Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Malware info from NotePad. I need help. [Solved]


  • This topic is locked This topic is locked

#16
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
Please do the following:
  • Push both the Windows Start%20Orb.jpg and R button - in the box, type
    notepad.exe
    and press Enter.
  • Copy (Ctrl+C) all of the text in the following box and paste (Ctrl+V) it into Notepad
    @echo off
    type "C:\Documents and Settings\User\My Documents\Downloads\FRST.txt" >> "%userprofile%\desktop\FRST.txt"
  • Go to File > Save As... and save it to your Desktop named fix.bat. Make sure you change the Save as type to All Files (*.*)
  • Locate fix.bat on your Desktop and double-click on it.
After that you should find a FRST.txt file on your desktop.
Post its content into your reply.
 
Regards,
Naat :)
  • 1

Advertisements


#17
itsmesunny

itsmesunny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 300 posts

OK. I looked and found it I think.

 

FIREWALL is OFF

and

VIRUS PROTECTION is NOT FOUND

 

Is that all I need to start GMER now?


  • 0

#18
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
Yes, it is.

Please also mind (later, after posting Gmer) my instructions in the previous post #16 :)

I'm going offline as it is nearly 2 AM here. Will be back tomorrow.

Night :)
  • 0

#19
itsmesunny

itsmesunny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 300 posts

Ok. i am going to do GMER now.

 

 

Thanks.


Edited by itsmesunny, 24 June 2014 - 08:31 AM.

  • 0

#20
itsmesunny

itsmesunny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 300 posts

Ok Naat,

 

Here is the GMER stuff. It's not a lot compared to the others.

 

GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-06-23 20:24:27
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 WDC_WD600BB-75CAA0 rev.16.06V16 55.88GB
Running: gfujtf5t.exe; Driver: C:\DOCUME~1\User\LOCALS~1\Temp\kwpyikow.sys


---- System - GMER 2.1 ----

SSDT            \??\C:\WINDOWS\system32\drivers\avgtpx86.sys                       ZwEnumerateKey [0xF7982342]
SSDT            \??\C:\WINDOWS\system32\drivers\avgtpx86.sys                       ZwEnumerateValueKey [0xF79823F2]
SSDT            \??\C:\WINDOWS\system32\drivers\avgtpx86.sys                       ZwQueryValueKey [0xF798222A]
SSDT            \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS                 ZwTerminateProcess [0xF6FA1640]

---- User code sections - GMER 2.1 ----

.text           C:\WINDOWS\system32\SearchIndexer.exe[564] kernel32.dll!WriteFile  7C8112FF 7 Bytes  JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL

---- Devices - GMER 2.1 ----

AttachedDevice  \FileSystem\Fastfat \Fat                                           fltmgr.sys

---- EOF - GMER 2.1 ----
 


Edited by itsmesunny, 23 June 2014 - 06:26 PM.

  • 0

#21
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Hello Sunny :)

 

OK, to summarize, you have posted me twice addidtion.txt logfile and Gmer one. We still need FRST.txt as it contains plenty of useful information for me.

 

Please do the following:

  • Push both the Windows Start%20Orb.jpg and R button - in the box, type
    notepad.exe
    and press Enter.
     
  • Copy (Ctrl+C) all of the text in the following box and paste (Ctrl+V) it into Notepad
    @echo off
    type "C:\Documents and Settings\User\My Documents\Downloads\FRST.txt" >> "%userprofile%\desktop\FRST.txt"
  • Go to File > Save As... and save it to your Desktop named fix.bat. Make sure you change the Save as type to All Files (*.*)
     
  • Locate fix.bat on your Desktop and double-click on it.

After that you should find a FRST.txt file on your desktop.
Post its content into your reply.
 
Regards,
Naat :)


  • 0

#22
itsmesunny

itsmesunny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 300 posts

Hi!

 

Will be on the Dell shortly.


  • 0

#23
itsmesunny

itsmesunny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 300 posts

Ok Naat! Here ya go!

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:22-06-2014
Ran by User (administrator) on USER-R6PHPMKAQL on 23-06-2014 18:18:21
Running from C:\Documents and Settings\User\My Documents\Downloads
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
() C:\Program Files\pcmax\pcmax.exe
() C:\Documents and Settings\User\Application Data\VOPackage\VOsrv.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe
(Microsoft Corporation) C:\WINDOWS\system32\MsPMSPSv.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Client Connect LTD) C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe
(Client Connect LTD) C:\PROGRA~1\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\PROGRA~1\SearchProtect\UI\bin\cltmngui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\AVG SafeGuard toolbar\vprot.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe
(Client Connect LTD) C:\DOCUME~1\User\LOCALS~1\Temp\~nsu.tmp\Au_.exe
(Client Connect LTD) C:\DOCUME~1\User\LOCALS~1\Temp\~nsu.tmp\Bu_.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM\...\Run: [vProt] => C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2557976 2014-06-06] ()
HKLM\...\Run: [fst_us_92] => [X]
HKLM\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] ()
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-602162358-1275210071-725345543-1004\...\Run: [SB Audigy 2 Startup Menu] =>  /L:ENG
HKU\S-1-5-21-602162358-1275210071-725345543-1004\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5626136 2014-06-05] (SUPERAntiSpyware)
HKU\S-1-5-21-602162358-1275210071-725345543-1004\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] ()
HKU\S-1-5-21-602162358-1275210071-725345543-1004\...\Run: [DellSystemDetect] => C:\Documents and Settings\User\Local Settings\Apps\2.0\A8LMOTVO.4B3\RO0X0G3X.50N\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe [262720 2014-06-12] (Dell)
HKU\S-1-5-21-602162358-1275210071-725345543-1004\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-602162358-1275210071-725345543-1004\...\Policies\Explorer: [HideSCAHealth] 1
AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll File Not Found
AppInit_DLLs:  C:\PROGRA~1\SupTab\SEARCH~1.DLL => C:\Program Files\SupTab\SearchProtect32.dll [91248 2014-05-08] ()
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
ShortcutTarget: Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\New Folder ()
HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION
HKLM\...\AppCertDlls: [x86] -> c:\program files\movies toolbar\datamngr\apcrtldr.dll <===== ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.v9.com...q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?t...psd&t=343b7fff2
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.v9.com...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?t...psd&t=343b7fff2
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.v9.com...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.v9.com...q={searchTerms}
URLSearchHook: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.v9.com/?t...psd&t=343b7fff2
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com...q={searchTerms}
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com...q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.as...q={searchTerms}
SearchScopes: HKCU - {0B3C2C3D-A31D-45F9-96FB-6A70FA831FA1} URL = http://search.condui...4941131319&UM=2
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://securedsearch...q={searchTerms}
SearchScopes: HKCU - {87D11DC9-F398-4292-ABB0-4DF9D2EF17D0} URL = http://www.flickr.co...q={searchTerms}
SearchScopes: HKCU - {8CC1BEF9-4220-409E-B8F1-7734AC0191A2} URL = http://www.search.as...rms}&psv=&pt=tb
SearchScopes: HKCU - {8E02D41C-5924-4816-9490-33CCD28BEB72} URL = http://search.yahoo....q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.as...q={searchTerms}
SearchScopes: HKCU - {C47C311F-AA0D-437B-8EA1-A9557ECCBED7} URL = http://www.mysearchr...q={searchTerms}
SearchScopes: HKCU - {C9E2458E-64D8-48D2-93D9-B4D234A8D777} URL = http://rover.ebay.co...e={searchTerms}
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo....erms}&fr=mkg028
SearchScopes: HKCU - {ED11499D-4B64-42BC-89CF-86F8BE566741} URL = http://delicious.com...p={searchTerms}
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpa...4-0007E9759CBC}
BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
BHO: Discount Buddy - {11111111-1111-1111-1111-110211671166} - C:\Program Files\Discount Buddy\Discount Buddy.dll No File
BHO: Plus-HD-04 - {11111111-1111-1111-1111-110511831152} - C:\Program Files\Plus-HD-04\Plus-HD-04-bho.dll No File
BHO: DownloadTerms - {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - C:\Documents and Settings\User\Local Settings\Application Data\DownloadTerms\temp.dat ()
BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll No File
BHO: Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~1\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll No File
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: DefaultTab Browser Helper - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Documents and Settings\User\Application Data\DefaultTab\DefaultTab\DefaultTabBHO.dll No File
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name - {E8861423-0DAB-459E-A8D5-DB264E69E70C} -  No File
BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
Toolbar: HKLM - Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~1\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll No File
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll (AVG Secure Search)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 207.5.171.1 207.5.171.2

FireFox:
========
FF ProfilePath: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\asymwfoh.default-1402681398921
FF Homepage: https://startpage.com
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.0\\npsitesafety.dll No File
FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\adawaretb.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\v9.xml
FF Extension: Facebook Share Button - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\asymwfoh.default-1402681398921\Extensions\{d4e0dc9c-c356-438e-afbe-dca439f4399d} [2014-06-14]
FF Extension: Social Fixer - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\asymwfoh.default-1402681398921\Extensions\[email protected] [2014-06-13]
FF Extension: Updated Ad Blocker for Firefox 11+ - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\asymwfoh.default-1402681398921\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi [2014-06-13]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-02-21]
FF HKLM\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar\FireFoxExt\18.1.0.443
FF Extension: AVG SafeGuard toolbar - C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar\FireFoxExt\18.1.0.443 [2014-06-06]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\3nfzcra3.default\extensions\[email protected]

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [120088 2013-10-10] (SUPERAntiSpyware.com)
R2 CltMngSvc; C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe [2497856 2014-05-23] (Client Connect LTD)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-05-07] (Oracle Corporation)
R2 Net Driver HPZ12; C:\WINDOWS\System32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 pcmaxservice; C:\Program Files\pcmax\pcmax.exe [241344 2014-05-29] ()
R2 Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 vosr; C:\Documents and Settings\User\Application Data\VOPackage\VOsrv.exe [55808 2014-06-06] () [File not signed]
R2 vToolbarUpdater18.1.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [1801240 2014-06-06] (AVG Secure Search)
R2 WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [53520 2000-06-26] (Microsoft Corporation) [File not signed]
S2 MBAMScheduler; "\mbamscheduler.exe" [X]
S2 MBAMService; "\mbamservice.exe" [X]

==================== Drivers (Whitelisted) ====================

R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [42272 2014-06-06] (AVG Technologies)
R3 bpusbflt; C:\WINDOWS\System32\Drivers\bpusbflt.sys [9597 2003-10-10] (Micro Solutions, Inc.) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 COMMONFX.DLL; C:\WINDOWS\System32\COMMONFX.DLL [98600 2007-04-18] (Creative Technology Ltd)
S3 CT20XUT.DLL; C:\WINDOWS\System32\CT20XUT.DLL [164608 2007-04-12] (Creative Technology Ltd.)
S3 CTAUDFX.DLL; C:\WINDOWS\System32\CTAUDFX.DLL [546048 2007-04-12] (Creative Technology Ltd)
S3 ctdvda2k; C:\WINDOWS\System32\drivers\ctdvda2k.sys [347128 2007-04-10] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\WINDOWS\System32\CTEAPSFX.DLL [168192 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\WINDOWS\System32\CTEDSPFX.DLL [280320 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\WINDOWS\System32\CTEDSPIO.DLL [128768 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPSY.DLL; C:\WINDOWS\System32\CTEDSPSY.DLL [323328 2007-04-12] (Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\WINDOWS\System32\CTERFXFX.DLL [94976 2007-04-12] (Creative Technology Ltd)
S3 CTEXFIFX.DLL; C:\WINDOWS\System32\CTEXFIFX.DLL [1317632 2007-04-12] (Creative Technology Ltd.)
S3 CTHWIUT.DLL; C:\WINDOWS\System32\CTHWIUT.DLL [66816 2007-04-12] (Creative Technology Ltd.)
S3 CTSBLFX.DLL; C:\WINDOWS\System32\CTSBLFX.DLL [560384 2007-04-12] (Creative Technology Ltd)
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [797992 2007-04-10] (Creative Technology Ltd)
S3 hap16v2k; C:\WINDOWS\System32\drivers\hap16v2k.sys [163112 2007-04-10] (Creative Technology Ltd)
S3 hap17v2k; C:\WINDOWS\System32\drivers\hap17v2k.sys [189736 2007-04-10] (Creative Technology Ltd)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2008-01-24] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2008-01-24] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2008-01-24] (HP)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R1 OMCI; C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS [13632 2001-08-22] (Dell Computer Corporation) [File not signed]
R2 PfModNT; C:\WINDOWS\system32\drivers\PfModNT.sys [16168 2007-04-10] (Creative Technology Ltd.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SWDUMon; C:\WINDOWS\System32\DRIVERS\SWDUMon.sys [13464 2014-06-13] ()
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S4 IntelIde; No ImagePath
S3 JL2005C; System32\Drivers\jl2005c.sys [X]
S3 MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-23 18:06 - 2014-06-23 18:18 - 00000000 ____D () C:\FRST
2014-06-13 16:56 - 2014-06-13 16:56 - 00000738 _____ () C:\Documents and Settings\User\Start Menu\Programs\Outlook Express.lnk
2014-06-13 13:18 - 2014-06-14 10:00 - 00000334 _____ () C:\WINDOWS\Tasks\PC HealthFix Scan Results Alert 2.job
2014-06-13 13:18 - 2014-06-14 09:00 - 00000330 _____ () C:\WINDOWS\Tasks\PC HealthFix Desktop Alert.job
2014-06-13 13:18 - 2014-06-13 17:00 - 00000334 _____ () C:\WINDOWS\Tasks\PC HealthFix Desktop Warning.job
2014-06-13 13:18 - 2014-06-13 15:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\PC HealthFix
2014-06-13 13:18 - 2014-06-13 15:26 - 00000714 _____ () C:\WINDOWS\PCHealthFix.INI
2014-06-13 13:18 - 2014-06-13 13:18 - 00000334 _____ () C:\WINDOWS\Tasks\PC HealthFix Scan Results Alert.job
2014-06-13 13:18 - 2014-06-13 13:18 - 00000334 _____ () C:\WINDOWS\Tasks\PC HealthFix Malware Alert.job
2014-06-13 13:17 - 2014-06-13 13:28 - 00000000 ____D () C:\Program Files\Software Updater
2014-06-13 13:17 - 2014-06-13 13:17 - 00000354 _____ () C:\WINDOWS\Tasks\At1.job
2014-06-13 13:17 - 2014-06-13 13:17 - 00000000 ____D () C:\Program Files\pcmax
2014-06-13 10:32 - 2014-06-13 10:32 - 00000803 _____ () C:\Documents and Settings\User\Start Menu\Programs\Internet Explorer.lnk
2014-06-12 20:58 - 2014-06-12 20:58 - 00000000 ____D () C:\Documents and Settings\User\Application Data\SUPERAntiSpyware.com
2014-06-12 20:57 - 2014-06-12 20:58 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-06-12 20:57 - 2014-06-12 20:57 - 00001678 _____ () C:\Documents and Settings\User\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-06-12 20:57 - 2014-06-12 20:57 - 00000000 ____D () C:\Documents and Settings\User\Start Menu\Programs\SUPERAntiSpyware
2014-06-12 20:57 - 2014-06-12 20:57 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2014-06-12 19:10 - 2014-06-12 19:10 - 00000000 ____D () C:\Program Files\Dell Support Center
2014-06-12 19:10 - 2014-06-12 19:10 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Dell
2014-06-12 19:10 - 2014-06-12 19:10 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Dell
2014-06-12 18:51 - 2014-06-12 18:51 - 00000000 ____D () C:\Documents and Settings\User\Start Menu\Programs\Dell
2014-06-12 18:25 - 2014-06-13 13:01 - 00000458 _____ () C:\WINDOWS\Tasks\SystemToolsDailyTest.job
2014-06-12 18:25 - 2014-06-12 18:25 - 00000520 _____ () C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
2014-06-12 18:16 - 2014-06-12 19:43 - 00455560 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-602162358-1275210071-725345543-1004-0.dat
2014-06-12 15:55 - 2014-06-12 15:55 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\PCDr
2014-06-12 15:52 - 2014-06-12 19:10 - 00000000 ____D () C:\Program Files\My Dell
2014-06-12 15:49 - 2014-06-23 17:52 - 00000000 ____D () C:\temp
2014-06-12 15:49 - 2014-06-12 15:49 - 00000000 ____D () C:\Documents and Settings\User\Application Data\PCDr
2014-06-09 13:21 - 2014-06-09 13:21 - 00023392 _____ () C:\WINDOWS\system32\nscompat.tlb
2014-06-09 13:21 - 2014-06-09 13:21 - 00016832 _____ () C:\WINDOWS\system32\amcompat.tlb
2014-06-09 13:19 - 2014-06-09 13:19 - 00000524 _____ () C:\WINDOWS\updspapi.log
2014-06-09 13:18 - 2014-06-12 16:48 - 00019268 _____ () C:\WINDOWS\wmsetup.log
2014-06-09 13:18 - 2014-06-09 13:21 - 00014433 _____ () C:\WINDOWS\spupdsvc.log
2014-06-09 13:18 - 2014-06-09 13:19 - 00012102 _____ () C:\WINDOWS\wmp11Uninst.log
2014-06-09 13:06 - 2014-06-09 13:06 - 00000416 _____ () C:\WINDOWS\Tasks\ParetoLogic Update Version3_triggeronce.job
2014-06-09 13:06 - 2014-06-09 13:06 - 00000000 ____D () C:\Documents and Settings\User\Application Data\ParetoLogic
2014-06-09 13:05 - 2014-06-12 21:48 - 00226488 _____ () C:\Documents and Settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-06-09 13:05 - 2014-06-09 13:09 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\ParetoLogic
2014-06-09 12:56 - 2014-06-09 12:56 - 00000000 ____D () C:\Program Files\predm
2014-06-09 12:50 - 2014-06-13 16:57 - 00182806 _____ () C:\WINDOWS\ocgen.log
2014-06-09 12:50 - 2014-06-13 16:57 - 00153788 _____ () C:\WINDOWS\FaxSetup.log
2014-06-09 12:50 - 2014-06-13 16:57 - 00086684 _____ () C:\WINDOWS\tsoc.log
2014-06-09 12:50 - 2014-06-13 16:57 - 00056954 _____ () C:\WINDOWS\comsetup.log
2014-06-09 12:50 - 2014-06-13 16:57 - 00046604 _____ () C:\WINDOWS\ntdtcsetup.log
2014-06-09 12:50 - 2014-06-13 16:57 - 00038955 _____ () C:\WINDOWS\setupapi.log
2014-06-09 12:50 - 2014-06-13 16:57 - 00015665 _____ () C:\WINDOWS\iis6.log
2014-06-09 12:50 - 2014-06-13 16:57 - 00011810 _____ () C:\WINDOWS\ocmsn.log
2014-06-09 12:50 - 2014-06-13 16:57 - 00010958 _____ () C:\WINDOWS\msgsocm.log
2014-06-09 12:50 - 2014-06-13 16:57 - 00001917 _____ () C:\WINDOWS\imsins.log
2014-06-09 12:41 - 2014-06-13 16:50 - 00000240 _____ () C:\WINDOWS\setupact.log
2014-06-09 12:41 - 2014-06-09 12:41 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-06-09 12:39 - 2014-06-23 17:52 - 00764268 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-09 12:39 - 2014-06-23 17:49 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-06-09 12:39 - 2014-06-23 17:49 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-06-09 12:39 - 2014-06-13 09:03 - 00740632 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-09 12:39 - 2014-06-09 12:39 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-06-09 12:35 - 2014-06-23 17:49 - 00000360 _____ () C:\WINDOWS\Tasks\Wise Care 365.job
2014-06-09 12:35 - 2014-06-09 12:35 - 00000340 _____ () C:\WINDOWS\Tasks\Wise Turbo Checker.job
2014-06-09 11:46 - 2014-06-09 11:46 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-06-09 11:22 - 2014-06-09 11:22 - 00000000 ____D () C:\Documents and Settings\User\Application Data\SparkTrust
2014-06-09 11:22 - 2014-06-09 11:22 - 00000000 ____D () C:\Documents and Settings\User\Application Data\DriverCure
2014-06-09 11:21 - 2014-06-09 11:59 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\SparkTrust
2014-06-09 11:21 - 2014-06-09 11:21 - 00000396 _____ () C:\WINDOWS\Tasks\SparkTrust Update Version3_triggeronce.job
2014-06-09 08:06 - 2012-06-02 15:18 - 00275696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mucltui.dll
2014-06-09 08:06 - 2012-06-02 15:18 - 00214256 _____ (Microsoft Corporation) C:\WINDOWS\system32\muweb.dll
2014-06-09 08:06 - 2012-06-02 15:18 - 00017136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mucltui.dll.mui
2014-06-08 19:06 - 2014-06-08 19:06 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-06-08 19:06 - 2014-06-08 19:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
2014-06-08 18:41 - 2014-06-08 18:41 - 00000000 ____D () C:\Documents and Settings\All Users\Uniblue
2014-06-08 18:29 - 2014-06-08 19:00 - 00000000 ____D () C:\Program Files\TotalSystemCare
2014-06-08 10:33 - 2014-06-08 10:33 - 00000000 ___HD () C:\WINDOWS\PIF
2014-06-07 20:24 - 2014-06-07 20:24 - 00000730 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-07 20:24 - 2014-06-07 20:24 - 00000724 _____ () C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2014-06-07 12:57 - 2014-06-07 13:18 - 00000000 ____D () C:\Documents and Settings\User\My Documents\AMERICA IN DEEP TROUBLE
2014-06-07 11:12 - 2014-06-07 11:12 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-06-07 11:11 - 2014-06-07 11:43 - 00000000 ____D () C:\WINDOWS\455F074C814E4520B69B5584BD90400C.TMP
2014-06-07 11:11 - 2014-06-07 11:11 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-06-07 10:07 - 2014-06-07 10:07 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-06-07 09:17 - 2007-07-27 23:11 - 00016760 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsg.dll
2014-06-07 08:22 - 2014-06-13 11:35 - 00012800 ___SH () C:\WINDOWS\system32\Thumbs.db
2014-06-06 21:28 - 2014-06-06 21:28 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\PCHealth
2014-06-06 21:28 - 2014-06-06 21:28 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\freeSOFTtoday
2014-06-06 21:10 - 2014-06-12 21:14 - 00000000 ____D () C:\Program Files\SupTab
2014-06-06 21:10 - 2014-06-12 21:14 - 00000000 ____D () C:\Program Files\ScanTack
2014-06-06 21:10 - 2014-06-12 21:14 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\IePluginServices
2014-06-06 21:10 - 2014-06-07 11:45 - 00000000 ____D () C:\Documents and Settings\User\Application Data\v9
2014-06-06 21:10 - 2014-06-06 21:10 - 00000000 ____D () C:\Documents and Settings\User\Application Data\SupTab
2014-06-06 21:01 - 2014-06-12 19:43 - 00417078 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-06-06 21:00 - 2014-06-06 21:00 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\com
2014-06-06 20:57 - 2014-06-12 21:03 - 00000000 ____D () C:\Program Files\globalUpdate
2014-06-06 20:57 - 2014-06-06 20:57 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\globalUpdate
2014-06-06 20:56 - 2014-06-06 20:56 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Local_Weather_LLC
2014-06-06 20:55 - 2014-06-12 21:14 - 00000000 ____D () C:\Documents and Settings\User\Start Menu\Programs\Weather Alerts
2014-06-06 20:55 - 2014-06-12 21:14 - 00000000 ____D () C:\Documents and Settings\User\Start Menu\Programs\VOPackage
2014-06-06 20:55 - 2014-06-12 21:14 - 00000000 ____D () C:\Documents and Settings\User\Application Data\VOPackage
2014-06-06 20:54 - 2014-06-12 21:14 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\WeatherAlerts
2014-06-06 17:37 - 2014-06-06 21:11 - 00000000 ____D () C:\Documents and Settings\User\Application Data\HpUpdate
2014-06-06 17:37 - 2014-06-06 17:37 - 00000000 ____D () C:\WINDOWS\Hewlett-Packard
2014-06-06 13:06 - 2014-06-06 17:32 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Apple Computer
2014-06-06 12:51 - 2014-06-06 12:51 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\McAfee
2014-06-06 12:48 - 2014-06-06 12:48 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\McAfee
2014-06-06 12:44 - 2014-06-06 12:44 - 00006144 ___SH () C:\Documents and Settings\User\My Documents\Thumbs.db
2014-06-06 12:30 - 2014-06-06 12:30 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Apple Computer
2014-06-06 12:30 - 2014-06-06 12:30 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Apple
2014-06-06 12:14 - 2014-06-12 21:14 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Browser Extensions
2014-06-06 12:14 - 2014-06-06 12:14 - 00000000 ____D () C:\Documents and Settings\User\.swt
2014-06-06 12:13 - 2014-06-08 11:23 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Azureus
2014-06-06 12:13 - 2014-06-06 12:14 - 00000000 ____D () C:\Program Files\Vuze
2014-06-06 12:13 - 2014-06-06 12:13 - 00001505 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Vuze.lnk
2014-06-06 10:51 - 2014-06-06 10:51 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Windows Search
2014-06-06 10:43 - 2014-06-09 13:23 - 00000792 _____ () C:\Documents and Settings\User\Start Menu\Programs\Windows Media Player.lnk
2014-06-06 10:43 - 2008-04-13 20:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpns.dll
2014-06-06 10:16 - 2014-06-06 10:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB963093$
2014-06-06 10:07 - 2014-06-06 21:22 - 00065536 _____ () C:\WINDOWS\system32\config\WindowsPowerShell.evt
2014-06-06 10:07 - 2014-06-06 10:19 - 00065536 _____ () C:\WINDOWS\system32\config\EventForwarding-Operational.Evt
2014-06-06 10:01 - 2014-06-06 10:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2808679$
2014-06-06 09:16 - 2014-06-06 09:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2492386$
2014-06-06 09:15 - 2014-06-06 10:06 - 00065536 _____ () C:\WINDOWS\system32\config\Windows .evt
2014-06-06 09:15 - 2014-06-06 10:06 - 00065536 _____ () C:\WINDOWS\system32\config\Microsof.evt
2014-06-06 09:15 - 2014-06-06 09:15 - 00000000 __HDC () C:\WINDOWS\$968930Uinstall_KB968930$
2014-06-06 09:15 - 2014-06-06 09:15 - 00000000 ____D () C:\WINDOWS\system32\winrm
2014-06-06 09:15 - 2014-06-06 09:15 - 00000000 ____D () C:\WINDOWS\system32\WindowsPowerShell
2014-06-06 09:15 - 2014-06-06 09:15 - 00000000 ____D () C:\WINDOWS\$NtUninstallKB968930$
2014-06-06 09:14 - 2014-06-06 09:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallbasecsp$
2014-06-06 09:14 - 2014-06-06 09:14 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Windows Desktop Search
2014-06-06 09:13 - 2014-06-06 10:20 - 00000000 ____D () C:\Program Files\Windows Desktop Search
2014-06-06 09:13 - 2014-06-06 09:13 - 00001803 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Windows Search.lnk
2014-06-06 09:13 - 2014-06-06 09:13 - 00000000 ____D () C:\WINDOWS\system32\GroupPolicy
2014-06-06 09:12 - 2014-06-06 09:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB940157$
2014-06-06 09:12 - 2014-06-06 09:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB915800-v4$
2014-06-06 09:11 - 2008-03-07 13:02 - 00192000 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\offfilt.dll
2014-06-06 09:11 - 2008-03-07 13:02 - 00098304 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\nlhtml.dll
2014-06-06 09:11 - 2008-03-07 13:02 - 00029696 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mimefilt.dll
2014-06-06 09:10 - 2014-06-06 09:10 - 00000000 ____D () C:\WINDOWS\system32\URTTEMP
2014-06-06 08:40 - 2014-06-08 18:17 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection
2014-06-06 08:40 - 2014-06-06 08:40 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\adawarebp
2014-06-06 08:39 - 2014-06-08 18:48 - 00000000 ____D () C:\Program Files\Lavasoft
2014-06-06 08:34 - 2014-06-06 08:42 - 00000000 ____D () C:\Documents and Settings\User\Application Data\LavasoftStatistics
2014-06-06 08:32 - 2014-06-06 08:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB942288-v3$
2014-06-06 08:31 - 2014-06-06 08:31 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Lavasoft
2014-06-06 08:18 - 2014-06-06 08:18 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\AVG SafeGuard toolbar
2014-06-06 08:18 - 2014-06-06 08:18 - 00000000 _____ () C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
2014-06-06 08:18 - 2014-06-06 08:17 - 00042272 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx86.sys
2014-06-06 08:17 - 2014-06-06 08:18 - 00000000 ____D () C:\Program Files\Common Files\AVG Secure Search
2014-06-06 08:17 - 2014-06-06 08:18 - 00000000 ____D () C:\Documents and Settings\User\Application Data\AVG SafeGuard toolbar
2014-06-06 08:17 - 2014-06-06 08:18 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar
2014-06-06 08:17 - 2014-06-06 08:17 - 00000000 __SHD () C:\Documents and Settings\LocalService\IETldCache
2014-06-06 08:17 - 2014-06-06 08:17 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar
2014-06-06 08:17 - 2014-06-06 08:17 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG Secure Search
2014-06-05 20:17 - 2014-06-13 11:26 - 00000000 ____D () C:\Program Files\DriverUpdate
2014-06-05 20:17 - 2014-06-13 11:10 - 00013464 _____ () C:\WINDOWS\system32\Drivers\SWDUMon.sys
2014-06-05 20:17 - 2014-06-05 20:17 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\SlimWare Utilities Inc
2014-06-05 15:40 - 2014-06-08 09:14 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-05 15:40 - 2014-06-07 20:23 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-05 15:40 - 2014-06-05 15:40 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Mozilla
2014-06-05 15:40 - 2014-06-05 15:40 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Mozilla
2014-06-05 15:40 - 2014-06-05 15:40 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Mozilla
2014-06-05 15:08 - 2014-06-13 11:30 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-06-05 15:08 - 2014-06-06 20:53 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\SearchProtect
2014-06-05 15:07 - 2014-06-05 15:27 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Systweak
2014-06-05 15:07 - 2013-06-19 17:27 - 00018776 _____ () C:\WINDOWS\system32\roboot.exe
2014-06-05 15:05 - 2014-06-12 21:14 - 00000000 ____D () C:\Documents and Settings\User\Application Data\IDM2
2014-06-05 14:52 - 2014-06-12 19:03 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Deployment
2014-06-05 14:47 - 2014-06-23 17:49 - 00000220 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-06-05 14:47 - 2014-06-05 15:13 - 00000214 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-06-05 14:45 - 2014-06-05 14:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-06-05 14:45 - 2014-06-05 14:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-06-05 14:45 - 2014-06-05 14:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-06-05 14:44 - 2014-06-05 14:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834886$
2014-06-05 14:41 - 2014-06-05 14:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-06-05 14:41 - 2014-06-05 14:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-06-05 14:41 - 2014-06-05 14:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-06-05 14:41 - 2014-06-05 14:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$
2014-06-05 14:40 - 2014-06-05 14:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$
2014-06-05 14:40 - 2014-06-05 14:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2014-06-05 14:37 - 2014-06-05 14:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-06-05 14:37 - 2014-06-05 14:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$
2014-06-05 14:30 - 2014-06-12 21:25 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-05 14:29 - 2014-06-05 14:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-06-05 14:29 - 2014-06-05 14:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$
2014-06-05 14:29 - 2014-06-05 14:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-06-05 14:21 - 2014-06-05 14:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-06-05 14:21 - 2014-06-05 14:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$
2014-06-05 14:21 - 2014-06-05 14:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2850869$
2014-06-05 14:18 - 2014-06-05 14:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$
2014-06-05 14:17 - 2014-06-05 14:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2820917$
2014-06-05 14:13 - 2014-06-05 14:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-06-05 14:13 - 2014-06-05 14:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-06-05 14:06 - 2014-06-05 14:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-06-05 14:06 - 2014-06-05 14:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$
2014-06-05 14:06 - 2014-06-05 14:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2813345$
2014-06-05 13:52 - 2014-06-05 13:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-06-05 13:47 - 2013-07-02 22:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2014-06-05 13:44 - 2013-07-16 20:58 - 00123008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys
2014-06-05 13:43 - 2014-02-25 21:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-06-05 13:43 - 2014-02-25 21:59 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-06-05 13:43 - 2013-08-08 20:55 - 00144128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2014-06-05 13:43 - 2013-08-08 20:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2014-06-05 13:43 - 2009-03-18 07:02 - 00030336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2014-06-05 13:38 - 2014-06-13 17:46 - 00000260 _____ () C:\WINDOWS\Tasks\DTChk.job
2014-06-05 13:38 - 2014-06-05 13:38 - 00000000 ____D () C:\WINDOWS\Sun
2014-06-05 13:38 - 2014-06-05 13:38 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-06-05 13:37 - 2014-06-05 13:37 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-06-05 13:37 - 2014-05-07 15:02 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-06-05 13:37 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-06-05 13:37 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-06-05 13:37 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-06-05 13:37 - 2014-05-07 14:42 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-06-05 13:36 - 2014-06-05 13:37 - 00006629 _____ () C:\WINDOWS\system32\jupdate-1.7.0_60-b19.log
2014-06-05 13:28 - 2014-06-06 21:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Datamngr
2014-06-05 13:28 - 2014-06-05 13:28 - 00000000 ____D () C:\Program Files\Movies Toolbar

==================== One Month Modified Files and Folders =======

2014-06-23 18:18 - 2014-06-23 18:06 - 00000000 ____D () C:\FRST
2014-06-23 18:18 - 2009-06-17 09:27 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Temp
2014-06-23 18:03 - 2013-02-22 16:32 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-06-23 17:55 - 2013-02-23 03:04 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-06-23 17:52 - 2014-06-12 15:49 - 00000000 ____D () C:\temp
2014-06-23 17:52 - 2014-06-09 12:39 - 00764268 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-23 17:49 - 2014-06-09 12:39 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-06-23 17:49 - 2014-06-09 12:39 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-06-23 17:49 - 2014-06-09 12:35 - 00000360 _____ () C:\WINDOWS\Tasks\Wise Care 365.job
2014-06-23 17:49 - 2014-06-05 14:47 - 00000220 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-06-23 17:49 - 2013-03-27 20:17 - 00000392 _____ () C:\WINDOWS\Tasks\AmiUpdXp.job
2014-06-23 17:49 - 2009-06-17 09:13 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-06-23 17:49 - 2002-09-03 13:14 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-06-14 11:53 - 2009-06-17 09:27 - 00000278 ___SH () C:\Documents and Settings\User\ntuser.ini
2014-06-14 11:53 - 2009-06-17 09:25 - 00032534 _____ () C:\WINDOWS\SchedLgU.Txt
2014-06-14 10:00 - 2014-06-13 13:18 - 00000334 _____ () C:\WINDOWS\Tasks\PC HealthFix Scan Results Alert 2.job
2014-06-14 09:00 - 2014-06-13 13:18 - 00000330 _____ () C:\WINDOWS\Tasks\PC HealthFix Desktop Alert.job
2014-06-13 17:46 - 2014-06-05 13:38 - 00000260 _____ () C:\WINDOWS\Tasks\DTChk.job
2014-06-13 17:00 - 2014-06-13 13:18 - 00000334 _____ () C:\WINDOWS\Tasks\PC HealthFix Desktop Warning.job
2014-06-13 16:57 - 2014-06-09 12:50 - 00182806 _____ () C:\WINDOWS\ocgen.log
2014-06-13 16:57 - 2014-06-09 12:50 - 00153788 _____ () C:\WINDOWS\FaxSetup.log
2014-06-13 16:57 - 2014-06-09 12:50 - 00086684 _____ () C:\WINDOWS\tsoc.log
2014-06-13 16:57 - 2014-06-09 12:50 - 00056954 _____ () C:\WINDOWS\comsetup.log
2014-06-13 16:57 - 2014-06-09 12:50 - 00046604 _____ () C:\WINDOWS\ntdtcsetup.log
2014-06-13 16:57 - 2014-06-09 12:50 - 00038955 _____ () C:\WINDOWS\setupapi.log
2014-06-13 16:57 - 2014-06-09 12:50 - 00015665 _____ () C:\WINDOWS\iis6.log
2014-06-13 16:57 - 2014-06-09 12:50 - 00011810 _____ () C:\WINDOWS\ocmsn.log
2014-06-13 16:57 - 2014-06-09 12:50 - 00010958 _____ () C:\WINDOWS\msgsocm.log
2014-06-13 16:57 - 2014-06-09 12:50 - 00001917 _____ () C:\WINDOWS\imsins.log
2014-06-13 16:57 - 2009-06-17 05:05 - 00004566 _____ () C:\WINDOWS\imsins.BAK
2014-06-13 16:56 - 2014-06-13 16:56 - 00000738 _____ () C:\Documents and Settings\User\Start Menu\Programs\Outlook Express.lnk
2014-06-13 16:56 - 2009-06-17 05:05 - 00636556 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-13 16:50 - 2014-06-09 12:41 - 00000240 _____ () C:\WINDOWS\setupact.log
2014-06-13 15:32 - 2014-06-13 13:18 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\PC HealthFix
2014-06-13 15:26 - 2014-06-13 13:18 - 00000714 _____ () C:\WINDOWS\PCHealthFix.INI
2014-06-13 13:28 - 2014-06-13 13:17 - 00000000 ____D () C:\Program Files\Software Updater
2014-06-13 13:23 - 2009-06-17 09:31 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Dell Accessories
2014-06-13 13:23 - 2009-06-17 09:13 - 00000000 ____D () C:\DELL
2014-06-13 13:18 - 2014-06-13 13:18 - 00000334 _____ () C:\WINDOWS\Tasks\PC HealthFix Scan Results Alert.job
2014-06-13 13:18 - 2014-06-13 13:18 - 00000334 _____ () C:\WINDOWS\Tasks\PC HealthFix Malware Alert.job
2014-06-13 13:17 - 2014-06-13 13:17 - 00000354 _____ () C:\WINDOWS\Tasks\At1.job
2014-06-13 13:17 - 2014-06-13 13:17 - 00000000 ____D () C:\Program Files\pcmax
2014-06-13 13:01 - 2014-06-12 18:25 - 00000458 _____ () C:\WINDOWS\Tasks\SystemToolsDailyTest.job
2014-06-13 11:35 - 2014-06-07 08:22 - 00012800 ___SH () C:\WINDOWS\system32\Thumbs.db
2014-06-13 11:30 - 2014-06-05 15:08 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-06-13 11:26 - 2014-06-05 20:17 - 00000000 ____D () C:\Program Files\DriverUpdate
2014-06-13 11:10 - 2014-06-05 20:17 - 00013464 _____ () C:\WINDOWS\system32\Drivers\SWDUMon.sys
2014-06-13 10:32 - 2014-06-13 10:32 - 00000803 _____ () C:\Documents and Settings\User\Start Menu\Programs\Internet Explorer.lnk
2014-06-13 09:03 - 2014-06-09 12:39 - 00740632 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-12 21:48 - 2014-06-09 13:05 - 00226488 _____ () C:\Documents and Settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-06-12 21:42 - 2009-06-17 11:30 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-06-12 21:42 - 2009-06-17 11:30 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-12 21:42 - 2009-06-17 05:05 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-12 21:41 - 2009-06-17 11:31 - 00000000 ____D () C:\WINDOWS\SHELLNEW
2014-06-12 21:41 - 2009-06-17 11:31 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
2014-06-12 21:41 - 2009-06-17 09:11 - 00000000 ____D () C:\Program Files\Common Files\System
2014-06-12 21:41 - 2002-09-03 13:11 - 00000670 _____ () C:\WINDOWS\win.ini
2014-06-12 21:25 - 2014-06-05 14:30 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-12 21:22 - 2009-06-17 13:11 - 92708840 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-12 21:14 - 2014-06-06 21:10 - 00000000 ____D () C:\Program Files\SupTab
2014-06-12 21:14 - 2014-06-06 21:10 - 00000000 ____D () C:\Program Files\ScanTack
2014-06-12 21:14 - 2014-06-06 21:10 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\IePluginServices
2014-06-12 21:14 - 2014-06-06 20:55 - 00000000 ____D () C:\Documents and Settings\User\Start Menu\Programs\Weather Alerts
2014-06-12 21:14 - 2014-06-06 20:55 - 00000000 ____D () C:\Documents and Settings\User\Start Menu\Programs\VOPackage
2014-06-12 21:14 - 2014-06-06 20:55 - 00000000 ____D () C:\Documents and Settings\User\Application Data\VOPackage
2014-06-12 21:14 - 2014-06-06 20:54 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\WeatherAlerts
2014-06-12 21:14 - 2014-06-06 12:14 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Browser Extensions
2014-06-12 21:14 - 2014-06-05 15:05 - 00000000 ____D () C:\Documents and Settings\User\Application Data\IDM2
2014-06-12 21:03 - 2014-06-06 20:57 - 00000000 ____D () C:\Program Files\globalUpdate
2014-06-12 20:58 - 2014-06-12 20:58 - 00000000 ____D () C:\Documents and Settings\User\Application Data\SUPERAntiSpyware.com
2014-06-12 20:58 - 2014-06-12 20:57 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-06-12 20:57 - 2014-06-12 20:57 - 00001678 _____ () C:\Documents and Settings\User\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-06-12 20:57 - 2014-06-12 20:57 - 00000000 ____D () C:\Documents and Settings\User\Start Menu\Programs\SUPERAntiSpyware
2014-06-12 20:57 - 2014-06-12 20:57 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2014-06-12 19:43 - 2014-06-12 18:16 - 00455560 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-602162358-1275210071-725345543-1004-0.dat
2014-06-12 19:43 - 2014-06-06 21:01 - 00417078 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-06-12 19:37 - 2013-02-20 19:53 - 00000289 _____ () C:\WINDOWS\wininit.ini
2014-06-12 19:10 - 2014-06-12 19:10 - 00000000 ____D () C:\Program Files\Dell Support Center
2014-06-12 19:10 - 2014-06-12 19:10 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Dell
2014-06-12 19:10 - 2014-06-12 19:10 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Dell
2014-06-12 19:10 - 2014-06-12 15:52 - 00000000 ____D () C:\Program Files\My Dell
2014-06-12 19:03 - 2014-06-05 14:52 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Deployment
2014-06-12 18:53 - 2009-06-17 09:25 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-06-12 18:53 - 2009-06-17 09:24 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-06-12 18:53 - 2009-06-17 09:11 - 00000000 ____D () C:\WINDOWS\Registration
2014-06-12 18:51 - 2014-06-12 18:51 - 00000000 ____D () C:\Documents and Settings\User\Start Menu\Programs\Dell
2014-06-12 18:25 - 2014-06-12 18:25 - 00000520 _____ () C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
2014-06-12 16:48 - 2014-06-09 13:18 - 00019268 _____ () C:\WINDOWS\wmsetup.log
2014-06-12 15:55 - 2014-06-12 15:55 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\PCDr
2014-06-12 15:49 - 2014-06-12 15:49 - 00000000 ____D () C:\Documents and Settings\User\Application Data\PCDr
2014-06-09 13:23 - 2014-06-06 10:43 - 00000792 _____ () C:\Documents and Settings\User\Start Menu\Programs\Windows Media Player.lnk
2014-06-09 13:21 - 2014-06-09 13:21 - 00023392 _____ () C:\WINDOWS\system32\nscompat.tlb
2014-06-09 13:21 - 2014-06-09 13:21 - 00016832 _____ () C:\WINDOWS\system32\amcompat.tlb
2014-06-09 13:21 - 2014-06-09 13:18 - 00014433 _____ () C:\WINDOWS\spupdsvc.log
2014-06-09 13:19 - 2014-06-09 13:19 - 00000524 _____ () C:\WINDOWS\updspapi.log
2014-06-09 13:19 - 2014-06-09 13:18 - 00012102 _____ () C:\WINDOWS\wmp11Uninst.log
2014-06-09 13:19 - 2013-03-27 14:53 - 00000000 ____D () C:\Program Files\Windows Media Connect 2
2014-06-09 13:19 - 2009-06-17 05:01 - 00000000 ____D () C:\WINDOWS\Help
2014-06-09 13:09 - 2014-06-09 13:05 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\ParetoLogic
2014-06-09 13:06 - 2014-06-09 13:06 - 00000416 _____ () C:\WINDOWS\Tasks\ParetoLogic Update Version3_triggeronce.job
2014-06-09 13:06 - 2014-06-09 13:06 - 00000000 ____D () C:\Documents and Settings\User\Application Data\ParetoLogic
2014-06-09 12:56 - 2014-06-09 12:56 - 00000000 ____D () C:\Program Files\predm
2014-06-09 12:41 - 2014-06-09 12:41 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-06-09 12:39 - 2014-06-09 12:39 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-06-09 12:35 - 2014-06-09 12:35 - 00000340 _____ () C:\WINDOWS\Tasks\Wise Turbo Checker.job
2014-06-09 12:32 - 2009-08-22 14:54 - 00000000 ____D () C:\WINDOWS\Minidump
2014-06-09 12:32 - 2009-06-17 09:46 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\ATI HYDRAVISION
2014-06-09 11:59 - 2014-06-09 11:21 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\SparkTrust
2014-06-09 11:46 - 2014-06-09 11:46 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-06-09 11:22 - 2014-06-09 11:22 - 00000000 ____D () C:\Documents and Settings\User\Application Data\SparkTrust
2014-06-09 11:22 - 2014-06-09 11:22 - 00000000 ____D () C:\Documents and Settings\User\Application Data\DriverCure
2014-06-09 11:21 - 2014-06-09 11:21 - 00000396 _____ () C:\WINDOWS\Tasks\SparkTrust Update Version3_triggeronce.job
2014-06-09 10:18 - 2009-06-17 09:12 - 00000000 __SHD () C:\Documents and Settings\All Users\DRM
2014-06-08 20:44 - 2013-03-27 20:16 - 00000000 ____D () C:\Program Files\SearchProtect
2014-06-08 19:06 - 2014-06-08 19:06 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-06-08 19:06 - 2014-06-08 19:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
2014-06-08 19:00 - 2014-06-08 18:29 - 00000000 ____D () C:\Program Files\TotalSystemCare
2014-06-08 18:48 - 2014-06-06 08:39 - 00000000 ____D () C:\Program Files\Lavasoft
2014-06-08 18:41 - 2014-06-08 18:41 - 00000000 ____D () C:\Documents and Settings\All Users\Uniblue
2014-06-08 18:17 - 2014-06-06 08:40 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection
2014-06-08 11:23 - 2014-06-06 12:13 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Azureus
2014-06-08 10:33 - 2014-06-08 10:33 - 00000000 ___HD () C:\WINDOWS\PIF
2014-06-08 09:19 - 2013-03-27 09:24 - 00000000 ____D () C:\WINDOWS\system32\data
2014-06-08 09:19 - 2009-06-17 09:40 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2014-06-08 09:14 - 2014-06-05 15:40 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-07 20:24 - 2014-06-07 20:24 - 00000730 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-07 20:24 - 2014-06-07 20:24 - 00000724 _____ () C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2014-06-07 20:23 - 2014-06-05 15:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-07 13:18 - 2014-06-07 12:57 - 00000000 ____D () C:\Documents and Settings\User\My Documents\AMERICA IN DEEP TROUBLE
2014-06-07 11:45 - 2014-06-06 21:10 - 00000000 ____D () C:\Documents and Settings\User\Application Data\v9
2014-06-07 11:43 - 2014-06-07 11:11 - 00000000 ____D () C:\WINDOWS\455F074C814E4520B69B5584BD90400C.TMP
2014-06-07 11:25 - 2009-06-17 09:27 - 00001599 _____ () C:\Documents and Settings\User\Start Menu\Programs\Remote Assistance.lnk
2014-06-07 11:21 - 2009-06-17 09:13 - 00001599 ____C () C:\Documents and Settings\Default User\Start Menu\Programs\Remote Assistance.lnk
2014-06-07 11:12 - 2014-06-07 11:12 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-06-07 11:11 - 2014-06-07 11:11 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-06-07 10:35 - 2013-03-21 11:09 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Updater26766
2014-06-07 10:31 - 2013-03-27 20:13 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Wincert
2014-06-07 10:31 - 2013-03-21 11:09 - 00000000 ____D () C:\Program Files\Discount Buddy
2014-06-07 10:07 - 2014-06-07 10:07 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-06-07 08:22 - 2013-02-20 23:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2779562$
2014-06-07 08:22 - 2009-06-17 05:01 - 00000000 ___RD () C:\WINDOWS\Web
2014-06-07 08:21 - 2013-03-26 22:04 - 00000000 __HDC () C:\WINDOWS\ie8
2014-06-06 21:35 - 2013-04-13 15:34 - 00000000 ____D () C:\Program Files\InterActual
2014-06-06 21:30 - 2013-03-27 08:02 - 00000000 __SHD () C:\WINDOWS\system32\AI_RecycleBin
2014-06-06 21:30 - 2013-03-27 08:01 - 00000000 __SHD () C:\AI_RecycleBin
2014-06-06 21:28 - 2014-06-06 21:28 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\PCHealth
2014-06-06 21:28 - 2014-06-06 21:28 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\freeSOFTtoday
2014-06-06 21:22 - 2014-06-06 10:07 - 00065536 _____ () C:\WINDOWS\system32\config\WindowsPowerShell.evt
2014-06-06 21:22 - 2014-06-05 13:28 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Datamngr
2014-06-06 21:22 - 2009-06-17 09:10 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Games
2014-06-06 21:22 - 2009-06-17 09:10 - 00000000 ____D () C:\Program Files\Windows NT
2014-06-06 21:22 - 2009-06-17 05:01 - 00000000 ____D () C:\WINDOWS\Cursors
2014-06-06 21:11 - 2014-06-06 17:37 - 00000000 ____D () C:\Documents and Settings\User\Application Data\HpUpdate
2014-06-06 21:10 - 2014-06-06 21:10 - 00000000 ____D () C:\Documents and Settings\User\Application Data\SupTab
2014-06-06 21:00 - 2014-06-06 21:00 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\com
2014-06-06 20:57 - 2014-06-06 20:57 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\globalUpdate
2014-06-06 20:56 - 2014-06-06 20:56 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Local_Weather_LLC
2014-06-06 20:53 - 2014-06-05 15:08 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\SearchProtect
2014-06-06 17:56 - 2009-06-17 09:47 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-06-06 17:37 - 2014-06-06 17:37 - 00000000 ____D () C:\WINDOWS\Hewlett-Packard
2014-06-06 17:37 - 2009-08-10 12:35 - 00000000 ____D () C:\Program Files\HP
2014-06-06 17:32 - 2014-06-06 13:06 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Apple Computer
2014-06-06 13:54 - 2013-04-07 10:39 - 00000000 ____D () C:\Documents and Settings\User\My Documents\Picture
2014-06-06 12:51 - 2014-06-06 12:51 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\McAfee
2014-06-06 12:48 - 2014-06-06 12:48 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\McAfee
2014-06-06 12:48 - 2013-02-22 16:32 - 00692400 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-06-06 12:48 - 2013-02-22 16:32 - 00070832 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-06-06 12:44 - 2014-06-06 12:44 - 00006144 ___SH () C:\Documents and Settings\User\My Documents\Thumbs.db
2014-06-06 12:30 - 2014-06-06 12:30 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Apple Computer
2014-06-06 12:30 - 2014-06-06 12:30 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Apple
2014-06-06 12:14 - 2014-06-06 12:14 - 00000000 ____D () C:\Documents and Settings\User\.swt
2014-06-06 12:14 - 2014-06-06 12:13 - 00000000 ____D () C:\Program Files\Vuze
2014-06-06 12:13 - 2014-06-06 12:13 - 00001505 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Vuze.lnk
2014-06-06 10:51 - 2014-06-06 10:51 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Windows Search
2014-06-06 10:48 - 2013-03-21 11:21 - 00000000 ____D () C:\Program Files\CyberLink
2014-06-06 10:48 - 2009-06-17 09:31 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-06-06 10:36 - 2011-06-11 16:16 - 00005632 ____C () C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-06 10:20 - 2014-06-06 09:13 - 00000000 ____D () C:\Program Files\Windows Desktop Search
2014-06-06 10:19 - 2014-06-06 10:07 - 00065536 _____ () C:\WINDOWS\system32\config\EventForwarding-Operational.Evt
2014-06-06 10:16 - 2014-06-06 10:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB963093$
2014-06-06 10:06 - 2014-06-06 09:15 - 00065536 _____ () C:\WINDOWS\system32\config\Windows .evt
2014-06-06 10:06 - 2014-06-06 09:15 - 00065536 _____ () C:\WINDOWS\system32\config\Microsof.evt
2014-06-06 10:01 - 2014-06-06 10:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2808679$
2014-06-06 09:51 - 2013-02-20 20:51 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-06-06 09:51 - 2009-06-17 11:45 - 00000000 ___HD () C:\WINDOWS\$hf_mig$
2014-06-06 09:22 - 2009-06-17 05:01 - 00000000 ____D () C:\WINDOWS\security
2014-06-06 09:16 - 2014-06-06 09:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2492386$
2014-06-06 09:16 - 2009-06-17 09:09 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
2014-06-06 09:15 - 2014-06-06 09:15 - 00000000 __HDC () C:\WINDOWS\$968930Uinstall_KB968930$
2014-06-06 09:15 - 2014-06-06 09:15 - 00000000 ____D () C:\WINDOWS\system32\winrm
2014-06-06 09:15 - 2014-06-06 09:15 - 00000000 ____D () C:\WINDOWS\system32\WindowsPowerShell
2014-06-06 09:15 - 2014-06-06 09:15 - 00000000 ____D () C:\WINDOWS\$NtUninstallKB968930$
2014-06-06 09:14 - 2014-06-06 09:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallbasecsp$
2014-06-06 09:14 - 2014-06-06 09:14 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Windows Desktop Search
2014-06-06 09:13 - 2014-06-06 09:13 - 00001803 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Windows Search.lnk
2014-06-06 09:13 - 2014-06-06 09:13 - 00000000 ____D () C:\WINDOWS\system32\GroupPolicy
2014-06-06 09:12 - 2014-06-06 09:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB940157$
2014-06-06 09:12 - 2014-06-06 09:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB915800-v4$
2014-06-06 09:10 - 2014-06-06 09:10 - 00000000 ____D () C:\WINDOWS\system32\URTTEMP
2014-06-06 08:42 - 2014-06-06 08:34 - 00000000 ____D () C:\Documents and Settings\User\Application Data\LavasoftStatistics
2014-06-06 08:40 - 2014-06-06 08:40 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\adawarebp
2014-06-06 08:33 - 2014-06-06 08:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB942288-v3$
2014-06-06 08:31 - 2014-06-06 08:31 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Lavasoft
2014-06-06 08:18 - 2014-06-06 08:18 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\AVG SafeGuard toolbar
2014-06-06 08:18 - 2014-06-06 08:18 - 00000000 _____ () C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
2014-06-06 08:18 - 2014-06-06 08:17 - 00000000 ____D () C:\Program Files\Common Files\AVG Secure Search
2014-06-06 08:18 - 2014-06-06 08:17 - 00000000 ____D () C:\Documents and Settings\User\Application Data\AVG SafeGuard toolbar
2014-06-06 08:18 - 2014-06-06 08:17 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar
2014-06-06 08:17 - 2014-06-06 08:18 - 00042272 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx86.sys
2014-06-06 08:17 - 2014-06-06 08:17 - 00000000 __SHD () C:\Documents and Settings\LocalService\IETldCache
2014-06-06 08:17 - 2014-06-06 08:17 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar
2014-06-06 08:17 - 2014-06-06 08:17 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG Secure Search
2014-06-05 21:15 - 2009-06-17 09:13 - 00001507 _____ () C:\Documents and Settings\All Users\Start Menu\Windows Update.lnk
2014-06-05 21:13 - 2013-03-21 11:12 - 00000000 ____D () C:\Documents and Settings\User\Application Data\vlc
2014-06-05 20:17 - 2014-06-05 20:17 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\SlimWare Utilities Inc
2014-06-05 15:40 - 2014-06-05 15:40 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Mozilla
2014-06-05 15:40 - 2014-06-05 15:40 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Mozilla
2014-06-05 15:40 - 2014-06-05 15:40 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Mozilla
2014-06-05 15:27 - 2014-06-05 15:07 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Systweak
2014-06-05 15:19 - 2013-03-26 17:45 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Conduit
2014-06-05 15:13 - 2014-06-05 14:47 - 00000214 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-06-05 14:45 - 2014-06-05 14:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-06-05 14:45 - 2014-06-05 14:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-06-05 14:45 - 2014-06-05 14:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-06-05 14:44 - 2014-06-05 14:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834886$
2014-06-05 14:41 - 2014-06-05 14:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-06-05 14:41 - 2014-06-05 14:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-06-05 14:41 - 2014-06-05 14:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-06-05 14:41 - 2014-06-05 14:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$
2014-06-05 14:40 - 2014-06-05 14:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$
2014-06-05 14:40 - 2014-06-05 14:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2014-06-05 14:38 - 2009-06-17 15:56 - 00224632 ____C () C:\WINDOWS\system32\TZLog.log
2014-06-05 14:37 - 2014-06-05 14:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-06-05 14:37 - 2014-06-05 14:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$
2014-06-05 14:29 - 2014-06-05 14:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-06-05 14:29 - 2014-06-05 14:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$
2014-06-05 14:29 - 2014-06-05 14:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-06-05 14:21 - 2014-06-05 14:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-06-05 14:21 - 2014-06-05 14:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$
2014-06-05 14:21 - 2014-06-05 14:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2850869$
2014-06-05 14:18 - 2014-06-05 14:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$
2014-06-05 14:17 - 2014-06-05 14:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2820917$
2014-06-05 14:13 - 2014-06-05 14:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-06-05 14:13 - 2014-06-05 14:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-06-05 14:06 - 2014-06-05 14:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-06-05 14:06 - 2014-06-05 14:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$
2014-06-05 14:06 - 2014-06-05 14:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2813345$
2014-06-05 14:02 - 2013-02-21 13:01 - 00000000 ____D () C:\WINDOWS\system32\XPSViewer
2014-06-05 13:52 - 2014-06-05 13:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-06-05 13:38 - 2014-06-05 13:38 - 00000000 ____D () C:\WINDOWS\Sun
2014-06-05 13:38 - 2014-06-05 13:38 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-06-05 13:38 - 2013-03-27 08:11 - 00000000 ____D () C:\Documents and Settings\User\Application Data\PriceGong
2014-06-05 13:37 - 2014-06-05 13:37 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-06-05 13:37 - 2014-06-05 13:36 - 00006629 _____ () C:\WINDOWS\system32\jupdate-1.7.0_60-b19.log
2014-06-05 13:37 - 2013-03-27 19:43 - 00000000 ____D () C:\Program Files\Java
2014-06-05 13:28 - 2014-06-05 13:28 - 00000000 ____D () C:\Program Files\Movies Toolbar
2014-06-05 13:28 - 2013-03-27 20:12 - 00000000 ____D () C:\Program Files\Search Results Toolbar
2014-06-05 13:28 - 2013-03-26 17:45 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Temp
2014-05-30 16:40 - 2013-03-21 14:05 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-05-30 16:22 - 2013-02-22 16:31 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Yahoo!
2014-05-30 16:22 - 2009-08-10 12:40 - 00000000 ____D () C:\Program Files\Yahoo!

Files to move or delete:
====================
C:\Windows\Tasks\At1.job


Some content of TEMP:
====================
C:\Documents and Settings\User\Local Settings\Temp\26_SoftwareUpdaterSetupD.exe
C:\Documents and Settings\User\Local Settings\Temp\air25.exe
C:\Documents and Settings\User\Local Settings\Temp\air32.exe
C:\Documents and Settings\User\Local Settings\Temp\air42.exe
C:\Documents and Settings\User\Local Settings\Temp\air4B.exe
C:\Documents and Settings\User\Local Settings\Temp\air62.exe
C:\Documents and Settings\User\Local Settings\Temp\BackupSetup.exe
C:\Documents and Settings\User\Local Settings\Temp\ConsumerInputSetup.exe
C:\Documents and Settings\User\Local Settings\Temp\dlLogic.exe
C:\Documents and Settings\User\Local Settings\Temp\dltr.exe
C:\Documents and Settings\User\Local Settings\Temp\file_to_run55804.exe
C:\Documents and Settings\User\Local Settings\Temp\GCVerifier.dll
C:\Documents and Settings\User\Local Settings\Temp\ICReinstall_DownloadManagerSetup.exe
C:\Documents and Settings\User\Local Settings\Temp\nsd37.exe
C:\Documents and Settings\User\Local Settings\Temp\nsg2E.exe
C:\Documents and Settings\User\Local Settings\Temp\nsi33.exe
C:\Documents and Settings\User\Local Settings\Temp\nsl36.exe
C:\Documents and Settings\User\Local Settings\Temp\nsr3F.exe
C:\Documents and Settings\User\Local Settings\Temp\nst2B.exe
C:\Documents and Settings\User\Local Settings\Temp\nsu3C.exe
C:\Documents and Settings\User\Local Settings\Temp\nsw34.exe
C:\Documents and Settings\User\Local Settings\Temp\setup.exe
C:\Documents and Settings\User\Local Settings\Temp\speedmax_21791.exe
C:\Documents and Settings\User\Local Settings\Temp\updater_152883.exe
C:\Documents and Settings\User\Local Settings\Temp\verifier.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================


  • 0

#24
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Well done! :)

 

I need to reconsider my next moves, as there is lots of garbage here. I will get back to you evening of my time, or tomorrow at the latest.

 

Cheers,

Naat


  • 0

#25
itsmesunny

itsmesunny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 300 posts

Well done! :)

 

I need to reconsider my next moves, as there is lots of garbage here. I will get back to you evening of my time, or tomorrow at the latest.

 

Cheers,

Naat

 

 

 

Thanks Naat.

 

No worries. Whenever you can. I appreciate you helping me.

 

And I apologize for the time difference. It was much later for you last evening ( or early in your time ).


  • 0

Advertisements


#26
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
It's Tuesdays that are always the worst days in my schedule.

I will be back soon :)

N
  • 0

#27
itsmesunny

itsmesunny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 300 posts

No worries.

 

No hurries.

 

:prop:


  • 0

#28
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Hi :)
 

Couple of steps here.

 

= = = = = = = = = = = = = = = = = = = =



icon_arrow.gifFIRST
Scan with AdwCleaner

Download ADWCleaner by Xplode to your desktop.

  • Close all programs and right-click on the adwcleaner.png icon - select Run as Administrator.
    (Users of Windows XP please just double-click).
  • You will be presented with the console like the one below:

    adwcleaner-start.jpg

  • Click on Scan and follow the prompts.
  • Let it run unhindered.
  • When done, click on the Clean button, and follow the prompts.
  • Allow the system to reboot.

After that, you will then be presented with the report. Copy & Paste this report on your next reply.

icon_idea.gif The report will be saved in the C:\AdwCleaner folder, as AdwCleaner[S0].txt.

 

= = = = = = = = = = = = = = = = = = = =



icon_arrow.gifSECOND
Scan with Junkware Removal Tool

Please download Junkware Removal Tool by Thisisu to your desktop.
Shut down your protection software now to avoid potential conflicts! If you don't know how to do it, take a look at this topic.

  • Run the tool by double-clicking the junkware_removal_tool.png icon.
    If you are using Windows Vista, 7 or 8 instead of double-clicking, right-click and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

= = = = = = = = = = = = = = = = = = = =



icon_arrow.gifTHIRD
Please do the following:

  • Push both the Windows Start%20Orb.jpg and R button - in the box, type
    notepad.exeand press Enter.
  • Copy (Ctrl+C) all of the text in the following box and paste (Ctrl+V) it into Notepad
    @echo off
    echo.POST THE CONTENT OF THIS FILE FOR MY REVIEW! > "%userprofile%\desktop\ForNaat.txt"
    echo.REGARDS, NAATHIM :) > "%userprofile%\desktop\ForNaat.txt"
    echo.. > "%userprofile%\desktop\ForNaat.txt"
    echo.(((((((((((((((AdwCleaner))))))))))))))) > "%userprofile%\desktop\ForNaat.txt"
    echo.. > "%userprofile%\desktop\ForNaat.txt"
    type "C:\AdwCleaner\AdwCleaner[S0].txt" > "%userprofile%\desktop\ForNaat.txt"
    echo.. > "%userprofile%\desktop\ForNaat.txt"
    type "C:\AdwCleaner\AdwCleaner[R0].txt" > "%userprofile%\desktop\ForNaat.txt"
    echo.. > "%userprofile%\desktop\ForNaat.txt"
    echo.(((((((((((((((Junkware Removal Tool))))))))))))))) > "%userprofile%\desktop\ForNaat.txt"
    echo.. > "%userprofile%\desktop\ForNaat.txt"
    type "C:\Documents and Settings\User\My Documents\Downloads\JRT.txt" > "%userprofile%\desktop\ForNaat.txt"
    echo.. > "%userprofile%\desktop\ForNaat.txt"
    echo.#####END OF FILE##### > "%userprofile%\desktop\ForNaat.txt"
    copy "C:\Documents and Settings\User\My Documents\Downloads\JRT.exe" "%userprofile%\desktop\JRT.exe"
    copy "C:\Documents and Settings\User\My Documents\Downloads\AdwCleaner.exe" "%userprofile%\desktop\AdwCleaner.exe"
    copy "C:\Documents and Settings\User\My Documents\Downloads\FRST.exe" "%userprofile%\desktop\FRST.exe"
  • Go to File > Save As... and save it to your Desktop named fix.bat. Make sure you change the Save as type to All Files (*.*)
  • Locate fix.bat on your Desktop and double-click on it.

After that you should find a ForNaat.txt file on your desktop.
Post its content into your reply.

Also you will notice that some more tools will appear on your desktop - that's perfectly fine.

 

= = = = = = = = = = = = = = = = = = = =



icon_arrow.gifFOURTH
Performing general FRST scan

Please re-run Farbar Recovery Scan Tool

  • Right click on 12579.gif to run as administrator (XP users click run after receipt of Windows Security Warning - Open File).
  • When the tool opens click Yes to disclaimer.
  • You will be presented with a window like below:

    FRSTconsole-2.jpg

  • Make sure that the Addition box is checked.
  • Press Scan button.
  • It will produce two logs called FRST.txt and Addition.txt in the same directory the tool is run from.
  • Please copy and paste them back here.

Cheers,
Naat :)


  • 1

#29
itsmesunny

itsmesunny

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 300 posts

Hi Naat!

 

a couple huh? :rofl:

 

Just kidding. ;)

 

I think I'll hae another cup of Jo!

 

 

I'll send it ver when done.

 

Once more,

 

Thanks Naat!

 

 

 

 

 

 

 

 

 

 

 

Hi :)
 

Couple of steps here.

 


Cheers,
Naat :)


  • 0

#30
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
Take your time Sunny. I will be around :)

:beer:
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP