Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Malware info from NotePad. I need help. [Solved]

Started by itsmesunny , Jun 13 2014 12:54 PM

Page 3 of 15
1
2
3
4
5

This topic is locked

#31
itsmesunny

Posted 25 June 2014 - 09:26 AM

Member

Topic Starter
Member
307 posts

Ok. I am about to give it a go!

:thumbsup:

#32
itsmesunny

Posted 25 June 2014 - 09:52 AM

Member

Topic Starter
Member
307 posts

Ok. One down - and guess what? - it did away with the "bad "image" popups! :woot:

# AdwCleaner v3.213 - Report created 25/06/2014 at 11:42:07
# Updated 23/06/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : User - USER-R6PHPMKAQL
# Running from : C:\Documents and Settings\User\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : CltMngSvc
Service Deleted : vosr
Service Deleted : vToolbarUpdater18.1.0

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\apn
Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar
Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\All Users\Application Data\DataMngr
Folder Deleted : C:\Documents and Settings\All Users\Application Data\IePluginServices
Folder Deleted : C:\Documents and Settings\All Users\Application Data\ParetoLogic
Folder Deleted : C:\Documents and Settings\All Users\Application Data\wincert
Folder Deleted : C:\Program Files\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files\Conduit
[!] Folder Deleted : C:\Program Files\Discount Buddy
[!] Folder Deleted : C:\Program Files\Discount Buddy
Folder Deleted : C:\Program Files\DomaIQ Uninstaller
Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Program Files\Movies Toolbar
Folder Deleted : C:\Program Files\MyPC Backup
Folder Deleted : C:\Program Files\OApps
Folder Deleted : C:\Program Files\predm
Folder Deleted : C:\Program Files\ScanTack
Folder Deleted : C:\Program Files\Search Results Toolbar
Folder Deleted : C:\Program Files\SearchProtect
Folder Deleted : C:\Program Files\Software Updater
Folder Deleted : C:\Program Files\SupTab
Folder Deleted : C:\Program Files\tuguu sl
[!] Folder Deleted : C:\Program Files\Discount Buddy
Folder Deleted : C:\Program Files\Vuze
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Documents and Settings\All Users\Uniblue
Folder Deleted : C:\Documents and Settings\User\Local Settings\Application Data\AVG SafeGuard toolbar
Folder Deleted : C:\Documents and Settings\User\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\User\Local Settings\Application Data\DownloadTerms
Folder Deleted : C:\Documents and Settings\User\Local Settings\Application Data\Freesofttoday
Folder Deleted : C:\Documents and Settings\User\Local Settings\Application Data\globalUpdate
Folder Deleted : C:\Documents and Settings\User\Local Settings\Application Data\SearchProtect
Folder Deleted : C:\Documents and Settings\User\Local Settings\Application Data\WeatherAlerts
Folder Deleted : C:\Documents and Settings\User\AppData\LocalLow\DataMngr
Folder Deleted : C:\Documents and Settings\User\Application Data\AVG SafeGuard toolbar
Folder Deleted : C:\Documents and Settings\User\Application Data\Browser Extensions
Folder Deleted : C:\Documents and Settings\User\Application Data\DefaultTab
Folder Deleted : C:\Documents and Settings\User\Application Data\DriverCure
Folder Deleted : C:\Documents and Settings\User\Application Data\ParetoLogic
Folder Deleted : C:\Documents and Settings\User\Application Data\PriceGong
Folder Deleted : C:\Documents and Settings\User\Application Data\searchresultstb
Folder Deleted : C:\Documents and Settings\User\Application Data\SupTab
Folder Deleted : C:\Documents and Settings\User\Application Data\SwvUpdater
Folder Deleted : C:\Documents and Settings\User\Application Data\Systweak
Folder Deleted : C:\Documents and Settings\User\Application Data\v9
Folder Deleted : C:\Documents and Settings\User\Application Data\VOPackage
Folder Deleted : C:\Documents and Settings\User\Start Menu\Programs\VOPackage
File Deleted : C:\WINDOWS\system32\roboot.exe
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\adawaretb.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\v9.xml
File Deleted : C:\WINDOWS\Tasks\AmiUpdXp.job

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0026766.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0026766.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0026766.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0026766.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0058352.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0058352.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0058352.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0058352.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3277370
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3287819
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289847
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3290228
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110211671166}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511831152}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220222672266}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522832252}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550255675566}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555835552}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266676666}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566836652}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440244674466}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544834452}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110211671166}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511831152}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7736C7FA-512D-11E2-B871-DEC36088709B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D8278076-BC68-4484-9233-6E7F1628B56C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110211671166}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511831152}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D332CFF8-358E-4C9E-8AF3-A08872EF22C1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110211671166}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211671166}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211671166}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{377E5D4D-77E5-476A-8716-7E70A9272DA0}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\dtUser.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Vuze\Azureus.exe]
Key Deleted : HKCU\Software\adawarebp
Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\Crossrider
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\Discount Buddy
Key Deleted : HKCU\Software\FreeSoftToday
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\PriceGong
Key Deleted : HKCU\Software\ScanTack
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SoftwareUpdater
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\Tbccint_HKLM
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\Updater By Sweetpacks
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\CompeteInc
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DomaIQ
Key Deleted : HKLM\Software\iLividSRTB
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\ScanTack
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\SupDp
Key Deleted : HKLM\Software\SupTab
Key Deleted : HKLM\Software\SweetIM
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Tutorials
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\Updater By Sweetpacks
Key Deleted : HKLM\Software\V9Software
Key Deleted : HKLM\Software\Wpm
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{3A787631-66A2-4634-B928-A37E73B58FB6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{EBE677C0-CBCB-4EBF-8098-E27E1B5271CF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RegClean Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Software Updater_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\VOPackage
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~1\SupTab\SEARCH~1.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]

-\\ Mozilla Firefox v30.0 (en-US)

[ File : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\asymwfoh.default-1402681398921\prefs.js ]

*************************

AdwCleaner[R0].txt - [28156 octets] - [25/06/2014 11:41:19]
AdwCleaner[S0].txt - [25168 octets] - [25/06/2014 11:42:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [25229 octets] ##########

#33
itsmesunny

Posted 25 June 2014 - 10:18 AM

Member

Topic Starter
Member
307 posts

_HELP!

I cannot find jrt.txt so I can copy/paste it.

And I don't know how to find it except with "search" when I click on start and I search "everything."

The JRT is on the desktop.

I disabled the FIREWALL . Is that why?

Edited by itsmesunny, 25 June 2014 - 10:30 AM.

#34
Naathim

Posted 25 June 2014 - 10:22 AM

GeekU Minion

Expert
4,568 posts

Leave it. Proceed with the next step.

#35
itsmesunny

Posted 25 June 2014 - 10:34 AM

Member

Topic Starter
Member
307 posts

Leave it. Proceed with the next step.

OK!

Thx.

#36
itsmesunny

Posted 25 June 2014 - 10:39 AM

Member

Topic Starter
Member
307 posts

Ok. here is fix.bat contents.

#####END OF FILE#####

Edited by itsmesunny, 25 June 2014 - 10:57 AM.

#37
itsmesunny

Posted 25 June 2014 - 11:05 AM

Member

Topic Starter
Member
307 posts

OK Nate- here ya go:

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:22-06-2014
Ran by User (administrator) on USER-R6PHPMKAQL on 25-06-2014 12:59:29
Running from C:\Documents and Settings\User\Desktop
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
() C:\Program Files\pcmax\pcmax.exe
(Microsoft Corporation) C:\WINDOWS\system32\MsPMSPSv.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM\...\Run: [fst_us_92] => [X]
HKLM\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] ()
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-602162358-1275210071-725345543-1004\...\Run: [SB Audigy 2 Startup Menu] => /L:ENG
HKU\S-1-5-21-602162358-1275210071-725345543-1004\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5626136 2014-06-05] (SUPERAntiSpyware)
HKU\S-1-5-21-602162358-1275210071-725345543-1004\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] ()
HKU\S-1-5-21-602162358-1275210071-725345543-1004\...\Run: [DellSystemDetect] => C:\Documents and Settings\User\Local Settings\Apps\2.0\A8LMOTVO.4B3\RO0X0G3X.50N\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe [262720 2014-06-12] (Dell)
HKU\S-1-5-21-602162358-1275210071-725345543-1004\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-602162358-1275210071-725345543-1004\...\Policies\Explorer: [HideSCAHealth] 1
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
ShortcutTarget: Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\New Folder ()

==================== Internet (Whitelisted) ====================

SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {87D11DC9-F398-4292-ABB0-4DF9D2EF17D0} URL = http://www.flickr.co...q={searchTerms}
SearchScopes: HKCU - {8E02D41C-5924-4816-9490-33CCD28BEB72} URL = http://search.yahoo....q={searchTerms}
SearchScopes: HKCU - {C9E2458E-64D8-48D2-93D9-B4D234A8D777} URL = http://rover.ebay.co...e={searchTerms}
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo....erms}&fr=mkg028
SearchScopes: HKCU - {ED11499D-4B64-42BC-89CF-86F8BE566741} URL = http://delicious.com...p={searchTerms}
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name - {E8861423-0DAB-459E-A8D5-DB264E69E70C} - No File
BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 207.5.171.1 207.5.171.2

FireFox:
========
FF ProfilePath: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\asymwfoh.default-1402681398921
FF Homepage: www.startpage.com
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Extension: Facebook Share Button - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\asymwfoh.default-1402681398921\Extensions\{d4e0dc9c-c356-438e-afbe-dca439f4399d} [2014-06-14]
FF Extension: Social Fixer - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\asymwfoh.default-1402681398921\Extensions\[email protected] [2014-06-13]
FF Extension: Updated Ad Blocker for Firefox 11+ - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\asymwfoh.default-1402681398921\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi [2014-06-13]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-02-21]
FF HKLM\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] - C:\Program Files\Updater By SweetPacks\Firefox

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [120088 2013-10-10] (SUPERAntiSpyware.com)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-05-07] (Oracle Corporation)
R2 Net Driver HPZ12; C:\WINDOWS\System32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 pcmaxservice; C:\Program Files\pcmax\pcmax.exe [241344 2014-05-29] ()
R2 Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [53520 2000-06-26] (Microsoft Corporation) [File not signed]
S2 MBAMScheduler; "\mbamscheduler.exe" [X]
S2 MBAMService; "\mbamservice.exe" [X]

==================== Drivers (Whitelisted) ====================

R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [42272 2014-06-06] (AVG Technologies)
R3 bpusbflt; C:\WINDOWS\System32\Drivers\bpusbflt.sys [9597 2003-10-10] (Micro Solutions, Inc.) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 COMMONFX.DLL; C:\WINDOWS\System32\COMMONFX.DLL [98600 2007-04-18] (Creative Technology Ltd)
S3 CT20XUT.DLL; C:\WINDOWS\System32\CT20XUT.DLL [164608 2007-04-12] (Creative Technology Ltd.)
S3 CTAUDFX.DLL; C:\WINDOWS\System32\CTAUDFX.DLL [546048 2007-04-12] (Creative Technology Ltd)
S3 ctdvda2k; C:\WINDOWS\System32\drivers\ctdvda2k.sys [347128 2007-04-10] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\WINDOWS\System32\CTEAPSFX.DLL [168192 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\WINDOWS\System32\CTEDSPFX.DLL [280320 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\WINDOWS\System32\CTEDSPIO.DLL [128768 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPSY.DLL; C:\WINDOWS\System32\CTEDSPSY.DLL [323328 2007-04-12] (Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\WINDOWS\System32\CTERFXFX.DLL [94976 2007-04-12] (Creative Technology Ltd)
S3 CTEXFIFX.DLL; C:\WINDOWS\System32\CTEXFIFX.DLL [1317632 2007-04-12] (Creative Technology Ltd.)
S3 CTHWIUT.DLL; C:\WINDOWS\System32\CTHWIUT.DLL [66816 2007-04-12] (Creative Technology Ltd.)
S3 CTSBLFX.DLL; C:\WINDOWS\System32\CTSBLFX.DLL [560384 2007-04-12] (Creative Technology Ltd)
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [797992 2007-04-10] (Creative Technology Ltd)
S3 hap16v2k; C:\WINDOWS\System32\drivers\hap16v2k.sys [163112 2007-04-10] (Creative Technology Ltd)
S3 hap17v2k; C:\WINDOWS\System32\drivers\hap17v2k.sys [189736 2007-04-10] (Creative Technology Ltd)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2008-01-24] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2008-01-24] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2008-01-24] (HP)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R1 OMCI; C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS [13632 2001-08-22] (Dell Computer Corporation) [File not signed]
R2 PfModNT; C:\WINDOWS\system32\drivers\PfModNT.sys [16168 2007-04-10] (Creative Technology Ltd.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SWDUMon; C:\WINDOWS\System32\DRIVERS\SWDUMon.sys [13464 2014-06-13] ()
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S4 IntelIde; No ImagePath
S3 JL2005C; System32\Drivers\jl2005c.sys [X]
S3 MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-25 12:54 - 2014-06-25 12:54 - 00001273 _____ () C:\Documents and Settings\User\Desktop\fix.bat
2014-06-25 12:54 - 2014-06-25 12:54 - 00000024 _____ () C:\Documents and Settings\User\Desktop\ForNaat.txt
2014-06-25 12:54 - 2014-06-23 18:11 - 01073152 _____ (Farbar) C:\Documents and Settings\User\Desktop\FRST.exe
2014-06-25 11:55 - 2014-06-25 11:55 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-06-25 11:54 - 2014-06-25 11:54 - 01016261 _____ (Thisisu) C:\Documents and Settings\User\Desktop\JRT.exe
2014-06-25 11:28 - 2014-06-25 11:43 - 00000000 ____D () C:\AdwCleaner
2014-06-25 11:27 - 2014-06-25 11:27 - 01342659 _____ () C:\Documents and Settings\User\Desktop\AdwCleaner.exe
2014-06-24 10:27 - 2014-06-25 13:00 - 00011183 _____ () C:\Documents and Settings\User\Desktop\FRST.txt
2014-06-24 10:26 - 2014-06-24 10:26 - 00000116 _____ () C:\Documents and Settings\User\My Documents\fix.bat
2014-06-23 20:20 - 2014-06-23 20:20 - 00001117 _____ () C:\Documents and Settings\User\Desktop\GMER.log
2014-06-23 18:06 - 2014-06-25 12:59 - 00000000 ____D () C:\FRST
2014-06-13 16:56 - 2014-06-13 16:56 - 00000738 _____ () C:\Documents and Settings\User\Start Menu\Programs\Outlook Express.lnk
2014-06-13 13:18 - 2014-06-25 12:00 - 00000334 _____ () C:\WINDOWS\Tasks\PC HealthFix Malware Alert.job
2014-06-13 13:18 - 2014-06-14 10:00 - 00000334 _____ () C:\WINDOWS\Tasks\PC HealthFix Scan Results Alert 2.job
2014-06-13 13:18 - 2014-06-14 09:00 - 00000330 _____ () C:\WINDOWS\Tasks\PC HealthFix Desktop Alert.job
2014-06-13 13:18 - 2014-06-13 17:00 - 00000334 _____ () C:\WINDOWS\Tasks\PC HealthFix Desktop Warning.job
2014-06-13 13:18 - 2014-06-13 15:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\PC HealthFix
2014-06-13 13:18 - 2014-06-13 15:26 - 00000714 _____ () C:\WINDOWS\PCHealthFix.INI
2014-06-13 13:18 - 2014-06-13 13:18 - 00000334 _____ () C:\WINDOWS\Tasks\PC HealthFix Scan Results Alert.job
2014-06-13 13:17 - 2014-06-23 20:10 - 00000354 _____ () C:\WINDOWS\Tasks\At1.job
2014-06-13 13:17 - 2014-06-13 13:17 - 00000000 ____D () C:\Program Files\pcmax
2014-06-13 10:32 - 2014-06-13 10:32 - 00000803 _____ () C:\Documents and Settings\User\Start Menu\Programs\Internet Explorer.lnk
2014-06-12 20:58 - 2014-06-12 20:58 - 00000000 ____D () C:\Documents and Settings\User\Application Data\SUPERAntiSpyware.com
2014-06-12 20:57 - 2014-06-12 20:58 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-06-12 20:57 - 2014-06-12 20:57 - 00001678 _____ () C:\Documents and Settings\User\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-06-12 20:57 - 2014-06-12 20:57 - 00000000 ____D () C:\Documents and Settings\User\Start Menu\Programs\SUPERAntiSpyware
2014-06-12 20:57 - 2014-06-12 20:57 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2014-06-12 19:10 - 2014-06-12 19:10 - 00000000 ____D () C:\Program Files\Dell Support Center
2014-06-12 19:10 - 2014-06-12 19:10 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Dell
2014-06-12 19:10 - 2014-06-12 19:10 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Dell
2014-06-12 18:51 - 2014-06-12 18:51 - 00000000 ____D () C:\Documents and Settings\User\Start Menu\Programs\Dell
2014-06-12 18:25 - 2014-06-25 13:00 - 00000458 _____ () C:\WINDOWS\Tasks\SystemToolsDailyTest.job
2014-06-12 18:25 - 2014-06-12 18:25 - 00000520 _____ () C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
2014-06-12 18:16 - 2014-06-12 19:43 - 00455560 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-602162358-1275210071-725345543-1004-0.dat
2014-06-12 15:55 - 2014-06-12 15:55 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\PCDr
2014-06-12 15:52 - 2014-06-12 19:10 - 00000000 ____D () C:\Program Files\My Dell
2014-06-12 15:49 - 2014-06-23 17:52 - 00000000 ____D () C:\temp
2014-06-12 15:49 - 2014-06-12 15:49 - 00000000 ____D () C:\Documents and Settings\User\Application Data\PCDr
2014-06-09 13:21 - 2014-06-09 13:21 - 00023392 _____ () C:\WINDOWS\system32\nscompat.tlb
2014-06-09 13:21 - 2014-06-09 13:21 - 00016832 _____ () C:\WINDOWS\system32\amcompat.tlb
2014-06-09 13:19 - 2014-06-09 13:19 - 00000524 _____ () C:\WINDOWS\updspapi.log
2014-06-09 13:18 - 2014-06-12 16:48 - 00019268 _____ () C:\WINDOWS\wmsetup.log
2014-06-09 13:18 - 2014-06-09 13:21 - 00014433 _____ () C:\WINDOWS\spupdsvc.log
2014-06-09 13:18 - 2014-06-09 13:19 - 00012102 _____ () C:\WINDOWS\wmp11Uninst.log
2014-06-09 13:06 - 2014-06-09 13:06 - 00000416 _____ () C:\WINDOWS\Tasks\ParetoLogic Update Version3_triggeronce.job
2014-06-09 13:05 - 2014-06-12 21:48 - 00226488 _____ () C:\Documents and Settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-06-09 12:50 - 2014-06-13 16:57 - 00182806 _____ () C:\WINDOWS\ocgen.log
2014-06-09 12:50 - 2014-06-13 16:57 - 00153788 _____ () C:\WINDOWS\FaxSetup.log
2014-06-09 12:50 - 2014-06-13 16:57 - 00086684 _____ () C:\WINDOWS\tsoc.log
2014-06-09 12:50 - 2014-06-13 16:57 - 00056954 _____ () C:\WINDOWS\comsetup.log
2014-06-09 12:50 - 2014-06-13 16:57 - 00046604 _____ () C:\WINDOWS\ntdtcsetup.log
2014-06-09 12:50 - 2014-06-13 16:57 - 00038955 _____ () C:\WINDOWS\setupapi.log
2014-06-09 12:50 - 2014-06-13 16:57 - 00015665 _____ () C:\WINDOWS\iis6.log
2014-06-09 12:50 - 2014-06-13 16:57 - 00011810 _____ () C:\WINDOWS\ocmsn.log
2014-06-09 12:50 - 2014-06-13 16:57 - 00010958 _____ () C:\WINDOWS\msgsocm.log
2014-06-09 12:50 - 2014-06-13 16:57 - 00001917 _____ () C:\WINDOWS\imsins.log
2014-06-09 12:41 - 2014-06-13 16:50 - 00000240 _____ () C:\WINDOWS\setupact.log
2014-06-09 12:41 - 2014-06-09 12:41 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-06-09 12:39 - 2014-06-25 12:39 - 00797074 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-09 12:39 - 2014-06-25 11:45 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-06-09 12:39 - 2014-06-25 11:45 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-06-09 12:39 - 2014-06-13 09:03 - 00740632 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-09 12:39 - 2014-06-09 12:39 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-06-09 12:35 - 2014-06-09 12:35 - 00000340 _____ () C:\WINDOWS\Tasks\Wise Turbo Checker.job
2014-06-09 11:46 - 2014-06-09 11:46 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-06-09 11:21 - 2014-06-09 11:21 - 00000396 _____ () C:\WINDOWS\Tasks\SparkTrust Update Version3_triggeronce.job
2014-06-09 08:06 - 2012-06-02 15:18 - 00275696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mucltui.dll
2014-06-09 08:06 - 2012-06-02 15:18 - 00214256 _____ (Microsoft Corporation) C:\WINDOWS\system32\muweb.dll
2014-06-09 08:06 - 2012-06-02 15:18 - 00017136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mucltui.dll.mui
2014-06-08 19:06 - 2014-06-08 19:06 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-06-08 19:06 - 2014-06-08 19:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
2014-06-08 18:29 - 2014-06-08 19:00 - 00000000 ____D () C:\Program Files\TotalSystemCare
2014-06-08 10:33 - 2014-06-08 10:33 - 00000000 ___HD () C:\WINDOWS\PIF
2014-06-07 20:24 - 2014-06-07 20:24 - 00000730 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-07 20:24 - 2014-06-07 20:24 - 00000724 _____ () C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2014-06-07 12:57 - 2014-06-07 13:18 - 00000000 ____D () C:\Documents and Settings\User\My Documents\AMERICA IN DEEP TROUBLE
2014-06-07 11:12 - 2014-06-07 11:12 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-06-07 11:11 - 2014-06-07 11:43 - 00000000 ____D () C:\WINDOWS\455F074C814E4520B69B5584BD90400C.TMP
2014-06-07 11:11 - 2014-06-07 11:11 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-06-07 10:07 - 2014-06-07 10:07 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-06-07 09:17 - 2007-07-27 23:11 - 00016760 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsg.dll
2014-06-07 08:22 - 2014-06-13 11:35 - 00012800 ___SH () C:\WINDOWS\system32\Thumbs.db
2014-06-06 21:28 - 2014-06-06 21:28 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\PCHealth
2014-06-06 21:01 - 2014-06-12 19:43 - 00417078 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-06-06 21:00 - 2014-06-06 21:00 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\com
2014-06-06 20:56 - 2014-06-06 20:56 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Local_Weather_LLC
2014-06-06 20:55 - 2014-06-12 21:14 - 00000000 ____D () C:\Documents and Settings\User\Start Menu\Programs\Weather Alerts
2014-06-06 17:37 - 2014-06-06 21:11 - 00000000 ____D () C:\Documents and Settings\User\Application Data\HpUpdate
2014-06-06 17:37 - 2014-06-06 17:37 - 00000000 ____D () C:\WINDOWS\Hewlett-Packard
2014-06-06 13:06 - 2014-06-06 17:32 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Apple Computer
2014-06-06 12:51 - 2014-06-06 12:51 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\McAfee
2014-06-06 12:48 - 2014-06-06 12:48 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\McAfee
2014-06-06 12:44 - 2014-06-06 12:44 - 00006144 ___SH () C:\Documents and Settings\User\My Documents\Thumbs.db
2014-06-06 12:30 - 2014-06-06 12:30 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Apple Computer
2014-06-06 12:30 - 2014-06-06 12:30 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Apple
2014-06-06 12:14 - 2014-06-06 12:14 - 00000000 ____D () C:\Documents and Settings\User\.swt
2014-06-06 12:13 - 2014-06-08 11:23 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Azureus
2014-06-06 12:13 - 2014-06-06 12:13 - 00001505 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Vuze.lnk
2014-06-06 10:51 - 2014-06-06 10:51 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Windows Search
2014-06-06 10:43 - 2014-06-09 13:23 - 00000792 _____ () C:\Documents and Settings\User\Start Menu\Programs\Windows Media Player.lnk
2014-06-06 10:43 - 2008-04-13 20:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpns.dll
2014-06-06 10:16 - 2014-06-06 10:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB963093$
2014-06-06 10:07 - 2014-06-06 21:22 - 00065536 _____ () C:\WINDOWS\system32\config\WindowsPowerShell.evt
2014-06-06 10:07 - 2014-06-06 10:19 - 00065536 _____ () C:\WINDOWS\system32\config\EventForwarding-Operational.Evt
2014-06-06 10:01 - 2014-06-06 10:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2808679$
2014-06-06 09:16 - 2014-06-06 09:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2492386$
2014-06-06 09:15 - 2014-06-06 10:06 - 00065536 _____ () C:\WINDOWS\system32\config\Windows .evt
2014-06-06 09:15 - 2014-06-06 10:06 - 00065536 _____ () C:\WINDOWS\system32\config\Microsof.evt
2014-06-06 09:15 - 2014-06-06 09:15 - 00000000 __HDC () C:\WINDOWS\$968930Uinstall_KB968930$
2014-06-06 09:15 - 2014-06-06 09:15 - 00000000 ____D () C:\WINDOWS\system32\winrm
2014-06-06 09:15 - 2014-06-06 09:15 - 00000000 ____D () C:\WINDOWS\system32\WindowsPowerShell
2014-06-06 09:15 - 2014-06-06 09:15 - 00000000 ____D () C:\WINDOWS\$NtUninstallKB968930$
2014-06-06 09:14 - 2014-06-06 09:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallbasecsp$
2014-06-06 09:14 - 2014-06-06 09:14 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Windows Desktop Search
2014-06-06 09:13 - 2014-06-06 10:20 - 00000000 ____D () C:\Program Files\Windows Desktop Search
2014-06-06 09:13 - 2014-06-06 09:13 - 00001803 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Windows Search.lnk
2014-06-06 09:13 - 2014-06-06 09:13 - 00000000 ____D () C:\WINDOWS\system32\GroupPolicy
2014-06-06 09:12 - 2014-06-06 09:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB940157$
2014-06-06 09:12 - 2014-06-06 09:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB915800-v4$
2014-06-06 09:11 - 2008-03-07 13:02 - 00192000 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\offfilt.dll
2014-06-06 09:11 - 2008-03-07 13:02 - 00098304 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\nlhtml.dll
2014-06-06 09:11 - 2008-03-07 13:02 - 00029696 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mimefilt.dll
2014-06-06 09:10 - 2014-06-06 09:10 - 00000000 ____D () C:\WINDOWS\system32\URTTEMP
2014-06-06 08:40 - 2014-06-08 18:17 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection
2014-06-06 08:39 - 2014-06-08 18:48 - 00000000 ____D () C:\Program Files\Lavasoft
2014-06-06 08:34 - 2014-06-06 08:42 - 00000000 ____D () C:\Documents and Settings\User\Application Data\LavasoftStatistics
2014-06-06 08:32 - 2014-06-06 08:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB942288-v3$
2014-06-06 08:31 - 2014-06-06 08:31 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Lavasoft
2014-06-06 08:18 - 2014-06-06 08:18 - 00000000 _____ () C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
2014-06-06 08:18 - 2014-06-06 08:17 - 00042272 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx86.sys
2014-06-06 08:17 - 2014-06-06 08:17 - 00000000 __SHD () C:\Documents and Settings\LocalService\IETldCache
2014-06-05 20:17 - 2014-06-13 11:26 - 00000000 ____D () C:\Program Files\DriverUpdate
2014-06-05 20:17 - 2014-06-13 11:10 - 00013464 _____ () C:\WINDOWS\system32\Drivers\SWDUMon.sys
2014-06-05 20:17 - 2014-06-05 20:17 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\SlimWare Utilities Inc
2014-06-05 15:40 - 2014-06-24 10:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-05 15:40 - 2014-06-24 10:09 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-05 15:40 - 2014-06-05 15:40 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Mozilla
2014-06-05 15:40 - 2014-06-05 15:40 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Mozilla
2014-06-05 15:40 - 2014-06-05 15:40 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Mozilla
2014-06-05 15:05 - 2014-06-12 21:14 - 00000000 ____D () C:\Documents and Settings\User\Application Data\IDM2
2014-06-05 14:52 - 2014-06-12 19:03 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Deployment
2014-06-05 14:47 - 2014-06-25 11:45 - 00000220 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-06-05 14:47 - 2014-06-05 15:13 - 00000214 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-06-05 14:45 - 2014-06-05 14:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-06-05 14:45 - 2014-06-05 14:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-06-05 14:45 - 2014-06-05 14:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-06-05 14:44 - 2014-06-05 14:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834886$
2014-06-05 14:41 - 2014-06-05 14:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-06-05 14:41 - 2014-06-05 14:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-06-05 14:41 - 2014-06-05 14:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-06-05 14:41 - 2014-06-05 14:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$
2014-06-05 14:40 - 2014-06-05 14:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$
2014-06-05 14:40 - 2014-06-05 14:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2014-06-05 14:37 - 2014-06-05 14:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-06-05 14:37 - 2014-06-05 14:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$
2014-06-05 14:30 - 2014-06-12 21:25 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-05 14:29 - 2014-06-05 14:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-06-05 14:29 - 2014-06-05 14:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$
2014-06-05 14:29 - 2014-06-05 14:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-06-05 14:21 - 2014-06-05 14:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-06-05 14:21 - 2014-06-05 14:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$
2014-06-05 14:21 - 2014-06-05 14:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2850869$
2014-06-05 14:18 - 2014-06-05 14:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$
2014-06-05 14:17 - 2014-06-05 14:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2820917$
2014-06-05 14:13 - 2014-06-05 14:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-06-05 14:13 - 2014-06-05 14:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-06-05 14:06 - 2014-06-05 14:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-06-05 14:06 - 2014-06-05 14:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$
2014-06-05 14:06 - 2014-06-05 14:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2813345$
2014-06-05 13:52 - 2014-06-05 13:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-06-05 13:47 - 2013-07-02 22:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2014-06-05 13:44 - 2013-07-16 20:58 - 00123008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys
2014-06-05 13:43 - 2014-02-25 21:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-06-05 13:43 - 2014-02-25 21:59 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-06-05 13:43 - 2013-08-08 20:55 - 00144128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2014-06-05 13:43 - 2013-08-08 20:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2014-06-05 13:43 - 2009-03-18 07:02 - 00030336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2014-06-05 13:38 - 2014-06-25 12:46 - 00000260 _____ () C:\WINDOWS\Tasks\DTChk.job
2014-06-05 13:38 - 2014-06-05 13:38 - 00000000 ____D () C:\WINDOWS\Sun
2014-06-05 13:38 - 2014-06-05 13:38 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-06-05 13:37 - 2014-06-05 13:37 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-06-05 13:37 - 2014-05-07 15:02 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-06-05 13:37 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-06-05 13:37 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-06-05 13:37 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-06-05 13:37 - 2014-05-07 14:42 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-06-05 13:36 - 2014-06-05 13:37 - 00006629 _____ () C:\WINDOWS\system32\jupdate-1.7.0_60-b19.log

==================== One Month Modified Files and Folders =======

2014-06-25 13:00 - 2014-06-24 10:27 - 00011183 _____ () C:\Documents and Settings\User\Desktop\FRST.txt
2014-06-25 13:00 - 2014-06-12 18:25 - 00000458 _____ () C:\WINDOWS\Tasks\SystemToolsDailyTest.job
2014-06-25 13:00 - 2009-06-17 09:27 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Temp
2014-06-25 12:59 - 2014-06-23 18:06 - 00000000 ____D () C:\FRST
2014-06-25 12:54 - 2014-06-25 12:54 - 00001273 _____ () C:\Documents and Settings\User\Desktop\fix.bat
2014-06-25 12:54 - 2014-06-25 12:54 - 00000024 _____ () C:\Documents and Settings\User\Desktop\ForNaat.txt
2014-06-25 12:47 - 2013-02-23 03:04 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-06-25 12:46 - 2014-06-05 13:38 - 00000260 _____ () C:\WINDOWS\Tasks\DTChk.job
2014-06-25 12:39 - 2014-06-09 12:39 - 00797074 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-25 12:04 - 2013-02-22 16:32 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-06-25 12:00 - 2014-06-13 13:18 - 00000334 _____ () C:\WINDOWS\Tasks\PC HealthFix Malware Alert.job
2014-06-25 11:55 - 2014-06-25 11:55 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-06-25 11:54 - 2014-06-25 11:54 - 01016261 _____ (Thisisu) C:\Documents and Settings\User\Desktop\JRT.exe
2014-06-25 11:45 - 2014-06-09 12:39 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-06-25 11:45 - 2014-06-09 12:39 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-06-25 11:45 - 2014-06-05 14:47 - 00000220 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-06-25 11:45 - 2009-06-17 09:13 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-06-25 11:44 - 2009-06-17 09:27 - 00000278 ___SH () C:\Documents and Settings\User\ntuser.ini
2014-06-25 11:44 - 2009-06-17 09:25 - 00032534 _____ () C:\WINDOWS\SchedLgU.Txt
2014-06-25 11:43 - 2014-06-25 11:28 - 00000000 ____D () C:\AdwCleaner
2014-06-25 11:27 - 2014-06-25 11:27 - 01342659 _____ () C:\Documents and Settings\User\Desktop\AdwCleaner.exe
2014-06-25 11:13 - 2002-09-03 13:14 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-06-24 10:26 - 2014-06-24 10:26 - 00000116 _____ () C:\Documents and Settings\User\My Documents\fix.bat
2014-06-24 10:09 - 2014-06-05 15:40 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-24 10:09 - 2014-06-05 15:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-23 20:20 - 2014-06-23 20:20 - 00001117 _____ () C:\Documents and Settings\User\Desktop\GMER.log
2014-06-23 20:10 - 2014-06-13 13:17 - 00000354 _____ () C:\WINDOWS\Tasks\At1.job
2014-06-23 18:11 - 2014-06-25 12:54 - 01073152 _____ (Farbar) C:\Documents and Settings\User\Desktop\FRST.exe
2014-06-23 17:52 - 2014-06-12 15:49 - 00000000 ____D () C:\temp
2014-06-14 10:00 - 2014-06-13 13:18 - 00000334 _____ () C:\WINDOWS\Tasks\PC HealthFix Scan Results Alert 2.job
2014-06-14 09:00 - 2014-06-13 13:18 - 00000330 _____ () C:\WINDOWS\Tasks\PC HealthFix Desktop Alert.job
2014-06-13 17:00 - 2014-06-13 13:18 - 00000334 _____ () C:\WINDOWS\Tasks\PC HealthFix Desktop Warning.job
2014-06-13 16:57 - 2014-06-09 12:50 - 00182806 _____ () C:\WINDOWS\ocgen.log
2014-06-13 16:57 - 2014-06-09 12:50 - 00153788 _____ () C:\WINDOWS\FaxSetup.log
2014-06-13 16:57 - 2014-06-09 12:50 - 00086684 _____ () C:\WINDOWS\tsoc.log
2014-06-13 16:57 - 2014-06-09 12:50 - 00056954 _____ () C:\WINDOWS\comsetup.log
2014-06-13 16:57 - 2014-06-09 12:50 - 00046604 _____ () C:\WINDOWS\ntdtcsetup.log
2014-06-13 16:57 - 2014-06-09 12:50 - 00038955 _____ () C:\WINDOWS\setupapi.log
2014-06-13 16:57 - 2014-06-09 12:50 - 00015665 _____ () C:\WINDOWS\iis6.log
2014-06-13 16:57 - 2014-06-09 12:50 - 00011810 _____ () C:\WINDOWS\ocmsn.log
2014-06-13 16:57 - 2014-06-09 12:50 - 00010958 _____ () C:\WINDOWS\msgsocm.log
2014-06-13 16:57 - 2014-06-09 12:50 - 00001917 _____ () C:\WINDOWS\imsins.log
2014-06-13 16:57 - 2009-06-17 05:05 - 00004566 _____ () C:\WINDOWS\imsins.BAK
2014-06-13 16:56 - 2014-06-13 16:56 - 00000738 _____ () C:\Documents and Settings\User\Start Menu\Programs\Outlook Express.lnk
2014-06-13 16:56 - 2009-06-17 05:05 - 00636556 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-13 16:50 - 2014-06-09 12:41 - 00000240 _____ () C:\WINDOWS\setupact.log
2014-06-13 15:32 - 2014-06-13 13:18 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\PC HealthFix
2014-06-13 15:26 - 2014-06-13 13:18 - 00000714 _____ () C:\WINDOWS\PCHealthFix.INI
2014-06-13 13:23 - 2009-06-17 09:31 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Dell Accessories
2014-06-13 13:23 - 2009-06-17 09:13 - 00000000 ____D () C:\DELL
2014-06-13 13:18 - 2014-06-13 13:18 - 00000334 _____ () C:\WINDOWS\Tasks\PC HealthFix Scan Results Alert.job
2014-06-13 13:17 - 2014-06-13 13:17 - 00000000 ____D () C:\Program Files\pcmax
2014-06-13 11:35 - 2014-06-07 08:22 - 00012800 ___SH () C:\WINDOWS\system32\Thumbs.db
2014-06-13 11:26 - 2014-06-05 20:17 - 00000000 ____D () C:\Program Files\DriverUpdate
2014-06-13 11:10 - 2014-06-05 20:17 - 00013464 _____ () C:\WINDOWS\system32\Drivers\SWDUMon.sys
2014-06-13 10:32 - 2014-06-13 10:32 - 00000803 _____ () C:\Documents and Settings\User\Start Menu\Programs\Internet Explorer.lnk
2014-06-13 09:03 - 2014-06-09 12:39 - 00740632 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-12 21:48 - 2014-06-09 13:05 - 00226488 _____ () C:\Documents and Settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-06-12 21:42 - 2009-06-17 11:30 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-06-12 21:42 - 2009-06-17 11:30 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-12 21:42 - 2009-06-17 05:05 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-12 21:41 - 2009-06-17 11:31 - 00000000 ____D () C:\WINDOWS\SHELLNEW
2014-06-12 21:41 - 2009-06-17 11:31 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
2014-06-12 21:41 - 2009-06-17 09:11 - 00000000 ____D () C:\Program Files\Common Files\System
2014-06-12 21:41 - 2002-09-03 13:11 - 00000670 _____ () C:\WINDOWS\win.ini
2014-06-12 21:25 - 2014-06-05 14:30 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-12 21:22 - 2009-06-17 13:11 - 92708840 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-12 21:14 - 2014-06-06 20:55 - 00000000 ____D () C:\Documents and Settings\User\Start Menu\Programs\Weather Alerts
2014-06-12 21:14 - 2014-06-05 15:05 - 00000000 ____D () C:\Documents and Settings\User\Application Data\IDM2
2014-06-12 20:58 - 2014-06-12 20:58 - 00000000 ____D () C:\Documents and Settings\User\Application Data\SUPERAntiSpyware.com
2014-06-12 20:58 - 2014-06-12 20:57 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-06-12 20:57 - 2014-06-12 20:57 - 00001678 _____ () C:\Documents and Settings\User\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-06-12 20:57 - 2014-06-12 20:57 - 00000000 ____D () C:\Documents and Settings\User\Start Menu\Programs\SUPERAntiSpyware
2014-06-12 20:57 - 2014-06-12 20:57 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2014-06-12 19:43 - 2014-06-12 18:16 - 00455560 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-602162358-1275210071-725345543-1004-0.dat
2014-06-12 19:43 - 2014-06-06 21:01 - 00417078 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-06-12 19:37 - 2013-02-20 19:53 - 00000289 _____ () C:\WINDOWS\wininit.ini
2014-06-12 19:10 - 2014-06-12 19:10 - 00000000 ____D () C:\Program Files\Dell Support Center
2014-06-12 19:10 - 2014-06-12 19:10 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Dell
2014-06-12 19:10 - 2014-06-12 19:10 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Dell
2014-06-12 19:10 - 2014-06-12 15:52 - 00000000 ____D () C:\Program Files\My Dell
2014-06-12 19:03 - 2014-06-05 14:52 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Deployment
2014-06-12 18:53 - 2009-06-17 09:25 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-06-12 18:53 - 2009-06-17 09:24 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-06-12 18:53 - 2009-06-17 09:11 - 00000000 ____D () C:\WINDOWS\Registration
2014-06-12 18:51 - 2014-06-12 18:51 - 00000000 ____D () C:\Documents and Settings\User\Start Menu\Programs\Dell
2014-06-12 18:25 - 2014-06-12 18:25 - 00000520 _____ () C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
2014-06-12 16:48 - 2014-06-09 13:18 - 00019268 _____ () C:\WINDOWS\wmsetup.log
2014-06-12 15:55 - 2014-06-12 15:55 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\PCDr
2014-06-12 15:49 - 2014-06-12 15:49 - 00000000 ____D () C:\Documents and Settings\User\Application Data\PCDr
2014-06-09 13:23 - 2014-06-06 10:43 - 00000792 _____ () C:\Documents and Settings\User\Start Menu\Programs\Windows Media Player.lnk
2014-06-09 13:21 - 2014-06-09 13:21 - 00023392 _____ () C:\WINDOWS\system32\nscompat.tlb
2014-06-09 13:21 - 2014-06-09 13:21 - 00016832 _____ () C:\WINDOWS\system32\amcompat.tlb
2014-06-09 13:21 - 2014-06-09 13:18 - 00014433 _____ () C:\WINDOWS\spupdsvc.log
2014-06-09 13:19 - 2014-06-09 13:19 - 00000524 _____ () C:\WINDOWS\updspapi.log
2014-06-09 13:19 - 2014-06-09 13:18 - 00012102 _____ () C:\WINDOWS\wmp11Uninst.log
2014-06-09 13:19 - 2013-03-27 14:53 - 00000000 ____D () C:\Program Files\Windows Media Connect 2
2014-06-09 13:19 - 2009-06-17 05:01 - 00000000 ____D () C:\WINDOWS\Help
2014-06-09 13:06 - 2014-06-09 13:06 - 00000416 _____ () C:\WINDOWS\Tasks\ParetoLogic Update Version3_triggeronce.job
2014-06-09 12:41 - 2014-06-09 12:41 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-06-09 12:39 - 2014-06-09 12:39 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-06-09 12:35 - 2014-06-09 12:35 - 00000340 _____ () C:\WINDOWS\Tasks\Wise Turbo Checker.job
2014-06-09 12:32 - 2009-08-22 14:54 - 00000000 ____D () C:\WINDOWS\Minidump
2014-06-09 12:32 - 2009-06-17 09:46 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\ATI HYDRAVISION
2014-06-09 11:46 - 2014-06-09 11:46 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-06-09 11:21 - 2014-06-09 11:21 - 00000396 _____ () C:\WINDOWS\Tasks\SparkTrust Update Version3_triggeronce.job
2014-06-09 10:18 - 2009-06-17 09:12 - 00000000 __SHD () C:\Documents and Settings\All Users\DRM
2014-06-08 19:06 - 2014-06-08 19:06 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-06-08 19:06 - 2014-06-08 19:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
2014-06-08 19:00 - 2014-06-08 18:29 - 00000000 ____D () C:\Program Files\TotalSystemCare
2014-06-08 18:48 - 2014-06-06 08:39 - 00000000 ____D () C:\Program Files\Lavasoft
2014-06-08 18:17 - 2014-06-06 08:40 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection
2014-06-08 11:23 - 2014-06-06 12:13 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Azureus
2014-06-08 10:33 - 2014-06-08 10:33 - 00000000 ___HD () C:\WINDOWS\PIF
2014-06-08 09:19 - 2013-03-27 09:24 - 00000000 ____D () C:\WINDOWS\system32\data
2014-06-08 09:19 - 2009-06-17 09:40 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2014-06-07 20:24 - 2014-06-07 20:24 - 00000730 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-07 20:24 - 2014-06-07 20:24 - 00000724 _____ () C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2014-06-07 13:18 - 2014-06-07 12:57 - 00000000 ____D () C:\Documents and Settings\User\My Documents\AMERICA IN DEEP TROUBLE
2014-06-07 11:43 - 2014-06-07 11:11 - 00000000 ____D () C:\WINDOWS\455F074C814E4520B69B5584BD90400C.TMP
2014-06-07 11:25 - 2009-06-17 09:27 - 00001599 _____ () C:\Documents and Settings\User\Start Menu\Programs\Remote Assistance.lnk
2014-06-07 11:21 - 2009-06-17 09:13 - 00001599 ____C () C:\Documents and Settings\Default User\Start Menu\Programs\Remote Assistance.lnk
2014-06-07 11:12 - 2014-06-07 11:12 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-06-07 11:11 - 2014-06-07 11:11 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-06-07 10:35 - 2013-03-21 11:09 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Updater26766
2014-06-07 10:07 - 2014-06-07 10:07 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-06-07 08:22 - 2013-02-20 23:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2779562$
2014-06-07 08:22 - 2009-06-17 05:01 - 00000000 ___RD () C:\WINDOWS\Web
2014-06-07 08:21 - 2013-03-26 22:04 - 00000000 __HDC () C:\WINDOWS\ie8
2014-06-06 21:35 - 2013-04-13 15:34 - 00000000 ____D () C:\Program Files\InterActual
2014-06-06 21:28 - 2014-06-06 21:28 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\PCHealth
2014-06-06 21:22 - 2014-06-06 10:07 - 00065536 _____ () C:\WINDOWS\system32\config\WindowsPowerShell.evt
2014-06-06 21:22 - 2009-06-17 09:10 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Games
2014-06-06 21:22 - 2009-06-17 09:10 - 00000000 ____D () C:\Program Files\Windows NT
2014-06-06 21:22 - 2009-06-17 05:01 - 00000000 ____D () C:\WINDOWS\Cursors
2014-06-06 21:11 - 2014-06-06 17:37 - 00000000 ____D () C:\Documents and Settings\User\Application Data\HpUpdate
2014-06-06 21:00 - 2014-06-06 21:00 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\com
2014-06-06 20:56 - 2014-06-06 20:56 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Local_Weather_LLC
2014-06-06 17:56 - 2009-06-17 09:47 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-06-06 17:37 - 2014-06-06 17:37 - 00000000 ____D () C:\WINDOWS\Hewlett-Packard
2014-06-06 17:37 - 2009-08-10 12:35 - 00000000 ____D () C:\Program Files\HP
2014-06-06 17:32 - 2014-06-06 13:06 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Apple Computer
2014-06-06 13:54 - 2013-04-07 10:39 - 00000000 ____D () C:\Documents and Settings\User\My Documents\Picture
2014-06-06 12:51 - 2014-06-06 12:51 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\McAfee
2014-06-06 12:48 - 2014-06-06 12:48 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\McAfee
2014-06-06 12:48 - 2013-02-22 16:32 - 00692400 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-06-06 12:48 - 2013-02-22 16:32 - 00070832 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-06-06 12:44 - 2014-06-06 12:44 - 00006144 ___SH () C:\Documents and Settings\User\My Documents\Thumbs.db
2014-06-06 12:30 - 2014-06-06 12:30 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Apple Computer
2014-06-06 12:30 - 2014-06-06 12:30 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Apple
2014-06-06 12:14 - 2014-06-06 12:14 - 00000000 ____D () C:\Documents and Settings\User\.swt
2014-06-06 12:13 - 2014-06-06 12:13 - 00001505 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Vuze.lnk
2014-06-06 10:51 - 2014-06-06 10:51 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Windows Search
2014-06-06 10:48 - 2013-03-21 11:21 - 00000000 ____D () C:\Program Files\CyberLink
2014-06-06 10:48 - 2009-06-17 09:31 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-06-06 10:36 - 2011-06-11 16:16 - 00005632 ____C () C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-06 10:20 - 2014-06-06 09:13 - 00000000 ____D () C:\Program Files\Windows Desktop Search
2014-06-06 10:19 - 2014-06-06 10:07 - 00065536 _____ () C:\WINDOWS\system32\config\EventForwarding-Operational.Evt
2014-06-06 10:16 - 2014-06-06 10:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB963093$
2014-06-06 10:06 - 2014-06-06 09:15 - 00065536 _____ () C:\WINDOWS\system32\config\Windows .evt
2014-06-06 10:06 - 2014-06-06 09:15 - 00065536 _____ () C:\WINDOWS\system32\config\Microsof.evt
2014-06-06 10:01 - 2014-06-06 10:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2808679$
2014-06-06 09:51 - 2013-02-20 20:51 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-06-06 09:51 - 2009-06-17 11:45 - 00000000 ___HD () C:\WINDOWS\$hf_mig$
2014-06-06 09:22 - 2009-06-17 05:01 - 00000000 ____D () C:\WINDOWS\security
2014-06-06 09:16 - 2014-06-06 09:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2492386$
2014-06-06 09:16 - 2009-06-17 09:09 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
2014-06-06 09:15 - 2014-06-06 09:15 - 00000000 __HDC () C:\WINDOWS\$968930Uinstall_KB968930$
2014-06-06 09:15 - 2014-06-06 09:15 - 00000000 ____D () C:\WINDOWS\system32\winrm
2014-06-06 09:15 - 2014-06-06 09:15 - 00000000 ____D () C:\WINDOWS\system32\WindowsPowerShell
2014-06-06 09:15 - 2014-06-06 09:15 - 00000000 ____D () C:\WINDOWS\$NtUninstallKB968930$
2014-06-06 09:14 - 2014-06-06 09:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallbasecsp$
2014-06-06 09:14 - 2014-06-06 09:14 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Windows Desktop Search
2014-06-06 09:13 - 2014-06-06 09:13 - 00001803 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Windows Search.lnk
2014-06-06 09:13 - 2014-06-06 09:13 - 00000000 ____D () C:\WINDOWS\system32\GroupPolicy
2014-06-06 09:12 - 2014-06-06 09:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB940157$
2014-06-06 09:12 - 2014-06-06 09:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB915800-v4$
2014-06-06 09:10 - 2014-06-06 09:10 - 00000000 ____D () C:\WINDOWS\system32\URTTEMP
2014-06-06 08:42 - 2014-06-06 08:34 - 00000000 ____D () C:\Documents and Settings\User\Application Data\LavasoftStatistics
2014-06-06 08:33 - 2014-06-06 08:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB942288-v3$
2014-06-06 08:31 - 2014-06-06 08:31 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Lavasoft
2014-06-06 08:18 - 2014-06-06 08:18 - 00000000 _____ () C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
2014-06-06 08:17 - 2014-06-06 08:18 - 00042272 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx86.sys
2014-06-06 08:17 - 2014-06-06 08:17 - 00000000 __SHD () C:\Documents and Settings\LocalService\IETldCache
2014-06-05 21:15 - 2009-06-17 09:13 - 00001507 _____ () C:\Documents and Settings\All Users\Start Menu\Windows Update.lnk
2014-06-05 21:13 - 2013-03-21 11:12 - 00000000 ____D () C:\Documents and Settings\User\Application Data\vlc
2014-06-05 20:17 - 2014-06-05 20:17 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\SlimWare Utilities Inc
2014-06-05 15:40 - 2014-06-05 15:40 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Mozilla
2014-06-05 15:40 - 2014-06-05 15:40 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Mozilla
2014-06-05 15:40 - 2014-06-05 15:40 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Mozilla
2014-06-05 15:13 - 2014-06-05 14:47 - 00000214 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-06-05 14:45 - 2014-06-05 14:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-06-05 14:45 - 2014-06-05 14:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-06-05 14:45 - 2014-06-05 14:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-06-05 14:44 - 2014-06-05 14:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834886$
2014-06-05 14:41 - 2014-06-05 14:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-06-05 14:41 - 2014-06-05 14:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-06-05 14:41 - 2014-06-05 14:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-06-05 14:41 - 2014-06-05 14:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$
2014-06-05 14:40 - 2014-06-05 14:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$
2014-06-05 14:40 - 2014-06-05 14:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2014-06-05 14:38 - 2009-06-17 15:56 - 00224632 ____C () C:\WINDOWS\system32\TZLog.log
2014-06-05 14:37 - 2014-06-05 14:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-06-05 14:37 - 2014-06-05 14:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$
2014-06-05 14:29 - 2014-06-05 14:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-06-05 14:29 - 2014-06-05 14:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$
2014-06-05 14:29 - 2014-06-05 14:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-06-05 14:21 - 2014-06-05 14:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-06-05 14:21 - 2014-06-05 14:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$
2014-06-05 14:21 - 2014-06-05 14:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2850869$
2014-06-05 14:18 - 2014-06-05 14:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$
2014-06-05 14:17 - 2014-06-05 14:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2820917$
2014-06-05 14:13 - 2014-06-05 14:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-06-05 14:13 - 2014-06-05 14:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-06-05 14:06 - 2014-06-05 14:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-06-05 14:06 - 2014-06-05 14:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$
2014-06-05 14:06 - 2014-06-05 14:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2813345$
2014-06-05 14:02 - 2013-02-21 13:01 - 00000000 ____D () C:\WINDOWS\system32\XPSViewer
2014-06-05 13:52 - 2014-06-05 13:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-06-05 13:38 - 2014-06-05 13:38 - 00000000 ____D () C:\WINDOWS\Sun
2014-06-05 13:38 - 2014-06-05 13:38 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-06-05 13:37 - 2014-06-05 13:37 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-06-05 13:37 - 2014-06-05 13:36 - 00006629 _____ () C:\WINDOWS\system32\jupdate-1.7.0_60-b19.log
2014-06-05 13:37 - 2013-03-27 19:43 - 00000000 ____D () C:\Program Files\Java
2014-06-05 13:28 - 2013-03-26 17:45 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Temp
2014-05-30 16:40 - 2013-03-21 14:05 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-05-30 16:22 - 2013-02-22 16:31 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Yahoo!
2014-05-30 16:22 - 2009-08-10 12:40 - 00000000 ____D () C:\Program Files\Yahoo!

Files to move or delete:
====================
C:\Windows\Tasks\At1.job

Some content of TEMP:
====================
C:\Documents and Settings\User\Local Settings\Temp\26_SoftwareUpdaterSetupD.exe
C:\Documents and Settings\User\Local Settings\Temp\air25.exe
C:\Documents and Settings\User\Local Settings\Temp\air32.exe
C:\Documents and Settings\User\Local Settings\Temp\air42.exe
C:\Documents and Settings\User\Local Settings\Temp\air4B.exe
C:\Documents and Settings\User\Local Settings\Temp\air62.exe
C:\Documents and Settings\User\Local Settings\Temp\BackupSetup.exe
C:\Documents and Settings\User\Local Settings\Temp\ConsumerInputSetup.exe
C:\Documents and Settings\User\Local Settings\Temp\dlLogic.exe
C:\Documents and Settings\User\Local Settings\Temp\dltr.exe
C:\Documents and Settings\User\Local Settings\Temp\file_to_run55804.exe
C:\Documents and Settings\User\Local Settings\Temp\GCVerifier.dll
C:\Documents and Settings\User\Local Settings\Temp\ICReinstall_DownloadManagerSetup.exe
C:\Documents and Settings\User\Local Settings\Temp\nsd37.exe
C:\Documents and Settings\User\Local Settings\Temp\nsg2E.exe
C:\Documents and Settings\User\Local Settings\Temp\nsi33.exe
C:\Documents and Settings\User\Local Settings\Temp\nsl36.exe
C:\Documents and Settings\User\Local Settings\Temp\nsr3F.exe
C:\Documents and Settings\User\Local Settings\Temp\nst2B.exe
C:\Documents and Settings\User\Local Settings\Temp\nsu3C.exe
C:\Documents and Settings\User\Local Settings\Temp\nsw34.exe
C:\Documents and Settings\User\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\User\Local Settings\Temp\setup.exe
C:\Documents and Settings\User\Local Settings\Temp\speedmax_21791.exe
C:\Documents and Settings\User\Local Settings\Temp\updater_152883.exe
C:\Documents and Settings\User\Local Settings\Temp\verifier.exe

==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

#38
itsmesunny

Posted 25 June 2014 - 11:06 AM

Member

Topic Starter
Member
307 posts

Ok Nate - here ya go:

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x86) Version:22-06-2014
Ran by User at 2014-06-25 13:01:20
Running from C:\Documents and Settings\User\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

==================== Installed Programs ======================

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
3D Ultra NASCAR Pinball (HKLM\...\3D Ultra NASCAR Pinball) (Version: - )
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1017 - )
ATI AVIVO Codecs (HKLM\...\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}) (Version: 9.14.0.60504 - ATI Technologies Inc.)
ATI Catalyst Control Center (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.007.0815.2325 - )
ATI HYDRAVISION (HKLM\...\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}) (Version: 3.25.0006 - )
ATI Parental Control & Encoder (Version: 3.0 - ATI Technologies Inc.) Hidden
Bob the Builder (HKLM\...\{36373CE1-6999-11D5-96DC-98302790D441}) (Version: - )
Cook'n with Betty Crocker (HKLM\...\Cook'n with Betty Crocker) (Version: - )
Dell ResourceCD (HKLM\...\{D78653C3-A8FF-415F-92E6-D774E634FF2D}) (Version: - )
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.8.1.1 - Dell)
Download Manager and Options (HKLM\...\Download_Manager_and_Options) (Version: 1.0 - Download Manager and Options)
DownloadTerms (HKCU\...\DownloadTerms) (Version: 1.0 - Unlimited Downloads, LLC) <==== ATTENTION
eGames Toolbar (HKLM\...\egamestoolbar) (Version: - )
Family Tree Heritage (HKLM\...\Family Tree Heritage) (Version: - )
Family Tree Heritage Collaboration Support (HKLM\...\InstallShield_{50BD0B15-5197-4EAF-8BCD-81117D1324B1}) (Version: 1.10.0010 - Individual Software)
Family Tree Heritage Collaboration Support (Version: 1.10.0010 - Individual Software) Hidden
Horsez (HKLM\...\Horsez) (Version: - )
IHRA Drag Racing (HKLM\...\{A6EBD60F-6EEF-4032-90A3-310B54AD8BF4}) (Version: - )
Intel® PRO Network Connections Drivers (HKLM\...\PROSet) (Version: - )
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (Version: 2.1.60.19 - Oracle, Inc.) Hidden
Lets Ride Corral Club (HKLM\...\InstallShield_{DB299A0A-69B8-4DD2-BB76-A17CF14CE649}) (Version: 1.00.0000 - ValuSoft)
Lets Ride Corral Club (Version: 1.00.0000 - ValuSoft) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 en-US) (HKLM\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
My Fantasy Wedding (HKLM\...\{C3AC8DD1-A754-46D6-A777-6155D627D196}) (Version: 1.00.000 - )
Nancy Drew: The Haunted Carousel (HKLM\...\{750B354A-BF46-45E0-86D6-620026703B92}) (Version: - )
Search-Results Toolbar (HKLM\...\ilividtoolbargaw) (Version: 1.2.0.0 - APN LLC) <==== ATTENTION
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1026 - SUPERAntiSpyware.com)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2492386) (HKLM\...\KB2492386) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2808679) (HKLM\...\KB2808679) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.3.0.0 - Azureus Software, Inc.)
WebFldrs XP (Version: 9.50.6513 - Microsoft Corporation) Hidden
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )
Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version: - )

==================== Restore Points =========================

09-06-2014 16:52:16 Removed Apple Application Support
12-06-2014 19:53:21 Software Distribution Service 3.0
12-06-2014 22:50:20 Restore Operation
12-06-2014 23:19:51 Installed Dell Driver Reset Tool
13-06-2014 01:18:48 Software Distribution Service 3.0
13-06-2014 01:34:02 Software Distribution Service 3.0
13-06-2014 01:39:44 Removed Microsoft Office Professional Edition 2003
13-06-2014 01:46:08 Removed Microsoft Office File Validation Add-In
13-06-2014 15:25:50 Removed Driver Support.
13-06-2014 15:26:27 Removed DriverUpdate
13-06-2014 17:23:17 Removed Dell Driver Reset Tool

==================== Hosts content: ==========================

2002-09-03 12:34 - 2002-09-03 12:34 - 00000734 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\At1.job => c:\Program Files\pcmax\service.exe
Task: C:\WINDOWS\Tasks\DTChk.job => C:\Users\Public\Util\DTChk.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\ParetoLogic Update Version3_triggeronce.job => c:\program files\common files\paretologic\uus3\Pareto_Update3.exe
Task: C:\WINDOWS\Tasks\PC HealthFix Desktop Alert.job => C:\Documents and Settings\All Users\Application Data\PC HealthFix\PCHealthFix.exe
Task: C:\WINDOWS\Tasks\PC HealthFix Desktop Warning.job => C:\Documents and Settings\All Users\Application Data\PC HealthFix\PCHealthFix.exe
Task: C:\WINDOWS\Tasks\PC HealthFix Malware Alert.job => C:\Documents and Settings\All Users\Application Data\PC HealthFix\PCHealthFix.exe
Task: C:\WINDOWS\Tasks\PC HealthFix Scan Results Alert 2.job => C:\Documents and Settings\All Users\Application Data\PC HealthFix\PCHealthFix.exe
Task: C:\WINDOWS\Tasks\PC HealthFix Scan Results Alert.job => C:\Documents and Settings\All Users\Application Data\PC HealthFix\PCHealthFix.exe
Task: C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\My Dell\uaclauncher.exe
Task: C:\WINDOWS\Tasks\SparkTrust Update Version3_triggeronce.job => c:\program files\common files\sparktrust\uus3\Update3.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\SystemToolsDailyTest.job => C:\Program Files\My Dell\uaclauncher.exe
Task: C:\WINDOWS\Tasks\Wise Turbo Checker.job => C:\Downloads\Wise Care 365\WiseTurbo.exe

==================== Loaded Modules (whitelisted) =============

2014-05-29 07:16 - 2014-05-29 07:16 - 00241344 _____ () C:\Program Files\pcmax\pcmax.exe

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr => ""="Service"

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

==================== Faulty Device Manager Devices =============

Name: Video Controller (VGA Compatible)
Description: Video Controller (VGA Compatible)
Class Guid: {4D36E975-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Video Controller
Description: Video Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (06/12/2014 07:25:29 PM) (Source: Windows Search Service) (EventID: 3024) (User: )
Description: The update cannot be started because the content sources cannot be accessed. Fix the errors and try the update again.

Context: Application, SystemIndex Catalog

Error: (06/12/2014 06:54:52 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
   The content index cannot be read.   (0xc0041800)

Error: (06/12/2014 06:54:52 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
   The content index cannot be read.   (0xc0041800)

Error: (06/12/2014 06:54:52 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
   The content index cannot be read.   (0xc0041800)

Error: (06/12/2014 06:54:52 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.

Context: Windows Application, SystemIndex Catalog

Details:
   0xc0041801 (0xc0041801)

Error: (06/09/2014 11:37:57 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\USER\MY DOCUMENTS\DOWNLOADS\SPARKTRUST PC CLEANER PLUS\DEFINITIONS\STAGING\RTA82530> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
   A device attached to the system is not functioning.   (0x8007001f)

Error: (06/09/2014 10:50:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application set35.tmp, version 7.1.100.1248, faulting module , version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [set35.tmp!ws!]

Error: (06/08/2014 07:00:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application set1d.tmp, version 7.1.100.1248, faulting module , version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [set1d.tmp!ws!]

Error: (06/07/2014 10:29:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mbam.exe, version 1.0.0.532, faulting module msvcr100.dll, version 10.0.40219.325, fault address 0x0008d6fd.
Processing media-specific event for [mbam.exe!ws!]

Error: (06/07/2014 08:52:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application set26.tmp, version 7.1.100.1248, faulting module , version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [set26.tmp!ws!]

System errors:
=============
Error: (06/25/2014 11:46:11 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
%%2

Error: (06/25/2014 11:46:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMScheduler service failed to start due to the following error:
%%2

Error: (06/25/2014 11:46:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMProtector service failed to start due to the following error:
%%2

Error: (06/25/2014 11:13:31 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
%%2

Error: (06/25/2014 11:13:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMScheduler service failed to start due to the following error:
%%2

Error: (06/25/2014 11:13:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMProtector service failed to start due to the following error:
%%2

Error: (06/24/2014 10:10:26 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
%%2

Error: (06/24/2014 10:10:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMScheduler service failed to start due to the following error:
%%2

Error: (06/24/2014 10:10:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMProtector service failed to start due to the following error:
%%2

Error: (06/23/2014 08:10:00 PM) (Source: Schedule) (EventID: 7901) (User: )
Description: The At1.job command failed to start due to the following error:
%%2147942405

Microsoft Office Sessions:
=========================
Error: (06/12/2014 07:25:29 PM) (Source: Windows Search Service) (EventID: 3024) (User: )
Description: Context: Application, SystemIndex Catalog

Error: (06/12/2014 06:54:52 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application

Details:
   The content index cannot be read.   (0xc0041800)

Error: (06/12/2014 06:54:52 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
   The content index cannot be read.   (0xc0041800)

Error: (06/12/2014 06:54:52 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
   The content index cannot be read.   (0xc0041800)
Search.TripoliIndexer

Error: (06/12/2014 06:54:52 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
   0xc0041801 (0xc0041801)

Error: (06/09/2014 11:37:57 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog

Details:
   A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\USER\MY DOCUMENTS\DOWNLOADS\SPARKTRUST PC CLEANER PLUS\DEFINITIONS\STAGING\RTA82530

Error: (06/09/2014 10:50:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: set35.tmp7.1.100.12480.0.0.000000000

Error: (06/08/2014 07:00:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: set1d.tmp7.1.100.12480.0.0.000000000

Error: (06/07/2014 10:29:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.532msvcr100.dll10.0.40219.3250008d6fd

Error: (06/07/2014 08:52:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: set26.tmp7.1.100.12480.0.0.000000000

==================== Memory info ===========================

Percentage of memory in use: 30%
Total physical RAM: 1023 MB
Available physical RAM: 711.19 MB
Total Pagefile: 2461.73 MB
Available Pagefile: 2127.3 MB
Total Virtual: 2047.88 MB
Available Virtual: 1938.55 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:55.87 GB) (Free:44.15 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive f: () (Fixed) (Total:37.26 GB) (Free:37.12 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 56 GB) (Disk ID: 9DC96E9E)
Partition 1: (Active) - (Size=56 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 37 GB) (Disk ID: 55054103)
Partition 1: (Active) - (Size=37 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#39
itsmesunny

Posted 25 June 2014 - 11:08 AM

Member

Topic Starter
Member
307 posts

Looking forward to what happens next!

:yes:

I restarted it. Looks the same. A bit quicker. BUT I still have NO sound.

The Sound & Audio Device Properties in the Control Panel - under Volume - is grey. I cannot do anything.

SB Audigy Audio [CF00]

Device Volume

Speaker Settings

I had sound before when I first got it. It worked fine. I don't know which [bleep] hole the speaker cord goes into now. The back of my Dell

does not look like the manual pic. There are more plugin holes on the bottom. When the sound stopped I unplugged the speaker cable to use on my Mac cuz they are better. Now I don't know where it goes.

It also appears that I am missing SndVol32.exe I probably deleted it accidentally. I dunno.

I did some searching online for a free download and lots of posts byut nothing I have tried works.

But like I said I don't know which hole to plug the speakers into.

It's SO frustrating!!!

Can you help me with this Nate???

:smashcomp:

Edited by itsmesunny, 25 June 2014 - 01:47 PM.

#40
itsmesunny

Posted 25 June 2014 - 03:49 PM

Member

Topic Starter
Member
307 posts

Ok. I don't know if you're coming back or not so I am going to go my Mac cuz there is NO sound.

I will check in from there.

Thanks Naat! :beer:

#41
Naathim

Posted 26 June 2014 - 11:57 AM

GeekU Minion

Expert
4,568 posts

Caution! No resident protection!

Always have one (and no more than one!) AntiVirus program, as the resident protection is absolutely a must-have on any Windows! Nowadays we have plenty of free AV programs, like Avast or MSE. Personally I recommend MSE, cause it's very light comparing to the other AV programs, totally free and very easy to use. This choice is up to you

homepage & download of MSE
homepage & download of Avast

This is crucial for you, as I saw there's none AntiVirus program on your machine.

Please install one (and just one!) of the listed above or any other you'd like to have. It should be done before we will proceed any further.

= = = = = = = = = = = = = = = = = = = =

I've spotted signs of a P2P program installed on your machine.
Vuze (Azureus)

Be warned:

P2P programs, as they are legal itself, are often used to obtain some illegal downloads. Currently it's one of the best ways to get infected: unsecured ports, downloaded cracks... There have been some extreme cases in which passwords, private or financial data was exposed to file sharing network because of bad P2P configuration.

I'm rather sure that if you'll continue using P2P, you'll be often visiting our Malware Removal Forum.
I strongly recommend full uninstallation of any P2P apps (if so, please do it from the Control Panel > Add/Remove Programs), but if you want to leave them on your OS (cause this is optional), at least please refrain from using it until we finish our work with cleaning your computer now.

My friendly advice: at least, when downloading any files from P2P network, scan them at Jotti or VirScan.

= = = = = = = = = = = = = = = = = = = =

We need to uninstall some software from your machine.

Please open Start > Control Panel > Uninstall a program or Programs and Features if in Classic View, locate these programs on the list and uninstall them one after another:

Vuze (optional)
DownloadTerms
eGames Toolbar
Search-Results Toolbar

All of these are unwanted, so don't hesitate to get rid of them!
If you won't find some of them in the Control Panel, just move on and notify me

= = = = = = = = = = = = = = = = = = = =

We'll run a fix using Farbar Recovery Scan Tool.

Download attached fixlist.txt file and save it to the Desktop.
fixlist.txt 5.55KB 571 downloads
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

WARNING

This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system!

Right click on the to Run as administrator (XP users click run after receipt of Windows Security Warning - Open File).
Press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

= = = = = = = = = = = = = = = = = = = =

Performing general FRST scan

Please re-run Farbar Recovery Scan Tool

Right click on to run as administrator (XP users click run after receipt of Windows Security Warning - Open File).
When the tool opens click Yes to disclaimer.
You will be presented with a window like below:

= = = = = = = = = = = = = = = = = = = =

Make sure that the Addition box is checked.
Press Scan button.
It will produce two logs called FRST.txt and Addition.txt in the same directory the tool is run from.
Please copy and paste them back here.
Now in your next reply please include these ones for my review:
fixlog.txt
FRST.txt
Addition.txt

I don't mind multiple posts if necessary.

Cheers,
Naat

#42
itsmesunny

Posted 26 June 2014 - 01:09 PM

Member

Topic Starter
Member
307 posts

Ok. Thanks Naat.

You did not mention anything about the sound mess I wrote about above so I guess I am getting ahead of it. Sorry.

I just hope it is fixable.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

There was nothing on this computer when I got it, for protection.

Avast is the only option it seems after reading about it. I don't see a download for MSE on that site for XP.

I cannot go up to Windows 8.1. XP is it for this machine. So, am I missing something?

I will wait for your reply before I install either one.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Yes, I installed VUZE. I use it all the time on my Mac. But I can UNinstall here too or leave it and use the scans first.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I don't have this in my Control Panel: Uninstall a program or Programs and Features.

I have an Add or Remove window - can I use that? That gives me the choice of Remove or Change/Remove.

And there are a lot of stupid stuff in there I would like to get rid of but cannot, it seems. Some have just Remove. And some are Change/Remove

In this window of Add and Remove there is these 4 options:

Change or Remove Programs

Add New Programs

Add/emove Windows components

Set Program Access and Defaults

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Edited by itsmesunny, 26 June 2014 - 01:48 PM.

#43
Naathim

Posted 26 June 2014 - 02:16 PM

GeekU Minion

Expert
4,568 posts

Select Change or remove programs.

We will try to rectify the sound issue later, after finishing malware tasks.

N

#44
Naathim

Posted 26 June 2014 - 02:19 PM

GeekU Minion

Expert
4,568 posts

Also, about your AV, as the MS support fir the XP ended, avast is the preferred one. It's good, so install it. Having an AV is mandatory, especially if your system is not longer supported.

If you have any other questions, please ask. If no - proceed.

Cheers,
Naat

#45
itsmesunny

Posted 27 June 2014 - 07:50 AM

Member

Topic Starter
Member
307 posts

Ok. I did Avast. I knew XP was a done deal. Anyway, I did it and then found there is more to it. I did a quick scan. There were 7 "things" that came up.

And a boot scan was recommended. Should I do it?

I'm on the Mac now so I don't have the info. But - I do get these blank window popups such as - DSD_1236 - they each have different numbers. Just a few.

Also when I start up I get this popup about - Found New Hardware, Problem during installation...

Do I need the boot scan?

PS I did not find Search Results Toolbar and Download Terms.

The problem with these is that although it says Change/Remove I cannot cuz something about cannot find DLL?

This is from memory so I hope this makes sense.

I will check back later.

:yeah: