Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

cant download a thing [Solved]


  • This topic is locked This topic is locked

#16
jeffcaissie

jeffcaissie

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 160 posts

all of my old accounts are deleted.

new admin one is working 100%

props to u and geekstogo!

 

files are being indexed at the moment.

so it's a bit slow.


Edited by jeffcaissie, 13 August 2014 - 11:57 AM.

  • 0

Advertisements


#17
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK once the indexing is complete could you run a fresh FRST scan for me please so that I can have a final look :)
  • 0

#18
jeffcaissie

jeffcaissie

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 160 posts

will do.


  • 0

#19
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Ta :)
  • 0

#20
jeffcaissie

jeffcaissie

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 160 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:13-08-2014 01
Ran by Levi (administrator) on JEFF on 13-08-2014 18:27:53
Running from C:\Users\Levi\Desktop
Platform: Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c09c50a2\AEstSrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Creative Technology Ltd.) C:\Windows\OEM02Mon.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winamp.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKU\.DEFAULT\...\RunOnce: [DeleteEngineAfterUpdate] => reg DELETE HKCU\Software\AppDataLow\Software\ConduitEngine /f
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ent/swflash.cab
Handler: linkscanner - No CLSID Value - 
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
 
FireFox:
========
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-05-07]
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-13]
CHR Extension: (Google Drive) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-13]
CHR Extension: (YouTube) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-13]
CHR Extension: (Google Search) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-13]
CHR Extension: (Skype Click to Call) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-08-13]
CHR Extension: (Google Wallet) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-13]
CHR Extension: (Gmail) - C:\Users\Levi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-13]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-11-22]
CHR HKLM\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\Nat\AppData\Local\Temp\crxCF13.tmp [2012-11-22]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c09c50a2\aestsrv.exe [73728 2007-09-20] (Andrea Electronics Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3290304 2012-11-22] (Skype Technologies S.A.)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-03-04] (AVG Technologies)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [116320 2014-06-27] (Power Software Ltd)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
S3 catchme; \??\C:\Users\Ffej\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S1 MpKslb1b04789; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BB6E96FC-71D2-4038-851B-7C230689A908}\MpKslb1b04789.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-13 18:27 - 2014-08-13 18:28 - 00008809 _____ () C:\Users\Levi\Desktop\FRST.txt
2014-08-13 18:27 - 2014-08-13 18:27 - 01092096 _____ (Farbar) C:\Users\Levi\Desktop\FRST.exe
2014-08-13 18:27 - 2014-08-13 18:27 - 00000000 ____D () C:\Users\Levi\Desktop\FRST-OlderVersion
2014-08-13 15:39 - 2014-08-13 15:40 - 03469871 _____ (LIGHTNING UK!) C:\Users\Levi\Downloads\SetupImgBurn_2.5.8.0.exe
2014-08-13 15:31 - 2014-08-13 15:31 - 00164941 _____ () C:\Users\Levi\Downloads\WBICreator.zip
2014-08-13 15:14 - 2014-08-13 15:14 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-13 15:14 - 2014-08-13 15:14 - 00000000 _____ () C:\Windows\setupact.log
2014-08-13 14:33 - 2014-08-13 14:33 - 00000000 ____D () C:\Users\Levi\AppData\Roaming\Adobe
2014-08-13 14:30 - 2014-08-13 14:30 - 00000000 ____D () C:\Users\Levi\AppData\Roaming\Winamp
2014-08-13 14:22 - 2014-08-13 18:16 - 2783166763 _____ () C:\Users\Levi\Downloads\install.wim
2014-08-13 14:22 - 2014-08-13 14:47 - 133129475 _____ () C:\Users\Levi\Downloads\boot.wim
2014-08-13 14:19 - 2014-08-13 14:31 - 85177872 _____ (Microsoft Corporation) C:\Users\Levi\Downloads\MicrosoftInstaller.exe
2014-08-13 14:16 - 2014-08-13 14:16 - 00061048 _____ () C:\Users\Levi\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-13 14:15 - 2014-08-13 14:15 - 00000949 _____ () C:\Users\Levi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-13 14:15 - 2014-08-13 14:15 - 00000944 _____ () C:\Users\Levi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-08-13 14:15 - 2014-08-13 14:15 - 00000915 _____ () C:\Users\Levi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-08-13 14:15 - 2014-08-13 14:15 - 00000020 ___SH () C:\Users\Levi\ntuser.ini
2014-08-13 14:15 - 2014-08-13 14:15 - 00000000 ____D () C:\Users\Levi\AppData\Local\VirtualStore
2014-08-13 14:15 - 2014-08-13 14:15 - 00000000 ____D () C:\Users\Levi\AppData\Local\Google
2014-08-13 14:15 - 2014-08-13 14:15 - 00000000 ____D () C:\Users\Levi
2014-08-13 14:15 - 2014-08-01 18:41 - 00000000 ____D () C:\Users\Levi\AppData\Local\Microsoft Help
2014-08-13 14:15 - 2008-01-20 23:56 - 00000000 ___RD () C:\Users\Levi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-13 14:15 - 2008-01-20 23:56 - 00000000 ___RD () C:\Users\Levi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-13 12:55 - 2008-01-02 18:33 - 00172032 _____ (Intel Corporation) C:\Windows\system32\igfxres.dll
2014-08-13 12:54 - 2014-08-13 12:54 - 00017875 _____ () C:\ComboFix.txt
2014-08-13 12:35 - 2014-08-13 12:54 - 00000000 ____D () C:\Qoobox
2014-08-13 12:35 - 2014-08-13 12:54 - 00000000 ____D () C:\ComboFix
2014-08-13 12:35 - 2011-06-26 03:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-13 12:35 - 2010-11-07 14:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-13 12:35 - 2009-04-20 01:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-13 12:35 - 2000-08-30 21:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-13 12:35 - 2000-08-30 21:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-13 12:35 - 2000-08-30 21:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-13 12:35 - 2000-08-30 21:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-13 12:35 - 2000-08-30 21:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-13 12:34 - 2014-08-13 12:51 - 00000000 ____D () C:\Windows\erdnt
2014-08-12 15:33 - 2014-08-13 18:27 - 00000000 ____D () C:\FRST
2014-08-11 04:25 - 2014-08-13 13:21 - 00006222 _____ () C:\Windows\PFRO.log
2014-08-11 04:21 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-08-07 01:59 - 2014-08-11 04:23 - 00000000 ____D () C:\AdwCleaner
2014-08-07 01:48 - 2014-08-07 01:48 - 00000000 ____D () C:\Windows\ERUNT
2014-08-06 17:52 - 2014-08-06 17:52 - 00018872 _____ () C:\Windows\system32\Drivers\SPPD.sys
2014-08-06 17:51 - 2014-08-06 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2014-08-06 17:51 - 2014-08-06 17:51 - 00000000 ____D () C:\Program Files\PowerISO
2014-08-04 04:29 - 2014-08-04 04:29 - 00001905 _____ () C:\Windows\diagwrn.xml
2014-08-04 04:29 - 2014-08-04 04:29 - 00001905 _____ () C:\Windows\diagerr.xml
2014-08-02 20:51 - 2014-08-02 20:51 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-08-01 18:41 - 2014-08-01 18:41 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-08-01 18:41 - 2014-08-01 18:41 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-08-01 12:37 - 2014-08-01 12:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-08-01 12:36 - 2009-02-27 03:42 - 00031640 _____ (Microsoft Corporation) C:\Windows\system32\msonpmon.dll
2014-08-01 12:35 - 2014-08-01 18:39 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-08-01 12:30 - 2014-08-02 20:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-01 12:30 - 2014-08-02 20:53 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-01 12:30 - 2014-08-01 12:31 - 00000000 ____D () C:\Windows\SHELLNEW
2014-08-01 12:29 - 2014-08-01 12:29 - 00000000 ___RD () C:\MSOCache
2014-07-26 08:56 - 2014-07-26 08:56 - 00000000 ____D () C:\Program Files\SigmaTel
2014-07-26 08:56 - 2008-02-15 18:27 - 00330752 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt.sys
2014-07-26 08:56 - 2008-02-15 18:24 - 00150016 _____ (IDT, Inc.) C:\Windows\system32\st325866.dll
2014-07-26 08:56 - 2007-03-05 14:05 - 00492544 _____ (Creative Technology Ltd.) C:\Windows\system32\ctapo32.dll
2014-07-26 08:56 - 2007-03-05 14:05 - 00045568 _____ (Creative Technology Ltd) C:\Windows\system32\ctppld.dll
2014-07-26 07:59 - 2012-03-08 18:32 - 00039272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys
2014-07-26 07:39 - 2014-07-26 07:59 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-07-26 07:38 - 2014-07-26 07:39 - 00001158 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2014-07-26 07:22 - 2014-07-26 07:22 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-07-26 07:21 - 2014-07-26 07:22 - 00001037 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-07-26 07:21 - 2014-07-26 07:21 - 00002025 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2014-07-26 07:20 - 2014-07-26 07:20 - 00000000 ____D () C:\Windows\PCHEALTH
2014-07-26 00:58 - 2014-07-26 00:58 - 00000820 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2014-07-26 00:57 - 2014-07-26 00:58 - 00000000 ____D () C:\Program Files\WinRAR
2014-07-23 00:45 - 2014-08-11 05:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safer Networking
2014-07-23 00:45 - 2014-07-23 00:45 - 00000000 ____D () C:\Program Files\Safer Networking
2014-07-18 17:06 - 2014-08-13 12:54 - 00000000 ____D () C:\Users\Jeff
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-13 18:28 - 2014-08-13 18:27 - 00008809 _____ () C:\Users\Levi\Desktop\FRST.txt
2014-08-13 18:27 - 2014-08-13 18:27 - 01092096 _____ (Farbar) C:\Users\Levi\Desktop\FRST.exe
2014-08-13 18:27 - 2014-08-13 18:27 - 00000000 ____D () C:\Users\Levi\Desktop\FRST-OlderVersion
2014-08-13 18:27 - 2014-08-12 15:33 - 00000000 ____D () C:\FRST
2014-08-13 18:18 - 2012-05-02 12:36 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-13 18:16 - 2014-08-13 14:22 - 2783166763 _____ () C:\Users\Levi\Downloads\install.wim
2014-08-13 18:14 - 2006-11-02 09:45 - 00003840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-13 18:14 - 2006-11-02 09:45 - 00003840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-13 17:30 - 2012-09-11 16:46 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-13 17:01 - 2008-01-20 22:38 - 01205081 _____ () C:\Windows\WindowsUpdate.log
2014-08-13 15:40 - 2014-08-13 15:39 - 03469871 _____ (LIGHTNING UK!) C:\Users\Levi\Downloads\SetupImgBurn_2.5.8.0.exe
2014-08-13 15:31 - 2014-08-13 15:31 - 00164941 _____ () C:\Users\Levi\Downloads\WBICreator.zip
2014-08-13 15:14 - 2014-08-13 15:14 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-13 15:14 - 2014-08-13 15:14 - 00000000 _____ () C:\Windows\setupact.log
2014-08-13 14:47 - 2014-08-13 14:22 - 133129475 _____ () C:\Users\Levi\Downloads\boot.wim
2014-08-13 14:33 - 2014-08-13 14:33 - 00000000 ____D () C:\Users\Levi\AppData\Roaming\Adobe
2014-08-13 14:31 - 2014-08-13 14:19 - 85177872 _____ (Microsoft Corporation) C:\Users\Levi\Downloads\MicrosoftInstaller.exe
2014-08-13 14:30 - 2014-08-13 14:30 - 00000000 ____D () C:\Users\Levi\AppData\Roaming\Winamp
2014-08-13 14:16 - 2014-08-13 14:16 - 00061048 _____ () C:\Users\Levi\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-13 14:15 - 2014-08-13 14:15 - 00000949 _____ () C:\Users\Levi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-13 14:15 - 2014-08-13 14:15 - 00000944 _____ () C:\Users\Levi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-08-13 14:15 - 2014-08-13 14:15 - 00000915 _____ () C:\Users\Levi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-08-13 14:15 - 2014-08-13 14:15 - 00000020 ___SH () C:\Users\Levi\ntuser.ini
2014-08-13 14:15 - 2014-08-13 14:15 - 00000000 ____D () C:\Users\Levi\AppData\Local\VirtualStore
2014-08-13 14:15 - 2014-08-13 14:15 - 00000000 ____D () C:\Users\Levi\AppData\Local\Google
2014-08-13 14:15 - 2014-08-13 14:15 - 00000000 ____D () C:\Users\Levi
2014-08-13 14:15 - 2012-09-11 16:46 - 00000876 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-13 14:15 - 2006-11-02 09:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-13 14:13 - 2006-11-02 09:58 - 00032582 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-13 13:21 - 2014-08-11 04:25 - 00006222 _____ () C:\Windows\PFRO.log
2014-08-13 12:56 - 2006-11-02 07:33 - 00759582 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-13 12:54 - 2014-08-13 12:54 - 00017875 _____ () C:\ComboFix.txt
2014-08-13 12:54 - 2014-08-13 12:35 - 00000000 ____D () C:\Qoobox
2014-08-13 12:54 - 2014-08-13 12:35 - 00000000 ____D () C:\ComboFix
2014-08-13 12:54 - 2014-07-18 17:06 - 00000000 ____D () C:\Users\Jeff
2014-08-13 12:54 - 2006-11-02 08:18 - 00000000 __RHD () C:\Users\Default
2014-08-13 12:54 - 2006-11-02 08:18 - 00000000 ___RD () C:\Users\Public
2014-08-13 12:51 - 2014-08-13 12:34 - 00000000 ____D () C:\Windows\erdnt
2014-08-13 12:49 - 2006-11-02 07:23 - 00000215 _____ () C:\Windows\system.ini
2014-08-13 12:44 - 2011-09-29 19:23 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-12 22:08 - 2013-09-07 20:35 - 00000000 ____D () C:\jeff
2014-08-12 22:07 - 2013-08-25 20:39 - 00000000 ____D () C:\temp
2014-08-12 17:28 - 2011-10-09 14:12 - 00000000 ____D () C:\Windows\Minidump
2014-08-11 13:25 - 2014-04-17 21:14 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-11 12:27 - 2006-11-02 09:44 - 00273368 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-11 05:34 - 2014-07-23 00:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safer Networking
2014-08-11 04:25 - 2006-11-02 08:18 - 00000000 ____D () C:\Windows\security
2014-08-11 04:23 - 2014-08-07 01:59 - 00000000 ____D () C:\AdwCleaner
2014-08-07 01:48 - 2014-08-07 01:48 - 00000000 ____D () C:\Windows\ERUNT
2014-08-06 17:52 - 2014-08-06 17:52 - 00018872 _____ () C:\Windows\system32\Drivers\SPPD.sys
2014-08-06 17:51 - 2014-08-06 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2014-08-06 17:51 - 2014-08-06 17:51 - 00000000 ____D () C:\Program Files\PowerISO
2014-08-04 04:29 - 2014-08-04 04:29 - 00001905 _____ () C:\Windows\diagwrn.xml
2014-08-04 04:29 - 2014-08-04 04:29 - 00001905 _____ () C:\Windows\diagerr.xml
2014-08-02 20:57 - 2014-08-01 12:30 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-02 20:53 - 2014-08-01 12:30 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-02 20:51 - 2014-08-02 20:51 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-08-01 18:41 - 2014-08-13 14:15 - 00000000 ____D () C:\Users\Levi\AppData\Local\Microsoft Help
2014-08-01 18:41 - 2014-08-01 18:41 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-08-01 18:41 - 2014-08-01 18:41 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-08-01 18:39 - 2014-08-01 12:35 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-08-01 18:39 - 2006-11-02 08:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-08-01 12:37 - 2014-08-01 12:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-08-01 12:33 - 2011-05-08 00:51 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-08-01 12:31 - 2014-08-01 12:30 - 00000000 ____D () C:\Windows\SHELLNEW
2014-08-01 12:29 - 2014-08-01 12:29 - 00000000 ___RD () C:\MSOCache
2014-07-26 11:11 - 2006-11-02 08:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-07-26 08:56 - 2014-07-26 08:56 - 00000000 ____D () C:\Program Files\SigmaTel
2014-07-26 08:56 - 2010-11-12 22:50 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-07-26 08:00 - 2011-08-26 15:06 - 00000000 ____D () C:\Program Files\Windows Live
2014-07-26 07:59 - 2014-07-26 07:39 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-07-26 07:39 - 2014-07-26 07:38 - 00001158 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2014-07-26 07:34 - 2011-08-26 15:10 - 00001227 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2014-07-26 07:22 - 2014-07-26 07:22 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-07-26 07:22 - 2014-07-26 07:21 - 00001037 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-07-26 07:21 - 2014-07-26 07:21 - 00002025 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2014-07-26 07:20 - 2014-07-26 07:20 - 00000000 ____D () C:\Windows\PCHEALTH
2014-07-26 00:58 - 2014-07-26 00:58 - 00000820 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2014-07-26 00:58 - 2014-07-26 00:57 - 00000000 ____D () C:\Program Files\WinRAR
2014-07-25 13:18 - 2011-03-20 13:41 - 00000000 ____D () C:\Extras
2014-07-23 00:45 - 2014-07-23 00:45 - 00000000 ____D () C:\Program Files\Safer Networking
2014-07-23 00:37 - 2006-11-02 08:18 - 00000000 ____D () C:\Windows\Branding
2014-07-16 20:50 - 2012-09-11 16:47 - 00001975 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-13 14:20
 
==================== End Of Log ============================

  • 0

#21
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
That looks good, are you experiencing any other problems ?
  • 1

#22
jeffcaissie

jeffcaissie

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 160 posts

i think it's good for now. thank you much!

if i have any further concerns i know were to go . :spoton:


  • 0

#23
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Download and run Delfix

delfix.JPG

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

CryptoPrevent.JPG

Malwarebytes.

Update and run weekly to keep your system clean


It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

#24
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP