Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Need a fixlist for Windows Vista frst.txt file [Solved]


  • This topic is locked This topic is locked

#16
lwt_intl

lwt_intl

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

The InstallAware Wizard for Webroot Software has failed: "Service uninstall failed with error DLLLOADFAILED". is the message I received when I tried to uninstall the software.  Also, I ran the first fix and that caused me to lose my internet connection.  I performed a system restore and that got my connection back.  The fixlog is from the original fix, which did not work.  Not sure what happened here.  I have a Verizon router with the following properties:

Connection-specific DNS Suffix: home
Description: Realtek PCIe FE Family Controller
Physical Address: 00-19-21-CF-BD-FA
DHCP Enabled: Yes
IPv4 IP Address: 192.168.1.2
IPv4 Subnet Mask: 255.255.255.0
Lease Obtained: Monday, July 14, 2014 8:35:11 AM
Lease Expires: Tuesday, July 15, 2014 8:35:11 AM
IPv4 Default Gateway: 192.168.1.1
IPv4 DHCP Server: 192.168.1.1
IPv4 DNS Server: 192.168.1.1
IPv4 WINS Server:
NetBIOS over Tcpip Enabled: Yes
Link-local IPv6 Address: fe80::39af:77f0:c646:f3a0%8
IPv6 Default Gateway:
IPv6 DNS Server:

Here is the original fixlist:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:13-07-2014
Ran by Admin at 2014-07-13 11:46:39 Run:2
Running from C:\Users\Admin\Desktop\FRST
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Lavasoft Ad-Aware Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antvirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRConsumerService => ""="Service"
Task: {DB06B8CE-0624-4A2E-9DC5-EF32669DAB2A} - System32\Tasks\Real Player online update program => C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Task: {BB0CAA25-07DF-4F8A-BA56-428C304C0F31} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {9AB88391-245D-46E4-BBCE-86D3E35C3330} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1952994113-3900846881-1584432544-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {5334C5DB-773E-4A94-98A9-5D8CC94B2E8A} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1952994113-3900846881-1584432544-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
2014-06-26 14:13 - 2014-06-26 14:13 - 00000000 ____D () C:\Program Files\Secunia
2014-06-26 14:51 - 2010-10-23 07:17 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
2014-06-26 14:41 - 2014-06-26 14:41 - 00000856 _____ () C:\Users\Admin\Desktop\psi.exe - Shortcut.lnk
2014-06-29 08:19 - 2010-10-23 07:17 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-29 08:37 - 2014-06-26 14:52 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-07-10 09:58 - 2014-06-26 14:43 - 00000000 ____D () C:\Program Files\FileHippo.com
2014-07-10 09:57 - 2014-06-26 17:29 - 00000000 ____D () C:\ProgramData\Real
2014-07-10 09:57 - 2009-10-05 16:32 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Real
2014-07-10 09:57 - 2007-02-09 11:17 - 00000000 ____D () C:\Program Files\Real
2014-07-10 10:14 - 2007-02-09 11:41 - 00000000 ____D () C:\ProgramData\Symantec
2014-07-10 10:14 - 2007-02-09 11:41 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-07-10 10:08 - 2014-07-10 10:08 - 00869456 _____ () C:\Users\Admin\Downloads\Norton_Removal_Tool.exe
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-07-21] (GFI Software)
R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [64288 2010-08-12] (Lavasoft AB)
R1 SBRE; C:\Windows\system32\drivers\SBREDrv.sys [95024 2010-09-22] (Sunbelt Software)
R1 SysPlant; C:\Windows\SYSTEM32\Drivers\SysPlant.sys [87424 2007-09-07] (Symantec Corporation) [File not signed]
R3 Teefer2; C:\Windows\System32\DRIVERS\teefer2.sys [49024 2007-08-06] (Symantec Corporation)
R1 WPS; C:\Windows\system32\drivers\wpsdrvnt.sys [39808 2007-09-07] (Symantec Corporation)
S3 WpsHelper; C:\Windows\system32\drivers\WpsHelper.sys [161920 2010-06-02] (Symantec Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 Lavasoft Kernexplorer; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [X]
S1 netfilter; system32\drivers\netfilter.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S4 vsdatant; a [X]
S2 Lavasoft Ad-Aware Service; No ImagePath
S2 SmcService; No ImagePath
S3 SNAC; No ImagePath
S2 Symantec AntiVirus; No ImagePath
S2 WRConsumerService; No ImagePath
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Plugin: @real.com/RhapsodyPlayerEngine,version=1.0 - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL =
HKLM\...\Run: [SafePCRepair Search Scope Monitor] => "C:\PROGRA~1\SAFEPC~2\bar\1.bin\89srchmn.exe" /m=2 /w /h
C:\PROGRA~1\SAFEPC~2
HKLM\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe
C:\Program Files\pcmax
HKLM\...\Run: [ccApp] => "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
*****************

'HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr' => Key deleted successfully.
'HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr' => Key deleted successfully.
'HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service' => Key deleted successfully.
'HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus' => Key deleted successfully.
'HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus' => Key deleted successfully.
'HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService' => Key deleted successfully.
'HKLM\System\CurrentControlSet\Control\SafeBoot\Network\ccEvtMgr' => Key deleted successfully.
'HKLM\System\CurrentControlSet\Control\SafeBoot\Network\ccSetMgr' => Key deleted successfully.
'HKLM\System\CurrentControlSet\Control\SafeBoot\Network\Lavasoft Ad-Aware Service' => Key deleted successfully.
'HKLM\System\CurrentControlSet\Control\SafeBoot\Network\SmcService' => Key deleted successfully.
'HKLM\System\CurrentControlSet\Control\SafeBoot\Network\Symantec Antivirus' => Key deleted successfully.
'HKLM\System\CurrentControlSet\Control\SafeBoot\Network\Symantec Antvirus' => Key deleted successfully.
'HKLM\System\CurrentControlSet\Control\SafeBoot\Network\WRConsumerService' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB06B8CE-0624-4A2E-9DC5-EF32669DAB2A}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB06B8CE-0624-4A2E-9DC5-EF32669DAB2A}' => Key deleted successfully.
C:\Windows\System32\Tasks\Real Player online update program => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Real Player online update program' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB0CAA25-07DF-4F8A-BA56-428C304C0F31}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB0CAA25-07DF-4F8A-BA56-428C304C0F31}' => Key deleted successfully.
C:\Windows\System32\Tasks\Ad-Aware Update (Weekly) => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ad-Aware Update (Weekly)' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9AB88391-245D-46E4-BBCE-86D3E35C3330}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9AB88391-245D-46E4-BBCE-86D3E35C3330}' => Key deleted successfully.
C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1952994113-3900846881-1584432544-1000 => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1952994113-3900846881-1584432544-1000' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5334C5DB-773E-4A94-98A9-5D8CC94B2E8A}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5334C5DB-773E-4A94-98A9-5D8CC94B2E8A}' => Key deleted successfully.
C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1952994113-3900846881-1584432544-1000 => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealPlayerRealUpgradeLogonTaskS-1-5-21-1952994113-3900846881-1584432544-1000' => Key deleted successfully.
C:\Program Files\Secunia => Moved successfully.
C:\Program Files\Spybot - Search & Destroy => Moved successfully.
C:\Users\Admin\Desktop\psi.exe - Shortcut.lnk => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
C:\Program Files\Spybot - Search & Destroy 2 => Moved successfully.
C:\Program Files\FileHippo.com => Moved successfully.
C:\ProgramData\Real => Moved successfully.
C:\Users\Admin\AppData\Roaming\Real => Moved successfully.
C:\Program Files\Real => Moved successfully.
C:\ProgramData\Symantec => Moved successfully.
C:\Program Files\Common Files\Symantec Shared => Moved successfully.
C:\Users\Admin\Downloads\Norton_Removal_Tool.exe => Moved successfully.
gfibto => Service stopped successfully.
gfibto => Service deleted successfully.
Lbd => Service stopped successfully.
Lbd => Service deleted successfully.
SBRE => Service stopped successfully.
SBRE => Service deleted successfully.
SysPlant => Unable to stop service
SysPlant => Service deleted successfully.
Teefer2 => Unable to stop service
Teefer2 => Service deleted successfully.
WPS => Unable to stop service
WPS => Service deleted successfully.
WpsHelper => Service deleted successfully.
blbdrive => Service deleted successfully.
IpInIp => Service deleted successfully.
Lavasoft Kernexplorer => Service deleted successfully.
netfilter => Service deleted successfully.
NwlnkFlt => Service deleted successfully.
NwlnkFwd => Service deleted successfully.
vsdatant => Service deleted successfully.
Lavasoft Ad-Aware Service => Service deleted successfully.
SmcService => Service deleted successfully.
SNAC => Service deleted successfully.
Symantec AntiVirus => Service deleted successfully.
WRConsumerService => Service deleted successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758} => value deleted successfully.
'HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0' => Key deleted successfully.
C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}'=> Key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SafePCRepair Search Scope Monitor => value deleted successfully.
"C:\PROGRA~1\SAFEPC~2" => File/Directory not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\pcreg => value deleted successfully.
"C:\Program Files\pcmax" => File/Directory not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ccApp => value deleted successfully.


The system needed a reboot.

==== End of Fixlog ====
 

[email protected] as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=9c7f3ce8ef95014f9e4d1f0467c70b8b
# engine=19166
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-07-14 02:34:55
# local_time=2014-07-14 10:34:55 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776573 100 100 0 241956067 0 0
# scanned=159397
# found=100
# cleaned=0
# scan_time=4215
sh=1AFB621BEBA8272ACD2BAC21B50D8885C9D579D1 ft=1 fh=d7a99a71f47706e7 vn="a variant of Win32/Conduit.SearchProtect.N potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Conduit\IE\CT3291325\UninstallerUI.exe.vir"
sh=806043854DBA08409D093C986B3208A5D4A512BA ft=1 fh=d6daed42d6889765 vn="Win32/Toolbar.DefaultTab.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll.vir"
sh=9BAF667499AA6AD943B26B82408C69BDF9D2D942 ft=1 fh=e046ea995fe5496f vn="Win64/Toolbar.DefaultTab.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart64.exe.vir"
sh=60DF417037197BB71547FC35CAC95C41F428D418 ft=1 fh=44d029b316bd3b56 vn="Win32/Toolbar.DefaultTab.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap.dll.vir"
sh=DB07648D185FE4A0448EDD08B409A3E90AE86B91 ft=1 fh=a325f42d455d8a90 vn="Win64/Toolbar.DefaultTab.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap64.dll.vir"
sh=EA111903F48C1CB7FE5056509351A88EFE85114F ft=1 fh=0f73ddfd31d1def0 vn="Win32/Toolbar.DefaultTab.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe.vir"
sh=321FFA63BC10C82EBF9D52BBC8DFAD1635A7D88D ft=1 fh=6345b32e772ed437 vn="Win32/AdWare.Adpeak.F application" ac=I fn="C:\FRST\Quarantine\C\Program Files\002\yewimmxqbs32.exe.xBAD"
sh=02F18375EF776089296105D8ED756BA018D84DF9 ft=1 fh=7a126cbe48eb4780 vn="a variant of Win32/Conduit.SearchProtect.O potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Program Files\pcmax\pcmax.exe.xBAD"
sh=C7C0F42A23562AA6DCCD60326FD8CC2AA41B5448 ft=1 fh=c053642cee9f3def vn="Win32/Thinknice.B potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Program Files\SupTab\DpInterface32.dll"
sh=125B1C393F2104CBA08183E495C0907BFF7EDA22 ft=1 fh=ea25908c8365106f vn="Win64/Thinknice.A potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Program Files\SupTab\DpInterface64.dll"
sh=8E85792765D0E0BF52107CFF4A6620995DB19BB0 ft=1 fh=627da500ea2e265f vn="a variant of Win32/Thinknice.B potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Program Files\SupTab\DpInterfacef32.dll"
sh=6043D1ACD51FD373472020FBB748C405AAF22397 ft=1 fh=4c716dbbae6c21b9 vn="Win32/Thinknice.A potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Program Files\SupTab\SearchProtect32.dll"
sh=FF431CD8693F4045BD7BD87DBCE54B820F000FC0 ft=1 fh=16c2e1bd3fd6b7e2 vn="Win64/Thinknice.A potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Program Files\SupTab\SearchProtect64.dll"
sh=5836A5DF3860241F6B69F2292ABCE592A13689B6 ft=1 fh=a3db04555f559ea8 vn="a variant of Win32/Thinknice.C potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Program Files\SupTab\SpAPPSv32.dll"
sh=9DC13DB9C123270C2356ED410128E11D5ADF7C6E ft=1 fh=023ab782f0a9b07d vn="Win32/Thinknice.B potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Program Files\SupTab\SupTab.dll"
sh=3F8CCD9279F8D950622F536D3202CC0E44134A8E ft=1 fh=4cb693d7b46c457f vn="a variant of Win32/ClientConnect.A potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Program Files\sweetpacks bundle uninstaller_CCleaner_1636641\uninstaller.exe"
sh=56659F7FF1F1FA7906A77228E315F65F38BCEF73 ft=1 fh=0ff759dfc352fd03 vn="a variant of Win32/ELEX.AD potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\ProgramData\IePluginServices\PluginService.exe"
sh=3F019BA30B1761E79455F43A75C934EE30F75FB7 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM7.zip"
sh=00DBF6CBD662B3CC638286F1632BB748DB93E8E3 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Spybot - Search & Destroy\Recovery\USTechSupportMyCleanPC.zip"
sh=4D8D770DED40BB1FA9E72B237931FF29F00F8D5B ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Spybot - Search & Destroy\Recovery\USTechSupportMyCleanPC1.zip"
sh=D0DD1E85CC7E7CD5AF2327AF8F5F4518A6077D74 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Spybot - Search & Destroy\Recovery\USTechSupportMyCleanPC5.zip"
sh=E7E055A468C0AF13FB5E6AD4BE57A8701606C079 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Spybot - Search & Destroy\Recovery\Wajam29.zip"
sh=AFCE7282813B188DA322C2BD3FDFCD8CA4BCD315 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen12.zip"
sh=B7D172A8B5CF5DDCE916B3B7F6036872425B967D ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen19.zip"
sh=E9561987EA33DFEAA8C54D3FB06035B90A7AFFDF ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen26.zip"
sh=56CF4F2AC44C6ADD5CDCD419BA4B99D22DC7A0E3 ft=1 fh=46ed14ba69906e9f vn="Win32/Toolbar.MyWebSearch.X potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89barsvc.exe.xBAD"
sh=0FF3588ECB69D2B18C6FAEC012672CA2F60314F6 ft=1 fh=731190b7425307d6 vn="Win32/Toolbar.MyWebSearch.W potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89bprtct.dll.xBAD"
sh=BAEFCB03679575349E01668C4F0938643BAAA022 ft=1 fh=45ba6b521529362d vn="a variant of Win32/Toolbar.MyWebSearch.AA potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89datact.dll.xBAD"
sh=8090E240F528004402B29C11E5072BED79D95384 ft=1 fh=73e118282d8d3c4a vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89dyn.dll.xBAD"
sh=2CA2EA6CF1AD1FE87C25D4AB6B1C7729E48C6390 ft=1 fh=a34a8b9082c46c86 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89feedmg.dll.xBAD"
sh=9788294F2B8AB28DBAE4C73BB61A6B1200BDD89D ft=1 fh=af8ed8fd644fe8ac vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89highin.exe.xBAD"
sh=9D54BAF23397E5F1444BC6471052AD234B76FBD3 ft=1 fh=2ab58862c927227b vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89hkstub.dll.xBAD"
sh=EAA9D46B8FAB8F3D48BB239ADFE46BA312434017 ft=1 fh=2506fdd3752ff6fe vn="a variant of Win32/Toolbar.MyWebSearch.AA potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89htmlmu.dll.xBAD"
sh=978867B422339E68971E56C49C66F14F2ACD745D ft=1 fh=dd289cd2c7a55037 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89httpct.dll.xBAD"
sh=DC971C75FFCE77CC952FB6660A2603E09D62D4D9 ft=1 fh=ac2f97e786bfc982 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89idle.dll.xBAD"
sh=AFCAAC5845D81A407C63733E4A7D007167F96BE8 ft=1 fh=02b0c8de8c8e9f1e vn="Win32/Toolbar.MyWebSearch.W potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89impipe.exe.xBAD"
sh=556C4FCA5D890F17B7B5040A601B42452A205E29 ft=1 fh=0f2a31b21601aeb5 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89medint.exe.xBAD"
sh=3EB4A6A25199E6339EC04F36189C71738DE63CE7 ft=1 fh=eafb3b5bfaf84345 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89mlbtn.dll.xBAD"
sh=DFD07B722E317D1CDDAAB7D5B31BFAB57CC5E739 ft=1 fh=507b4871517a4ad4 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89msg.dll.xBAD"
sh=CBF93E0F6FF8AE054C18BDBE477CBFAF9F467CF9 ft=1 fh=f7d96c65ea0021a5 vn="probably a variant of Win32/Toolbar.MyWebSearch potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89Plugin.dll.xBAD"
sh=77C8DC985373B1E5D9035ECB3A831C7DD1ABFD55 ft=1 fh=e1f880731de07609 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89radio.dll.xBAD"
sh=C5F26031D5E0C487BFF0D60AA44603135BF60395 ft=1 fh=a846ae5344ec78c3 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89regfft.dll.xBAD"
sh=A2F202F68FEF2A31E9FE3AE124A46B908349778C ft=1 fh=bf17c6b7704b10fd vn="Win32/Toolbar.MyWebSearch.W potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89reghk.dll.xBAD"
sh=65D604A070334183E5034CDEEC5838E46D705794 ft=1 fh=3d9a604351eb1640 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89regiet.dll.xBAD"
sh=72E48F7F37E208A52AD975EAECAB29FC50223C27 ft=1 fh=958a563919bf5cc2 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89script.dll.xBAD"
sh=857980A7B7AB77FF8E34A090CCD76B8BA628E7E4 ft=1 fh=6c9ac10ea3ee1cdd vn="a variant of Win32/Toolbar.MyWebSearch.P potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89skin.dll.xBAD"
sh=496310EE0816B49176E03226DB102FAE9AA452B4 ft=1 fh=ceffc168909c0690 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89sknlcr.dll.xBAD"
sh=F5946D49A70A64072739370E7BAD592FE4799EA1 ft=1 fh=5bc3efb780caf8fa vn="Win32/Toolbar.MyWebSearch.W potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89skplay.exe.xBAD"
sh=8ACE75F6C2417666AD9D60837B72D78B394C3944 ft=1 fh=ae6d89138faf571c vn="Win32/Toolbar.MyWebSearch.W potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89SrchMn.exe.xBAD"
sh=72489280930F183E34FE5AF817F207A5EB65F8D4 ft=1 fh=033eb58713fd33d4 vn="a variant of Win32/Toolbar.MyWebSearch.AA potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89tpinst.dll.xBAD"
sh=110033F4A78DCA521E8BA73F75747E4E3B6AE545 ft=1 fh=21686246ae128bdd vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89uabtn.dll.xBAD"
sh=630D5FC9ACC4932C87263895F554F8C3CB6D4B4A ft=1 fh=b81ce565a99a556c vn="Win64/Toolbar.MyWebSearch.A potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\AppIntegrator64.exe.xBAD"
sh=374E378A91209732B48C8416D1E9805E98FDCFA9 ft=1 fh=6da58ad1308c1c96 vn="Win64/Toolbar.MyWebSearch.A potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\AppIntegratorStub64.dll.xBAD"
sh=6902D246F8FC2457C9AE369B094292DE6EB454BC ft=1 fh=b1be847bff3fcf8f vn="a variant of Win32/Toolbar.MyWebSearch.Z potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\CREXT.DLL.xBAD"
sh=FF9F058B12B6C4D9B6256304FA9078E391C7F32C ft=1 fh=6022d103b074fe9f vn="a variant of Win32/Toolbar.MyWebSearch.Z potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\CrExtP89.exe.xBAD"
sh=28975F5B612EB2C42E698E7EC01FF441D9ACAEED ft=1 fh=a2ed4ad5e1d8caaf vn="Win32/Toolbar.MyWebSearch.T potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\NP89Stub.dll.xBAD"
sh=2F938D8C9A5D3C9C239793346D43193BA1CBFCD6 ft=1 fh=929bde520a5aa0d2 vn="a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\T8EXTEX.DLL.xBAD"
sh=B8944722E8D577E67925DD4A72D1D8E44C3BC6CA ft=1 fh=6f8a20cf4b11d7b0 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\T8EXTPEX.DLL.xBAD"
sh=7BBFF8810BB79104FE275FBBF7DE48DCBD877E01 ft=1 fh=946da15070ee37db vn="probably a variant of Win32/Toolbar.MyWebSearch.F potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\T8HTML.DLL.xBAD"
sh=2E85C71E79C5B2A65D8CCDD5B21AFE559102062F ft=1 fh=68336e5d9907ad1c vn="a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\T8TICKER.DLL.xBAD"
sh=D0787BEAE97CE99982E7F5000772831421FD48E4 ft=1 fh=b650850bda28ebe2 vn="a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\VERIFY.DLL.xBAD"
sh=875BF27A9D7EC8A57E1D22728A94605E77A66F99 ft=1 fh=1066940167675931 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF10.dll"
sh=D899A4B906A21BD09967DEC18E585BBC0857613F ft=1 fh=57376ab25fbf95e6 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF11.dll"
sh=1C892B22508224197B9E18D1E8EA140364FCBE16 ft=1 fh=7cdaad0dae2c1b59 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF12.dll"
sh=24688F1377B4440A9B1878032F0E0637A0B7413D ft=1 fh=f3606e917bb05064 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF13.dll"
sh=8DED72F0F1AC00002F7B37896444F81344797137 ft=1 fh=8d756a4d0ef40548 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF14.dll"
sh=A7676DE801151EC36449A35D802BE6D517585250 ft=1 fh=77d903f3d76df8e3 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF15.dll"
sh=5C6557C60BE87DDA95642C27D5A2CC62BA5994AB ft=1 fh=3ae6f06bbaacc194 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF16.dll"
sh=40285FF9FD17402ECE35DF8C168E8EFA2CE62A6A ft=1 fh=917a4813993a40f9 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF17.dll"
sh=F692CE5E532F547C8501BD229FBC123303B3D9B3 ft=1 fh=80a995bee4d32411 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF18.dll"
sh=6BC05D76DE5700A7842F6D698D9DEBF694CB07F9 ft=1 fh=4592982ca8f1a507 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF19.dll"
sh=57160E03B62706FF8E8BAC83FF586555EC22810C ft=1 fh=56a5826f3426f20b vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF2.dll"
sh=90E641FBFF0C1DFCBE3C77E5C50F4E894F26217A ft=1 fh=de6ef194b23fec2d vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF20.dll"
sh=38A74467E791AAB4581FC74C7DADE79E5EEB4795 ft=1 fh=479f62e59405fe7b vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF21.dll"
sh=94D63798953E0B82E555D9DC3403DF379FD3077F ft=1 fh=14354187413f58cf vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF22.dll"
sh=F2AAB78ECD52FFECC521C596FF157F8D57831EF4 ft=1 fh=2cbaad4b382bf3f3 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF23.dll"
sh=95E1985C7154E988280E010473E1B9C987D79FA7 ft=1 fh=3fb80b633a60e120 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF24.dll"
sh=D1C1E4164EEA763CB0B4FF99EAE6CAD3C42A86D6 ft=1 fh=c48a79bf03282173 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF25.dll"
sh=E945BB9901884E902C2C90DD0D24022300C4AE59 ft=1 fh=4681a5397b7995e6 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF26.dll"
sh=0B1ACE568F3C7E497827F1ADD2B9A20FD6D55874 ft=1 fh=0de96f957859625b vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF27.dll"
sh=582321BBF62331B40FBFE2DFF71EFAA5927220B2 ft=1 fh=66e056ec771f27d3 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF28.dll"
sh=3939FBF3A2DCCD352A0F5432C2AC53073B1971BA ft=1 fh=1dd920926f4c2d90 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF29.dll"
sh=5BAAF067D3424BB7621037963FCA6909ED396867 ft=1 fh=15e5e8b58b83a4fd vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF4.dll"
sh=6A96CADA440100988B6BACC46972EA74453CDD5D ft=1 fh=f19b674463ab7da5 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF5.dll"
sh=2E9A62F87FB34FD7CBEFDE10CD4458647AC06C7D ft=1 fh=dbdd0972697e1a93 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF6.dll"
sh=47E9559928996B929FA07B321F8B81C2340B8B26 ft=1 fh=bc9fb25d769824bf vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF7.dll"
sh=A998F7BA733510C93AB904DEB1CAA33865E6A7C9 ft=1 fh=b48111079e839687 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF8.dll"
sh=E7FCE09B991B197FC0D8E714EC9586DCFAC6458A ft=1 fh=609f336dcb625945 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF9.dll"
sh=34BD469EC9D6F93F6BD4BD3EF0B977B302E3E98C ft=1 fh=a3e3d775bcd9d9e3 vn="Win32/Amonetize.AZ potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Windows\System32\installd.exe.xBAD"
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\ProgramData\Adobe\AIH.d7287c157771a08a6424a3226c197ecf14f2c4ee\GTB.exe"
sh=2EB0F0ED5A5123145D0DF917AF05B404B60F4E06 ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.CVE-2013-0422.CF trojan" ac=I fn="C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\37585a55-67d8cacc"
sh=9028F92C4D89F20095F1BEC62263065ACF549A64 ft=0 fh=0000000000000000 vn="Java/Exploit.CVE-2012-1723.GE trojan" ac=I fn="C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\76bd0d7-15eb7522"
sh=5A455B49969C12FBF8E433C9E77B481791A15CD7 ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.CVE-2012-1723.FO trojan" ac=I fn="C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\5297ccbb-45113389"
sh=4C7B49EC59B1F81B35607E4A18801546CA29F7D3 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\2687477c-6719cadc"
sh=BF53BBBBB6B8DC9963D4DDA055FF3A70F07B4C49 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\6bd41707-364a8800"
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\All Users\Adobe\AIH.d7287c157771a08a6424a3226c197ecf14f2c4ee\GTB.exe"
sh=AB562A173070F0D27FAAA0AC12D00953C4CA1204 ft=1 fh=d5332291f956d781 vn="a variant of MSIL/Toolbar.Linkury.E potentially unwanted application" ac=I fn="C:\WINDOWS\Installer\MSIC2.tmp-\Smartbar.Resources.LanguageSettings.resources.dll"
sh=409BD7CDE57E67602FCAE74CF7F5FA9BBEEE5A3F ft=1 fh=250ddfb1fecee1c7 vn="a variant of MSIL/Toolbar.Linkury.C potentially unwanted application" ac=I fn="C:\WINDOWS\Installer\MSIC2.tmp-\srbs.dll"
sh=7B540E86CE980538346AE5AE93145F73F773A266 ft=1 fh=e10f3651d882cdbe vn="Win32/Conduit.SearchProtect.M potentially unwanted application" ac=I fn="C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O4QTNG9Q\ProtectUS114[1].exe"
sh=6E6922BD569312BB93270A9E6A2AE72A0222FE9A ft=1 fh=42f3eb2747bf18c9 vn="Win32/Conduit.SearchProtect.M potentially unwanted application" ac=I fn="C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YWQ8K4WJ\WhiteUS148[1].exe"
[email protected] as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=9c7f3ce8ef95014f9e4d1f0467c70b8b
# engine=19169
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-07-14 04:47:19
# local_time=2014-07-14 12:47:19 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776573 100 100 0 241964011 0 0
# scanned=204839
# found=100
# cleaned=98
# scan_time=5720
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\All Users\Adobe\AIH.d7287c157771a08a6424a3226c197ecf14f2c4ee\GTB.exe"
sh=6E6922BD569312BB93270A9E6A2AE72A0222FE9A ft=1 fh=42f3eb2747bf18c9 vn="Win32/Conduit.SearchProtect.M potentially unwanted application" ac=I fn="C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YWQ8K4WJ\WhiteUS148[1].exe"
sh=1AFB621BEBA8272ACD2BAC21B50D8885C9D579D1 ft=1 fh=d7a99a71f47706e7 vn="a variant of Win32/Conduit.SearchProtect.N potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\Conduit\IE\CT3291325\UninstallerUI.exe.vir"
sh=806043854DBA08409D093C986B3208A5D4A512BA ft=1 fh=d6daed42d6889765 vn="Win32/Toolbar.DefaultTab.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll.vir"
sh=9BAF667499AA6AD943B26B82408C69BDF9D2D942 ft=1 fh=e046ea995fe5496f vn="Win64/Toolbar.DefaultTab.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart64.exe.vir"
sh=60DF417037197BB71547FC35CAC95C41F428D418 ft=1 fh=44d029b316bd3b56 vn="Win32/Toolbar.DefaultTab.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap.dll.vir"
sh=DB07648D185FE4A0448EDD08B409A3E90AE86B91 ft=1 fh=a325f42d455d8a90 vn="Win64/Toolbar.DefaultTab.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap64.dll.vir"
sh=EA111903F48C1CB7FE5056509351A88EFE85114F ft=1 fh=0f73ddfd31d1def0 vn="Win32/Toolbar.DefaultTab.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe.vir"
sh=321FFA63BC10C82EBF9D52BBC8DFAD1635A7D88D ft=1 fh=6345b32e772ed437 vn="Win32/AdWare.Adpeak.F application (cleaned by deleting - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Program Files\002\yewimmxqbs32.exe.xBAD"
sh=02F18375EF776089296105D8ED756BA018D84DF9 ft=1 fh=7a126cbe48eb4780 vn="a variant of Win32/Conduit.SearchProtect.O potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Program Files\pcmax\pcmax.exe.xBAD"
sh=C7C0F42A23562AA6DCCD60326FD8CC2AA41B5448 ft=1 fh=c053642cee9f3def vn="Win32/Thinknice.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Program Files\SupTab\DpInterface32.dll"
sh=125B1C393F2104CBA08183E495C0907BFF7EDA22 ft=1 fh=ea25908c8365106f vn="Win64/Thinknice.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Program Files\SupTab\DpInterface64.dll"
sh=8E85792765D0E0BF52107CFF4A6620995DB19BB0 ft=1 fh=627da500ea2e265f vn="a variant of Win32/Thinknice.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Program Files\SupTab\DpInterfacef32.dll"
sh=6043D1ACD51FD373472020FBB748C405AAF22397 ft=1 fh=4c716dbbae6c21b9 vn="Win32/Thinknice.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Program Files\SupTab\SearchProtect32.dll"
sh=FF431CD8693F4045BD7BD87DBCE54B820F000FC0 ft=1 fh=16c2e1bd3fd6b7e2 vn="Win64/Thinknice.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Program Files\SupTab\SearchProtect64.dll"
sh=5836A5DF3860241F6B69F2292ABCE592A13689B6 ft=1 fh=a3db04555f559ea8 vn="a variant of Win32/Thinknice.C potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Program Files\SupTab\SpAPPSv32.dll"
sh=9DC13DB9C123270C2356ED410128E11D5ADF7C6E ft=1 fh=023ab782f0a9b07d vn="Win32/Thinknice.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Program Files\SupTab\SupTab.dll"
sh=3F8CCD9279F8D950622F536D3202CC0E44134A8E ft=1 fh=4cb693d7b46c457f vn="a variant of Win32/ClientConnect.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Program Files\sweetpacks bundle uninstaller_CCleaner_1636641\uninstaller.exe"
sh=56659F7FF1F1FA7906A77228E315F65F38BCEF73 ft=1 fh=0ff759dfc352fd03 vn="a variant of Win32/ELEX.AD potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\ProgramData\IePluginServices\PluginService.exe"
sh=3F019BA30B1761E79455F43A75C934EE30F75FB7 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm (cleaned by deleting - quarantined)" ac=C fn="C:\FRST\Quarantine\C\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM7.zip"
sh=00DBF6CBD662B3CC638286F1632BB748DB93E8E3 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm (cleaned by deleting - quarantined)" ac=C fn="C:\FRST\Quarantine\C\ProgramData\Spybot - Search & Destroy\Recovery\USTechSupportMyCleanPC.zip"
sh=4D8D770DED40BB1FA9E72B237931FF29F00F8D5B ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm (cleaned by deleting - quarantined)" ac=C fn="C:\FRST\Quarantine\C\ProgramData\Spybot - Search & Destroy\Recovery\USTechSupportMyCleanPC1.zip"
sh=D0DD1E85CC7E7CD5AF2327AF8F5F4518A6077D74 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm (cleaned by deleting - quarantined)" ac=C fn="C:\FRST\Quarantine\C\ProgramData\Spybot - Search & Destroy\Recovery\USTechSupportMyCleanPC5.zip"
sh=E7E055A468C0AF13FB5E6AD4BE57A8701606C079 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm (cleaned by deleting - quarantined)" ac=C fn="C:\FRST\Quarantine\C\ProgramData\Spybot - Search & Destroy\Recovery\Wajam29.zip"
sh=AFCE7282813B188DA322C2BD3FDFCD8CA4BCD315 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm (cleaned by deleting - quarantined)" ac=C fn="C:\FRST\Quarantine\C\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen12.zip"
sh=B7D172A8B5CF5DDCE916B3B7F6036872425B967D ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm (cleaned by deleting - quarantined)" ac=C fn="C:\FRST\Quarantine\C\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen19.zip"
sh=E9561987EA33DFEAA8C54D3FB06035B90A7AFFDF ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm (cleaned by deleting - quarantined)" ac=C fn="C:\FRST\Quarantine\C\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen26.zip"
sh=56CF4F2AC44C6ADD5CDCD419BA4B99D22DC7A0E3 ft=1 fh=46ed14ba69906e9f vn="Win32/Toolbar.MyWebSearch.X potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89barsvc.exe.xBAD"
sh=0FF3588ECB69D2B18C6FAEC012672CA2F60314F6 ft=1 fh=731190b7425307d6 vn="Win32/Toolbar.MyWebSearch.W potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89bprtct.dll.xBAD"
sh=BAEFCB03679575349E01668C4F0938643BAAA022 ft=1 fh=45ba6b521529362d vn="a variant of Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89datact.dll.xBAD"
sh=8090E240F528004402B29C11E5072BED79D95384 ft=1 fh=73e118282d8d3c4a vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89dyn.dll.xBAD"
sh=2CA2EA6CF1AD1FE87C25D4AB6B1C7729E48C6390 ft=1 fh=a34a8b9082c46c86 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89feedmg.dll.xBAD"
sh=9788294F2B8AB28DBAE4C73BB61A6B1200BDD89D ft=1 fh=af8ed8fd644fe8ac vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89highin.exe.xBAD"
sh=9D54BAF23397E5F1444BC6471052AD234B76FBD3 ft=1 fh=2ab58862c927227b vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89hkstub.dll.xBAD"
sh=EAA9D46B8FAB8F3D48BB239ADFE46BA312434017 ft=1 fh=2506fdd3752ff6fe vn="a variant of Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89htmlmu.dll.xBAD"
sh=978867B422339E68971E56C49C66F14F2ACD745D ft=1 fh=dd289cd2c7a55037 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89httpct.dll.xBAD"
sh=DC971C75FFCE77CC952FB6660A2603E09D62D4D9 ft=1 fh=ac2f97e786bfc982 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89idle.dll.xBAD"
sh=AFCAAC5845D81A407C63733E4A7D007167F96BE8 ft=1 fh=02b0c8de8c8e9f1e vn="Win32/Toolbar.MyWebSearch.W potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89impipe.exe.xBAD"
sh=556C4FCA5D890F17B7B5040A601B42452A205E29 ft=1 fh=0f2a31b21601aeb5 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89medint.exe.xBAD"
sh=3EB4A6A25199E6339EC04F36189C71738DE63CE7 ft=1 fh=eafb3b5bfaf84345 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89mlbtn.dll.xBAD"
sh=DFD07B722E317D1CDDAAB7D5B31BFAB57CC5E739 ft=1 fh=507b4871517a4ad4 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89msg.dll.xBAD"
sh=CBF93E0F6FF8AE054C18BDBE477CBFAF9F467CF9 ft=1 fh=f7d96c65ea0021a5 vn="probably a variant of Win32/Toolbar.MyWebSearch potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89Plugin.dll.xBAD"
sh=77C8DC985373B1E5D9035ECB3A831C7DD1ABFD55 ft=1 fh=e1f880731de07609 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89radio.dll.xBAD"
sh=C5F26031D5E0C487BFF0D60AA44603135BF60395 ft=1 fh=a846ae5344ec78c3 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89regfft.dll.xBAD"
sh=A2F202F68FEF2A31E9FE3AE124A46B908349778C ft=1 fh=bf17c6b7704b10fd vn="Win32/Toolbar.MyWebSearch.W potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89reghk.dll.xBAD"
sh=65D604A070334183E5034CDEEC5838E46D705794 ft=1 fh=3d9a604351eb1640 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89regiet.dll.xBAD"
sh=72E48F7F37E208A52AD975EAECAB29FC50223C27 ft=1 fh=958a563919bf5cc2 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89script.dll.xBAD"
sh=857980A7B7AB77FF8E34A090CCD76B8BA628E7E4 ft=1 fh=6c9ac10ea3ee1cdd vn="a variant of Win32/Toolbar.MyWebSearch.P potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89skin.dll.xBAD"
sh=496310EE0816B49176E03226DB102FAE9AA452B4 ft=1 fh=ceffc168909c0690 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89sknlcr.dll.xBAD"
sh=F5946D49A70A64072739370E7BAD592FE4799EA1 ft=1 fh=5bc3efb780caf8fa vn="Win32/Toolbar.MyWebSearch.W potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89skplay.exe.xBAD"
sh=8ACE75F6C2417666AD9D60837B72D78B394C3944 ft=1 fh=ae6d89138faf571c vn="Win32/Toolbar.MyWebSearch.W potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89SrchMn.exe.xBAD"
sh=72489280930F183E34FE5AF817F207A5EB65F8D4 ft=1 fh=033eb58713fd33d4 vn="a variant of Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89tpinst.dll.xBAD"
sh=110033F4A78DCA521E8BA73F75747E4E3B6AE545 ft=1 fh=21686246ae128bdd vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\89uabtn.dll.xBAD"
sh=630D5FC9ACC4932C87263895F554F8C3CB6D4B4A ft=1 fh=b81ce565a99a556c vn="Win64/Toolbar.MyWebSearch.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\AppIntegrator64.exe.xBAD"
sh=374E378A91209732B48C8416D1E9805E98FDCFA9 ft=1 fh=6da58ad1308c1c96 vn="Win64/Toolbar.MyWebSearch.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\AppIntegratorStub64.dll.xBAD"
sh=6902D246F8FC2457C9AE369B094292DE6EB454BC ft=1 fh=b1be847bff3fcf8f vn="a variant of Win32/Toolbar.MyWebSearch.Z potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\CREXT.DLL.xBAD"
sh=FF9F058B12B6C4D9B6256304FA9078E391C7F32C ft=1 fh=6022d103b074fe9f vn="a variant of Win32/Toolbar.MyWebSearch.Z potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\CrExtP89.exe.xBAD"
sh=28975F5B612EB2C42E698E7EC01FF441D9ACAEED ft=1 fh=a2ed4ad5e1d8caaf vn="Win32/Toolbar.MyWebSearch.T potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\NP89Stub.dll.xBAD"
sh=2F938D8C9A5D3C9C239793346D43193BA1CBFCD6 ft=1 fh=929bde520a5aa0d2 vn="a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\T8EXTEX.DLL.xBAD"
sh=B8944722E8D577E67925DD4A72D1D8E44C3BC6CA ft=1 fh=6f8a20cf4b11d7b0 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\T8EXTPEX.DLL.xBAD"
sh=7BBFF8810BB79104FE275FBBF7DE48DCBD877E01 ft=1 fh=946da15070ee37db vn="probably a variant of Win32/Toolbar.MyWebSearch.F potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\T8HTML.DLL.xBAD"
sh=2E85C71E79C5B2A65D8CCDD5B21AFE559102062F ft=1 fh=68336e5d9907ad1c vn="a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\T8TICKER.DLL.xBAD"
sh=D0787BEAE97CE99982E7F5000772831421FD48E4 ft=1 fh=b650850bda28ebe2 vn="a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\PROGRA~1\SAFEPC~2\bar\1.bin\VERIFY.DLL.xBAD"
sh=875BF27A9D7EC8A57E1D22728A94605E77A66F99 ft=1 fh=1066940167675931 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF10.dll"
sh=D899A4B906A21BD09967DEC18E585BBC0857613F ft=1 fh=57376ab25fbf95e6 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF11.dll"
sh=1C892B22508224197B9E18D1E8EA140364FCBE16 ft=1 fh=7cdaad0dae2c1b59 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF12.dll"
sh=24688F1377B4440A9B1878032F0E0637A0B7413D ft=1 fh=f3606e917bb05064 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF13.dll"
sh=8DED72F0F1AC00002F7B37896444F81344797137 ft=1 fh=8d756a4d0ef40548 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF14.dll"
sh=A7676DE801151EC36449A35D802BE6D517585250 ft=1 fh=77d903f3d76df8e3 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF15.dll"
sh=5C6557C60BE87DDA95642C27D5A2CC62BA5994AB ft=1 fh=3ae6f06bbaacc194 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF16.dll"
sh=40285FF9FD17402ECE35DF8C168E8EFA2CE62A6A ft=1 fh=917a4813993a40f9 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF17.dll"
sh=F692CE5E532F547C8501BD229FBC123303B3D9B3 ft=1 fh=80a995bee4d32411 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF18.dll"
sh=6BC05D76DE5700A7842F6D698D9DEBF694CB07F9 ft=1 fh=4592982ca8f1a507 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF19.dll"
sh=57160E03B62706FF8E8BAC83FF586555EC22810C ft=1 fh=56a5826f3426f20b vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF2.dll"
sh=90E641FBFF0C1DFCBE3C77E5C50F4E894F26217A ft=1 fh=de6ef194b23fec2d vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF20.dll"
sh=38A74467E791AAB4581FC74C7DADE79E5EEB4795 ft=1 fh=479f62e59405fe7b vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF21.dll"
sh=94D63798953E0B82E555D9DC3403DF379FD3077F ft=1 fh=14354187413f58cf vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF22.dll"
sh=F2AAB78ECD52FFECC521C596FF157F8D57831EF4 ft=1 fh=2cbaad4b382bf3f3 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF23.dll"
sh=95E1985C7154E988280E010473E1B9C987D79FA7 ft=1 fh=3fb80b633a60e120 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF24.dll"
sh=D1C1E4164EEA763CB0B4FF99EAE6CAD3C42A86D6 ft=1 fh=c48a79bf03282173 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF25.dll"
sh=E945BB9901884E902C2C90DD0D24022300C4AE59 ft=1 fh=4681a5397b7995e6 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF26.dll"
sh=0B1ACE568F3C7E497827F1ADD2B9A20FD6D55874 ft=1 fh=0de96f957859625b vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF27.dll"
sh=582321BBF62331B40FBFE2DFF71EFAA5927220B2 ft=1 fh=66e056ec771f27d3 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF28.dll"
sh=3939FBF3A2DCCD352A0F5432C2AC53073B1971BA ft=1 fh=1dd920926f4c2d90 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF29.dll"
sh=5BAAF067D3424BB7621037963FCA6909ED396867 ft=1 fh=15e5e8b58b83a4fd vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF4.dll"
sh=6A96CADA440100988B6BACC46972EA74453CDD5D ft=1 fh=f19b674463ab7da5 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF5.dll"
sh=2E9A62F87FB34FD7CBEFDE10CD4458647AC06C7D ft=1 fh=dbdd0972697e1a93 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF6.dll"
sh=47E9559928996B929FA07B321F8B81C2340B8B26 ft=1 fh=bc9fb25d769824bf vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF7.dll"
sh=A998F7BA733510C93AB904DEB1CAA33865E6A7C9 ft=1 fh=b48111079e839687 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF8.dll"
sh=E7FCE09B991B197FC0D8E714EC9586DCFAC6458A ft=1 fh=609f336dcb625945 vn="probably a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Settings Manager\systemk\components\SystemKHlpFF9.dll"
sh=34BD469EC9D6F93F6BD4BD3EF0B977B302E3E98C ft=1 fh=a3e3d775bcd9d9e3 vn="Win32/Amonetize.AZ potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Windows\System32\installd.exe.xBAD"
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\ProgramData\Adobe\AIH.d7287c157771a08a6424a3226c197ecf14f2c4ee\GTB.exe"
sh=2EB0F0ED5A5123145D0DF917AF05B404B60F4E06 ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.CVE-2013-0422.CF trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\37585a55-67d8cacc"
sh=9028F92C4D89F20095F1BEC62263065ACF549A64 ft=0 fh=0000000000000000 vn="Java/Exploit.CVE-2012-1723.GE trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\76bd0d7-15eb7522"
sh=5A455B49969C12FBF8E433C9E77B481791A15CD7 ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.CVE-2013-0422.CF trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\5297ccbb-45113389"
sh=4C7B49EC59B1F81B35607E4A18801546CA29F7D3 ft=0 fh=0000000000000000 vn="multiple threats (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\2687477c-6719cadc"
sh=BF53BBBBB6B8DC9963D4DDA055FF3A70F07B4C49 ft=0 fh=0000000000000000 vn="multiple threats (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\6bd41707-364a8800"
sh=AB562A173070F0D27FAAA0AC12D00953C4CA1204 ft=1 fh=d5332291f956d781 vn="a variant of MSIL/Toolbar.Linkury.E potentially unwanted application (deleted - quarantined)" ac=C fn="C:\WINDOWS\Installer\MSIC2.tmp-\Smartbar.Resources.LanguageSettings.resources.dll"
sh=409BD7CDE57E67602FCAE74CF7F5FA9BBEEE5A3F ft=1 fh=250ddfb1fecee1c7 vn="a variant of MSIL/Toolbar.Linkury.C potentially unwanted application (deleted - quarantined)" ac=C fn="C:\WINDOWS\Installer\MSIC2.tmp-\srbs.dll"
sh=7B540E86CE980538346AE5AE93145F73F773A266 ft=1 fh=e10f3651d882cdbe vn="Win32/Conduit.SearchProtect.M potentially unwanted application (deleted - quarantined)" ac=C fn="C:\WINDOWS\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O4QTNG9Q\ProtectUS114[1].exe"
 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:14-07-2014 01
Ran by Admin (administrator) on ADMIN-PC on 14-07-2014 13:26:13
Running from C:\Users\Admin\Desktop\FRST
Platform: Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\WINDOWS\System32\audiodg.exe
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
(Verizon) C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\WINDOWS\System32\drivers\XAudio.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(OsdMaestro) C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
(Realtek Semiconductor) C:\WINDOWS\RtHDVCpl.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Intel Corporation) C:\WINDOWS\System32\igfxsrvc.exe
(Hewlett-Packard Company) C:\hp\KBD\kbd.exe
(Verizon) C:\Program Files\Verizon\IHA_MessageCenter\Bin\VzDetectAgent.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2006-09-28] (Hewlett-Packard Company)
HKLM\...\Run: [KBD] => C:\HP\KBD\KbdStub.EXE [65536 2006-12-08] ()
HKLM\...\Run: [OsdMaestro] => C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [155648 2006-11-20] (OsdMaestro)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4874240 2008-01-15] (Realtek Semiconductor)
HKLM\...\Run: [DPService] => C:\Program Files\HP\DVDPlay\DPService.exe [90112 2007-12-18] (CyberLink Corp.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM\...\RunOnce: [Launcher] - %WINDIR%\SMINST\launcher.exe [44136 2006-11-24] (soft thinks)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1952994113-3900846881-1584432544-1000\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-16] (InstallShield Software Corporation)
HKU\S-1-5-21-1952994113-3900846881-1584432544-1000\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1952994113-3900846881-1584432544-1000\...\MountPoints2: {bed45704-be43-11dd-b634-806e6f6e6963} - E:\Setup.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL =
BHO: Yahooo Search Protection -> {25BC7718-0BFA-40EA-B381-4B2D9732D686} -> C:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0o0qerue.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/RhapsodyPlayerEngine,version=1.0 - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

========================== Services (Whitelisted) =================

S2 ccEvtMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108392 2007-08-06] (Symantec Corporation)
U2 ccSetMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108392 2007-08-06] (Symantec Corporation)
S2 CLTNetCnService; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108392 2007-08-06] (Symantec Corporation)
S3 IDriverT; c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 IHA_MessageCenter; C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [358984 2014-05-21] (Verizon)
R2 LightScribeService; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2006-12-14] (Hewlett-Packard Company) [File not signed]
S4 Automatic LiveUpdate Scheduler; No ImagePath
S2 Lavasoft Ad-Aware Service; No ImagePath
S3 LiveUpdate; No ImagePath
S2 SmcService; No ImagePath
S3 SNAC; No ImagePath
S2 Symantec AntiVirus; No ImagePath
S2 WRConsumerService; No ImagePath

==================== Drivers (Whitelisted) ====================

S3 COH_Mon; C:\Windows\system32\Drivers\COH_Mon.sys [23888 2008-07-30] (Symantec Corporation)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-07-21] (GFI Software)
R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [64288 2010-08-12] (Lavasoft AB)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36528 2006-07-24] (Sonic Solutions) [File not signed]
R1 SBRE; C:\Windows\system32\drivers\SBREDrv.sys [95024 2010-09-22] (Sunbelt Software)
S3 SPBBCDrv; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [418864 2007-07-31] (Symantec Corporation)
S1 SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [250416 2007-08-14] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [277040 2007-08-14] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [25136 2007-08-14] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [136496 2010-08-26] (Symantec Corporation)
S3 SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [27576 2007-01-09] (Symantec Corporation)
R1 SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [191544 2007-01-09] (Symantec Corporation)
R1 SysPlant; C:\Windows\SYSTEM32\Drivers\SysPlant.sys [87424 2007-09-07] (Symantec Corporation) [File not signed]
R3 Teefer2; C:\Windows\System32\DRIVERS\teefer2.sys [49024 2007-08-06] (Symantec Corporation)
R1 WPS; C:\Windows\system32\drivers\wpsdrvnt.sys [39808 2007-09-07] (Symantec Corporation)
S3 WpsHelper; C:\Windows\system32\drivers\WpsHelper.sys [161920 2010-06-02] (Symantec Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 Lavasoft Kernexplorer; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [X]
S3 NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20100921.003\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20100921.003\NAVEX15.SYS [X]
S1 netfilter; system32\drivers\netfilter.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S4 vsdatant; a [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-14 09:22 - 2014-07-14 09:22 - 00000000 ____D () C:\Program Files\ESET
2014-07-14 09:21 - 2014-07-14 09:21 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_enu.exe
2014-07-14 09:14 - 2014-07-14 09:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-14 09:14 - 2014-07-14 09:13 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-14 09:14 - 2014-07-14 09:13 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-14 09:14 - 2014-07-14 09:13 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-14 09:14 - 2014-07-14 09:13 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-07-14 08:35 - 2014-07-14 08:35 - 00000000 ____D () C:\ProgramData\Symantec
2014-07-14 06:51 - 2014-07-14 06:51 - 00000000 ____D () C:\Verizon
2014-07-10 10:05 - 2014-07-10 10:05 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-07-10 10:02 - 2014-07-10 10:02 - 00918952 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jxpiinstall.exe
2014-07-09 16:42 - 2014-06-06 19:12 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 16:42 - 2014-06-06 19:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 16:42 - 2014-06-06 18:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-09 16:42 - 2014-06-06 18:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 16:42 - 2014-06-06 18:54 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 16:42 - 2014-06-06 18:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 16:42 - 2014-06-06 18:53 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 16:42 - 2014-06-06 18:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 16:41 - 2014-06-06 20:19 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 16:41 - 2014-06-06 20:05 - 12353024 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 16:41 - 2014-06-06 19:25 - 09711616 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 16:41 - 2014-06-06 19:04 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 16:41 - 2014-06-06 19:03 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 16:41 - 2014-06-06 19:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-09 16:41 - 2014-06-06 18:58 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 16:41 - 2014-06-06 18:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 16:41 - 2014-06-06 18:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 16:41 - 2014-06-06 18:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-09 16:41 - 2014-06-06 18:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 16:41 - 2014-06-06 18:53 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-09 16:41 - 2014-06-06 18:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 16:41 - 2014-06-06 18:51 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-09 16:41 - 2014-06-06 04:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 16:41 - 2014-05-30 02:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-01 16:41 - 2014-07-14 10:36 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-01 16:41 - 2014-07-01 16:41 - 00000905 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-01 16:41 - 2014-07-01 16:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-01 16:41 - 2014-07-01 16:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-01 16:41 - 2014-07-01 16:41 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-01 16:41 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-01 16:41 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-01 16:41 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-30 06:55 - 2014-06-30 06:55 - 00000000 ____D () C:\Windows\ERUNT
2014-06-29 09:45 - 2014-07-03 10:44 - 00000000 ____D () C:\Users\Admin\Desktop\AntiVirus
2014-06-29 09:03 - 2014-07-03 11:05 - 00000000 ____D () C:\AdwCleaner
2014-06-27 08:37 - 2014-06-27 08:37 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-27 08:37 - 2014-06-27 08:37 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-06-27 08:36 - 2014-06-27 08:36 - 00434176 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-06-27 08:36 - 2014-06-27 08:36 - 00353584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-06-27 08:36 - 2014-06-27 08:36 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-06-27 08:36 - 2014-06-27 08:36 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-06-27 08:36 - 2014-06-27 08:36 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-27 08:36 - 2014-06-27 08:36 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-27 08:36 - 2014-06-27 08:36 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-06-27 08:36 - 2014-06-27 08:36 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-06-26 17:29 - 2014-07-14 08:32 - 00000000 ____D () C:\ProgramData\Real
2014-06-26 14:52 - 2014-07-14 08:32 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-06-26 14:43 - 2014-07-14 08:32 - 00000000 ____D () C:\Program Files\FileHippo.com
2014-06-26 14:41 - 2014-06-26 14:41 - 00000856 _____ () C:\Users\Admin\Desktop\psi.exe - Shortcut.lnk
2014-06-26 14:27 - 2014-07-09 16:34 - 00001237 _____ () C:\Windows\SecuniaPackage.log
2014-06-24 12:03 - 2014-07-14 13:26 - 00000000 ____D () C:\FRST
2014-06-24 12:02 - 2014-07-14 13:26 - 00000000 ____D () C:\Users\Admin\Desktop\FRST
2014-06-24 07:15 - 2014-07-14 10:57 - 00017126 _____ () C:\Windows\PFRO.log
2014-06-24 07:13 - 2014-06-24 07:13 - 00000000 ____D () C:\Users\Admin\AppData\Local\Apps\2.0
2014-06-22 16:02 - 2014-06-27 08:37 - 00008650 _____ () C:\Windows\IE9_main.log
2014-06-22 13:35 - 2014-07-14 13:15 - 00960489 _____ () C:\Windows\WindowsUpdate.log
2014-06-22 13:17 - 2014-06-26 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-22 13:17 - 2014-06-26 17:09 - 00000810 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-22 13:17 - 2014-06-26 17:09 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-22 08:44 - 2014-06-24 11:36 - 00000000 ____D () C:\Users\Admin\Downloads\MS
2014-06-21 18:53 - 2014-06-21 18:53 - 00000000 ____D () C:\Users\Admin\Desktop\ProcessExplorer
2014-06-21 10:20 - 2012-08-09 10:48 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2014-06-21 10:20 - 2012-08-09 10:47 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2014-06-21 10:20 - 2012-08-09 10:47 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2014-06-21 10:20 - 2012-08-09 09:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2014-06-19 18:09 - 2014-06-19 18:09 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-07-14 13:26 - 2014-06-24 12:03 - 00000000 ____D () C:\FRST
2014-07-14 13:26 - 2014-06-24 12:02 - 00000000 ____D () C:\Users\Admin\Desktop\FRST
2014-07-14 13:15 - 2014-06-22 13:35 - 00960489 _____ () C:\Windows\WindowsUpdate.log
2014-07-14 12:57 - 2006-11-02 08:45 - 00003680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-14 12:57 - 2006-11-02 08:45 - 00003680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-14 12:51 - 2013-10-12 08:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-14 10:59 - 2006-11-02 08:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-14 10:57 - 2014-06-24 07:15 - 00017126 _____ () C:\Windows\PFRO.log
2014-07-14 10:56 - 2006-11-02 08:58 - 00032652 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-14 10:36 - 2014-07-01 16:41 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-14 09:22 - 2014-07-14 09:22 - 00000000 ____D () C:\Program Files\ESET
2014-07-14 09:21 - 2014-07-14 09:21 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_enu.exe
2014-07-14 09:15 - 2013-11-10 11:22 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-14 09:14 - 2014-07-14 09:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-14 09:13 - 2014-07-14 09:14 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-14 09:13 - 2014-07-14 09:14 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-14 09:13 - 2014-07-14 09:14 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-14 09:13 - 2014-07-14 09:14 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-07-14 08:35 - 2014-07-14 08:35 - 00000000 ____D () C:\ProgramData\Symantec
2014-07-14 08:34 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-07-14 08:33 - 2008-11-29 11:51 - 00000000 ____D () C:\Users\Admin
2014-07-14 08:33 - 2007-02-09 11:49 - 00000000 ____D () C:\Windows\SMINST
2014-07-14 08:33 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\system32\spool
2014-07-14 08:33 - 2006-11-02 06:22 - 54525952 _____ () C:\Windows\system32\config\software_previous
2014-07-14 08:33 - 2006-11-02 06:22 - 47185920 _____ () C:\Windows\system32\config\components_previous
2014-07-14 08:33 - 2006-11-02 06:22 - 21495808 _____ () C:\Windows\system32\config\system_previous
2014-07-14 08:33 - 2006-11-02 06:22 - 04980736 _____ () C:\Windows\system32\config\default_previous
2014-07-14 08:33 - 2006-11-02 06:22 - 00053248 _____ () C:\Windows\system32\config\sam_previous
2014-07-14 08:33 - 2006-11-02 06:22 - 00024576 _____ () C:\Windows\system32\config\security_previous
2014-07-14 08:32 - 2014-06-26 17:29 - 00000000 ____D () C:\ProgramData\Real
2014-07-14 08:32 - 2014-06-26 14:52 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-07-14 08:32 - 2014-06-26 14:43 - 00000000 ____D () C:\Program Files\FileHippo.com
2014-07-14 08:32 - 2012-09-17 19:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon Media Manager
2014-07-14 08:32 - 2010-10-23 07:17 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-14 08:32 - 2010-10-23 07:17 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
2014-07-14 08:32 - 2007-02-09 11:41 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-07-14 08:32 - 2007-02-09 11:17 - 00000000 ____D () C:\Program Files\Real
2014-07-14 08:32 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\registration
2014-07-14 08:20 - 2012-06-13 15:26 - 00008512 _____ () C:\Users\Admin\Install-MMLog.log
2014-07-14 06:51 - 2014-07-14 06:51 - 00000000 ____D () C:\Verizon
2014-07-13 12:01 - 2012-09-17 19:43 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Verizon
2014-07-12 08:14 - 2011-12-09 18:07 - 00650752 _____ () C:\Users\Admin\Documents\DomResStock.xls
2014-07-10 10:05 - 2014-07-10 10:05 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-07-10 10:02 - 2014-07-10 10:02 - 00918952 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jxpiinstall.exe
2014-07-10 10:02 - 2013-03-10 14:24 - 00000000 ____D () C:\Program Files\Java
2014-07-10 06:25 - 2006-11-02 08:44 - 00395696 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-09 20:01 - 2013-07-11 18:43 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 19:37 - 2006-11-02 06:24 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-07-09 16:34 - 2014-06-26 14:27 - 00001237 _____ () C:\Windows\SecuniaPackage.log
2014-07-09 16:34 - 2013-10-12 08:08 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-09 16:34 - 2013-10-12 08:08 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-08 06:36 - 2014-03-16 14:18 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\HpUpdate
2014-07-03 11:05 - 2014-06-29 09:03 - 00000000 ____D () C:\AdwCleaner
2014-07-03 10:44 - 2014-06-29 09:45 - 00000000 ____D () C:\Users\Admin\Desktop\AntiVirus
2014-07-02 15:17 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\system
2014-07-01 17:01 - 2013-10-12 09:16 - 00000000 ____D () C:\ProgramData\ZalmanInstaller_52331
2014-07-01 16:41 - 2014-07-01 16:41 - 00000905 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-01 16:41 - 2014-07-01 16:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-01 16:41 - 2014-07-01 16:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-01 16:41 - 2014-07-01 16:41 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-06-30 06:55 - 2014-06-30 06:55 - 00000000 ____D () C:\Windows\ERUNT
2014-06-29 12:08 - 2011-05-08 10:50 - 00000000 ____D () C:\Users\Admin\Documents\Wine
2014-06-29 08:37 - 2010-09-24 20:11 - 00389716 _____ () C:\aaw7boot.log
2014-06-29 08:20 - 2013-07-21 19:19 - 00001481 _____ () C:\Windows\wininit.ini
2014-06-28 09:41 - 2012-07-08 19:16 - 00027136 _____ () C:\Users\Admin\Documents\DomResStock_Other.xls
2014-06-27 11:43 - 2008-12-19 16:49 - 00000000 ____D () C:\Windows\Minidump
2014-06-27 09:53 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\rescache
2014-06-27 08:41 - 2006-11-02 07:18 - 00000000 ___RD () C:\Windows\Offline Web Pages
2014-06-27 08:37 - 2014-06-27 08:37 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-27 08:37 - 2014-06-27 08:37 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-06-27 08:37 - 2014-06-22 16:02 - 00008650 _____ () C:\Windows\IE9_main.log
2014-06-27 08:36 - 2014-06-27 08:36 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-06-27 08:36 - 2014-06-27 08:36 - 00434176 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-06-27 08:36 - 2014-06-27 08:36 - 00353584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-06-27 08:36 - 2014-06-27 08:36 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-06-27 08:36 - 2014-06-27 08:36 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-06-27 08:36 - 2014-06-27 08:36 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-27 08:36 - 2014-06-27 08:36 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-27 08:36 - 2014-06-27 08:36 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-06-27 08:36 - 2014-06-27 08:36 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-27 08:36 - 2014-06-27 08:36 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-06-26 17:10 - 2014-06-22 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-26 17:09 - 2014-06-22 13:17 - 00000810 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-26 17:09 - 2014-06-22 13:17 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-26 14:41 - 2014-06-26 14:41 - 00000856 _____ () C:\Users\Admin\Desktop\psi.exe - Shortcut.lnk
2014-06-26 14:39 - 2007-02-09 11:39 - 00000000 ____D () C:\Program Files\Yahoo!
2014-06-24 11:36 - 2014-06-22 08:44 - 00000000 ____D () C:\Users\Admin\Downloads\MS
2014-06-24 08:36 - 2010-09-06 08:24 - 00000000 ____D () C:\Program Files\Google
2014-06-24 07:13 - 2014-06-24 07:13 - 00000000 ____D () C:\Users\Admin\AppData\Local\Apps\2.0
2014-06-24 06:39 - 2010-09-06 12:31 - 00000000 ____D () C:\ProgramData\Google
2014-06-23 16:18 - 2013-08-23 04:48 - 00000940 _____ () C:\Users\Public\Desktop\Vz  In-Home Agent.lnk
2014-06-22 16:14 - 2007-02-09 10:48 - 00000000 ____D () C:\Windows\Panther
2014-06-21 18:53 - 2014-06-21 18:53 - 00000000 ____D () C:\Users\Admin\Desktop\ProcessExplorer
2014-06-19 19:49 - 2014-02-02 11:10 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-19 19:34 - 2013-07-18 20:11 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-19 19:15 - 2013-02-17 13:45 - 00000000 ____D () C:\Users\Admin\Desktop\JT
2014-06-19 19:15 - 2013-01-06 15:37 - 00000000 ____D () C:\Users\Admin\Desktop\Dani
2014-06-19 18:09 - 2014-06-19 18:09 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-19 17:48 - 2014-02-17 16:36 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-06-17 21:02 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-06-16 08:05 - 2013-04-04 19:04 - 00000000 ____D () C:\Users\Admin\Desktop\lwt

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-14 11:17

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:14-07-2014 01
Ran by Admin at 2014-07-14 13:27:28
Running from C:\Users\Admin\Desktop\FRST
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 14 ActiveX (HKLM\...\{C4B95D2E-BDE6-412D-AF7B-EC43A298C55B}) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\{3FC9A6DE-C105-4576-8F63-656FFB1BF8EB}) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DVD Play (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: 2.4.4818 - Hewlett-Packard)
Enhanced Multimedia Keyboard Solution (HKLM\...\KBD) (Version:  - Hewlett-Packard)
Hardware Diagnostic Tools (HKLM\...\PC-Doctor 5 for Windows) (Version: 5.00.4323.13 - PC-Doctor, Inc.)
HP Customer Experience Enhancements (HKLM\...\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}) (Version: 1.00.0000 - Hewlett-Packard)
HP Customer Feedback (Version: 1.0.0 - Hewlett-Packard) Hidden
HP Easy Setup - Core (HKLM\...\{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}) (Version: 1.00.0000 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM\...\{40F7AED3-0C7D-4582-99F6-484A515C73F2}) (Version: 5.00.0000 - Hewlett-Packard)
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{8EAB4100-B343-41AE-A880-418746998209}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{79ACC31A-87EA-472A-853E-5AC6A97CE569}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP On-Screen Caps/Num/Scroll Lock Indicator (HKLM\...\OsdMaestro) (Version:  - Hewlett-Packard)
HP Picasso Media Center Add-In (Version: 1.0.0 - HP) Hidden
HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IHA_MessageCenter (HKLM\...\{53C49C8D-DFB2-42B9-A7EF-0F9CA386CC13}) (Version: 1.8.17 - Verizon)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
Isle Wars Pro 2.0 (HKLM\...\Isle Wars Pro Game_is1) (Version:  - Soleau Software, Inc.)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (Version: 2.1.60.19 - Oracle, Inc.) Hidden
Juniper Networks Host Checker (HKCU\...\Neoteris_Host_Checker) (Version: 6.5.0.17883 - Juniper Networks)
Juniper Networks, Inc. Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 7.1.10.21853 - Juniper Networks, Inc.)
Juniper Terminal Services Client (HKCU\...\Juniper_Term_Services) (Version: 7.1.12.21827 - Juniper Networks)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LightScribe  1.4.136.1 (Version: 1.4.136.1 - http://www.lightscribe.com) Hidden
LiveUpdate (Symantec Corporation) (HKLM\...\PsuedoLiveUpdate) (Version: 3.5.0.64 - Symantec Corporation)
LiveUpdate (Symantec Corporation) (Version: 3.5.0.64 - Symantec Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
Move Networks Media Player for Internet Explorer (HKCU\...\Move Networks Player - IE) (Version:  - )
Mozilla Firefox 30.0 (x86 en-US) (HKLM\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
My HP Games (HKLM\...\WildTangent hpdesktop Master Uninstall) (Version: HPCMPQ1601 - WildTangent)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PyScripter 2.5.3 (HKLM\...\PyScripter_is1) (Version: 2.5.3 - PyScripter)
Python 2.4.3 (HKLM\...\{75E71ADD-042C-4F30-BFAC-A9EC42351313}) (Version: 2.4.3150 - Martin v. Löwis)
Python 2.7 xlrd-0.7.9 (HKCU\...\xlrd-py2.7) (Version:  - )
Python 2.7.3 (HKLM\...\{C0C31BCC-56FB-42a7-8766-D29E1BD74C7C}) (Version: 2.7.3150 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5910 - Realtek Semiconductor Corp.)
Redist (HKLM\...\{0F052922-4BCE-4763-A540-00857554336D}) (Version: 3.00.0000 - Verizon)
Rhapsody (HKLM\...\Rhapsody) (Version:  - )
Rhapsody Player Engine (HKLM\...\{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}) (Version: 1.0.604 - RealNetworks)
Roxio Creator Audio (HKLM\...\{83FFCFC7-88C6-41c6-8752-958A45325C82}) (Version: 3.3.0 - Roxio)
Roxio Creator Basic v9 (HKLM\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.3.0 - Roxio)
Roxio Creator Copy (HKLM\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.3.0 - Roxio)
Roxio Creator Data (HKLM\...\{0D397393-9B50-4c52-84D5-77E344289F87}) (Version: 3.3.0 - Roxio)
Roxio Creator EasyArchive (HKLM\...\{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}) (Version: 3.3.0 - Roxio)
Roxio Creator Tools (HKLM\...\{0394CDC8-FABD-4ed8-B104-03393876DFDF}) (Version: 3.3.0 - Roxio)
Roxio Express Labeler 3 (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 2.1.0 - Roxio)
Roxio MyDVD Basic v9 (HKLM\...\{E4A02A3F-4F8A-4D94-BB99-68BC1D1CF6DB}) (Version: 9.0.095 - Roxio, Inc.)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
soapUI 4.5.1 4.5.1 (HKLM\...\5517-2803-0637-4585) (Version: 4.5.1 - SmartBear Software)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Verizon Activation (HKLM\...\{92125850-CE9E-405F-8DC7-774DC36AE76C}_is1) (Version:  - Verizon)
Verizon Media Manager (HKLM\...\Verizon Media Manager) (Version: 9.4.94 - Verizon)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Vz In-Home Agent (HKLM\...\VzInHomeAgent) (Version: 9.0.59.0 - Verizon)
Webroot Software (HKLM\...\Webroot Software) (Version: 7.0.4.102 - Webroot Software, Inc.)
Webroot Software (Version: 7.0.4.102 - Webroot Software, Inc.) Hidden
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}) (Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)

==================== Restore Points  =========================

04-07-2014 11:59:54 Windows Update
08-07-2014 11:04:33 Windows Update
09-07-2014 21:18:37 Scheduled Checkpoint
09-07-2014 23:36:02 Windows Update
10-07-2014 13:58:49 Removed Java 7 Update 55
10-07-2014 14:01:39 Removed Java 8 Update 5
10-07-2014 14:03:55 Installed Java 7 Update 60
14-07-2014 12:27:50 Restore Operation
14-07-2014 12:53:19 Windows Update
14-07-2014 13:12:03 Installed Java 7 Update 60

==================== Hosts content: ==========================

2006-11-02 06:23 - 2014-06-27 06:51 - 00450689 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1    localhost
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com
127.0.0.1    www.100sexlinks.com
127.0.0.1    100sexlinks.com
127.0.0.1    10sek.com
127.0.0.1    www.10sek.com
127.0.0.1    www.1-2005-search.com
127.0.0.1    1-2005-search.com
127.0.0.1    123fporn.info
127.0.0.1    www.123fporn.info
127.0.0.1    123haustiereundmehr.com
127.0.0.1    www.123haustiereundmehr.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {0D309305-1A04-4267-923D-CD0E4014C7E7} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation)
Task: {18DFD9FC-082E-4E9B-8285-5F21D2B4EDAE} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {419A1959-ECBB-456B-B9E7-9E572AB954FD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {5334C5DB-773E-4A94-98A9-5D8CC94B2E8A} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1952994113-3900846881-1584432544-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {5916F864-469C-4391-8604-E4EA141A2699} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {6A7583FE-6092-43DC-BB72-DFA04BE72201} - System32\Tasks\HP online update program => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2011-10-28] (Hewlett-Packard)
Task: {8B0E6FAB-F43A-4988-AF0A-A21646C212F0} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {9AB88391-245D-46E4-BBCE-86D3E35C3330} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1952994113-3900846881-1584432544-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {9ED703A9-5FFD-40D5-895A-4385EE1509DE} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {9F3D9720-21B6-4A77-941C-F6C21CA2E7DA} - System32\Tasks\Microsoft\Windows\RestartManager\{15BEA94A-320A-4d42-9B61-5FB967A9FBE8} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {A33B05AB-A061-4150-ABC7-3B4C67861DA7} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {A5F722A4-051D-4F02-8A5A-9B37BC9433B2} - System32\Tasks\InstallShield Software online update program => C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-02-16] (InstallShield Software Corporation)
Task: {BB0CAA25-07DF-4F8A-BA56-428C304C0F31} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {BDD38020-19C2-4B76-B619-0E3EFD5C2150} - System32\Tasks\Adobe online update program => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {C6E24925-7FC2-4F63-9F40-2F5FA9675D2D} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-05-07] (Oracle Corporation)
Task: {DB06B8CE-0624-4A2E-9DC5-EF32669DAB2A} - System32\Tasks\Real Player online update program => C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Task: {DF492869-C848-4132-8B27-D1D19D2674E1} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {EC5F1A1F-1AD2-4B1A-B195-70ABC57350BB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {F5B4A899-DDD3-4574-B8EC-0C5405866F4F} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-06-19 18:09 - 2014-06-19 18:09 - 03852912 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Lavasoft Ad-Aware Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antvirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRConsumerService => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupreg: ccApp => "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
MSCONFIG\startupreg: pcreg => C:\Program Files\pcmax\service.exe
MSCONFIG\startupreg: SafePCRepair Search Scope Monitor => "C:\PROGRA~1\SAFEPC~2\bar\1.bin\89srchmn.exe" /m=2 /w /h
MSCONFIG\startupreg: Windows Defender => C:\Program Files\Windows Defender\MSASCui.exe -hide

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/14/2014 10:46:49 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (07/14/2014 10:46:45 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (07/14/2014 09:02:57 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ADMIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\0O0QERUE.DEFAULT\SAFEBROWSING> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (07/14/2014 09:02:48 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ADMIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\0O0QERUE.DEFAULT\SAFEBROWSING> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (07/14/2014 09:02:47 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ADMIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\0O0QERUE.DEFAULT\SAFEBROWSING> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (07/14/2014 08:54:39 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ADMIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\0O0QERUE.DEFAULT\SAFEBROWSING> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (07/14/2014 08:54:38 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ADMIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\0O0QERUE.DEFAULT\SAFEBROWSING> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (07/14/2014 08:41:51 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ADMIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\0O0QERUE.DEFAULT\CACHE2> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (07/14/2014 08:41:13 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ADMIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\0O0QERUE.DEFAULT\SAFEBROWSING> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (07/14/2014 08:41:13 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ADMIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\0O0QERUE.DEFAULT\SAFEBROWSING> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)


System errors:
=============
Error: (07/14/2014 11:02:36 AM) (Source: RasMan) (EventID: 20063) (User: )
Description: Remote Access Connection Manager failed to start because the Point to Point Protocol failed to initialize. The specified module could not be found.

Error: (07/14/2014 11:02:36 AM) (Source: RemoteAccess) (EventID: 20151) (User: )
Description: The Control Protocol EAP in the Point to Point Protocol module C:\Windows\System32\rasppp.dll returned an error while initializing. The specified module could not be found.

Error: (07/14/2014 11:02:36 AM) (Source: RemoteAccess) (EventID: 20070) (User: )
Description: Point to Point Protocol engine was unable to load the C:\Program Files\Symantec\Symantec Endpoint Protection\SymRasMan.dll module. The specified module could not be found.

Error: (07/14/2014 11:02:35 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Remote Access Connection Manager%%126

Error: (07/14/2014 11:02:35 AM) (Source: RasMan) (EventID: 20063) (User: )
Description: Remote Access Connection Manager failed to start because the Point to Point Protocol failed to initialize. The specified module could not be found.

Error: (07/14/2014 11:02:35 AM) (Source: RemoteAccess) (EventID: 20151) (User: )
Description: The Control Protocol EAP in the Point to Point Protocol module C:\Windows\System32\rasppp.dll returned an error while initializing. The specified module could not be found.

Error: (07/14/2014 11:02:35 AM) (Source: RemoteAccess) (EventID: 20070) (User: )
Description: Point to Point Protocol engine was unable to load the C:\Program Files\Symantec\Symantec Endpoint Protection\SymRasMan.dll module. The specified module could not be found.

Error: (07/14/2014 11:02:34 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Remote Access Connection Manager%%126

Error: (07/14/2014 11:02:34 AM) (Source: RasMan) (EventID: 20063) (User: )
Description: Remote Access Connection Manager failed to start because the Point to Point Protocol failed to initialize. The specified module could not be found.

Error: (07/14/2014 11:02:34 AM) (Source: RemoteAccess) (EventID: 20151) (User: )
Description: The Control Protocol EAP in the Point to Point Protocol module C:\Windows\System32\rasppp.dll returned an error while initializing. The specified module could not be found.


Microsoft Office Sessions:
=========================
Error: (07/14/2014 10:46:49 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (07/14/2014 10:46:45 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (07/14/2014 09:02:57 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\ADMIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\0O0QERUE.DEFAULT\SAFEBROWSING

Error: (07/14/2014 09:02:48 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\ADMIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\0O0QERUE.DEFAULT\SAFEBROWSING

Error: (07/14/2014 09:02:47 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\ADMIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\0O0QERUE.DEFAULT\SAFEBROWSING

Error: (07/14/2014 08:54:39 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\ADMIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\0O0QERUE.DEFAULT\SAFEBROWSING

Error: (07/14/2014 08:54:38 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\ADMIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\0O0QERUE.DEFAULT\SAFEBROWSING

Error: (07/14/2014 08:41:51 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\ADMIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\0O0QERUE.DEFAULT\CACHE2

Error: (07/14/2014 08:41:13 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\ADMIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\0O0QERUE.DEFAULT\SAFEBROWSING

Error: (07/14/2014 08:41:13 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\ADMIN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\0O0QERUE.DEFAULT\SAFEBROWSING


CodeIntegrity Errors:
===================================
  Date: 2014-07-14 13:27:20.655
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-14 13:27:20.343
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-14 13:27:20.047
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-14 13:27:19.719
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-14 13:27:19.064
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-14 13:27:18.752
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-14 13:27:18.440
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-14 13:27:18.128
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-14 10:57:52.098
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-14 10:43:32.690
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 81%
Total physical RAM: 1014.64 MB
Available physical RAM: 184.01 MB
Total Pagefile: 2291.62 MB
Available Pagefile: 1214.79 MB
Total Virtual: 2047.88 MB
Available Virtual: 1894.67 MB

==================== Drives ================================

Drive c: (COMPAQ) (Fixed) (Total:141.96 GB) (Free:93.89 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Recovery) (Fixed) (Total:7.09 GB) (Free:0.36 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP OJ8600) (CDROM) (Total:0.6 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=142 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=7 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

Advertisements


#17
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Hi lwt_intl,

It is unfortunate that you had to go through all those extra steps. Some of the operations we have performed were also reverted by System Restore. We'll have to redo some of them. However, do note that you are already cleared of malware. We're just cleaning up remnants of various security programs. :thumbsup:
  • Step 1

    Download 'Fix It by Microsoft' and save it to your desktop.
    • Simply double-click the program icon to run it. It will ask for administrator privileges.
    • Click Accept > Browse and choose your desktop. Press Save after.
    • Once it has finish downloading, click Finish.
    • Go to the folder named Fix it portable and double-click Launch Fix it.exe.
    • From the selection choose Install or upgrade software or hardware.
    • At the very bottom, click the Run Now button beside Fix problems that programs cannot be installed or uninstalled.
    • Select Detect problems and let me select the fixes to apply > Uninstalling > Webroot Software > Next.
    • Follow the rest of the on-screen instructions.
    • At the very end, a log will be made available to you.
    • Post the log and check whether or not the entry is still present.
  • Step 2

    Open System Configuration by following the steps below.
    • Press the Windows and R buttons together. The Run prompt should appear.
    • Type in msconfig and press OK.
    • Navigate to the Startup tab > Enable All > Apply > OK.
    • You will be prompted to restart. Allow it by choosing Restart.
  • Step 3

    Copy and paste the following into Notepad and save as fixlist.txt to your desktop:
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Lavasoft Ad-Aware Service => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRConsumerService => ""="Service"
    Task: {DB06B8CE-0624-4A2E-9DC5-EF32669DAB2A} - System32\Tasks\Real Player online update program => C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    Task: {BB0CAA25-07DF-4F8A-BA56-428C304C0F31} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
    Task: {9AB88391-245D-46E4-BBCE-86D3E35C3330} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1952994113-3900846881-1584432544-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
    Task: {5334C5DB-773E-4A94-98A9-5D8CC94B2E8A} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1952994113-3900846881-1584432544-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
    2014-06-26 14:13 - 2014-06-26 14:13 - 00000000 ____D () C:\Program Files\Secunia
    2014-06-26 14:51 - 2010-10-23 07:17 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
    2014-06-26 14:41 - 2014-06-26 14:41 - 00000856 _____ () C:\Users\Admin\Desktop\psi.exe - Shortcut.lnk
    2014-06-29 08:19 - 2010-10-23 07:17 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
    2014-06-29 08:37 - 2014-06-26 14:52 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
    2014-07-10 09:58 - 2014-06-26 14:43 - 00000000 ____D () C:\Program Files\FileHippo.com
    2014-07-10 09:57 - 2014-06-26 17:29 - 00000000 ____D () C:\ProgramData\Real
    2014-07-10 09:57 - 2009-10-05 16:32 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Real
    2014-07-10 09:57 - 2007-02-09 11:17 - 00000000 ____D () C:\Program Files\Real
    2014-07-10 10:14 - 2007-02-09 11:41 - 00000000 ____D () C:\ProgramData\Symantec
    2014-07-10 10:14 - 2007-02-09 11:41 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
    R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [64288 2010-08-12] (Lavasoft AB)
    S3 Lavasoft Kernexplorer; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [X]
    S2 Lavasoft Ad-Aware Service; No ImagePath
    S2 WRConsumerService; No ImagePath
    FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
    FF Plugin: @real.com/RhapsodyPlayerEngine,version=1.0 - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
    SearchScopes: HKLM - DefaultScope value is missing.
    SearchScopes: HKCU - {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL =
    HKLM\...\Run: [SafePCRepair Search Scope Monitor] => "C:\PROGRA~1\SAFEPC~2\bar\1.bin\89srchmn.exe" /m=2 /w /h
    C:\PROGRA~1\SAFEPC~2
    HKLM\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe
    C:\Program Files\pcmax
    • Run your copy of FRST. It is important to ensure it is located in your desktop.

      5mgxgF3.png

    • Press the Fix button.
    • It will produce a log (fixlog.txt) once done.
    • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log(s) in your next reply.
  • Logs to Post

    In summary of the above, I will need you to post the following log(s):
    • fixlog.txt (Farbar Recovery Scan Tool)

  • 0

#18
lwt_intl

lwt_intl

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

Hello,

I am getting the following error when I try to run Microsoft Fix it:

Failed to create the portable diagnostic tool

This diagnostic tool cannot continue because of an error.  Please try again later.

 

I tried this several times over the last few days.  Any ideas?  This is a Vista machine, does that make a difference?


  • 0

#19
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
No, it shouldn't. I have uploaded a copy for you 'here'. Please download it and proceed directly to the fourth instruction of the first step. :)
  • 0

#20
lwt_intl

lwt_intl

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

I tried to take out Webroot, but it gave me an error and no log.  Here is the fixlog.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:14-07-2014 01
Ran by Admin at 2014-07-22 18:12:11 Run:4
Running from C:\Users\Admin\Desktop\FRST
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Lavasoft Ad-Aware Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRConsumerService => ""="Service"
Task: {DB06B8CE-0624-4A2E-9DC5-EF32669DAB2A} - System32\Tasks\Real Player online update program => C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Task: {BB0CAA25-07DF-4F8A-BA56-428C304C0F31} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {9AB88391-245D-46E4-BBCE-86D3E35C3330} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1952994113-3900846881-1584432544-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {5334C5DB-773E-4A94-98A9-5D8CC94B2E8A} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1952994113-3900846881-1584432544-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
2014-06-26 14:13 - 2014-06-26 14:13 - 00000000 ____D () C:\Program Files\Secunia
2014-06-26 14:51 - 2010-10-23 07:17 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
2014-06-26 14:41 - 2014-06-26 14:41 - 00000856 _____ () C:\Users\Admin\Desktop\psi.exe - Shortcut.lnk
2014-06-29 08:19 - 2010-10-23 07:17 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-29 08:37 - 2014-06-26 14:52 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-07-10 09:58 - 2014-06-26 14:43 - 00000000 ____D () C:\Program Files\FileHippo.com
2014-07-10 09:57 - 2014-06-26 17:29 - 00000000 ____D () C:\ProgramData\Real
2014-07-10 09:57 - 2009-10-05 16:32 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Real
2014-07-10 09:57 - 2007-02-09 11:17 - 00000000 ____D () C:\Program Files\Real
2014-07-10 10:14 - 2007-02-09 11:41 - 00000000 ____D () C:\ProgramData\Symantec
2014-07-10 10:14 - 2007-02-09 11:41 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [64288 2010-08-12] (Lavasoft AB)
S3 Lavasoft Kernexplorer; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [X]
S2 Lavasoft Ad-Aware Service; No ImagePath
S2 WRConsumerService; No ImagePath
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Plugin: @real.com/RhapsodyPlayerEngine,version=1.0 - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL =
HKLM\...\Run: [SafePCRepair Search Scope Monitor] => "C:\PROGRA~1\SAFEPC~2\bar\1.bin\89srchmn.exe" /m=2 /w /h
C:\PROGRA~1\SAFEPC~2
HKLM\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe
C:\Program Files\pcmax
*****************

'HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service' => Key deleted successfully.
'HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService' => Key deleted successfully.
'HKLM\System\CurrentControlSet\Control\SafeBoot\Network\Lavasoft Ad-Aware Service' => Key deleted successfully.
'HKLM\System\CurrentControlSet\Control\SafeBoot\Network\WRConsumerService' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB06B8CE-0624-4A2E-9DC5-EF32669DAB2A}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB06B8CE-0624-4A2E-9DC5-EF32669DAB2A}' => Key deleted successfully.
C:\Windows\System32\Tasks\Real Player online update program => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Real Player online update program' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB0CAA25-07DF-4F8A-BA56-428C304C0F31}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB0CAA25-07DF-4F8A-BA56-428C304C0F31}' => Key deleted successfully.
C:\Windows\System32\Tasks\Ad-Aware Update (Weekly) => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ad-Aware Update (Weekly)' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9AB88391-245D-46E4-BBCE-86D3E35C3330}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9AB88391-245D-46E4-BBCE-86D3E35C3330}' => Key deleted successfully.
C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1952994113-3900846881-1584432544-1000 => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1952994113-3900846881-1584432544-1000' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5334C5DB-773E-4A94-98A9-5D8CC94B2E8A}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5334C5DB-773E-4A94-98A9-5D8CC94B2E8A}' => Key deleted successfully.
C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1952994113-3900846881-1584432544-1000 => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealPlayerRealUpgradeLogonTaskS-1-5-21-1952994113-3900846881-1584432544-1000' => Key deleted successfully.
"C:\Program Files\Secunia" => File/Directory not found.
C:\Program Files\Spybot - Search & Destroy => Moved successfully.
C:\Users\Admin\Desktop\psi.exe - Shortcut.lnk => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
C:\Program Files\Spybot - Search & Destroy 2 => Moved successfully.
C:\Program Files\FileHippo.com => Moved successfully.
C:\ProgramData\Real => Moved successfully.
"C:\Users\Admin\AppData\Roaming\Real" => File/Directory not found.
C:\Program Files\Real => Moved successfully.

"C:\ProgramData\Symantec" directory move:

C:\ProgramData\Symantec\Common Client\settings.bak => Moved successfully.
Could not move "C:\ProgramData\Symantec\Common Client\settings.dat" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Symantec" directory. => Scheduled to move on reboot.

C:\Program Files\Common Files\Symantec Shared => Moved successfully.
Lbd => Service stopped successfully.
Lbd => Service deleted successfully.
Lavasoft Kernexplorer => Service deleted successfully.
Lavasoft Ad-Aware Service => Service deleted successfully.
WRConsumerService => Service deleted successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758} => value deleted successfully.
'HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0' => Key deleted successfully.
C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}' => Key deleted successfully.
'HKCR\CLSID\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}'=> Key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SafePCRepair Search Scope Monitor => value deleted successfully.
"C:\PROGRA~1\SAFEPC~2" => File/Directory not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\pcreg => value deleted successfully.
"C:\Program Files\pcmax" => File/Directory not found.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-07-22 18:14:16)<=

C:\ProgramData\Symantec\Common Client\settings.dat => Is moved successfully.
C:\ProgramData\Symantec => Is moved successfully.

==== End of Fixlog ====


  • 0

#21
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Thank you for your cooperation. Your logs show no sign of infection. Congratulations, your system is now clean. :thumbsup: Below are the last few steps for you to accomplish.

Remove Temporary Files with TFC by OldTimer
  • Download 'TFC by OldTimer' and save it to your desktop.
    • Ensure all programs and windows are closed before proceeding.
    • Simply double-click the program icon to run it. It will ask for administrator privileges.
    • Click the Start button and wait for the process to complete.
    • You will be prompted to reboot. Please allow it by choosing Yes.
Remove Special Tools with DelFix by Xplode
  • Download 'DelFix by Xplode' and save it to your desktop.
    • Simply double-click the program icon to run it. It will ask for administrator privileges.
    • Ensure the following options are checked:
      • Remove Disinfection Tools
      • Create Registry Backup
      • Purge System Restore
    • Press Run.
    • A log will automatically pop-up. Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.

  • 0

#22
lwt_intl

lwt_intl

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

# DelFix v10.7 - Logfile created 25/07/2014 at 14:15:28
# Updated 27/04/2014 by Xplode
# Username : Admin - ADMIN-PC
# Operating System : Windows Vista ™ Home Basic Service Pack 2 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\logFileUI.txt
Deleted : C:\Users\Admin\Downloads\esetsmartinstaller_enu.exe
Deleted : C:\Users\Admin\Downloads\TFC.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #1357 [Removed Java 7 Update 55 | 07/10/2014 13:58:49]
Deleted : RP #1358 [Removed Java 8 Update 5 | 07/10/2014 14:01:39]
Deleted : RP #1359 [Installed Java 7 Update 60 | 07/10/2014 14:03:55]
Deleted : RP #1360 [Restore Operation | 07/14/2014 12:27:50]
Deleted : RP #1361 [Windows Update | 07/14/2014 12:53:19]
Deleted : RP #1362 [Installed Java 7 Update 60 | 07/14/2014 13:12:03]
Deleted : RP #1363 [Installed Java 7 Update 65 | 07/16/2014 20:25:57]
Deleted : RP #1364 [Scheduled Checkpoint | 07/17/2014 21:39:39]
Deleted : RP #1365 [Windows Update | 07/18/2014 21:03:03]
Deleted : RP #1366 [Removed Microsoft Fix it Center | 07/18/2014 22:13:09]
Deleted : RP #1367 [Windows Update | 07/22/2014 20:57:02]
Deleted : RP #1369 [Restore Point before Corrupt Patch Registry keys | 07/22/2014 21:39:12]
Deleted : RP #1371 [ Webroot Software  | 07/22/2014 21:48:00]
Deleted : RP #1372 [Scheduled Checkpoint | 07/23/2014 16:26:25]

New restore point created !

########## - EOF - ##########
 


  • 0

#23
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
I will now proceed to giving to tips on how to maintain your system as it is. Anytime you encounter an infection again, please do not hesitate to go back here at Geeks to Go. :)

Remove, Disable, or Update Java

As Java is the 'most exploited program at this time', I recommend that you remove it unless you need it. If so, it is prudent to 'disable it in your web browser(s)' while ensuring your copy is always up-to-date. Older versions are prone to exploits and vulnerabilities.
  • Download the latest 'Java' installation and save it to your desktop.
    • You need to uninstall any previous Java installations.
      • For Windows XP: Navigate to Start > Control Panel > Add or Remove Programs.
      • For Windows Vista: Navigate to Start > Control Panel > Programs and Features or Uninstall a Program.
      • For Windows 7: Navigate to Start > Control Panel > Programs and Features or Uninstall a Program.
      • For Windows 8: Navigate to Start > Start Context Menu > Programs and Features or Uninstall a Program.
    • Search the list for previous installations of Java such as all versions below:
      • Java™ 7 Update 65
    • Proceed to uninstalling the old versions and install the one you've just downloaded.
Update Your Anti-Virus Every Day

Updating

Ensuring that you have one anti-virus installed in your system is a good way to prevent being infected. You must always make sure to update your anti-virus every day; anti-virus companies see to to it that the latest definition updates are distributed to be up to par with the propagation of malware. Your anti-virus is useless if you do not update it.


Scanning

Set a scanning routine. Ensure that you do a full scan with your anti-virus monthly. This is part of maintaining a clean system--a scanning routine proves to be effective. You can never be sure when your computer has caught an infection.


If you have any unresolved issues with regard to this thread or you need more :help: please ask me. I would assist you further, should it be required. Otherwise, enjoy your clean system.

:cheers:

Thank you.
  • 0

#24
lwt_intl

lwt_intl

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

Thank you so much for your help.  Best of luck in your future endeavors!


  • 0

#25
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Since this issue appears to be resolved, this topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a new topic.
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP