Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

XP runs super slow malbytes found infected files [Solved]


  • This topic is locked This topic is locked

#1
mj12687

mj12687

    Member

  • Member
  • PipPip
  • 39 posts
i have a dell inspiron e1705 laptop. it has a intel cpu T1300 @ 1.66Ghz, 980MHz, 1.99 GB of ram. the laptop was running at work with itunes playing when all of a sudden it started breaking up. i closed itunes and the comp was super slow. got it to shutdown on its own and brought it home. got home and it would not start up it would just say xp and the loading bar on the screen and not do anything else. i restarted the computer in safe mode and it booted up. i tried running my avg virus scan and it wouldnt run. i then tried to uninstall it and it says there is an error and cant uninstall. i then downloaded malwarebytes and avast. both found infected files and removed but its still not right. it will now boot up normally but avg still wont let me uninstall it. i ran esetsmart and it found files in win32/babylon i was able to remove and uninstall babylon. it is runnning a little quicker now but still not right. i found another post on here and ran autoruns because i when i start the comp there is 55-60 process running and there is a svchost.exe that runs and spikes the cpu. if i end it it speeds up a bit. when i ran autoruns there is a huge list of thing and i dont know what im looking at any help will be greatly appreciated. if you need any further info please ask and ill do my best to anwser

Attached Files


  • 0

Advertisements


#2
mj12687

mj12687

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
OTL Extras logfile created on: 1/11/2014 4:26:28 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Mitch\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.17 Gb Available Physical Memory | 58.59% Memory free
2.58 Gb Paging File | 1.79 Gb Available in Paging File | 69.34% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 65.45 Gb Free Space | 58.55% Space Free | Partition Type: NTFS

Computer Name: MITCH-PC | User Name: Mitch | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Ford Motor Company\IDS\Runtime\Tabman.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\Tabman.exe:*:Enabled:Tabman Executable -- (Bosch Automotive Service Solutions)
"C:\Program Files\Ford Motor Company\IDS\Runtime\SysPage.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\SysPage.exe:*:Enabled:System Page -- (Bosch Automotive Service Solutions)
"C:\Program Files\Ford Motor Company\IDS\Runtime\testman.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\testman.exe:*:Enabled:Testman Executable -- (Bosch Automotive Service Solutions)
"C:\Program Files\Ford Motor Company\IDS\Runtime\CodeServeD.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\CodeServeD.exe:*:Enabled:CodeServer Daemon -- (Bosch Automotive Service Solutions)
"C:\Program Files\Ford Motor Company\IDS\Runtime\XMLRegistryD.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\XMLRegistryD.exe:*:Enabled:XML Registry Daemon -- (Bosch Automotive Service Solutions)
"C:\Program Files\Ford Motor Company\IDS\Runtime\TDSNetConfig.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\TDSNetConfig.exe:*:Enabled:TDS Network Configuration -- (Bosch Automotive Service Solutions)
"C:\Program Files\Ford Motor Company\IDS\Runtime\PtchApply.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\PtchApply.exe:*:Enabled:Apply TDS Patch -- (Bosch Automotive Service Solutions)
"C:\Program Files\Ford Motor Company\IDS\Runtime\Rtdb.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\Rtdb.exe:*:Enabled:Update Database -- (Bosch Automotive Service Solutions)
"C:\Program Files\Ford Motor Company\IDS\Runtime\Starburst.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\Starburst.exe:*:Enabled:StarBurst -- (Bosch Automotive Service Solutions)
"C:\Program Files\Ford Motor Company\IDS\Runtime\EngineeringFeedback.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\EngineeringFeedback.exe:*:Enabled:Engineering Feedback -- (Bosch Automotive Service Solutions)
"C:\Program Files\Ford Motor Company\IDS\Runtime\SystemDiagnostic.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\SystemDiagnostic.exe:*:Enabled:System Diagnostic Application -- (Teradyne Diagnostic Solutions Ltd)
"C:\Program Files\Ford Motor Company\IDS\Runtime\VMM.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\VMM.exe:*:Enabled:VMM System Diagnostic Application -- (Teradyne Diagnostic Solutions Ltd)
"C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C402.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C402.exe:*:Enabled:C402 Cable Test Application -- (Teradyne Diagnostic Solutions Ltd)
"C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C403.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C403.exe:*:Enabled:C403 Cable Test Application -- (Teradyne Diagnostic Solutions Ltd)
"C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C407.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C407.exe:*:Enabled:C407 Cable Test Application -- (Teradyne Diagnostic Solutions Ltd)
"C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C412.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C412.exe:*:Enabled:C412 Cable Test Application -- (Teradyne Diagnostic Solutions Ltd)
"C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C413.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C413.exe:*:Enabled:C413 Cable Test Application -- (Teradyne Diagnostic Solutions Ltd)
"C:\Program Files\Ford Motor Company\IDS\Runtime\LVPCheck.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\LVPCheck.exe:*:Enabled:LVP Check Test Application -- (Teradyne Diagnostic Solutions Ltd)
"C:\Program Files\Ford Motor Company\IDS\Runtime\vcl_pc.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\vcl_pc.exe:*:Enabled:VCL_PC MFC Application EZTech -- (Teradyne Diagnostic Solutions Ltd.)
"C:\Program Files\Ford Motor Company\IDS\Runtime\NetworkActivation.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\NetworkActivation.exe:*:Enabled:LAN Connectivity Activation -- (Bosch Automotive Service Solutions)
"C:\Program Files\Ford Motor Company\IDS\Runtime\ProbeTickHandler.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\ProbeTickHandler.exe:*:Enabled:ProbeTickHandler executable -- (Bosch Automotive Service Solutions)
"C:\Program Files\Ford Motor Company\IDS\Runtime\DetectionManager.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\DetectionManager.exe:*:Enabled:Detection Manager Service -- (Bosch Automotive Service Solutions)
"C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C418.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C418.exe:*:Enabled:C418 Cable Test Application -- ()
"C:\Program Files\Bosch\VTX-VCI\VCI Software (Ford-VCM-II)\VCI Identification Service\vci-ident.exe" = C:\Program Files\Bosch\VTX-VCI\VCI Software (Ford-VCM-II)\VCI Identification Service\vci-ident.exe:*:Enabled:VCI Identification Service (Ford-VCM-II) -- (Vetronix Corp.)
"C:\Program Files\Bosch\VTX-VCI\VCI Software (Ford-VCM-II)\VCI Manager\vci-manager.exe" = C:\Program Files\Bosch\VTX-VCI\VCI Software (Ford-VCM-II)\VCI Manager\vci-manager.exe:*:Enabled:VCI Manager (Ford-VCM-II) -- (Vetronix Corp.)
"C:\Program Files\Ford Motor Company\IDS\Runtime\VCM2.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\VCM2.exe:*:Enabled:VCM II System Diagnostic Application -- (TODO: <Company name>)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\YourFileDownloader\Downloader.exe" = C:\Program Files\YourFileDownloader\Downloader.exe:*:Enabled:YourFile Downloader
"C:\Program Files\YourFileDownloader\YourFile.exe" = C:\Program Files\YourFileDownloader\YourFile.exe:*:Enabled:YourFile Downloader
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\Windows Media Player\wmplayer.exe" = C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Ford Motor Company\IDS\Runtime\Tabman.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\Tabman.exe:*:Enabled:Tabman Executable -- (Bosch Automotive Service Solutions)
"C:\Program Files\Ford Motor Company\IDS\Runtime\SysPage.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\SysPage.exe:*:Enabled:System Page -- (Bosch Automotive Service Solutions)
"C:\Program Files\Ford Motor Company\IDS\Runtime\testman.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\testman.exe:*:Enabled:Testman Executable -- (Bosch Automotive Service Solutions)
"C:\Program Files\Ford Motor Company\IDS\Runtime\CodeServeD.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\CodeServeD.exe:*:Enabled:CodeServer Daemon -- (Bosch Automotive Service Solutions)
"C:\Program Files\Ford Motor Company\IDS\Runtime\XMLRegistryD.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\XMLRegistryD.exe:*:Enabled:XML Registry Daemon -- (Bosch Automotive Service Solutions)
"C:\Program Files\Ford Motor Company\IDS\Runtime\TDSNetConfig.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\TDSNetConfig.exe:*:Enabled:TDS Network Configuration -- (Bosch Automotive Service Solutions)
"C:\Program Files\Ford Motor Company\IDS\Runtime\PtchApply.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\PtchApply.exe:*:Enabled:Apply TDS Patch -- (Bosch Automotive Service Solutions)
"C:\Program Files\Ford Motor Company\IDS\Runtime\Rtdb.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\Rtdb.exe:*:Enabled:Update Database -- (Bosch Automotive Service Solutions)
"C:\Program Files\Ford Motor Company\IDS\Runtime\Starburst.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\Starburst.exe:*:Enabled:StarBurst -- (Bosch Automotive Service Solutions)
"C:\Program Files\Ford Motor Company\IDS\Runtime\EngineeringFeedback.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\EngineeringFeedback.exe:*:Enabled:Engineering Feedback -- (Bosch Automotive Service Solutions)
"C:\Program Files\Ford Motor Company\IDS\Runtime\SystemDiagnostic.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\SystemDiagnostic.exe:*:Enabled:System Diagnostic Application -- (Teradyne Diagnostic Solutions Ltd)
"C:\Program Files\Ford Motor Company\IDS\Runtime\VMM.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\VMM.exe:*:Enabled:VMM System Diagnostic Application -- (Teradyne Diagnostic Solutions Ltd)
"C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C402.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C402.exe:*:Enabled:C402 Cable Test Application -- (Teradyne Diagnostic Solutions Ltd)
"C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C403.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C403.exe:*:Enabled:C403 Cable Test Application -- (Teradyne Diagnostic Solutions Ltd)
"C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C407.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C407.exe:*:Enabled:C407 Cable Test Application -- (Teradyne Diagnostic Solutions Ltd)
"C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C412.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C412.exe:*:Enabled:C412 Cable Test Application -- (Teradyne Diagnostic Solutions Ltd)
"C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C413.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C413.exe:*:Enabled:C413 Cable Test Application -- (Teradyne Diagnostic Solutions Ltd)
"C:\Program Files\Ford Motor Company\IDS\Runtime\LVPCheck.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\LVPCheck.exe:*:Enabled:LVP Check Test Application -- (Teradyne Diagnostic Solutions Ltd)
"C:\Program Files\Ford Motor Company\IDS\Runtime\vcl_pc.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\vcl_pc.exe:*:Enabled:VCL_PC MFC Application EZTech -- (Teradyne Diagnostic Solutions Ltd.)
"C:\Program Files\Ford Motor Company\IDS\Runtime\NetworkActivation.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\NetworkActivation.exe:*:Enabled:LAN Connectivity Activation -- (Bosch Automotive Service Solutions)
"C:\Program Files\Ford Motor Company\IDS\Runtime\ProbeTickHandler.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\ProbeTickHandler.exe:*:Enabled:ProbeTickHandler executable -- (Bosch Automotive Service Solutions)
"C:\Program Files\Ford Motor Company\IDS\Runtime\DetectionManager.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\DetectionManager.exe:*:Enabled:Detection Manager Service -- (Bosch Automotive Service Solutions)
"C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C418.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\Probes\C418.exe:*:Enabled:C418 Cable Test Application -- ()
"C:\Program Files\AVG\AVG2013\avgnsx.exe" = C:\Program Files\AVG\AVG2013\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2013\avgdiagex.exe" = C:\Program Files\AVG\AVG2013\avgdiagex.exe:*:Enabled:AVG Diagnostics 2013 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2013\avgemcx.exe" = C:\Program Files\AVG\AVG2013\avgemcx.exe:*:Enabled:Personal Email Scanner -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Bosch\VTX-VCI\VCI Software (Ford-VCM-II)\VCI Identification Service\vci-ident.exe" = C:\Program Files\Bosch\VTX-VCI\VCI Software (Ford-VCM-II)\VCI Identification Service\vci-ident.exe:*:Enabled:VCI Identification Service (Ford-VCM-II) -- (Vetronix Corp.)
"C:\Program Files\Bosch\VTX-VCI\VCI Software (Ford-VCM-II)\VCI Manager\vci-manager.exe" = C:\Program Files\Bosch\VTX-VCI\VCI Software (Ford-VCM-II)\VCI Manager\vci-manager.exe:*:Enabled:VCI Manager (Ford-VCM-II) -- (Vetronix Corp.)
"C:\Program Files\Ford Motor Company\IDS\Runtime\VCM2.exe" = C:\Program Files\Ford Motor Company\IDS\Runtime\VCM2.exe:*:Enabled:VCM II System Diagnostic Application -- (TODO: <Company name>)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Documents and Settings\Mitch\Application Data\BitTorrent\BitTorrent.exe" = C:\Documents and Settings\Mitch\Application Data\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent -- (BitTorrent Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{0E619C5F-7D9E-44C5-A9D0-265983BE7EC2}" = Puma
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5FF27D65-35E5-4855-B7ED-59BCFBC85776}" = AVG 2013
"{612B9183-67A9-4B44-9877-2F059E35B86A}" = Broadcom 440x 10/100 Integrated Controller
"{631E66F3-5BCC-4FF8-9F42-95AF0BFA38B7}" = AVG 2013
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{829CD169-E692-48E8-9BDE-A3E8D8B65538}" = mSCfg
"{8718A2BC-7E23-4D23-969A-2A2EC9E45B0E}" = IC4 Interface Device by SU Enterprise, Inc.
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{91DE1A85-7350-458A-B674-D7C8F3476299}" = IDS
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0137-0409-0000-0000000FF1CE}" = Microsoft Works 6-9 Converter
"{97A11E28-E830-489D-B8F4-154A6BCE08AE}" = IDS
"{9B486871-27EB-49A5-8832-77176E63333C}" = iTunes
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EC6281BE-7CE9-44CE-B99C-5E5CA42A12C9}" = Ford Motor Company VCM II Customer Flight Recorder
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F4977BF0-E2FF-4C18-AD30-74CBC9E48D88}" = Bosch VCI Software (Ford-VCM-II) - 2.1.1.5
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"4569969E1360D2854474C661EF9B4D54F143EB16" = Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"AVG" = AVG 2013
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"Data Access Objects (DAO) 3.5" = Data Access Objects (DAO) 3.5
"ESET Online Scanner" = ESET Online Scanner v3
"HDMI" = Intel® Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"ProInst" = Intel® PROSet/Wireless Software
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 2.1.1
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/5/2014 1:41:20 PM | Computer Name = MITCH-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 16172

Error - 1/5/2014 1:41:22 PM | Computer Name = MITCH-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 1/5/2014 1:41:22 PM | Computer Name = MITCH-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 18140

Error - 1/5/2014 1:41:22 PM | Computer Name = MITCH-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 18140

Error - 1/6/2014 3:04:53 PM | Computer Name = MITCH-PC | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 26.0.0.5087, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 1/10/2014 3:42:12 PM | Computer Name = MITCH-PC | Source = MsiInstaller | ID = 11922
Description = SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2013 -- Error
1922. SA_Error1922: StandardAction(0xC0070782): Service 'AVGIDSAgent' (AVGIDSAgent)
could not be deleted. Verify that you have sufficient privileges to remove system
services.

Error - 1/10/2014 3:50:45 PM | Computer Name = MITCH-PC | Source = MsiInstaller | ID = 10005
Description = SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2013 -- Error
27054. CA_Error27054: SetupAction(0xC0070642): Installation failed.

Error - 1/10/2014 7:22:23 PM | Computer Name = MITCH-PC | Source = MsiInstaller | ID = 10005
Description = SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2013 -- Error
27054. CA_Error27054: SetupAction(0xC0070642): Installation failed.

Error - 1/10/2014 11:27:20 PM | Computer Name = MITCH-PC | Source = MsiInstaller | ID = 10005
Description = SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2013 -- Error
27054. CA_Error27054: SetupAction(0xC0070642): Installation failed.

Error - 1/11/2014 4:42:07 PM | Computer Name = MITCH-PC | Source = MsiInstaller | ID = 11922
Description = SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2013 -- Error
1922. SA_Error1922: StandardAction(0xC0070782): Service 'AVGIDSAgent' (AVGIDSAgent)
could not be deleted. Verify that you have sufficient privileges to remove system
services.

[ System Events ]
Error - 1/10/2014 6:43:19 PM | Computer Name = MITCH-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AVGIDSDriver AVGIDSShim Avgldx86 Fips intelppm

Error - 1/10/2014 7:16:03 PM | Computer Name = MITCH-PC | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 1/10/2014 10:49:22 PM | Computer Name = MITCH-PC | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 1/11/2014 12:15:36 AM | Computer Name = MITCH-PC | Source = DCOM | ID = 10010
Description = The server {548E275F-0290-40E7-B454-738B0C61DE60} did not register
with DCOM within the required timeout.

Error - 1/11/2014 12:27:36 AM | Computer Name = MITCH-PC | Source = DCOM | ID = 10010
Description = The server {548E275F-0290-40E7-B454-738B0C61DE60} did not register
with DCOM within the required timeout.

Error - 1/11/2014 12:50:58 AM | Computer Name = MITCH-PC | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the DetectionManager service
to connect.

Error - 1/11/2014 12:50:58 AM | Computer Name = MITCH-PC | Source = Service Control Manager | ID = 7000
Description = The DetectionManager service failed to start due to the following
error: %%1053

Error - 1/11/2014 11:11:55 AM | Computer Name = MITCH-PC | Source = DCOM | ID = 10010
Description = The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register
with DCOM within the required timeout.

Error - 1/11/2014 11:12:26 AM | Computer Name = MITCH-PC | Source = Service Control Manager | ID = 7032
Description = The Service Control Manager tried to take a corrective action (Restart
the service) after the unexpected termination of the Windows Management Instrumentation
service, but this action failed with the following error: %%1056

Error - 1/11/2014 4:43:17 PM | Computer Name = MITCH-PC | Source = Service Control Manager | ID = 7031
Description = The AVG WatchDog service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 0 milliseconds: Restart
the service.


< End of report >
  • 0

#3
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
Hello mj12687,

Welcome to Geekstogo.

Assuming you can still boot up please do this:

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called (FRST.txt) in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.

  • 0

#4
mj12687

mj12687

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
thank you upfront for your help it is greatly appreciated here are the logs you wanted
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-01-2014 03
Ran by Mitch (administrator) on MITCH-PC on 16-01-2014 08:30:21
Running from C:\Documents and Settings\Mitch\My Documents\Downloads
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) ===================

(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
() C:\Program Files\Common Files\Teradyne\TDSNetSetup.exe
(Bosch Automotive Service Solutions) C:\Program Files\Ford Motor Company\IDS\Runtime\TDSNetConfig.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
(Bosch Automotive Service Solutions) C:\Program Files\Ford Motor Company\IDS\Runtime\XMLRegistryD.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Bosch Automotive Service Solutions) C:\Program Files\Ford Motor Company\IDS\Runtime\CodeServeD.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(SigmaTel, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Flexera Software, Inc.) C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
(Bosch Automotive Service Solutions) C:\Program Files\Ford Motor Company\IDS\Runtime\Starburst.exe
(Bosch Automotive Service Solutions) C:\Program Files\Ford Motor Company\IDS\Runtime\ProbeTickHandler.exe
(Bosch Automotive Service Solutions) C:\Program Files\Ford Motor Company\IDS\Runtime\EngineeringFeedback.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Bosch Automotive Service Solutions) C:\Program Files\Ford Motor Company\IDS\Runtime\DetectionManager.exe
(Sysinternals - www.sysinternals.com) C:\Documents and Settings\Mitch\Desktop\procexp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Farbar) C:\Documents and Settings\Mitch\My Documents\Downloads\FRST(1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelZeroConfig] - C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [995328 2007-10-08] (Intel Corporation)
HKLM\...\Run: [IntelWireless] - C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [1101824 2007-10-08] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761947 2006-03-08] (Synaptics, Inc.)
HKLM\...\Run: [SigmatelSysTrayApp] - C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [405504 2007-05-10] (SigmaTel, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-10] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [TDSReanimator] - C:\Program Files\Common Files\Teradyne\TDSReanimator.exe [12288 2013-12-03] (Bosch Automotive Service Solutions)
HKLM\...\Run: [ISUSPM] - C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-14] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [ISUSPM] - C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe [324976 2010-05-21] (Flexera Software, Inc.)
IFEO\taskmgr.exe: [Debugger] "C:\DOCUMENTS AND SETTINGS\MITCH\DESKTOP\PROCEXP.EXE"
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\J2534 Config App (Ford-VCM-II).lnk
ShortcutTarget: J2534 Config App (Ford-VCM-II).lnk -> C:\Program Files\Bosch\VTX-VCI\VCI Software (Ford-VCM-II)\J2534 Configuration\J2534ConfigApp.exe (Vetronix Corp)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylo...000001422fa3303
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: TM_BHO Class - {60EC89B7-367D-402B-8C55-30FAEB32A705} - C:\Program Files\Ford Motor Company\IDS\Runtime\TMCtrlBHO.dll (Bosch Automotive Service Solutions)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.5.15.0.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{1776E74E-4CCB-4E96-A5FE-7AAEBAC6F83C}: [NameServer]64.7.11.2,66.80.130.23

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Mitch\Application Data\Mozilla\Firefox\Profiles\jye5nhyy.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Documents and Settings\Mitch\Application Data\Mozilla\Firefox\Profiles\jye5nhyy.default\searchplugins\safeguard-secure-search.xml
FF Extension: IE Tab - C:\Documents and Settings\Mitch\Application Data\Mozilla\Firefox\Profiles\jye5nhyy.default\Extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} [2013-07-04]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-14]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-14] (AVAST Software)
R3 DetectionManager; C:\Program Files\Ford Motor Company\IDS\Runtime\DetectionManager.exe [385536 2013-12-04] (Bosch Automotive Service Solutions)
R3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1074480 2013-08-14] (Flexera Software LLC)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-01-14] (Oracle Corporation)
R3 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [1183744 2007-10-08] (Intel Corporation )
R2 TDSNetSetup; C:\Program Files\Common Files\Teradyne\TDSNetSetup.exe [17408 2013-12-03] ()
S3 vToolbarUpdater15.5.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [1643184 2013-08-14] (AVG Secure Search)
R2 WLANKEEPER; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [356352 2007-10-08] (Intel Corporation)

==================== Drivers (Whitelisted) ====================

R2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [21361 2012-08-15] (Cisco Systems, Inc.)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-01-14] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-01-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2014-01-14] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2014-01-14] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410528 2014-01-14] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-01-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2014-01-14] ()
S3 ax88772; C:\Windows\System32\DRIVERS\ax88772.sys [17216 2004-08-05] (ASIX Electronics Corp.)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
R3 NETw4x32; C:\Windows\System32\DRIVERS\NETw4x32.sys [2236032 2007-09-26] (Intel Corporation)
R2 s24trans; C:\Windows\System32\DRIVERS\s24trans.sys [12288 2007-08-27] (Intel Corporation)
R3 STHDA; C:\Windows\System32\drivers\sthda.sys [1222840 2007-05-10] (SigmaTel, Inc.)
S3 USB-100; C:\Windows\System32\DRIVERS\RTL8150.SYS [22016 2013-04-19] (Realtek )
S1 wceusbsh; C:\Windows\System32\DRIVERS\wceusbsh.sys [31744 2008-04-14] (Microsoft Corporation)
S4 IntelIde; No ImagePath
S4 kvpmhc; System32\drivers\itrqge.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [x]
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-16 08:14 - 2014-01-16 08:14 - 00000000 ____D C:\FRST
2014-01-15 13:40 - 2014-01-15 13:40 - 00000000 ____D C:\Documents and Settings\Mitch\My Documents\ProcessExplorer
2014-01-15 11:33 - 2014-01-16 07:59 - 00012760 _____ C:\WINDOWS\setupapi.log
2014-01-15 10:26 - 2014-01-15 10:26 - 00000560 _____ C:\Documents and Settings\Mitch\My Documents\cc_20140115_102621.reg
2014-01-15 10:25 - 2014-01-15 10:26 - 00082116 _____ C:\Documents and Settings\Mitch\My Documents\cc_20140115_102538.reg
2014-01-15 09:58 - 2014-01-15 09:58 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2014-01-15 09:58 - 2014-01-15 09:58 - 00000000 ____D C:\Program Files\CCleaner
2014-01-14 18:10 - 2014-01-14 18:10 - 00000000 ____D C:\Program Files\SystemRequirementsLab
2014-01-14 17:52 - 2014-01-15 13:40 - 00000000 ____D C:\Documents and Settings\Mitch\Desktop\ProcessExplorer
2014-01-14 16:54 - 2014-01-14 16:54 - 00000000 ____D C:\Documents and Settings\Mitch\Application Data\SystemRequirementsLab
2014-01-14 15:03 - 2014-01-14 15:03 - 00000000 ____D C:\WINDOWS\Sun
2014-01-14 15:03 - 2014-01-14 15:03 - 00000000 ____D C:\Documents and Settings\Mitch\Local Settings\Application Data\Sun
2014-01-14 15:01 - 2014-01-14 15:01 - 00000000 ____D C:\Program Files\Common Files\Java
2014-01-14 15:01 - 2014-01-14 15:01 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Sun
2014-01-14 15:01 - 2014-01-14 14:59 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-01-14 15:01 - 2014-01-14 14:59 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-01-14 15:00 - 2014-01-14 15:00 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-01-14 15:00 - 2014-01-14 14:59 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-01-14 15:00 - 2014-01-14 14:59 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-01-14 15:00 - 2014-01-14 14:59 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-14 14:58 - 2014-01-14 14:58 - 00000000 ____D C:\Program Files\Java
2014-01-14 14:57 - 2014-01-14 14:57 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\McAfee
2014-01-14 14:54 - 2014-01-14 14:54 - 00000000 ____D C:\Documents and Settings\Mitch\Application Data\Sun
2014-01-14 14:42 - 2014-01-15 10:27 - 00000000 ____D C:\Program Files\Probit Software
2014-01-14 13:38 - 2014-01-14 13:38 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2014-01-14 13:38 - 2014-01-14 13:38 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2014-01-14 13:35 - 2014-01-14 13:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2014-01-14 13:35 - 2014-01-14 13:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2014-01-14 13:35 - 2014-01-14 13:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2014-01-14 13:17 - 2014-01-14 13:17 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2014-01-14 11:10 - 2014-01-14 11:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB961118$
2014-01-14 10:50 - 2009-01-09 14:19 - 01089593 ____C C:\WINDOWS\system32\dllcache\ntprint.cat
2014-01-14 09:42 - 2014-01-14 09:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2014-01-14 09:42 - 2014-01-14 09:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2014-01-14 09:41 - 2014-01-14 09:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2014-01-14 09:41 - 2014-01-14 09:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2014-01-14 09:40 - 2014-01-14 09:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2014-01-14 09:39 - 2014-01-14 09:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2014-01-14 09:39 - 2014-01-14 09:39 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$
2014-01-14 09:39 - 2014-01-14 09:39 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$
2014-01-14 09:37 - 2014-01-14 09:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2014-01-14 09:37 - 2014-01-14 09:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2014-01-14 09:36 - 2014-01-14 09:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2014-01-14 09:35 - 2014-01-14 09:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2014-01-14 09:34 - 2014-01-14 09:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$
2014-01-14 09:30 - 2014-01-14 09:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2014-01-14 09:10 - 2014-01-14 09:12 - 00000000 ____D C:\2d54fd11d4a21bedef934bca70bb
2014-01-14 08:49 - 2014-01-14 08:49 - 00000000 ____D C:\Documents and Settings\Mitch\Application Data\AVAST Software
2014-01-14 08:44 - 2014-01-16 08:06 - 00000362 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-01-14 08:44 - 2014-01-14 08:44 - 00001733 _____ C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2014-01-14 08:44 - 2014-01-14 08:44 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Avast
2014-01-14 08:43 - 2014-01-14 08:42 - 00775952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-01-14 08:43 - 2014-01-14 08:42 - 00410528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-01-14 08:43 - 2014-01-14 08:42 - 00180248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-01-14 08:43 - 2014-01-14 08:42 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-01-14 08:43 - 2014-01-14 08:42 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-01-14 08:43 - 2014-01-14 08:42 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-01-14 08:43 - 2014-01-14 08:42 - 00049944 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-01-14 08:42 - 2014-01-14 08:42 - 00270240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-01-14 08:42 - 2014-01-14 08:42 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-01-14 08:38 - 2014-01-14 08:38 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-14 08:14 - 2013-07-02 21:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2014-01-14 08:08 - 2013-07-16 19:58 - 00123008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys
2014-01-14 08:08 - 2013-07-16 19:58 - 00060160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys
2014-01-14 08:08 - 2013-07-16 19:58 - 00046848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irbus.sys
2014-01-14 08:02 - 2013-08-08 19:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2014-01-12 19:26 - 2014-01-12 20:09 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\HitmanPro
2014-01-11 15:57 - 2014-01-11 16:16 - 01601276 _____ C:\Documents and Settings\Mitch\My Documents\AutoRuns.arn
2014-01-11 15:11 - 2014-01-11 15:11 - 00000000 ____D C:\Documents and Settings\Mitch\Local Settings\Application Data\AVG Secure Search
2014-01-11 10:56 - 2014-01-11 10:56 - 00000000 ____D C:\Program Files\ESET
2014-01-11 10:44 - 2014-01-11 10:45 - 00003550 _____ C:\Documents and Settings\Mitch\Desktop\Rkill.txt
2014-01-10 23:00 - 2014-01-14 08:35 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-01-10 17:52 - 2014-01-10 21:47 - 00002265 _____ C:\Documents and Settings\Mitch\Desktop\avgrep.txt
2014-01-10 17:01 - 2014-01-10 17:01 - 00000000 ____D C:\Documents and Settings\Mitch\Application Data\Malwarebytes
2014-01-10 17:00 - 2014-01-10 17:00 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-10 17:00 - 2014-01-10 17:00 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-10 17:00 - 2014-01-10 17:00 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-01-10 17:00 - 2014-01-10 17:00 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-01-10 17:00 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-01-10 16:46 - 2014-01-10 16:47 - 00000000 __SHD C:\WINDOWS\CSC
2013-12-20 12:47 - 2013-12-20 12:48 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-01-16 08:29 - 2012-08-10 08:29 - 01696953 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-16 08:14 - 2014-01-16 08:14 - 00000000 ____D C:\FRST
2014-01-16 08:08 - 2012-08-10 08:54 - 00032628 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-16 08:08 - 2012-08-10 08:54 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-16 08:06 - 2014-01-14 08:44 - 00000362 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-01-16 07:59 - 2014-01-15 11:33 - 00012760 _____ C:\WINDOWS\setupapi.log
2014-01-16 07:54 - 2012-11-18 11:30 - 00000157 _____ C:\WINDOWS\wiadebug.log
2014-01-16 07:54 - 2012-11-18 11:30 - 00000049 _____ C:\WINDOWS\wiaservc.log
2014-01-16 07:54 - 2012-08-19 14:37 - 00000316 _____ C:\WINDOWS\Tasks\YourFile Update.job
2014-01-16 07:54 - 2004-08-04 05:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-15 15:23 - 2012-08-12 06:48 - 00000278 ___SH C:\Documents and Settings\Mitch\ntuser.ini
2014-01-15 14:43 - 2013-07-04 18:46 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-15 13:44 - 2012-08-10 08:37 - 00000178 __SHC C:\Documents and Settings\NetworkService\ntuser.ini
2014-01-15 13:40 - 2014-01-15 13:40 - 00000000 ____D C:\Documents and Settings\Mitch\My Documents\ProcessExplorer
2014-01-15 13:40 - 2014-01-14 17:52 - 00000000 ____D C:\Documents and Settings\Mitch\Desktop\ProcessExplorer
2014-01-15 10:36 - 2012-08-12 06:48 - 00000000 ____D C:\Documents and Settings\Mitch
2014-01-15 10:27 - 2014-01-14 14:42 - 00000000 ____D C:\Program Files\Probit Software
2014-01-15 10:26 - 2014-01-15 10:26 - 00000560 _____ C:\Documents and Settings\Mitch\My Documents\cc_20140115_102621.reg
2014-01-15 10:26 - 2014-01-15 10:25 - 00082116 _____ C:\Documents and Settings\Mitch\My Documents\cc_20140115_102538.reg
2014-01-15 10:23 - 2013-11-27 09:41 - 00000000 ____D C:\Documents and Settings\Mitch\Application Data\BitTorrent
2014-01-15 09:58 - 2014-01-15 09:58 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2014-01-15 09:58 - 2014-01-15 09:58 - 00000000 ____D C:\Program Files\CCleaner
2014-01-14 18:10 - 2014-01-14 18:10 - 00000000 ____D C:\Program Files\SystemRequirementsLab
2014-01-14 18:06 - 2012-08-16 06:26 - 00068256 ____C C:\Documents and Settings\Mitch\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-01-14 16:54 - 2014-01-14 16:54 - 00000000 ____D C:\Documents and Settings\Mitch\Application Data\SystemRequirementsLab
2014-01-14 15:03 - 2014-01-14 15:03 - 00000000 ____D C:\WINDOWS\Sun
2014-01-14 15:03 - 2014-01-14 15:03 - 00000000 ____D C:\Documents and Settings\Mitch\Local Settings\Application Data\Sun
2014-01-14 15:01 - 2014-01-14 15:01 - 00000000 ____D C:\Program Files\Common Files\Java
2014-01-14 15:01 - 2014-01-14 15:01 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Sun
2014-01-14 15:00 - 2014-01-14 15:00 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-01-14 14:59 - 2014-01-14 15:01 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-01-14 14:59 - 2014-01-14 15:01 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-01-14 14:59 - 2014-01-14 15:00 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-01-14 14:59 - 2014-01-14 15:00 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-01-14 14:59 - 2014-01-14 15:00 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-14 14:58 - 2014-01-14 14:58 - 00000000 ____D C:\Program Files\Java
2014-01-14 14:57 - 2014-01-14 14:57 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\McAfee
2014-01-14 14:54 - 2014-01-14 14:54 - 00000000 ____D C:\Documents and Settings\Mitch\Application Data\Sun
2014-01-14 14:13 - 2013-08-14 08:11 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2014-01-14 13:46 - 2012-08-10 04:04 - 00263824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-14 13:39 - 2012-08-15 02:23 - 00000000 ____D C:\WINDOWS\ie8updates
2014-01-14 13:38 - 2014-01-14 13:38 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2014-01-14 13:38 - 2014-01-14 13:38 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2014-01-14 13:38 - 2012-08-15 02:04 - 00024054 ____C C:\WINDOWS\system32\TZLog.log
2014-01-14 13:35 - 2014-01-14 13:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2014-01-14 13:35 - 2014-01-14 13:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2014-01-14 13:35 - 2014-01-14 13:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2014-01-14 13:31 - 2012-08-10 04:06 - 00493518 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-14 13:17 - 2014-01-14 13:17 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2014-01-14 13:04 - 2013-08-14 08:15 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2014-01-14 11:10 - 2014-01-14 11:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB961118$
2014-01-14 09:42 - 2014-01-14 09:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2014-01-14 09:42 - 2014-01-14 09:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2014-01-14 09:41 - 2014-01-14 09:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2014-01-14 09:41 - 2014-01-14 09:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2014-01-14 09:40 - 2014-01-14 09:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2014-01-14 09:40 - 2014-01-14 09:39 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2014-01-14 09:39 - 2014-01-14 09:39 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$
2014-01-14 09:39 - 2014-01-14 09:39 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$
2014-01-14 09:37 - 2014-01-14 09:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2014-01-14 09:37 - 2014-01-14 09:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2014-01-14 09:36 - 2014-01-14 09:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2014-01-14 09:35 - 2014-01-14 09:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2014-01-14 09:34 - 2014-01-14 09:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$
2014-01-14 09:30 - 2014-01-14 09:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2014-01-14 09:12 - 2014-01-14 09:10 - 00000000 ____D C:\2d54fd11d4a21bedef934bca70bb
2014-01-14 08:49 - 2014-01-14 08:49 - 00000000 ____D C:\Documents and Settings\Mitch\Application Data\AVAST Software
2014-01-14 08:44 - 2014-01-14 08:44 - 00001733 _____ C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2014-01-14 08:44 - 2014-01-14 08:44 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Avast
2014-01-14 08:42 - 2014-01-14 08:43 - 00775952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-01-14 08:42 - 2014-01-14 08:43 - 00410528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-01-14 08:42 - 2014-01-14 08:43 - 00180248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-01-14 08:42 - 2014-01-14 08:43 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-01-14 08:42 - 2014-01-14 08:43 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-01-14 08:42 - 2014-01-14 08:43 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-01-14 08:42 - 2014-01-14 08:43 - 00049944 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-01-14 08:42 - 2014-01-14 08:42 - 00270240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-01-14 08:42 - 2014-01-14 08:42 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-01-14 08:38 - 2014-01-14 08:38 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-14 08:35 - 2014-01-10 23:00 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-01-13 08:01 - 2012-08-10 08:31 - 00001507 _____ C:\Documents and Settings\All Users\Start Menu\Windows Update.lnk
2014-01-12 20:09 - 2014-01-12 19:26 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\HitmanPro
2014-01-12 18:52 - 2012-08-15 02:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB974112$
2014-01-12 13:16 - 2012-08-10 08:25 - 00000000 ____D C:\WINDOWS\Registration
2014-01-11 16:16 - 2014-01-11 15:57 - 01601276 _____ C:\Documents and Settings\Mitch\My Documents\AutoRuns.arn
2014-01-11 15:11 - 2014-01-11 15:11 - 00000000 ____D C:\Documents and Settings\Mitch\Local Settings\Application Data\AVG Secure Search
2014-01-11 13:39 - 2012-08-19 14:39 - 00000000 ____D C:\Documents and Settings\Mitch\Application Data\BabylonToolbar
2014-01-11 10:56 - 2014-01-11 10:56 - 00000000 ____D C:\Program Files\ESET
2014-01-11 10:45 - 2014-01-11 10:44 - 00003550 _____ C:\Documents and Settings\Mitch\Desktop\Rkill.txt
2014-01-10 21:50 - 2012-08-15 02:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB950762$
2014-01-10 21:47 - 2014-01-10 17:52 - 00002265 _____ C:\Documents and Settings\Mitch\Desktop\avgrep.txt
2014-01-10 17:34 - 2012-08-15 02:13 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2631813$
2014-01-10 17:01 - 2014-01-10 17:01 - 00000000 ____D C:\Documents and Settings\Mitch\Application Data\Malwarebytes
2014-01-10 17:00 - 2014-01-10 17:00 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-10 17:00 - 2014-01-10 17:00 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-10 17:00 - 2014-01-10 17:00 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-01-10 17:00 - 2014-01-10 17:00 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-01-10 16:47 - 2014-01-10 16:46 - 00000000 __SHD C:\WINDOWS\CSC
2013-12-20 17:17 - 2013-07-01 07:34 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-20 12:48 - 2013-12-20 12:47 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-18 18:10 - 2013-12-02 15:06 - 00000000 ____D C:\Documents and Settings\Mitch\Application Data\vlc

Files to move or delete:
====================
C:\Documents and Settings\Mitch\cleanupids.exe
C:\Documents and Settings\Mitch\dotnetfx30SP1setup.exe
C:\Documents and Settings\Mitch\ids-86.01A.exe


Some content of TEMP:
====================
C:\Documents and Settings\Mitch\Local Settings\Temp\HitmanPro.exe
C:\Documents and Settings\Mitch\Local Settings\Temp\UNINSTALL.EXE


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-01-2014 03
Ran by Mitch at 2014-01-16 08:33:03
Running from C:\Documents and Settings\Mitch\My Documents\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader X (Version: 10.0.0 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (Version: 3.0 - )
Apple Application Support (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (Version: 9.0.2011 - Avast Software)
BitTorrent (Version: 7.8.2.30332 - BitTorrent Inc.)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Bosch VCI Software (Ford-VCM-II) - 2.1.1.5 (Version: 2.1.1.5 - Bosch)
Broadcom 440x 10/100 Integrated Controller (Version: 10.04.01 - Broadcom Corporation)
CCleaner (Version: 4.09 - Piriform)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HDA D110 MDC V.92 Modem (Version: - )
Data Access Objects (DAO) 3.5 (Version: - )
ESET Online Scanner v3 (Version: - )
Ford Motor Company VCM II Customer Flight Recorder (Version: 1.0.194 - Ford Motor Company)
IC4 Interface Device by SU Enterprise, Inc. (Version: 1.93 - )
IDS (Version: 86.011.200 - Ford Motor Company) Hidden
IDS (Version: 88.010.200 - Ford Motor Company)
Intel® Graphics Media Accelerator Driver (Version: - )
Intel® PROSet/Wireless Software (Version: 11.5.0000 - Intel Corporation)
iTunes (Version: 11.0.5.5 - Apple Inc.)
Java 7 Update 51 (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
mCore (Version: 11.02.0000 - Intel Corporation) Hidden
mDriver (Version: 11.02.0000 - Intel) Hidden
mDrWiFi (Version: 11.02.0000 - Intel Corporation) Hidden
mHlpDell (Version: 11.02.0000 - Intel) Hidden
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1 - Microsoft Corporation)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.363 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works 6-9 Converter (Version: 14.0.6120.5002 - Microsoft Corporation)
mIWA (Version: 11.02.0000 - Intel Corporation) Hidden
mLogView (Version: 11.02.0000 - Intel Corporation) Hidden
mMHouse (Version: 11.02.0000 - Intel Corporation) Hidden
Mozilla Firefox 26.0 (x86 en-US) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
mPfMgr (Version: 11.02.0000 - Intel Corporation) Hidden
mPfWiz (Version: 11.02.0000 - Intel Corporation) Hidden
mProSafe (Version: 9.00.0000 - Intel) Hidden
mSCfg (Version: 11.02.0000 - Intel Corporation) Hidden
MSN (Version: 10.20.0611.0 - Microsoft Corporation)
mSSO (Version: 11.02.0000 - Intel Corporation) Hidden
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 6.0 Parser (Version: 6.00.3883.8 - Microsoft Corporation) Hidden
mWlsSafe (Version: 9.00.0000 - Intel) Hidden
mWMI (Version: 11.02.0000 - Intel Corporation) Hidden
mZConfig (Version: 11.02.0000 - Intel Corporation) Hidden
Puma (Version: 1.5.150 - Movimento)
SigmaTel Audio (Version: 5.10.5210.0 - SigmaTel)
Synaptics Pointing Device Driver (Version: 8.2.4.6 - Synaptics)
System Requirements Lab for Intel (Version: 4.5.15.0 - Husdawg, LLC)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (Version: 1 - Microsoft Corporation)
VLC media player 2.1.1 (Version: 2.1.1 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04) (Version: 11/14/2006 6.00.01.04 - Ricoh Company)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Internet Explorer 8 (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (Version: - )
Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
Windows Media Player 11 (Version: - )
Windows Media Player 11 (Version: - Microsoft Corporation) Hidden
Windows XP Service Pack 3 (Version: 20080414.031525 - Microsoft Corporation)
XML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hidden

==================== Restore Points =========================

18-10-2013 13:44:31 System Checkpoint
21-10-2013 13:05:37 System Checkpoint
22-10-2013 14:18:31 System Checkpoint
23-10-2013 14:50:02 System Checkpoint
24-10-2013 16:06:36 System Checkpoint
25-10-2013 16:09:34 System Checkpoint
28-10-2013 11:53:50 System Checkpoint
29-10-2013 12:36:13 System Checkpoint
30-10-2013 12:42:03 System Checkpoint
31-10-2013 12:19:46 Installed IDS
01-11-2013 14:26:19 System Checkpoint
02-11-2013 14:51:59 System Checkpoint
04-11-2013 12:59:37 System Checkpoint
05-11-2013 13:28:19 System Checkpoint
06-11-2013 14:07:23 System Checkpoint
08-11-2013 14:06:03 System Checkpoint
11-11-2013 13:19:56 System Checkpoint
12-11-2013 13:29:41 System Checkpoint
13-11-2013 13:38:12 System Checkpoint
14-11-2013 12:22:52 Installed IDS
15-11-2013 14:01:30 System Checkpoint
18-11-2013 16:13:23 System Checkpoint
19-11-2013 20:00:46 System Checkpoint
21-11-2013 14:15:51 System Checkpoint
22-11-2013 16:18:39 System Checkpoint
27-11-2013 13:00:42 System Checkpoint
30-11-2013 21:08:21 Installed IDS
02-12-2013 13:44:03 System Checkpoint
02-12-2013 15:46:28 Installed Windows Media Player 11
02-12-2013 15:58:25 Installed Windows XP Wudf01000.
02-12-2013 16:10:03 Installed Windows XP MSCompPackV1.
03-12-2013 16:58:30 System Checkpoint
04-12-2013 18:31:28 System Checkpoint
05-12-2013 18:45:13 System Checkpoint
07-12-2013 13:16:39 System Checkpoint
09-12-2013 12:59:42 System Checkpoint
10-12-2013 15:05:34 System Checkpoint
11-12-2013 15:43:00 System Checkpoint
12-12-2013 16:36:36 System Checkpoint
13-12-2013 14:36:21 Installed IDS
16-12-2013 13:19:56 System Checkpoint
17-12-2013 15:37:23 System Checkpoint
18-12-2013 16:39:22 System Checkpoint
19-12-2013 16:52:35 System Checkpoint
20-12-2013 18:20:33 System Checkpoint
21-12-2013 18:47:53 System Checkpoint
23-12-2013 12:36:48 System Checkpoint
24-12-2013 13:53:37 System Checkpoint
26-12-2013 15:18:59 System Checkpoint
27-12-2013 16:14:15 System Checkpoint
28-12-2013 17:09:09 System Checkpoint
30-12-2013 13:56:59 System Checkpoint
31-12-2013 14:09:18 System Checkpoint
02-01-2014 14:44:31 System Checkpoint
04-01-2014 21:05:27 System Checkpoint
06-01-2014 14:16:47 System Checkpoint
07-01-2014 15:34:56 System Checkpoint
08-01-2014 15:48:29 System Checkpoint
09-01-2014 15:59:05 System Checkpoint
10-01-2014 16:29:14 System Checkpoint
10-01-2014 19:38:17 Removed AVG 2013
11-01-2014 03:27:34 Removed AVG 2013
11-01-2014 14:54:17 avast! antivirus system restore point
11-01-2014 20:36:13 Removed AVG 2013
13-01-2014 15:50:41 System Checkpoint
14-01-2014 13:38:40 avast! antivirus system restore point
14-01-2014 13:54:42 Software Distribution Service 3.0
14-01-2014 14:26:29 Software Distribution Service 3.0
14-01-2014 14:49:39 Printer Driver Microsoft XPS Document Writer Installed
14-01-2014 15:15:28 Software Distribution Service 3.0
14-01-2014 16:09:24 Software Distribution Service 3.0
14-01-2014 19:58:41 Installed Java 7 Update 51
15-01-2014 20:02:28 System Checkpoint

==================== Hosts content: ==========================

2004-08-04 05:00 - 2014-01-09 11:21 - 00000898 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
172.31.0.3 GNA600_2706K32591R6
10.90.171.2 GNA600_2706K32591R6
192.168.5.4 GNA600_2706K32591R6
192.168.5.3 GNA600_2706K32591R6
192.168.5.2 GNA600_2706K32591R6


==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: C:\WINDOWS\Tasks\YourFile Update.job => C:\Program Files\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2007-10-08 13:03 - 2007-10-08 13:03 - 00245760 _____ () C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL
2014-01-16 08:02 - 2014-01-16 06:10 - 02155008 _____ () C:\Program Files\AVAST Software\Avast\defs\14011600\algo.dll
2014-01-14 08:42 - 2014-01-14 08:42 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2007-05-17 13:42 - 2007-05-17 13:42 - 01167360 _____ () C:\Program Files\Intel\Wireless\Bin\acAuth.dll
2013-12-20 12:47 - 2013-12-20 12:48 - 03559024 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/16/2014 08:27:26 AM) (Source: Application Error) (User: )
Description: Faulting application frst.exe, version 0.0.0.0, faulting module frst.exe, version 0.0.0.0, fault address 0x0001fcbe.
Processing media-specific event for [frst.exe!ws!]

Error: (01/16/2014 08:26:37 AM) (Source: Application Error) (User: )
Description: Faulting application frst.exe, version 0.0.0.0, faulting module frst.exe, version 0.0.0.0, fault address 0x0001fcbe.
Processing media-specific event for [frst.exe!ws!]

Error: (01/16/2014 08:25:52 AM) (Source: Application Error) (User: )
Description: Faulting application frst.exe, version 0.0.0.0, faulting module frst.exe, version 0.0.0.0, fault address 0x00020016.
Processing media-specific event for [frst.exe!ws!]

Error: (01/15/2014 01:45:43 PM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing. HRESULT was 800706BF from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.

Error: (01/15/2014 09:25:21 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/15/2014 08:49:39 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x028878c8.
Processing media-specific event for [iexplore.exe!ws!]

Error: (01/14/2014 01:38:10 PM) (Source: MsiInstaller) (User: MITCH-PC)
Description: Product: Microsoft Office Professional Edition 2003 - Update 'Update for Outlook 2003 Junk E-mail Filter (KB2863822): OUTLFLTR' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127

Error: (01/14/2014 01:38:10 PM) (Source: MsiInstaller) (User: MITCH-PC)
Description: Product: Microsoft Office Professional Edition 2003 -- Error 1311. Source file not found(cabinet): C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\PA561401.CAB. Verify that the file exists and that you can access it.

Error: (01/14/2014 01:36:39 PM) (Source: MsiInstaller) (User: MITCH-PC)
Description: Product: Microsoft Office Professional Edition 2003 - Update 'Security Update for Office 2003 (KB2850047): GDIPLUS' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127

Error: (01/14/2014 01:36:39 PM) (Source: MsiInstaller) (User: MITCH-PC)
Description: Product: Microsoft Office Professional Edition 2003 -- Error 1311. Source file not found(cabinet): C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\PA561401.CAB. Verify that the file exists and that you can access it.


System errors:
=============
Error: (01/16/2014 07:56:27 AM) (Source: Service Control Manager) (User: )
Description: The DetectionManager service failed to start due to the following error:
%%1053

Error: (01/16/2014 07:56:27 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the DetectionManager service to connect.

Error: (01/16/2014 07:55:35 AM) (Source: Service Control Manager) (User: )
Description: The DetectionManager service failed to start due to the following error:
%%1053

Error: (01/16/2014 07:55:35 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the DetectionManager service to connect.

Error: (01/15/2014 01:44:36 PM) (Source: Service Control Manager) (User: )
Description: The Remote Procedure Call (RPC) service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.

Error: (01/15/2014 01:44:27 PM) (Source: Service Control Manager) (User: )
Description: The WebClient service terminated unexpectedly. It has done this 1 time(s).

Error: (01/15/2014 01:44:18 PM) (Source: Service Control Manager) (User: )
Description: The Remote Registry service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

Error: (01/15/2014 01:44:18 PM) (Source: Service Control Manager) (User: )
Description: The TCP/IP NetBIOS Helper service terminated unexpectedly. It has done this 1 time(s).

Error: (01/15/2014 01:44:09 PM) (Source: Service Control Manager) (User: )
Description: The DNS Client service terminated unexpectedly. It has done this 1 time(s).

Error: (01/15/2014 01:43:24 PM) (Source: Service Control Manager) (User: )
Description: The Windows Image Acquisition (WIA) service terminated unexpectedly. It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (01/16/2014 08:27:26 AM) (Source: Application Error)(User: )
Description: frst.exe0.0.0.0frst.exe0.0.0.00001fcbe

Error: (01/16/2014 08:26:37 AM) (Source: Application Error)(User: )
Description: frst.exe0.0.0.0frst.exe0.0.0.00001fcbe

Error: (01/16/2014 08:25:52 AM) (Source: Application Error)(User: )
Description: frst.exe0.0.0.0frst.exe0.0.0.000020016

Error: (01/15/2014 01:45:43 PM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp44800706BF

Error: (01/15/2014 09:25:21 AM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (01/15/2014 08:49:39 AM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702unknown0.0.0.0028878c8

Error: (01/14/2014 01:38:10 PM) (Source: MsiInstaller)(User: MITCH-PC)
Description: Microsoft Office Professional Edition 2003Update for Outlook 2003 Junk E-mail Filter (KB2863822): OUTLFLTR1603(NULL)

Error: (01/14/2014 01:38:10 PM) (Source: MsiInstaller)(User: MITCH-PC)
Description: Product: Microsoft Office Professional Edition 2003 -- Error 1311. Source file not found(cabinet): C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\PA561401.CAB. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)

Error: (01/14/2014 01:36:39 PM) (Source: MsiInstaller)(User: MITCH-PC)
Description: Microsoft Office Professional Edition 2003Security Update for Office 2003 (KB2850047): GDIPLUS1603(NULL)

Error: (01/14/2014 01:36:39 PM) (Source: MsiInstaller)(User: MITCH-PC)
Description: Product: Microsoft Office Professional Edition 2003 -- Error 1311. Source file not found(cabinet): C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\PA561401.CAB. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)


==================== Memory info ===========================

Percentage of memory in use: 42%
Total physical RAM: 2038.37 MB
Available physical RAM: 1178.25 MB
Total Pagefile: 3285.08 MB
Available Pagefile: 2561.65 MB
Total Virtual: 2047.88 MB
Available Virtual: 1958.63 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.78 GB) (Free:62.34 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 112 GB) (Disk ID: ED1F86F7)
Partition 1: (Active) - (Size=112 GB) - (Type=07 NTFS)

==================== End Of Log ============================
  • 0

#5
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
Hello mj12687,

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

After that

Please run another scan with FRST and post back the log it generates.

So when you return please post
Fixlog.txt
FRST.txt

  • 0

#6
mj12687

mj12687

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 15-01-2014 03
Ran by Mitch at 2014-01-16 17:21:19 Run:1
Running from C:\Documents and Settings\Mitch\My Documents\Downloads
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylo...000001422fa3303
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
FF SearchPlugin: C:\Documents and Settings\Mitch\Application Data\Mozilla\Firefox\Profiles\jye5nhyy.default\searchplugins\safeguard-secure-search.xml
S3 vToolbarUpdater15.5.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [1643184 2013-08-14] (AVG Secure Search)
S3 vToolbarUpdater15.5.0; C:\Program Files\Common Files\AVG Secure Search
S4 kvpmhc; System32\drivers\itrqge.sys [x]
C:\Windows\system32\drivers\itrqge.sys
C:\Documents and Settings\Mitch\cleanupids.exe
C:\Documents and Settings\Mitch\dotnetfx30SP1setup.exe
C:\Documents and Settings\Mitch\ids-86.01A.exe
C:\Documents and Settings\Mitch\Local Settings\Temp\HitmanPro.exe
C:\Documents and Settings\Mitch\Local Settings\Temp\UNINSTALL.EXE
Task: C:\WINDOWS\Tasks\YourFile Update.job => C:\Program Files\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
C:\Program Files\YourFileDownloader
*****************

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Value deleted successfully.
HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Key deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
C:\Documents and Settings\Mitch\Application Data\Mozilla\Firefox\Profiles\jye5nhyy.default\searchplugins\safeguard-secure-search.xml => Moved successfully.
vToolbarUpdater15.5.0 => Service deleted successfully.
vToolbarUpdater15.5.0 => Service not found.
kvpmhc => Service deleted successfully.
"C:\Windows\system32\drivers\itrqge.sys" => File/Directory not found.
C:\Documents and Settings\Mitch\cleanupids.exe => Moved successfully.
C:\Documents and Settings\Mitch\dotnetfx30SP1setup.exe => Moved successfully.
C:\Documents and Settings\Mitch\ids-86.01A.exe => Moved successfully.
C:\Documents and Settings\Mitch\Local Settings\Temp\HitmanPro.exe => Moved successfully.
C:\Documents and Settings\Mitch\Local Settings\Temp\UNINSTALL.EXE => Moved successfully.
C:\WINDOWS\Tasks\YourFile Update.job => Moved successfully.
C:\Program Files\YourFileDownloader => Moved successfully.

==== End of Fixlog ====






Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-01-2014 03
Ran by Mitch (administrator) on MITCH-PC on 16-01-2014 17:23:50
Running from C:\Documents and Settings\Mitch\My Documents\Downloads
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) ===================

(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
() C:\Program Files\Common Files\Teradyne\TDSNetSetup.exe
(Bosch Automotive Service Solutions) C:\Program Files\Ford Motor Company\IDS\Runtime\TDSNetConfig.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
(Bosch Automotive Service Solutions) C:\Program Files\Ford Motor Company\IDS\Runtime\XMLRegistryD.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Bosch Automotive Service Solutions) C:\Program Files\Ford Motor Company\IDS\Runtime\CodeServeD.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(SigmaTel, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Flexera Software, Inc.) C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Bosch Automotive Service Solutions) C:\Program Files\Ford Motor Company\IDS\Runtime\DetectionManager.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
(Bosch Automotive Service Solutions) C:\Program Files\Ford Motor Company\IDS\Runtime\Starburst.exe
(Bosch Automotive Service Solutions) C:\Program Files\Ford Motor Company\IDS\Runtime\ProbeTickHandler.exe
(Bosch Automotive Service Solutions) C:\Program Files\Ford Motor Company\IDS\Runtime\EngineeringFeedback.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Sysinternals - www.sysinternals.com) C:\Documents and Settings\Mitch\Desktop\procexp.exe
(Farbar) C:\Documents and Settings\Mitch\My Documents\Downloads\FRST(1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelZeroConfig] - C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [995328 2007-10-08] (Intel Corporation)
HKLM\...\Run: [IntelWireless] - C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [1101824 2007-10-08] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761947 2006-03-08] (Synaptics, Inc.)
HKLM\...\Run: [SigmatelSysTrayApp] - C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [405504 2007-05-10] (SigmaTel, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-10] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [TDSReanimator] - C:\Program Files\Common Files\Teradyne\TDSReanimator.exe [12288 2013-12-03] (Bosch Automotive Service Solutions)
HKLM\...\Run: [ISUSPM] - C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-14] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [ISUSPM] - C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe [324976 2010-05-21] (Flexera Software, Inc.)
IFEO\taskmgr.exe: [Debugger] "C:\DOCUMENTS AND SETTINGS\MITCH\DESKTOP\PROCEXP.EXE"
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\J2534 Config App (Ford-VCM-II).lnk
ShortcutTarget: J2534 Config App (Ford-VCM-II).lnk -> C:\Program Files\Bosch\VTX-VCI\VCI Software (Ford-VCM-II)\J2534 Configuration\J2534ConfigApp.exe (Vetronix Corp)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: TM_BHO Class - {60EC89B7-367D-402B-8C55-30FAEB32A705} - C:\Program Files\Ford Motor Company\IDS\Runtime\TMCtrlBHO.dll (Bosch Automotive Service Solutions)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.5.15.0.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.15.1
Tcpip\..\Interfaces\{1776E74E-4CCB-4E96-A5FE-7AAEBAC6F83C}: [NameServer]64.7.11.2,66.80.130.23

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Mitch\Application Data\Mozilla\Firefox\Profiles\jye5nhyy.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Extension: IE Tab - C:\Documents and Settings\Mitch\Application Data\Mozilla\Firefox\Profiles\jye5nhyy.default\Extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} [2013-07-04]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-14]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-14] (AVAST Software)
R3 DetectionManager; C:\Program Files\Ford Motor Company\IDS\Runtime\DetectionManager.exe [385536 2013-12-04] (Bosch Automotive Service Solutions)
R3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1074480 2013-08-14] (Flexera Software LLC)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-01-14] (Oracle Corporation)
R3 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [1183744 2007-10-08] (Intel Corporation )
R2 TDSNetSetup; C:\Program Files\Common Files\Teradyne\TDSNetSetup.exe [17408 2013-12-03] ()
R2 WLANKEEPER; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [356352 2007-10-08] (Intel Corporation)

==================== Drivers (Whitelisted) ====================

R2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [21361 2012-08-15] (Cisco Systems, Inc.)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-01-14] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-01-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2014-01-14] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2014-01-14] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410528 2014-01-14] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-01-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2014-01-14] ()
S3 ax88772; C:\Windows\System32\DRIVERS\ax88772.sys [17216 2004-08-05] (ASIX Electronics Corp.)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
R3 NETw4x32; C:\Windows\System32\DRIVERS\NETw4x32.sys [2236032 2007-09-26] (Intel Corporation)
R2 s24trans; C:\Windows\System32\DRIVERS\s24trans.sys [12288 2007-08-27] (Intel Corporation)
R3 STHDA; C:\Windows\System32\drivers\sthda.sys [1222840 2007-05-10] (SigmaTel, Inc.)
S3 USB-100; C:\Windows\System32\DRIVERS\RTL8150.SYS [22016 2013-04-19] (Realtek )
S1 wceusbsh; C:\Windows\System32\DRIVERS\wceusbsh.sys [31744 2008-04-14] (Microsoft Corporation)
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [x]
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-16 08:14 - 2014-01-16 08:14 - 00000000 ____D C:\FRST
2014-01-15 13:40 - 2014-01-15 13:40 - 00000000 ____D C:\Documents and Settings\Mitch\My Documents\ProcessExplorer
2014-01-15 11:33 - 2014-01-16 17:06 - 00017426 _____ C:\WINDOWS\setupapi.log
2014-01-15 10:26 - 2014-01-15 10:26 - 00000560 _____ C:\Documents and Settings\Mitch\My Documents\cc_20140115_102621.reg
2014-01-15 10:25 - 2014-01-15 10:26 - 00082116 _____ C:\Documents and Settings\Mitch\My Documents\cc_20140115_102538.reg
2014-01-15 09:58 - 2014-01-15 09:58 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2014-01-15 09:58 - 2014-01-15 09:58 - 00000000 ____D C:\Program Files\CCleaner
2014-01-14 18:10 - 2014-01-14 18:10 - 00000000 ____D C:\Program Files\SystemRequirementsLab
2014-01-14 17:52 - 2014-01-15 13:40 - 00000000 ____D C:\Documents and Settings\Mitch\Desktop\ProcessExplorer
2014-01-14 16:54 - 2014-01-14 16:54 - 00000000 ____D C:\Documents and Settings\Mitch\Application Data\SystemRequirementsLab
2014-01-14 15:03 - 2014-01-14 15:03 - 00000000 ____D C:\WINDOWS\Sun
2014-01-14 15:03 - 2014-01-14 15:03 - 00000000 ____D C:\Documents and Settings\Mitch\Local Settings\Application Data\Sun
2014-01-14 15:01 - 2014-01-14 15:01 - 00000000 ____D C:\Program Files\Common Files\Java
2014-01-14 15:01 - 2014-01-14 15:01 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Sun
2014-01-14 15:01 - 2014-01-14 14:59 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-01-14 15:01 - 2014-01-14 14:59 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-01-14 15:00 - 2014-01-14 15:00 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-01-14 15:00 - 2014-01-14 14:59 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-01-14 15:00 - 2014-01-14 14:59 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-01-14 15:00 - 2014-01-14 14:59 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-14 14:58 - 2014-01-14 14:58 - 00000000 ____D C:\Program Files\Java
2014-01-14 14:57 - 2014-01-14 14:57 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\McAfee
2014-01-14 14:54 - 2014-01-14 14:54 - 00000000 ____D C:\Documents and Settings\Mitch\Application Data\Sun
2014-01-14 14:42 - 2014-01-15 10:27 - 00000000 ____D C:\Program Files\Probit Software
2014-01-14 13:38 - 2014-01-14 13:38 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2014-01-14 13:38 - 2014-01-14 13:38 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2014-01-14 13:35 - 2014-01-14 13:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2014-01-14 13:35 - 2014-01-14 13:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2014-01-14 13:35 - 2014-01-14 13:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2014-01-14 13:17 - 2014-01-14 13:17 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2014-01-14 11:10 - 2014-01-14 11:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB961118$
2014-01-14 10:50 - 2009-01-09 14:19 - 01089593 ____C C:\WINDOWS\system32\dllcache\ntprint.cat
2014-01-14 09:42 - 2014-01-14 09:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2014-01-14 09:42 - 2014-01-14 09:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2014-01-14 09:41 - 2014-01-14 09:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2014-01-14 09:41 - 2014-01-14 09:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2014-01-14 09:40 - 2014-01-14 09:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2014-01-14 09:39 - 2014-01-14 09:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2014-01-14 09:39 - 2014-01-14 09:39 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$
2014-01-14 09:39 - 2014-01-14 09:39 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$
2014-01-14 09:37 - 2014-01-14 09:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2014-01-14 09:37 - 2014-01-14 09:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2014-01-14 09:36 - 2014-01-14 09:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2014-01-14 09:35 - 2014-01-14 09:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2014-01-14 09:34 - 2014-01-14 09:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$
2014-01-14 09:30 - 2014-01-14 09:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2014-01-14 09:10 - 2014-01-14 09:12 - 00000000 ____D C:\2d54fd11d4a21bedef934bca70bb
2014-01-14 08:49 - 2014-01-14 08:49 - 00000000 ____D C:\Documents and Settings\Mitch\Application Data\AVAST Software
2014-01-14 08:44 - 2014-01-16 17:04 - 00000362 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-01-14 08:44 - 2014-01-14 08:44 - 00001733 _____ C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2014-01-14 08:44 - 2014-01-14 08:44 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Avast
2014-01-14 08:43 - 2014-01-14 08:42 - 00775952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-01-14 08:43 - 2014-01-14 08:42 - 00410528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-01-14 08:43 - 2014-01-14 08:42 - 00180248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-01-14 08:43 - 2014-01-14 08:42 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-01-14 08:43 - 2014-01-14 08:42 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-01-14 08:43 - 2014-01-14 08:42 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-01-14 08:43 - 2014-01-14 08:42 - 00049944 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-01-14 08:42 - 2014-01-14 08:42 - 00270240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-01-14 08:42 - 2014-01-14 08:42 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-01-14 08:38 - 2014-01-14 08:38 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-14 08:14 - 2013-07-02 21:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2014-01-14 08:08 - 2013-07-16 19:58 - 00123008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys
2014-01-14 08:08 - 2013-07-16 19:58 - 00060160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys
2014-01-14 08:08 - 2013-07-16 19:58 - 00046848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irbus.sys
2014-01-14 08:02 - 2013-08-08 19:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2014-01-12 19:26 - 2014-01-12 20:09 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\HitmanPro
2014-01-11 15:57 - 2014-01-11 16:16 - 01601276 _____ C:\Documents and Settings\Mitch\My Documents\AutoRuns.arn
2014-01-11 15:11 - 2014-01-11 15:11 - 00000000 ____D C:\Documents and Settings\Mitch\Local Settings\Application Data\AVG Secure Search
2014-01-11 10:56 - 2014-01-11 10:56 - 00000000 ____D C:\Program Files\ESET
2014-01-11 10:44 - 2014-01-11 10:45 - 00003550 _____ C:\Documents and Settings\Mitch\Desktop\Rkill.txt
2014-01-10 23:00 - 2014-01-14 08:35 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-01-10 17:52 - 2014-01-10 21:47 - 00002265 _____ C:\Documents and Settings\Mitch\Desktop\avgrep.txt
2014-01-10 17:01 - 2014-01-10 17:01 - 00000000 ____D C:\Documents and Settings\Mitch\Application Data\Malwarebytes
2014-01-10 17:00 - 2014-01-10 17:00 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-10 17:00 - 2014-01-10 17:00 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-10 17:00 - 2014-01-10 17:00 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-01-10 17:00 - 2014-01-10 17:00 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-01-10 17:00 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-01-10 16:46 - 2014-01-10 16:47 - 00000000 __SHD C:\WINDOWS\CSC
2013-12-20 12:47 - 2013-12-20 12:48 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-01-16 17:21 - 2012-08-12 06:48 - 00000000 ____D C:\Documents and Settings\Mitch
2014-01-16 17:06 - 2014-01-15 11:33 - 00017426 _____ C:\WINDOWS\setupapi.log
2014-01-16 17:04 - 2014-01-14 08:44 - 00000362 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-01-16 17:04 - 2012-08-10 08:29 - 01707413 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-16 17:02 - 2012-11-18 11:30 - 00000159 _____ C:\WINDOWS\wiadebug.log
2014-01-16 17:02 - 2012-11-18 11:30 - 00000049 _____ C:\WINDOWS\wiaservc.log
2014-01-16 17:02 - 2004-08-04 05:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-16 17:01 - 2012-08-10 08:54 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-16 15:36 - 2012-08-12 06:48 - 00000278 ___SH C:\Documents and Settings\Mitch\ntuser.ini
2014-01-16 15:36 - 2012-08-10 08:54 - 00032628 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-16 14:43 - 2013-07-04 18:46 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-16 08:14 - 2014-01-16 08:14 - 00000000 ____D C:\FRST
2014-01-15 13:44 - 2012-08-10 08:37 - 00000178 __SHC C:\Documents and Settings\NetworkService\ntuser.ini
2014-01-15 13:40 - 2014-01-15 13:40 - 00000000 ____D C:\Documents and Settings\Mitch\My Documents\ProcessExplorer
2014-01-15 13:40 - 2014-01-14 17:52 - 00000000 ____D C:\Documents and Settings\Mitch\Desktop\ProcessExplorer
2014-01-15 10:27 - 2014-01-14 14:42 - 00000000 ____D C:\Program Files\Probit Software
2014-01-15 10:26 - 2014-01-15 10:26 - 00000560 _____ C:\Documents and Settings\Mitch\My Documents\cc_20140115_102621.reg
2014-01-15 10:26 - 2014-01-15 10:25 - 00082116 _____ C:\Documents and Settings\Mitch\My Documents\cc_20140115_102538.reg
2014-01-15 10:23 - 2013-11-27 09:41 - 00000000 ____D C:\Documents and Settings\Mitch\Application Data\BitTorrent
2014-01-15 09:58 - 2014-01-15 09:58 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2014-01-15 09:58 - 2014-01-15 09:58 - 00000000 ____D C:\Program Files\CCleaner
2014-01-14 18:10 - 2014-01-14 18:10 - 00000000 ____D C:\Program Files\SystemRequirementsLab
2014-01-14 18:06 - 2012-08-16 06:26 - 00068256 ____C C:\Documents and Settings\Mitch\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-01-14 16:54 - 2014-01-14 16:54 - 00000000 ____D C:\Documents and Settings\Mitch\Application Data\SystemRequirementsLab
2014-01-14 15:03 - 2014-01-14 15:03 - 00000000 ____D C:\WINDOWS\Sun
2014-01-14 15:03 - 2014-01-14 15:03 - 00000000 ____D C:\Documents and Settings\Mitch\Local Settings\Application Data\Sun
2014-01-14 15:01 - 2014-01-14 15:01 - 00000000 ____D C:\Program Files\Common Files\Java
2014-01-14 15:01 - 2014-01-14 15:01 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Sun
2014-01-14 15:00 - 2014-01-14 15:00 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-01-14 14:59 - 2014-01-14 15:01 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-01-14 14:59 - 2014-01-14 15:01 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-01-14 14:59 - 2014-01-14 15:00 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-01-14 14:59 - 2014-01-14 15:00 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-01-14 14:59 - 2014-01-14 15:00 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-14 14:58 - 2014-01-14 14:58 - 00000000 ____D C:\Program Files\Java
2014-01-14 14:57 - 2014-01-14 14:57 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\McAfee
2014-01-14 14:54 - 2014-01-14 14:54 - 00000000 ____D C:\Documents and Settings\Mitch\Application Data\Sun
2014-01-14 14:13 - 2013-08-14 08:11 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2014-01-14 13:46 - 2012-08-10 04:04 - 00263824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-14 13:39 - 2012-08-15 02:23 - 00000000 ____D C:\WINDOWS\ie8updates
2014-01-14 13:38 - 2014-01-14 13:38 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2014-01-14 13:38 - 2014-01-14 13:38 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2014-01-14 13:38 - 2012-08-15 02:04 - 00024054 ____C C:\WINDOWS\system32\TZLog.log
2014-01-14 13:35 - 2014-01-14 13:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2014-01-14 13:35 - 2014-01-14 13:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2014-01-14 13:35 - 2014-01-14 13:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2014-01-14 13:31 - 2012-08-10 04:06 - 00493518 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-14 13:17 - 2014-01-14 13:17 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2014-01-14 13:04 - 2013-08-14 08:15 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2014-01-14 11:10 - 2014-01-14 11:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB961118$
2014-01-14 09:42 - 2014-01-14 09:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2014-01-14 09:42 - 2014-01-14 09:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2014-01-14 09:41 - 2014-01-14 09:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2014-01-14 09:41 - 2014-01-14 09:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2014-01-14 09:40 - 2014-01-14 09:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2014-01-14 09:40 - 2014-01-14 09:39 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2014-01-14 09:39 - 2014-01-14 09:39 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$
2014-01-14 09:39 - 2014-01-14 09:39 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$
2014-01-14 09:37 - 2014-01-14 09:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2014-01-14 09:37 - 2014-01-14 09:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2014-01-14 09:36 - 2014-01-14 09:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2014-01-14 09:35 - 2014-01-14 09:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2014-01-14 09:34 - 2014-01-14 09:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$
2014-01-14 09:30 - 2014-01-14 09:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2014-01-14 09:12 - 2014-01-14 09:10 - 00000000 ____D C:\2d54fd11d4a21bedef934bca70bb
2014-01-14 08:49 - 2014-01-14 08:49 - 00000000 ____D C:\Documents and Settings\Mitch\Application Data\AVAST Software
2014-01-14 08:44 - 2014-01-14 08:44 - 00001733 _____ C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2014-01-14 08:44 - 2014-01-14 08:44 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Avast
2014-01-14 08:42 - 2014-01-14 08:43 - 00775952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-01-14 08:42 - 2014-01-14 08:43 - 00410528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-01-14 08:42 - 2014-01-14 08:43 - 00180248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-01-14 08:42 - 2014-01-14 08:43 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-01-14 08:42 - 2014-01-14 08:43 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-01-14 08:42 - 2014-01-14 08:43 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-01-14 08:42 - 2014-01-14 08:43 - 00049944 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-01-14 08:42 - 2014-01-14 08:42 - 00270240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-01-14 08:42 - 2014-01-14 08:42 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-01-14 08:38 - 2014-01-14 08:38 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-14 08:35 - 2014-01-10 23:00 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-01-13 08:01 - 2012-08-10 08:31 - 00001507 _____ C:\Documents and Settings\All Users\Start Menu\Windows Update.lnk
2014-01-12 20:09 - 2014-01-12 19:26 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\HitmanPro
2014-01-12 18:52 - 2012-08-15 02:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB974112$
2014-01-12 13:16 - 2012-08-10 08:25 - 00000000 ____D C:\WINDOWS\Registration
2014-01-11 16:16 - 2014-01-11 15:57 - 01601276 _____ C:\Documents and Settings\Mitch\My Documents\AutoRuns.arn
2014-01-11 15:11 - 2014-01-11 15:11 - 00000000 ____D C:\Documents and Settings\Mitch\Local Settings\Application Data\AVG Secure Search
2014-01-11 13:39 - 2012-08-19 14:39 - 00000000 ____D C:\Documents and Settings\Mitch\Application Data\BabylonToolbar
2014-01-11 10:56 - 2014-01-11 10:56 - 00000000 ____D C:\Program Files\ESET
2014-01-11 10:45 - 2014-01-11 10:44 - 00003550 _____ C:\Documents and Settings\Mitch\Desktop\Rkill.txt
2014-01-10 21:50 - 2012-08-15 02:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB950762$
2014-01-10 21:47 - 2014-01-10 17:52 - 00002265 _____ C:\Documents and Settings\Mitch\Desktop\avgrep.txt
2014-01-10 17:34 - 2012-08-15 02:13 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2631813$
2014-01-10 17:01 - 2014-01-10 17:01 - 00000000 ____D C:\Documents and Settings\Mitch\Application Data\Malwarebytes
2014-01-10 17:00 - 2014-01-10 17:00 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-10 17:00 - 2014-01-10 17:00 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-10 17:00 - 2014-01-10 17:00 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-01-10 17:00 - 2014-01-10 17:00 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-01-10 16:47 - 2014-01-10 16:46 - 00000000 __SHD C:\WINDOWS\CSC
2013-12-20 17:17 - 2013-07-01 07:34 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-20 12:48 - 2013-12-20 12:47 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-18 18:10 - 2013-12-02 15:06 - 00000000 ____D C:\Documents and Settings\Mitch\Application Data\vlc

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
  • 0

#7
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
Hello mj12687,

Please download ComboFix from this location:

Link

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.

  • Double click on ComboFix.exe & follow the prompts.
  • If you have an older Operating System you may be asked whether you want to install the Recovery Console. Click yes and follow any prompts.
  • Your desktop may go blank. This is normal.
  • ComboFix may appear to be doing nothing for quite long periods, this is normal, just leave it to do it's job.
  • ComboFix may reboot your machine. This is normal too.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  • 0

#8
mj12687

mj12687

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
here is the new log you asked for. it seems to be running i little quicker i use mozzila for most of my internet stuff its still slow to open and slow to load your web page it also tells me there is a script error on the page. i use internet explorer for work as their website requires it. i have been unable to load our work website for a few days now.

ComboFix 14-01-16.03 - Mitch 01/16/2014 18:35:18.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1546 [GMT -5:00]
Running from: c:\documents and settings\Mitch\My Documents\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Mitch\My Documents\~WRL1066.tmp
c:\documents and settings\Mitch\My Documents\~WRL3779.tmp
.
.
((((((((((((((((((((((((( Files Created from 2013-12-16 to 2014-01-16 )))))))))))))))))))))))))))))))
.
.
2014-01-16 13:14 . 2014-01-16 13:14 -------- d-----w- C:\FRST
2014-01-15 14:58 . 2014-01-15 14:58 -------- d-----w- c:\program files\CCleaner
2014-01-14 23:10 . 2014-01-14 23:10 -------- d-----w- c:\program files\SystemRequirementsLab
2014-01-14 21:54 . 2014-01-14 21:54 -------- d-----w- c:\documents and settings\Mitch\Application Data\SystemRequirementsLab
2014-01-14 20:03 . 2014-01-14 20:03 -------- d-----w- c:\windows\Sun
2014-01-14 20:03 . 2014-01-14 20:03 -------- d-----w- c:\documents and settings\Mitch\Local Settings\Application Data\Sun
2014-01-14 20:01 . 2014-01-14 20:01 -------- d-----w- c:\program files\Common Files\Java
2014-01-14 20:01 . 2014-01-14 19:59 145408 ----a-w- c:\windows\system32\javacpl.cpl
2014-01-14 20:00 . 2014-01-14 19:59 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-01-14 19:58 . 2014-01-14 19:58 -------- d-----w- c:\program files\Java
2014-01-14 19:57 . 2014-01-14 19:57 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2014-01-14 19:42 . 2014-01-15 15:27 -------- d-----w- c:\program files\Probit Software
2014-01-14 14:10 . 2014-01-14 14:12 -------- d-----w- C:\2d54fd11d4a21bedef934bca70bb
2014-01-14 13:49 . 2014-01-14 13:49 -------- d-----w- c:\documents and settings\Mitch\Application Data\AVAST Software
2014-01-14 13:43 . 2014-01-14 13:42 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-01-14 13:43 . 2014-01-14 13:42 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-01-14 13:43 . 2014-01-14 13:42 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-01-14 13:43 . 2014-01-14 13:42 410528 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-01-14 13:43 . 2014-01-14 13:42 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-01-14 13:43 . 2014-01-14 13:42 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-01-14 13:43 . 2014-01-14 13:42 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2014-01-14 13:42 . 2014-01-14 13:42 270240 ----a-w- c:\windows\system32\aswBoot.exe
2014-01-14 13:42 . 2014-01-14 13:42 43152 ----a-w- c:\windows\avastSS.scr
2014-01-14 13:38 . 2014-01-14 13:38 -------- d-----w- c:\program files\AVAST Software
2014-01-14 13:14 . 2013-07-03 02:12 25088 -c----w- c:\windows\system32\dllcache\hidparse.sys
2014-01-14 13:08 . 2013-07-17 00:58 123008 -c----w- c:\windows\system32\dllcache\usbvideo.sys
2014-01-14 13:08 . 2013-07-17 00:58 46848 -c----w- c:\windows\system32\dllcache\irbus.sys
2014-01-14 13:08 . 2013-07-17 00:58 60160 -c----w- c:\windows\system32\dllcache\usbaudio.sys
2014-01-14 13:02 . 2013-08-09 00:55 5376 -c----w- c:\windows\system32\dllcache\usbd.sys
2014-01-13 00:26 . 2014-01-13 01:09 -------- d-----w- c:\documents and settings\All Users\Application Data\HitmanPro
2014-01-11 20:11 . 2014-01-11 20:11 -------- d-----w- c:\documents and settings\Mitch\Local Settings\Application Data\AVG Secure Search
2014-01-11 15:56 . 2014-01-11 15:56 -------- d-----w- c:\program files\ESET
2014-01-11 04:00 . 2014-01-14 13:35 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2014-01-10 22:01 . 2014-01-10 22:01 -------- d-----w- c:\documents and settings\Mitch\Application Data\Malwarebytes
2014-01-10 22:00 . 2014-01-10 22:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2014-01-10 22:00 . 2014-01-10 22:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-01-10 22:00 . 2013-04-04 19:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-11 15:43 . 2013-07-04 23:45 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 15:43 . 2013-07-04 23:45 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-11-13 02:59 . 2004-08-04 10:00 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-07 05:38 . 2004-08-04 10:00 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:03 . 2012-08-14 07:00 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-11-02 11:06 . 2013-06-12 15:00 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-11-02 11:06 . 2013-06-12 15:00 348160 ----a-w- c:\windows\system32\msvcr71.dll
2013-11-02 11:06 . 2013-06-12 15:00 1060864 ----a-w- c:\windows\system32\MFC71.dll
2013-11-02 11:06 . 2013-06-12 15:09 269312 ----a-w- c:\windows\uninst.exe
2013-11-02 11:06 . 2013-06-12 15:00 57344 ----a-w- c:\windows\system32\MFC71ENU.DLL
2013-10-30 02:26 . 2004-08-04 10:00 1879040 ----a-w- c:\windows\system32\win32k.sys
2013-10-29 07:57 . 2006-03-04 03:33 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-29 07:57 . 2004-08-04 10:00 43520 ------w- c:\windows\system32\licmgr10.dll
2013-10-29 07:57 . 2004-08-04 10:00 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-29 07:57 . 2004-08-04 10:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-10-29 00:45 . 2004-08-04 10:00 385024 ------w- c:\windows\system32\html.iec
2013-10-23 23:45 . 2004-08-04 10:00 172032 ----a-w- c:\windows\system32\scrrun.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-14 13:42 259464 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\documents and settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe" [2010-05-21 324976]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-10-08 995328]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-10-08 1101824]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-03-31 138008]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-03-31 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-03-30 138008]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\stsystra.exe" [2007-05-10 405504]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-10 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"TDSReanimator"="c:\program files\Common Files\Teradyne\TDSReanimator.exe" [2013-12-03 12288]
"ISUSPM"="c:\documents and settings\All Users\Application Data\FLEXnet\Connect\11\\isuspm.exe" [2010-05-21 324976]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-14 3764024]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
J2534 Config App (Ford-VCM-II).lnk - c:\program files\Bosch\VTX-VCI\VCI Software (Ford-VCM-II)\J2534 Configuration\J2534ConfigApp.exe disable [2013-5-17 1585152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2013-08-16 13:07 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\Tabman.exe"=
"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\SysPage.exe"=
"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\testman.exe"=
"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\CodeServeD.exe"=
"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\XMLRegistryD.exe"=
"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\TDSNetConfig.exe"=
"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\PtchApply.exe"=
"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\Rtdb.exe"=
"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\Starburst.exe"=
"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\EngineeringFeedback.exe"=
"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\SystemDiagnostic.exe"=
"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\VMM.exe"=
"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\Probes\\C402.exe"=
"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\Probes\\C403.exe"=
"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\Probes\\C407.exe"=
"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\Probes\\C412.exe"=
"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\Probes\\C413.exe"=
"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\LVPCheck.exe"=
"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\vcl_pc.exe"=
"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\NetworkActivation.exe"=
"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\ProbeTickHandler.exe"=
"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\DetectionManager.exe"=
"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\Probes\\C418.exe"=
"c:\\Program Files\\Bosch\\VTX-VCI\\VCI Software (Ford-VCM-II)\\VCI Identification Service\\vci-ident.exe"=
"c:\\Program Files\\Bosch\\VTX-VCI\\VCI Software (Ford-VCM-II)\\VCI Manager\\vci-manager.exe"=
"c:\\Program Files\\Ford Motor Company\\IDS\\Runtime\\VCM2.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Documents and Settings\\Mitch\\Application Data\\BitTorrent\\BitTorrent.exe"=
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [1/14/2014 8:43 AM 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [1/14/2014 8:43 AM 180248]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [1/14/2014 8:43 AM 775952]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1/14/2014 8:43 AM 410528]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [1/14/2014 8:43 AM 67824]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [6/2/2011 11:08 AM 11336]
S3 DetectionManager;DetectionManager;c:\program files\Ford Motor Company\IDS\Runtime\DetectionManager.exe [8/14/2013 9:44 AM 385536]
S3 USB-100;Realtek RTL8150 USB 10/100 Fast Ethernet Adapter;c:\windows\system32\drivers\RTL8150.SYS [6/12/2013 10:08 AM 22016]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - PROCEXP152
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-04 15:43]
.
2012-11-10 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 21:57]
.
2014-01-16 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2014-01-14 13:42]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: dealerconnection.com\www.fordtechservice
TCP: DhcpNameServer = 192.168.15.1
TCP: Interfaces\{1776E74E-4CCB-4E96-A5FE-7AAEBAC6F83C}: NameServer = 64.7.11.2,66.80.130.23
FF - ProfilePath - c:\documents and settings\Mitch\Application Data\Mozilla\Firefox\Profiles\jye5nhyy.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-uTorrent - c:\program files\uTorrent\uTorrent.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-01-16 18:53
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1072)
c:\windows\system32\netprovcredman.dll
.
Completion time: 2014-01-16 18:59:19
ComboFix-quarantined-files.txt 2014-01-16 23:59
.
Pre-Run: 66,763,366,400 bytes free
Post-Run: 68,226,625,536 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 9CD5DF4D98EB37FF7F76112B1C24120B
8F558EB6672622401DA993E1E865C861
  • 0

#9
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
Hello mj12678,

Bit to do here. :)

Now

Run the chkdsk command to check for problems.

To do this:

  • Click Start, select Run,
  • Then type cmd in the box; to get to the Command Prompt utility
  • Click Ok
  • Run the chkdsk utility by copy and pasting or typing in the following command:
chkdsk c: /f /r

Note: The gaps should be there.

  • at the question "Would you like to schedule this volume to be checked the next time the system restarts?" type Y
  • Restart you computer and let chkdsk run
The /f command automatically fixes any errors encountered, the /r command locates bad sectors and recovers readable information.

Be patient, it can take a long time.

When it's finished come back and tell me how it went.

Step 2

Please run the System File Checker.

Follow these steps:

  • Click Start > Run and type sfc /scannow (note the space, it should be there), and then press ENTER.
  • Follow the prompts throughout the System File Checker process.
  • Restart your computer when System File Checker process is complete.
Step 3

Reinstall Firefox.

Please go to Uninstall Firefox and follow the instructions for uninstalling Firefox but don't tick the box to Remove my Firefox personal data and customizations.

After that reinstall Firefox.

Note: If you do not have the Firefox Installer on your machine you will need to download it from here.

Come back and tell me if that has made a difference to your Firefox performance.

Also

Please download Farbar Service Scanner and run.

  • Make sure the following options are checked:


  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center/Action Center
  • Windows Update
  • Other Services

[*]Press Scan
[*]A log (FSS.txt) will be created in the same directory the tool is run.
[*]Copy and paste the log back here.
[/list]Lastly in this post

Please download Security Check by screen317 from here .

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
So when you return
  • post FSS.txt
  • post checkup.txt
  • tell me how chkdsk went
  • tell me how System File Checker went
  • tell me if reinstalling Firefox made a difference

  • 0

#10
mj12687

mj12687

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
okay i ran chkdsk last night it took all night to run and finish but it said all files clean. i went this morning to do step 2 the system file check and its asking me for the windows xp disk. i do not have it. if need be i can go buy one this afternoon or is there something else you would like me to do. it says files that are required for windows to run properly must be copied to the dll cache. i have not done the other steps yet but mozzilla seems to be a bit more responsive this morning.
  • 0

Advertisements


#11
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

i do not have it. if need be i can go buy one this afternoon or is there something else you would like me to do. it says files that are required for windows to run properly must be copied to the dll cache


You have some corrupt files on your machine. They may be part of the problem.

No need to buy a new disc we can reinstall SP3 but that is quite a big job. You may feel that your machine is running well enough now. Up to you really. Tell me whether you want to go ahead to replace SP3 when you return. Meantime continue with the other actions.

You didn't say whether you had reinstalled Firefox. The reason I was suggesting that is for the same reason that I asked you to run System File Checker... I think you may have some corruption there.

It would be good to see what FSS and Security Check have to say too.
  • 0

#12
mj12687

mj12687

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
okay so chkdsk said everything was clean. system file checker said i need the cd for xp, i uninstalled and reinstalled firefox still the same IE is also slow but no script error messages when logging onto your site. if reinstalling SP3 will help id like to do it the better it runs the easier things are for me at work. it still boots slow and the audio is crakling skipping even the little windows effects sounds.

Farbar Service Scanner Version: 08-01-2014
Ran by Mitch (administrator) on 17-01-2014 at 17:06:57
Running from "C:\Documents and Settings\Mitch\Local Settings\Temporary Internet Files\Content.IE5\THMTKJ8H"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Other Services:
==============


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
AegisP(8) aswTdi(10) Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x0A00000005000000010000000200000003000000040000000A00000009000000060000000700000008000000
IpSec Tag value is correct.

**** End of log ****



Results of screen317's Security Check version 0.99.79
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Please wait while WMIC is being installed.d
i
s
p
l
a
y
N
a
m
e
ECHO is off.
a
v
a
s
t
!
ECHO is off.
A
n
t
i
v
i
r
u
s
ECHO is off.
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
CCleaner
Java 7 Update 51
Adobe Flash Player 11.9.900.170
Mozilla Firefox (26.0)
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 10%
````````````````````End of Log``````````````````````
  • 0

#13
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

if reinstalling SP3 will help id like to do it the better it runs the easier things are for me at work.


You can uninstall and then reinstall SP3 (Service Pack 3) Here's the link for SP3 download

Link: http://www.microsoft...&displaylang=en

Disregard the information for use on multiple network computers.

Read this for information about what to do before installing SP3:

http://support.microsoft.com/kb/950717

How to remove Windows XP Service Pack 3

To uninstall SP3

  • Click Start > Control Panel >Add or Remove Programs
  • Click Windows XP Service Pack 3
  • Click Remove
After that

Care: Do not download and use if your hard drive is SSD (Solid State Disk).


Download Auslogics Disk Defrag and save it to your Desktop.

Double click and follow the prompts to install it. Note: only install the defrag utility. Some versions come with Askbar toolbars... do not install those or any other foistware that might be promoted.

Once installed, run the defrag utility.

At the end the utility may tell you that it has found Junk Files and recommend that you run a scan to remove. Disregard that suggestion, it is a promotion of a tool you don't need. All we are interested in here is the defrag. process.

Note: Do not download Windows Registry Cleaner which is promoted at the same site.

When you have completed all the above, try out your machine and then come back and tell me how it is now.
  • 0

#14
mj12687

mj12687

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
okay might be a dumb question but how do i know if i have a solid state hard drive or not
  • 0

#15
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
You would know if you had a Solid State drive but you can check by going to Start > Run and typing misinfo32 and looking under Components > Storage > Disks it should tell you somewhere in the list whether they are standard or ssd disk drives.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP