 - 00000579 _____ () C:\WINDOWS\win.ini
2014-09-08 17:39 - 2014-09-08 17:39 - 00000779 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-08 17:39 - 2014-09-08 17:39 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-09-08 17:39 - 2014-09-08 17:39 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-08 17:39 - 2011-06-03 14:46 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-09-08 17:39 - 2011-04-18 18:08 - 00000000 ____D () C:\Documents and Settings\Nicole Worrall\Application Data\Malwarebytes
2014-09-08 17:39 - 2011-04-18 18:08 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-09-08 17:32 - 2014-09-08 09:20 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-09-08 15:50 - 2014-09-08 15:50 - 00000068 _____ () C:\Documents and Settings\Nicole Worrall\Application Data\WB.CFG
2014-09-08 15:09 - 2014-09-08 09:42 - 00000000 ____D () C:\Documents and Settings\Nicole Worrall\Application Data\Panda Security
2014-09-08 15:09 - 2014-09-08 09:34 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Panda Security
2014-09-08 15:08 - 2010-02-23 21:31 - 00367915 _____ () C:\WINDOWS\setupapi.log
2014-09-08 14:43 - 2011-11-19 18:32 - 00000000 ____D () C:\Documents and Settings\Nicole Worrall\Application Data\Dropbox
2014-09-08 09:43 - 2014-09-08 09:43 - 00000943 _____ () C:\Documents and Settings\Nicole Worrall\Desktop\Continue Java Installation.lnk
2014-09-08 09:26 - 2014-09-08 09:26 - 00000000 ____D () C:\Documents and Settings\Nicole Worrall\My Documents\Optimizer Pro
2014-09-08 09:21 - 2014-09-08 09:21 - 00000233 _____ () C:\Documents and Settings\Nicole Worrall\Desktop\Cut the Rope.url
2014-09-08 09:02 - 2008-04-25 15:33 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-08-21 14:25 - 2008-04-25 20:43 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-08-21 14:22 - 2014-08-21 14:22 - 00082440 _____ (Microsoft Corporation) C:\Documents and Settings\Nicole Worrall\Desktop\KB943290_en-US.EXE
2014-08-21 13:34 - 2010-09-17 19:15 - 00002992 _____ () C:\Documents and Settings\Nicole Worrall\Application Data\wklnhst.dat

Some content of TEMP:
====================
C:\Documents and Settings\Nicole Worrall\Local Settings\Temp\84537uninstall.exe
C:\Documents and Settings\Nicole Worrall\Local Settings\Temp\93005uninstall.exe
C:\Documents and Settings\Nicole Worrall\Local Settings\Temp\contentDATs.exe
C:\Documents and Settings\Nicole Worrall\Local Settings\Temp\ICReinstall_Java_Setup.exe
C:\Documents and Settings\Nicole Worrall\Local Settings\Temp\install_flashplayer11x32_mssa_aih.exe
C:\Documents and Settings\Nicole Worrall\Local Settings\Temp\jre-6u17-windows-i586-iftw-rv.exe
C:\Documents and Settings\Nicole Worrall\Local Settings\Temp\jre-6u20-windows-i586-iftw-rv.exe
C:\Documents and Settings\Nicole Worrall\Local Settings\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Documents and Settings\Nicole Worrall\Local Settings\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Documents and Settings\Nicole Worrall\Local Settings\Temp\jre-6u35-windows-i586-iftw.exe
C:\Documents and Settings\Nicole Worrall\Local Settings\Temp\jre-6u37-windows-i586-iftw.exe
C:\Documents and Settings\Nicole Worrall\Local Settings\Temp\jre-6u39-windows-i586-iftw.exe
C:\Documents and Settings\Nicole Worrall\Local Settings\Temp\jre-7u17-windows-i586-iftw.exe
C:\Documents and Settings\Nicole Worrall\Local Settings\Temp\jre-7u65-windows-i586-iftw.exe
C:\Documents and Settings\Nicole Worrall\Local Settings\Temp\jre-7u67-windows-i586-iftw.exe
C:\Documents and Settings\Nicole Worrall\Local Settings\Temp\optprosetup.exe
C:\Documents and Settings\Nicole Worrall\Local Settings\Temp\SecurityScan_Release.exe
C:\Documents and Settings\Nicole Worrall\Local Settings\Temp\ShoppingInContext32CU4436265921343785575.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-09-2014
Ran by Nicole Worrall at 2014-09-19 16:16:35
Running from C:\Documents and Settings\Nicole Worrall\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.3.0.0 - Adobe Systems Incorporated)
Acrobat.com (Version: 2.3.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.4.0.2540 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.4.0.2540 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
AIO_Scan (Version: 90.0.222.000 - Hewlett-Packard) Hidden
Apple Application Support (HKLM\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Banctec Service Agreement (HKLM\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
Battery Meter (HKLM\...\InstallShield_{543A4F31-9590-416A-A621-42CEB4C6A694}) (Version: 0.0.0.10C - )
Battery Meter (Version: 0.0.0.10C - ) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CapsLKNotify (HKLM\...\InstallShield_{90578106-70AF-4198-B9DE-1924FA83B03A}) (Version: 0.1.0.1 - )
CapsLKNotify (Version: 0.1.0.1 - ) Hidden
Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.0.1) (Version: 5.0.0.1 - Coupons.com Incorporated)
Dell Support Center (Support Software) (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.2.09085 - Dell)
Dell System Restore (HKLM\...\{74F7662C-B1DB-489E-A8AC-07A06B24978B}) (Version: 2.00.0000 - Dell Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 12.2.8.0 - Synaptics Incorporated)
Dell Webcam Central (HKLM\...\Dell Webcam Central) (Version: 1.03.04 - Creative Technology Ltd)
Dell Wireless WLAN Card Utility (HKLM\...\Broadcom 802.11 Application) (Version: 5.10.38.30 - Dell Inc.)
EMSC (Version: 0.0.0.20C - Compal Electronics, Inc.) Hidden
Function Keys (Version: 0.1.0.6 - Dell) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
HP Photosmart All-In-One Software 9.0 (HKLM\...\{88908767-B7AD-4b0d-ACBC-FBCCF2761D31}) (Version: 9.0 - HP)
Integrated Webcam Driver (1.05.01.0820)   (HKLM\...\Creative OA012) (Version: 1.05.01.0820 - Creative Technology Ltd.)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
iTunes (HKLM\...\{A9B3F8D5-DF4F-462B-81B7-4B69EBEDBC5B}) (Version: 11.2.0.115 - Apple Inc.)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden
LeapFrog Connect (HKLM\...\UPCShell) (Version: 4.2.14.16426 - LeapFrog)
LeapFrog Connect (Version: 4.2.14.16426 - LeapFrog) Hidden
LeapFrog Tag Plugin (Version: 4.2.9.15649 - LeapFrog) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2416447) (HKLM\...\M2416447) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 (Version:  - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60831.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB927977) (HKLM\...\{5A710547-B58E-488B-828D-CA9A25A0533C}) (Version: 6.00.3890.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PS_AIO_Software_min (Version: 90.0.222.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:  - Realtek Semiconductor Corp.)
Scan (Version: 9.0.0.0 - Hewlett-Packard) Hidden
Scholastic eReader Support Files (HKLM\...\{0DBAE82C-E2D0-418E-8DA2-4D2F54CC1C58}) (Version: 1.1.4246 - Scholastic)
Shutterfly Express Uploader (HKLM\...\com.Shutterfly.ExpressUploader) (Version: 1.1.0.0 - Shutterfly, Inc.)
Shutterfly Express Uploader (Version: 1.1.0 - Shutterfly, Inc.) Hidden
Storia (HKLM\...\{D74EB870-4745-467B-9430-DA53A604A456}) (Version: 1.1.4246 - Scholastic)
Toolbox (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951618-v2) (HKLM\...\KB951618-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB961503) (HKLM\...\KB961503) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB978207) (HKLM\...\KB978207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB980182) (HKLM\...\KB980182) (Version: 1 - Microsoft Corporation)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin) (HKLM\...\TagPlugin) (Version: 4.2.9.15649 - LeapFrog)
WD SmartWare (HKLM\...\{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}) (Version: 1.2.0.8 - Western Digital)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{84814E6B-2581-46EC-926A-823BD1C670F6}) (Version: 5.5.0.4700 - Dell)
Windows Driver Package - LeapFrog (FlyUsb) USB  (11/05/2008 1.1.1.0) (HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Presentation Foundation (Version: 3.0.6920.0 - Microsoft Corporation) Hidden
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WSED (Version: 0.1.0.15 - ) Hidden
XML Paper Specification Shared Components Pack 1.0 (Version:  - Microsoft Corporation) Hidden
Yahoo! Detect (HKLM\...\YTdetect) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2971838719-2136109147-1358944479-1006_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Documents and Settings\Nicole Worrall\Local Settings\Application Data\Google\Update\1.3.21.99\psu (the data entry has 15 more characters).
CustomCLSID: HKU\S-1-5-21-2971838719-2136109147-1358944479-1006_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Documents and Settings\Nicole Worrall\Local Settings\Application Data\Google\Update\1.3.21.79\psu (the data entry has 15 more characters).
CustomCLSID: HKU\S-1-5-21-2971838719-2136109147-1358944479-1006_Classes\CLSID\{97090E2F-3062-4459-855B-014F0D3CDBB1}\InprocServer32 -> C:\Program Files\Windows Desktop Search\deskbar.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2971838719-2136109147-1358944479-1006_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Documents and Settings\Nicole Worrall\Local Settings\Application Data\Google\Update\1.3.21.115\ps (the data entry has 16 more characters).
CustomCLSID: HKU\S-1-5-21-2971838719-2136109147-1358944479-1006_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Documents and Settings\Nicole Worrall\Local Settings\Application Data\Google\Update\1.3.21.111\ps (the data entry has 16 more characters).

==================== Restore Points  =========================

23-06-2014 23:20:05 System Checkpoint
26-06-2014 01:38:08 System Checkpoint
27-06-2014 02:32:33 System Checkpoint
28-06-2014 04:29:19 System Checkpoint
29-06-2014 04:38:36 System Checkpoint
30-06-2014 20:36:08 System Checkpoint
02-07-2014 20:53:44 System Checkpoint
04-07-2014 01:39:56 Installed SDFormatter.
04-07-2014 01:41:54 Removed SDFormatter.
05-07-2014 03:06:04 System Checkpoint
07-07-2014 21:41:48 System Checkpoint
09-07-2014 17:03:54 System Checkpoint
15-07-2014 20:20:34 System Checkpoint
17-07-2014 01:30:06 System Checkpoint
18-07-2014 01:58:50 System Checkpoint
19-07-2014 19:22:34 System Checkpoint
21-07-2014 21:33:11 System Checkpoint
22-07-2014 23:15:42 System Checkpoint
24-07-2014 01:11:13 System Checkpoint
26-07-2014 15:26:05 System Checkpoint
28-07-2014 23:08:35 System Checkpoint
30-07-2014 21:53:05 System Checkpoint
31-07-2014 22:14:51 System Checkpoint
02-08-2014 17:37:49 System Checkpoint
04-08-2014 00:30:08 System Checkpoint
05-08-2014 02:02:08 System Checkpoint
06-08-2014 03:55:07 System Checkpoint
07-08-2014 19:07:58 System Checkpoint
09-08-2014 17:53:20 System Checkpoint
11-08-2014 01:20:22 System Checkpoint
12-08-2014 02:13:37 System Checkpoint
13-08-2014 12:33:26 System Checkpoint
15-08-2014 02:30:37 System Checkpoint
16-08-2014 02:09:02 Removed Java 6 Update 35
16-08-2014 02:10:20 Installed Java 7 Update 67
17-08-2014 08:12:31 System Checkpoint
19-08-2014 00:11:05 System Checkpoint
20-08-2014 18:20:40 System Checkpoint
21-08-2014 21:12:41 System Checkpoint
22-08-2014 22:31:08 System Checkpoint
24-08-2014 00:07:22 System Checkpoint
25-08-2014 02:13:22 System Checkpoint
27-08-2014 00:32:39 System Checkpoint
28-08-2014 15:03:00 System Checkpoint
30-08-2014 03:42:35 System Checkpoint
31-08-2014 05:33:09 System Checkpoint
01-09-2014 17:02:03 System Checkpoint
02-09-2014 18:44:28 System Checkpoint
04-09-2014 01:25:25 System Checkpoint
06-09-2014 13:51:36 System Checkpoint
08-09-2014 14:48:43 Removed Driver Support.
09-09-2014 16:30:53 System Checkpoint
10-09-2014 17:23:46 System Checkpoint
11-09-2014 18:15:43 System Checkpoint
12-09-2014 19:31:41 System Checkpoint
13-09-2014 19:53:58 System Checkpoint
16-09-2014 01:17:04 System Checkpoint
17-09-2014 01:34:00 System Checkpoint
18-09-2014 01:59:26 System Checkpoint
19-09-2014 00:41:34 Removed Compatibility Pack for the 2007 Office system
19-09-2014 00:52:01 Removed Windows Live Sign-in Assistant
19-09-2014 00:53:06 Removed Windows Live Sync

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2008-04-25 15:33 - 2008-04-14 07:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2009-12-02 00:32 - 2009-01-06 18:53 - 00024576 _____ () C:\WINDOWS\System32\WLTRYSVC.EXE
2009-12-02 00:32 - 2009-01-06 18:52 - 00753664 _____ () C:\WINDOWS\System32\bcm1xsup.dll
2008-09-29 15:37 - 2008-09-29 15:37 - 00069697 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2009-12-02 00:32 - 2009-01-06 18:53 - 00143360 _____ () C:\WINDOWS\system32\preflib.dll
2009-12-02 00:34 - 2009-02-04 16:30 - 00577536 _____ () C:\WINDOWS\system32\EMSC.DLL
2009-12-02 00:34 - 2009-02-04 16:30 - 00577536 _____ () C:\WINDOWS\system32\EMSC.dll
2008-09-29 15:39 - 2008-09-29 15:39 - 02854976 _____ () C:\WINDOWS\system32\btwicons.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Bluetooth LAN Access Server Driver
Description: Bluetooth LAN Access Server Driver
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Broadcom
Service: BTWDNDIS
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/19/2014 04:15:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application FRST.exe, version 12.9.2014.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/19/2014 03:54:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application FRST.exe, version 12.9.2014.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/19/2014 02:25:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application FRST.exe, version 12.9.2014.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/19/2014 01:32:28 PM) (Source: Application Hang) (EventID: 1001) (User: )
Description: Fault bucket 509867426.

Error: (09/19/2014 01:32:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application FRST.exe, version 12.9.2014.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/18/2014 08:03:01 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Performance monitoring cannot be initialized for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Context:  Application, SystemIndex Catalog

Error: (09/18/2014 08:02:58 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Performance monitoring cannot be initialized for the gatherer service, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Error: (09/10/2014 11:41:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15765

Error: (09/10/2014 11:41:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15765

Error: (09/10/2014 11:41:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (09/19/2014 03:55:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (09/19/2014 03:55:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Application Layer Gateway Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (09/19/2014 03:55:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Java Quick Starter service terminated unexpectedly.  It has done this 1 time(s).

Error: (09/19/2014 03:55:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (09/19/2014 03:55:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The WD SmartWare Drive Manager service terminated unexpectedly.  It has done this 1 time(s).

Error: (09/19/2014 03:55:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The WD SmartWare Background Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (09/19/2014 03:54:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The iPod Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (09/19/2014 02:28:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Optimizer Pro Crash Monitor service to connect.

Error: (09/18/2014 08:26:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Optimizer Pro Crash Monitor service to connect.

Error: (09/18/2014 07:53:54 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Application Management service terminated with the following error:
%%126


Microsoft Office Sessions:
=========================
Error: (09/19/2014 04:15:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST.exe12.9.2014.0hungapp0.0.0.000000000

Error: (09/19/2014 03:54:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST.exe12.9.2014.0hungapp0.0.0.000000000

Error: (09/19/2014 02:25:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST.exe12.9.2014.0hungapp0.0.0.000000000

Error: (09/19/2014 01:32:28 PM) (Source: Application Hang) (EventID: 1001) (User: )
Description: 509867426

Error: (09/19/2014 01:32:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST.exe12.9.2014.0hungapp0.0.0.000000000

Error: (09/18/2014 08:03:01 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Context:  Application, SystemIndex Catalog

Error: (09/18/2014 08:02:58 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description:

Error: (09/10/2014 11:41:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15765

Error: (09/10/2014 11:41:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15765

Error: (09/10/2014 11:41:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info ===========================

Processor:  Intel® Atom CPU N270 @ 1.60GHz
Percentage of memory in use: 63%
Total physical RAM: 1014.36 MB
Available physical RAM: 368.45 MB
Total Pagefile: 2441.49 MB
Available Pagefile: 1890.75 MB
Total Virtual: 2047.88 MB
Available Virtual: 1958.1 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:139.24 GB) (Free:67.58 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: A42D04A3)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=139.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=9.8 GB) - (Type=DB)

==================== End Of Log ============================

Link to post
Share on other sites

Hello,
    
 
They call me TwinHeadedEagle around here, and I'll be working with you.
 
     
    
Before we start please read and note the following:

  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Do not paste the logs in your posts, attachments make my work easier. There is a Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
  • Stay with me to the end, the absence of symptoms doesn't mean that your machine is fully operational.
  • Note that we may live in totally different time zones, what may cause some delays between answers.
  • Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

:excl: I can't foresee everything, so if anything unexpected happens, please stop and inform me!
:excl: There are no silly questions. Never be afraid to ask if in doubt!
 
 
 
  warning.gif Rules and policies
 
We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!
 
Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.
 
 
 
 

51a612a8b27e2-Zoek.png Scan with ZOEK
 
Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    createsrpoint;autoclean;ffdefaults;emptyalltemp;ipconfig /flushdns;b
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)
  • Post its content into your next reply.
Link to post
Share on other sites

Glad I could help. We will delete all used tools and I'll give you some tips to harden your security and learn how to protect yourself :)
 
 

Recommended reading:

 
 
icon_exclaim.gifMUST READ - security tips:

icon_exclaim.gifMUST READ - general maintenance:

The Importance of Software Updating:

 

 
In order to stay protected it is very important that you regularly update all of your software. Cybercriminals depend on the apathy of users around software updates to keep their malicious endeavor running.
 
Operating systems, such as Windows, and applications, such as Adobe Reader or JAVA, are used by tens of millions of computers and devices around the world, making them a huge target for cybercriminals. Downloading updates and installing them can sometimes be tedious, but the advantages you get from the updates are certainly worth it.

Recommended additional software:

 
 
icon_arrow.gifTFC - to clean unneeded temporary files.
icon_arrow.gifMalwarebytes' Anti-Malware - to scan your system from time to time in search for malware.
icon_arrow.gifMalwarebytes' Anti-Exploit - to prevent plenty of mostly exploited vulnerabilities.
icon_arrow.gifMcShield - to prevent infections spread by removable media.
icon_arrow.gifCryptoPrevent - to secure yourself from very severe CryptoLocker infection.
icon_arrow.gifUnchecky - to prevent from installing additional foistware, implemented in legitimate installations.
icon_arrow.gifFiheHippo.com Update Checker - to keep your programs up-to-date.
icon_arrow.gifAdblock - to surf the web without annoying ads! 
 
 

Post-cleanup procedures:

 

 
Download DelFix by Xplode and save it to your desktop.

  • Run the tool by right click on the 51a5ce45263de-delfix.png icon and Run as administrator option.
  • Make sure that these ones are checked:
    • Remove disinfection tools
    • Purge system restore
    • Reset system settings
  • Push Run.
  • The program will run for a few seconds and display a notepad report. You do not need to attach it.

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning. 
 
 
 


My help is free for everybody.

If you're happy with the help provided and/or wish to buy me a beer for the assistance you received, then you can consider a donation: xbtn_donate_SM.gif.pagespeed.ic.MMi5tqVp

Thank you!

 
 
Stay safe,
TwinHeadedEagle   :)

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.