[reach1]

Hello,

 

First off my Ccleaner free space drive wiper only wipes about 1% of my free space then it tells me its finished.

 

Second I did try malwarebytes and did a full scan but after the scan was done it found about 38 files and malwarebytes just shuts down. I re-open malwarebytes and the files said they were under quarantine but I don't think they were. When I try and delete any/all files malwarebytes finds them all again in the next scan.

 

Third I noticed Ccleaner runs its cleaner program about 5 seconds slower than normal.

 

I deleted Malwarebytes because it was not working.

 

;Update I got Malwarebytes working but not Ccleaner.

 

I did manage to do a single wipe with ccleaner but I can't do a 3 pass wipe or greater.

Edited by reach1, 15 September 2014 - 03:55 PM.

[Advertisements]

Sorry that it has taken so long for us to reply. We've been quite busy lately.

 

Please try to run OTL and post the scan results.

 

Scan with OTL

Please download OTL by OldTimer and save the file to your desktop.

• Right-click on icon and select Run as Administrator to start the tool.
• Make sure that Scan All Users, LOP check and Purity check are ticked.
• For 64-bit systems only - make sure that Include 64-bit option is also ticked.
• Sections Processes, Modules, Services, Drivers, Standard Registry are set to Use Safelist.
• Section Extra Registry is also set to Use Safelist.
• Under the Custom Scans/Fixes bar in the box paste in the following:
• Push Run Scan and wait patiently.
• Two notepad windows will be opened after this run: OTL.txt (maximized) and Extras.txt (minimized).

Please include the content of both logfiles in your next reply.

 

 

 

[Biscuithd]

Sorry that it has taken so long for us to reply. We've been quite busy lately.

 

Please try to run OTL and post the scan results.

 

Scan with OTL

Please download OTL by OldTimer and save the file to your desktop.

• Right-click on icon and select Run as Administrator to start the tool.
• Make sure that Scan All Users, LOP check and Purity check are ticked.
• For 64-bit systems only - make sure that Include 64-bit option is also ticked.
• Sections Processes, Modules, Services, Drivers, Standard Registry are set to Use Safelist.
• Section Extra Registry is also set to Use Safelist.
• Under the Custom Scans/Fixes bar in the box paste in the following:
• Push Run Scan and wait patiently.
• Two notepad windows will be opened after this run: OTL.txt (maximized) and Extras.txt (minimized).

Please include the content of both logfiles in your next reply.

 

 

 

[reach1]

OTL logfile created on: 9/19/2014 4:47:24 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Owner\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1014.42 Mb Total Physical Memory | 532.34 Mb Available Physical Memory | 52.48% Memory free
2.38 Gb Paging File | 1.79 Gb Available in Paging File | 75.19% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 31.60 Gb Free Space | 84.83% Space Free | Partition Type: NTFS
 
Computer Name: GATEWAY400VTX | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/09/19 04:44:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe
PRC - [2014/09/18 23:55:52 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/10/23 18:24:25 | 000,235,728 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
PRC - [2013/10/23 18:24:25 | 000,057,520 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
PRC - [2008/04/14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/09/18 23:55:50 | 003,734,640 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014/06/15 01:01:22 | 003,186,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2014/06/15 01:01:22 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2014/06/15 01:01:18 | 004,550,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2014/06/15 01:01:16 | 000,626,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2014/06/15 01:01:10 | 000,010,752 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2014/06/15 01:01:07 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2014/06/14 23:18:18 | 005,283,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
MOD - [2014/06/14 23:18:18 | 000,196,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
MOD - [2014/06/14 23:18:18 | 000,139,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.classic.dll
MOD - [2014/06/14 23:18:14 | 001,245,184 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
MOD - [2014/06/14 23:18:14 | 000,098,304 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
MOD - [2014/06/14 23:18:14 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
MOD - [2014/06/14 23:18:12 | 004,210,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
MOD - [2013/09/03 14:29:38 | 000,095,088 | ---- | M] () -- C:\Program Files\Bitdefender\Antivirus Free Edition\bdmetrics.dll
MOD - [2013/06/18 18:46:41 | 000,129,608 | ---- | M] () -- \\?\C:\Program Files\Bitdefender\Antivirus Free Edition\bdnc.dll
MOD - [2013/03/19 12:07:15 | 000,508,136 | ---- | M] () -- C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2014/09/18 23:55:50 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/09/09 15:26:47 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/23 18:24:25 | 000,057,520 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe -- (gzserv)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\qknfd.sys -- (qknfd)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\GWMDM.sys -- (GTWModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\CPUID\PC Wizard 2013\pcwiz_x32.sys -- (cpuz136)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2014/05/13 17:02:25 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DrvAgent32.sys -- (DrvAgent32)
DRV - [2013/07/16 15:06:06 | 000,135,472 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys -- (bdselfpr)
DRV - [2013/05/28 12:11:21 | 000,355,744 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\trufos.sys -- (trufos)
DRV - [2013/04/22 13:20:34 | 000,164,952 | ---- | M] (BitDefender LLC) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\gzflt.sys -- (gzflt)
DRV - [2013/04/17 17:19:36 | 000,148,600 | ---- | M] (Bitdefender SRL) [Kernel | System | Running] -- C:\Program Files\Bitdefender\Antivirus Free Edition\bdftdif.sys -- (bdftdif)
DRV - [2013/04/17 14:59:04 | 000,633,344 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avc3.sys -- (avc3)
DRV - [2013/04/17 14:59:04 | 000,486,536 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avckf.sys -- (avckf)
DRV - [2012/11/02 14:17:14 | 000,242,504 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avchv.sys -- (avchv)
DRV - [2009/11/11 06:26:02 | 002,216,064 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51)
DRV - [2008/09/24 09:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2003/10/02 06:43:20 | 000,244,560 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stac97.sys -- (STAC97)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {31090377-0740-419E-BEFC-A56E50500D5B}
IE - HKLM\..\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}: "URL" = http://speedial.com/...=1360946926&ir=
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1606980848-1957994488-289805187-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://start.mysearchdial.com/?f=1 [Binary data over 200 bytes]
IE - HKU\S-1-5-21-1606980848-1957994488-289805187-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us.yhs4.searc...20029,0,88,6477
IE - HKU\S-1-5-21-1606980848-1957994488-289805187-1003\..\SearchScopes,DefaultScope = {31090377-0740-419E-BEFC-A56E50500D5B}
IE - HKU\S-1-5-21-1606980848-1957994488-289805187-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-1606980848-1957994488-289805187-1003\..\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}: "URL" = http://speedial.com/...=1360946926&ir=
IE - HKU\S-1-5-21-1606980848-1957994488-289805187-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1606980848-1957994488-289805187-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.bing.com/"
FF - prefs.js..extensions.enabledAddons: 2.0%40disconnect.me:3.14.0
FF - prefs.js..extensions.enabledAddons: zoompage%40DW-dev:10.7
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0.2
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/09/18 23:55:38 | 000,000,000 | ---D | M]
 
[2014/05/09 07:46:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2014/07/18 13:29:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions
[2014/06/13 01:06:14 | 000,947,620 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\[email protected]
[2014/06/11 21:39:56 | 000,126,171 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\[email protected]
[2014/06/11 21:34:56 | 000,314,781 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\[email protected]
[2014/06/26 19:35:14 | 000,081,510 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\[email protected]
[2014/06/11 21:39:35 | 000,967,387 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/09/18 23:55:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/09/18 23:55:53 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2004/08/04 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1606980848-1957994488-289805187-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.5.22.0.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.43
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CC7B1CA5-90E8-4381-A54C-9C148FE0EAC6}: DhcpNameServer = 192.168.0.43
O20 - AppInit_DLLs: (prio.dll) - C:\Program Files\Prio\prio.dll (O&K Software)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/04/05 14:22:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/09/19 04:39:58 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2014/09/18 23:55:31 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/09/15 14:05:15 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/09/15 14:04:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/09/15 14:04:16 | 000,053,208 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2014/09/15 14:04:16 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2014/09/15 14:04:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/09/07 13:46:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Administrative Tools
[2014/08/30 15:04:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/09/19 04:26:03 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/09/19 03:56:47 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014/09/18 23:32:39 | 000,012,984 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/09/18 23:32:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/09/15 15:00:34 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/09/15 14:04:23 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/09/09 15:26:45 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014/09/09 15:26:41 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/09/15 14:04:23 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/06/15 00:07:36 | 000,175,113 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1402812380.bdinstall.bin
[2014/06/14 22:55:15 | 000,099,995 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1402808078.bdinstall.bin
[2014/06/14 22:54:37 | 000,038,313 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1402808073.bdinstall.bin
[2014/06/14 22:11:40 | 000,271,632 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2014/06/14 19:24:49 | 000,266,618 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1606980848-1957994488-289805187-1003-0.dat
[2014/06/14 19:24:40 | 000,065,610 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2014/06/09 04:50:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\exctrlst.INI
[2014/06/02 23:57:55 | 000,000,278 | ---- | C] () -- C:\WINDOWS\prio.ini
[2014/05/29 20:56:02 | 001,067,008 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\file__0.localstorage
[2014/05/25 13:00:17 | 000,209,163 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1401044282.bdinstall.bin
[2014/05/25 12:44:58 | 000,096,374 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1401043447.bdinstall.bin
[2014/05/25 12:44:06 | 000,037,224 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1401043442.bdinstall.bin
[2014/05/24 23:31:03 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2014/05/24 22:46:47 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2014/05/20 01:24:30 | 000,000,008 | R--- | C] () -- C:\WINDOWS\System32\drivers\RtkHDAud.dat
[2014/05/14 18:54:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2014/05/14 00:27:27 | 000,170,649 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400048794.bdinstall.bin
[2014/05/14 00:26:14 | 000,126,614 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400048663.bdinstall.bin
[2014/05/14 00:12:12 | 000,042,109 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400047925.2220.bin
[2014/05/14 00:12:07 | 000,003,557 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400047925.2196.bin
[2014/05/14 00:12:07 | 000,003,012 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400047925.2200.bin
[2014/05/14 00:12:05 | 000,042,309 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400047925.2116.bin
[2014/05/14 00:12:05 | 000,037,729 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400047919.bdinstall.bin
[2014/05/14 00:09:18 | 000,177,984 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400047705.bdinstall.bin
[2014/05/13 23:43:49 | 000,008,071 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400046219.3892.bin
[2014/05/13 23:43:44 | 000,002,406 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400046219.3836.bin
[2014/05/13 23:43:44 | 000,001,361 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400046219.3708.bin
[2014/05/13 23:43:39 | 000,039,404 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400046219.3796.bin
[2014/05/13 23:43:37 | 000,037,481 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400046213.bdinstall.bin
[2014/05/13 23:14:53 | 000,034,506 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400044373.bdinstall.bin
[2014/05/13 23:14:27 | 000,032,027 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400044454.bdinstall.bin
[2014/05/13 23:13:13 | 000,213,838 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400044038.bdinstall.bin
[2014/05/13 22:40:23 | 000,044,828 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400042371.bdinstall.bin
[2014/05/13 22:20:03 | 000,044,960 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400041171.bdinstall.bin
[2014/05/09 08:26:08 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2014/05/09 07:45:42 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014/04/05 17:04:45 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2014/04/05 14:24:50 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2014/04/05 14:19:09 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2014/04/05 08:07:04 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
 
========== ZeroAccess Check ==========
 
[2014/05/08 16:07:41 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2014/02/24 21:30:52 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 06:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 04:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2014/06/13 16:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adtrustmedia
[2014/05/18 21:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\bdch
[2014/05/23 03:56:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverGenius
[2014/05/12 17:43:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2014/05/13 23:22:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\QuickScan
[2014/06/15 00:10:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\QuickScan
[2014/05/13 20:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DriverFinder
[2014/05/19 22:12:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Easeware
[2014/06/21 22:26:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InfraRecorder
[2014/05/09 03:40:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\MSNInstaller
[2014/05/14 16:18:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Oracle
[2014/05/13 23:08:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\QuickScan
[2014/05/14 19:20:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TreeCardGames
[2014/05/08 18:23:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Windows Search
 
========== Purity Check ==========
 
 

< End of report >
 

 

 

OTL Extras logfile created on: 9/19/2014 4:47:24 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Owner\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1014.42 Mb Total Physical Memory | 532.34 Mb Available Physical Memory | 52.48% Memory free
2.38 Gb Paging File | 1.79 Gb Available in Paging File | 75.19% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 31.60 Gb Free Space | 84.83% Space Free | Partition Type: NTFS
 
Computer Name: GATEWAY400VTX | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
 
[HKEY_USERS\S-1-5-21-1606980848-1957994488-289805187-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 4
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe" = C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"BitDefender Gonzales" = Bitdefender Antivirus Free Edition
"CCleaner" = CCleaner
"GTW Modem" = GTW Modem
"InfraRecorder" = InfraRecorder
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 32.0.2 (x86 en-US)" = Mozilla Firefox 32.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Prio" = Prio
"VLC media player" = VLC media player 2.1.3
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
 
< End of report >
 

[reach1]

On a side note, I have been trying to free up some speed on this laptop if you see anything I can do off hand let me know. I would like to remove Internet Explorer completely but its tricky.

[Biscuithd]

Hi,

 

I see some things, so let's get started.

 

 

 

Fix with OTL

Please re-run OTL with this removal script included.
 

This fix was created for this user for use on that particular machine.
Running it on another one may cause damage and render the system unstable. 

• Right-click on icon and select Run as Administrator to start the tool.
• Under the Custom Scans/Fixes bar in the box paste in the following:

:Commands

[createrestorepoint]
 
:otl 

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)

DRV - File not found [Kernel | System | Stopped] -- system32\drivers\qknfd.sys -- (qknfd)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)

DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\GWMDM.sys -- (GTWModem)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\CPUID\PC Wizard 2013\pcwiz_x32.sys -- (cpuz136)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)

DRV - File not found [Kernel | System | Stopped] --  -- (Changer)

IE - HKLM\..\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}: "URL" = http://speedial.com/...=1360946926&ir=

IE - HKU\S-1-5-21-1606980848-1957994488-289805187-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://start.mysearchdial.com/?f=1 [Binary data over 200 bytes]

IE - HKU\S-1-5-21-1606980848-1957994488-289805187-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us.yhs4.searc...20029,0,88,6477

IE - HKU\S-1-5-21-1606980848-1957994488-289805187-1003\..\SearchScopes,DefaultScope = {31090377-0740-419E-BEFC-A56E50500D5B}

IE - HKU\S-1-5-21-1606980848-1957994488-289805187-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC

IE - HKU\S-1-5-21-1606980848-1957994488-289805187-1003\..\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}: "URL" = http://speedial.com/...=1360946926&ir=

FF - user.js - File not found

[2014/05/09 07:46:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions

[2014/07/18 13:29:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions

[2014/06/13 01:06:14 | 000,947,620 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\[email protected]

[2014/06/11 21:39:56 | 000,126,171 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\[email protected]

[2014/06/11 21:34:56 | 000,314,781 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\[email protected]

[2014/06/26 19:35:14 | 000,081,510 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\[email protected]

[2014/06/11 21:39:35 | 000,967,387 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2014/09/18 23:55:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.



:commands

[resethosts]

[emptytemp]

[reboot]

• Push Run Fix and wait patiently.
• If asked to reboot, please allow it to.
• A notepad window with a logfile will open after this run. It will be also saved in _OTL\MovedFiles directory on your main drive as (date)_(time).log.

Please include the content of this logfile in your next reply.

 

Scan with AdwCleaner

 

Please download AdwCleaner by Xplode and save the file to your desktop.

 

• Right-click on icon and select Run as Administrator to start the tool.

• Follow the prompts and click Scan.

• Upon completion, click Report. A log (AdwCleaner[R*].txt) will open.

 

Please include the contents of that file in your reply.

 

Fix with Junkware Removal Tool

 

Please download JRT by Thisisu and save the file to your desktop.

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

 

• Right-click on icon and select Run as Administrator to start the tool.

• Follow the prompts and let this process run uninterrupted.

• This scan can take a while, depending on your System specs.

• Upon completion, a log (JRT.txt) will open on your desktop.

 

Please include the contents of that file in your reply.

 

Do not forget to re-enable your previously switched off protection software!

Please also manually reboot your machine after this procedure.

 

Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

• Right-click on icon and select Run as Administrator to start the tool.
• Wait patiently until the main console will appear, it may take a minute or two.
• In the main box please paste in the following script:

createsrpoint;
process;
services-list;
systemspecs;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;
filesrcm;
installedprogs;

• Make sure that Scan All Users option is checked.
• Push Run Script and wait patiently. The scan may take a couple of minutes.
• When the scan completes, a zoek-results logfile should open in notepad.
• If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

 

To summarize, you'll posting back the OTL Moved File log, adwCleaner log, JRT log and ZOEK log.

 

And, let me know how the computer is working too.

 

[reach1]

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Service AppMgmt stopped successfully!
Service AppMgmt deleted successfully!
File %SystemRoot%\System32\appmgmts.dll not found.
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service qknfd stopped successfully!
Service qknfd deleted successfully!
File system32\drivers\qknfd.sys not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service GTWModem stopped successfully!
Service GTWModem deleted successfully!
File system32\DRIVERS\GWMDM.sys not found.
Service cpuz136 stopped successfully!
Service cpuz136 deleted successfully!
File C:\Program Files\CPUID\PC Wizard 2013\pcwiz_x32.sys not found.
Service cpudrv stopped successfully!
Service cpudrv deleted successfully!
File C:\Program Files\SystemRequirementsLab\cpudrv.sys not found.
Service Changer stopped successfully!
Service Changer deleted successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31090377-0740-419E-BEFC-A56E50500D5B}\ not found.
HKU\S-1-5-21-1606980848-1957994488-289805187-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKU\S-1-5-21-1606980848-1957994488-289805187-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-1606980848-1957994488-289805187-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1606980848-1957994488-289805187-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1606980848-1957994488-289805187-1003\Software\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31090377-0740-419E-BEFC-A56E50500D5B}\ not found.
C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions folder moved successfully.
File C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\[email protected] not found.
File C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\[email protected] not found.
File C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\[email protected] not found.
File C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\[email protected] not found.
File C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi not found.
C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files\Mozilla Firefox\browser\extensions folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
[EMPTYTEMP]
 
User: Administrator
 
User: Administrator.GATEWAY400VTX
->Temp folder emptied: 36227 bytes
->Temporary Internet Files folder emptied: 32902 bytes
 
User: All Users
 
User: ASPNET
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Guest
 
User: HelpAssistant
 
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 51373681 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33370 bytes
 
User: Owner
->Temp folder emptied: 35924055 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->FireFox cache emptied: 5432746 bytes
->Flash cache emptied: 523 bytes
 
User: SUPPORT_388945a0
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2543019 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 40376172 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 130.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 09202014_015419

Files\Folders moved on Reboot...
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\alert_margin_left.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\alert_margin_left.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\alert_margin_right.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\alert_margin_right.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\alert_middle.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\alert_middle.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\award.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\award.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\back.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\back.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\background.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\background.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\background_award_flow.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\background_award_flow.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\background_install_steps.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\background_install_steps.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\background_tall.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\background_tall.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\background_uninstall.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\background_uninstall.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bd_logo.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bd_logo.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bg.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bg.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bg_AlertWindow.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bg_AlertWindow.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bg_header_image.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bg_header_image.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bg_number_events.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bg_number_events.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bg_number_events_active.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bg_number_events_active.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bg_number_events_hover.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bg_number_events_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\big_picture.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\big_picture.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\big_shadow.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\big_shadow.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\btn_combo.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\btn_combo.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\btn_combo_active.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\btn_combo_active.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\btn_combo_disabled.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\btn_combo_disabled.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\btn_combo_hover.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\btn_combo_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\button.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\button.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\button_active.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\button_active.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\button_disabled.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\button_disabled.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\button_hover.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\button_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\checkbox_off.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\checkbox_off.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\checkbox_off_disabled.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\checkbox_off_disabled.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\checkbox_off_hover.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\checkbox_off_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\checkbox_on.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\checkbox_on.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\checkbox_on_disabled.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\checkbox_on_disabled.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\checkbox_on_hover.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\checkbox_on_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\close.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\close.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\delete_normal.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\delete_normal.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\details_button.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\details_button.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\feedback_banner.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\feedback_banner.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\flow_background.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\flow_background.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_alert.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_alert.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_critical.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_critical.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_critical_big.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_critical_big.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_done.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_done.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_done_big.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_done_big.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_informative.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_informative.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_notok.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_notok.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_ok.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_ok.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_sb.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_sb.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_skipped.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_skipped.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\input_bg.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\input_bg.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\install_big_button.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\install_big_button.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\install_big_button_hover.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\install_big_button_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\install_button.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\install_button.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\install_button_hover.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\install_button_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\loader_install.gif scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\loader_install.gif.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\lock_normal.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\lock_normal.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\minimize.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\minimize.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\open_normal.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\open_normal.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\pending.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\pending.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\products_chart.jpg scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\products_chart.jpg.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\progress_bar_not_ok.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\progress_bar_not_ok.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\progress_bar_ok.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\progress_bar_ok.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\progress_bg.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\progress_bg.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\qs_scan_log.xsl scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\qs_scan_log.xsl.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\scroll_next.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\scroll_next.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\scroll_prev.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\scroll_prev.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\share_fb.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\share_fb.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\share_go.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\share_go.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\share_line.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\share_line.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\share_tabel.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\share_tabel.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\share_top_text.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\share_top_text.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\share_tw.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\share_tw.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\small_shadow.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\small_shadow.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\sswitch_off.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\sswitch_off.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\sswitch_on.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\sswitch_on.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\status_bg.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\status_bg.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\sys_btn.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\sys_btn.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\sys_btn_active.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\sys_btn_active.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\sys_btn_hover.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\sys_btn_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\tabs_bg_feedback.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\tabs_bg_feedback.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\tabs_bg_feedback_hover.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\tabs_bg_feedback_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\tabs_bg_left.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\tabs_bg_left.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\tabs_bg_left_hover.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\tabs_bg_left_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\tabs_bg_right.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\tabs_bg_right.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\tabs_bg_right_hover.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\tabs_bg_right_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\top_header_bg.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\top_header_bg.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\unlock_normal.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\unlock_normal.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\award_flow1.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\award_flow1.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\award_flow2.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\award_flow2.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\bdHtmlBox.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\bdHtmlBox.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\cpptexts.xlf scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\cpptexts.xlf.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\en-US.exe scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\en-US.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\eula.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\eula.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\eula_text.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\eula_text.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\eula_text_en.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\eula_text_en.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\general.xlf scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\general.xlf.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\httpaph.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\httpaph.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\httpgeneric.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\httpgeneric.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\httpmalware.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\httpmalware.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\installer.xlf scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\installer.xlf.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\it-IT.exe scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\it-IT.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\lang.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\lang.xml.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\lang.xml.online scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\lang.xml.online.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\logs.xlf scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\logs.xlf.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\main.ui.css scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\main.ui.css.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\notifications.xlf scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\notifications.xlf.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\pt-BR.exe scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\pt-BR.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\rem_confirm.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\rem_confirm.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\rem_confirm_p.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\rem_confirm_p.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\repair_progress.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\repair_progress.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\ro-RO.exe scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\ro-RO.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\setup_progress.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\setup_progress.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\uninstall_progress.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\uninstall_progress.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\welcome.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\welcome.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\ACA.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Ad-Aware.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Advanced_System_Protect.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\alading.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\AntiVir.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\avast5.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\AVG.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Avira.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\BackWeb-4476822.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\BBC.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Bitdefender 2011.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Bitdefender Anti-Theft.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Bitdefender Antivirus.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Bitdefender Bussiness Client.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Bitdefender Internet Security.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Bitdefender Total Security.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\BullGuard.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\cciss.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\COMODO.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\DRWEB.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\ESET.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\eTrust.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\F-Secure.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\G Data.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\GUIDs.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\JiangMin.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Kaspersky.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Kingsoft.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\kingsoftSafeguard.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\kv antivirus.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Lavasoft.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\McAfee.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\MicroPoint.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Microsoft Security Essentials.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Mobile.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\MSC.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Norman.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Norton.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\OfficeScan95.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\OfficeScanNT.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Panda.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\PC Tools.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Premium.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\qqpcmgr.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\qqprotect.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Rav.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\RFW.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Ris.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\safeguard360.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\ServerProtect.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\SunBelt.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Trend Micro.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\VETWIN32Vp5.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Virus.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Webroot.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\WinSS.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\ZoneAlarm.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\core\bdcore.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\core\bdcore.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\additional.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\additional.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\avcheck.exe scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\avcheck.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\bdardrv.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\bdardrv.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\bdmetrics.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\bdmetrics.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\bdnc.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\bdnc.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\bdnc.ini scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\bdnc.ini.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\bdnc.ipv4 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\bdselfpr.sys scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\bdselfpr.sys.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\contacts.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\contacts.xml.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\detection.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\gzflt.sys scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\gzflt.sys.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\gzfltum.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\gzfltum.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\htmlayout.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\htmlayout.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\Installer.exe scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\Installer.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\installerpackage.exe scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\installerpackage.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\install_x64.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\install_x64.xml.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\install_x86.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\install_x86.xml.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\no_connection.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\no_connection.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\npcomm.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\npcomm.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\qs_scan_log.xsl scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\qs_scan_log.xsl.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\servers.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\servers.xml.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\setuplauncher.exe scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\setuplauncher.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\standalone.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\standalone.xml.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\trufos.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\trufos.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\trufos.sys scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\trufos.sys.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\unrar.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\unrar.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\update.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\update.xml.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\update_config.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\update_config.xml.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\UserGuide.pdf scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\UserGuide.pdf.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\WPFKickstarter.exe scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\WPFKickstarter.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\WPFKickstarter4.exe scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\WPFKickstarter4.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\wslib.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\wslib.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\wspack.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\wspack.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\wsutils.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\wsutils.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\gziface1.log scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 

 

 

 

 

# AdwCleaner v3.310 - Report created 20/09/2014 at 02:14:32
# Updated 12/09/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Owner - GATEWAY400VTX
# Running from : C:\Documents and Settings\Owner\My Documents\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found : C:\Documents and Settings\Owner\Local Settings\Application Data\eSupport.com
Folder Found : C:\Documents and Settings\Owner\Local Settings\Application Data\globalUpdate

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\eSupport.com
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555135590}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566136690}
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Driver Genius_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Optimizer Pro_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Speedial
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\systweak
Key Found : HKLM\SOFTWARE\Trymedia Systems

***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.5512


-\\ Mozilla Firefox v32.0.2 (x86 en-US)

[ File : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\prefs.js ]


*************************

AdwCleaner[R0].txt - [5005 octets] - [20/09/2014 02:14:32]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5065 octets] ##########
 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.9 (09.20.2014:1)
OS: Microsoft Windows XP x86
Ran by Owner on Sat 09/20/2014 at  2:21:18.67
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550555135590}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660566136690}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440544134490}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550555135590}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660566136690}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440544134490}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110511131190}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\adtrustmedia"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\drivergenius"



~~~ FireFox

Emptied folder: C:\Documents and Settings\Owner\Application Data\mozilla\firefox\profiles\nwmxb5r5.default-1402543570379\minidumps [2 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 09/20/2014 at  2:45:25.68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

 

AdwCleaner - I was unsure if I was suppose to Run the cleaner so I didn't.

 

Junkware Removal Tool - I forgot to turn off my anti virus but it looks like it worked anyway.

 

ZOEK - My Anti Virus blocked the web site, it said there was Malware on it. Could not find a .exe file, only a .Zip file.

Edited by reach1, 20 September 2014 - 03:18 AM.

[reach1]

FireFox is working faster. I had to redownload some add-ons though. =)

 

Sorry about not Downloading ZOEK, I just don't feel safe when it says there is malware on the site.

 

 

update: My anti virus blocked OTL.exe but nothing else so I may have to run it again, idk what do you think?

Edited by reach1, 20 September 2014 - 04:20 AM.

[Biscuithd]

The resulting logs are quite encouraging.

ZOEK - My Anti Virus blocked the web site, it said there was Malware on it. Could not find a .exe file, only a .Zip file.

 

Quite common for many of our tools. Rest assured that we use Zoek quite often here with excellent results. Please re-consider running

 

Then, repeat the OTL scan from Step #2 and post the results.

 

 

[reach1]

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Error: No service named AppMgmt was found to stop!
Service\Driver key AppMgmt not found.
File %SystemRoot%\System32\appmgmts.dll not found.
Error: No service named WDICA was found to stop!
Service\Driver key WDICA not found.
Error: No service named qknfd was found to stop!
Service\Driver key qknfd not found.
File system32\drivers\qknfd.sys not found.
Error: No service named PDRFRAME was found to stop!
Service\Driver key PDRFRAME not found.
Error: No service named PDRELI was found to stop!
Service\Driver key PDRELI not found.
Error: No service named PDFRAME was found to stop!
Service\Driver key PDFRAME not found.
Error: No service named PDCOMP was found to stop!
Service\Driver key PDCOMP not found.
Error: No service named PCIDump was found to stop!
Service\Driver key PCIDump not found.
Error: No service named lbrtfdc was found to stop!
Service\Driver key lbrtfdc not found.
Error: No service named i2omgmt was found to stop!
Service\Driver key i2omgmt not found.
Error: No service named GTWModem was found to stop!
Service\Driver key GTWModem not found.
File system32\DRIVERS\GWMDM.sys not found.
Error: No service named cpuz136 was found to stop!
Service\Driver key cpuz136 not found.
File C:\Program Files\CPUID\PC Wizard 2013\pcwiz_x32.sys not found.
Error: No service named cpudrv was found to stop!
Service\Driver key cpudrv not found.
File C:\Program Files\SystemRequirementsLab\cpudrv.sys not found.
Error: No service named Changer was found to stop!
Service\Driver key Changer not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31090377-0740-419E-BEFC-A56E50500D5B}\ not found.
HKU\S-1-5-21-1606980848-1957994488-289805187-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKU\S-1-5-21-1606980848-1957994488-289805187-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-1606980848-1957994488-289805187-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1606980848-1957994488-289805187-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1606980848-1957994488-289805187-1003\Software\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31090377-0740-419E-BEFC-A56E50500D5B}\ not found.
C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions folder moved successfully.
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions folder moved successfully.
File C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\[email protected] not found.
File C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\[email protected] not found.
File C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\[email protected] not found.
File C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\[email protected] not found.
File C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi not found.
Folder C:\Program Files\Mozilla Firefox\browser\extensions\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
[EMPTYTEMP]
 
User: Administrator
 
User: Administrator.GATEWAY400VTX
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: All Users
 
User: ASPNET
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Guest
 
User: HelpAssistant
 
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Owner
->Temp folder emptied: 35219943 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 5355261 bytes
->Flash cache emptied: 492 bytes
 
User: SUPPORT_388945a0
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4534 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 39.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 09202014_140231

Files\Folders moved on Reboot...
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\alert_margin_left.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\alert_margin_left.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\alert_margin_right.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\alert_margin_right.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\alert_middle.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\alert_middle.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\award.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\award.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\back.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\back.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\background.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\background.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\background_award_flow.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\background_award_flow.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\background_install_steps.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\background_install_steps.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\background_tall.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\background_tall.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\background_uninstall.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\background_uninstall.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bd_logo.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bd_logo.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bg.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bg.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bg_AlertWindow.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bg_AlertWindow.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bg_header_image.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bg_header_image.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bg_number_events.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bg_number_events.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bg_number_events_active.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bg_number_events_active.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bg_number_events_hover.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\bg_number_events_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\big_picture.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\big_picture.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\big_shadow.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\big_shadow.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\btn_combo.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\btn_combo.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\btn_combo_active.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\btn_combo_active.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\btn_combo_disabled.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\btn_combo_disabled.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\btn_combo_hover.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\btn_combo_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\button.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\button.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\button_active.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\button_active.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\button_disabled.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\button_disabled.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\button_hover.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\button_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\checkbox_off.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\checkbox_off.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\checkbox_off_disabled.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\checkbox_off_disabled.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\checkbox_off_hover.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\checkbox_off_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\checkbox_on.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\checkbox_on.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\checkbox_on_disabled.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\checkbox_on_disabled.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\checkbox_on_hover.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\checkbox_on_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\close.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\close.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\delete_normal.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\delete_normal.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\details_button.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\details_button.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\feedback_banner.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\feedback_banner.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\flow_background.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\flow_background.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_alert.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_alert.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_critical.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_critical.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_critical_big.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_critical_big.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_done.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_done.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_done_big.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_done_big.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_informative.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_informative.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_notok.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_notok.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_ok.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_ok.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_sb.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_sb.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_skipped.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\icon_skipped.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\input_bg.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\input_bg.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\install_big_button.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\install_big_button.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\install_big_button_hover.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\install_big_button_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\install_button.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\install_button.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\install_button_hover.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\install_button_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\loader_install.gif scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\loader_install.gif.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\lock_normal.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\lock_normal.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\minimize.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\minimize.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\open_normal.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\open_normal.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\pending.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\pending.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\products_chart.jpg scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\products_chart.jpg.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\progress_bar_not_ok.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\progress_bar_not_ok.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\progress_bar_ok.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\progress_bar_ok.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\progress_bg.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\progress_bg.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\qs_scan_log.xsl scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\qs_scan_log.xsl.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\scroll_next.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\scroll_next.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\scroll_prev.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\scroll_prev.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\share_fb.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\share_fb.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\share_go.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\share_go.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\share_line.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\share_line.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\share_tabel.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\share_tabel.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\share_top_text.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\share_top_text.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\share_tw.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\share_tw.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\small_shadow.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\small_shadow.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\sswitch_off.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\sswitch_off.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\sswitch_on.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\sswitch_on.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\status_bg.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\status_bg.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\sys_btn.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\sys_btn.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\sys_btn_active.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\sys_btn_active.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\sys_btn_hover.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\sys_btn_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\tabs_bg_feedback.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\tabs_bg_feedback.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\tabs_bg_feedback_hover.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\tabs_bg_feedback_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\tabs_bg_left.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\tabs_bg_left.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\tabs_bg_left_hover.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\tabs_bg_left_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\tabs_bg_right.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\tabs_bg_right.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\tabs_bg_right_hover.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\tabs_bg_right_hover.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\top_header_bg.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\top_header_bg.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\unlock_normal.png scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\images\unlock_normal.png.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\award_flow1.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\award_flow1.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\award_flow2.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\award_flow2.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\bdHtmlBox.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\bdHtmlBox.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\cpptexts.xlf scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\cpptexts.xlf.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\en-US.exe scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\en-US.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\eula.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\eula.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\eula_text.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\eula_text.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\eula_text_en.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\eula_text_en.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\general.xlf scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\general.xlf.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\httpaph.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\httpaph.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\httpgeneric.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\httpgeneric.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\httpmalware.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\httpmalware.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\installer.xlf scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\installer.xlf.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\it-IT.exe scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\it-IT.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\lang.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\lang.xml.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\lang.xml.online scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\lang.xml.online.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\logs.xlf scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\logs.xlf.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\main.ui.css scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\main.ui.css.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\notifications.xlf scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\notifications.xlf.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\pt-BR.exe scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\pt-BR.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\rem_confirm.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\rem_confirm.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\rem_confirm_p.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\rem_confirm_p.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\repair_progress.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\repair_progress.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\ro-RO.exe scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\ro-RO.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\setup_progress.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\setup_progress.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\uninstall_progress.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\uninstall_progress.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\welcome.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\lang\welcome.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\ACA.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Ad-Aware.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Advanced_System_Protect.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\alading.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\AntiVir.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\avast5.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\AVG.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Avira.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\BackWeb-4476822.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\BBC.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Bitdefender 2011.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Bitdefender Anti-Theft.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Bitdefender Antivirus.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Bitdefender Bussiness Client.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Bitdefender Internet Security.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Bitdefender Total Security.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\BullGuard.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\cciss.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\COMODO.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\DRWEB.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\ESET.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\eTrust.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\F-Secure.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\G Data.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\GUIDs.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\JiangMin.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Kaspersky.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Kingsoft.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\kingsoftSafeguard.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\kv antivirus.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Lavasoft.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\McAfee.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\MicroPoint.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Microsoft Security Essentials.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Mobile.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\MSC.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Norman.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Norton.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\OfficeScan95.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\OfficeScanNT.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Panda.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\PC Tools.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Premium.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\qqpcmgr.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\qqprotect.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Rav.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\RFW.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Ris.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\safeguard360.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\ServerProtect.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\SunBelt.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Trend Micro.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\VETWIN32Vp5.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Virus.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\Webroot.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\WinSS.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\extern\ZoneAlarm.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\core\bdcore.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\core\bdcore.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\additional.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\additional.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\avcheck.exe scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\avcheck.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\bdardrv.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\bdardrv.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\bdmetrics.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\bdmetrics.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\bdnc.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\bdnc.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\bdnc.ini scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\bdnc.ini.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\bdnc.ipv4 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\bdselfpr.sys scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\bdselfpr.sys.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\contacts.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\contacts.xml.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\detection.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\gzflt.sys scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\gzflt.sys.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\gzfltum.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\gzfltum.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\htmlayout.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\htmlayout.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\Installer.exe scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\Installer.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\installerpackage.exe scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\installerpackage.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\install_x64.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\install_x64.xml.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\install_x86.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\install_x86.xml.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\no_connection.html scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\no_connection.html.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\npcomm.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\npcomm.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\qs_scan_log.xsl scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\qs_scan_log.xsl.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\servers.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\servers.xml.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\setuplauncher.exe scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\setuplauncher.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\standalone.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\standalone.xml.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\trufos.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\trufos.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\trufos.sys scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\trufos.sys.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\unrar.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\unrar.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\update.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\update.xml.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\update_config.xml scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\update_config.xml.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\UserGuide.pdf scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\UserGuide.pdf.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\WPFKickstarter.exe scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\WPFKickstarter.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\WPFKickstarter4.exe scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\WPFKickstarter4.exe.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\wslib.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\wslib.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\wspack.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\wspack.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\wsutils.dll scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\wsutils.dll.md5 scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Owner\Local Settings\Temp\gziface1.log scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 

 

 

 

 

Zoek.exe v5.0.0.0 Updated 20-September-2014
Tool run by Owner on Sat 09/20/2014 at 14:15:06.26.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Owner\My Documents\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

9/20/2014 2:19:37 PM Zoek.exe System Restore Point Created Succesfully.

==== Installed Programs ======================

Adobe Flash Player 15 Plugin  
Bitdefender Antivirus Free Edition  
CCleaner  
Google Update Helper  
GTW Modem  
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)  
Hotfix for Windows XP (KB954550-v5)  
InfraRecorder  
Intel® Extreme Graphics 2 Driver  
Malwarebytes Anti-Malware version 2.0.2.1012  
Microsoft .NET Framework 1.1  
Microsoft .NET Framework 1.1 Security Update (KB2416447)  
Microsoft .NET Framework 2.0 Service Pack 2  
Microsoft .NET Framework 3.0 Service Pack 2  
Microsoft .NET Framework 3.5 SP1  
Microsoft Base Smart Card Cryptographic Service Provider Package  
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9  
Mozilla Firefox 32.0.2 (x86 en-US)  
Mozilla Maintenance Service  
Prio  
Realtek AC'97 Audio  
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)  
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)  
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)  
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)  
Security Update for Windows XP (KB923789)  
swMSM  
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)  
VC80CRTRedist - 8.0.50727.6195  
VLC media player 2.1.3  
WebFldrs XP  
Windows Genuine Advantage Validation Tool (KB892130)  
Windows Management Framework Core  

==== Running Processes ======================

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Documents and Settings\Owner\My Documents\Downloads\zoek.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService

==== Services ======================

You do not have Microsoft .NET Framework 4.0(or higher) installed.
Download it here v4.0: http://www.microsoft...s.aspx?id=17851
Download it here v4.5: http://www.microsoft...s.aspx?id=30653

==== System Specs ======================

Windows: Windows XP Home Edition Service Pack 3 (Build 2600)
Memory (RAM): 1015 MB
CPU Info: Mobile Intel® Celeron® CPU 2.20GHz
CPU Speed: 2192.0 MHz
Sound Card: SigmaTel Audio |
Display Adapters: Intel® 82852/82855 GM/GME Graphics Controller | Intel® 82852/82855 GM/GME Graphics Controller | NetMeeting driver | RDPDD Chained DD
Monitors: 1x; Digital Flat Panel (1024x768) | Digital Flat Panel (1024x768) |
Screen Resolution: 1024 X 768 - 32 bit
Network: Network Present
Network Adapters: Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
CD / DVD Drives: 1x (D: | ) D: SlimtypeCOMBO LSC-24081M
Ports: COM Ports NOT Present. LPT1
Mouse: 2 Button Mouse Present
Hard Disks: C:  37.3GB
Hard Disks - Free: C:  31.6GB
Manufacturer *: Gateway
BIOS Info: AT/AT COMPATIBLE | 03/12/03 | GATEWA - 20030312
Time Zone: Central Standard Time
Motherboard *: Gateway                          Gateway 400VTX
Country: United States
Language: ENU

==== System Specs (Software) ======================

Anti-Virus: Bitdefender Antivirus Free Edition On-access scanning disabled (Updated)
Firewall:  enabled
Default Browser: Firefox    32.0.2
Internet Explorer version: 6.0.2900.5512
Mozilla Firefox version: 32.0.2 (x86 en-US)
Flash Player version: 15.0.0.152

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2014-09-14 19:07:34    A7B1A24695D553CEE3DC1C9A3B56DA32    26166    ----a-w-    C:\WINDOWS\SchedLgU.Txt
====== C:\DOCUME~1\Owner\LOCALS~1\Temp ====
====== Java Cache =====
====== C:\WINDOWS\system32 =====
2014-09-20 19:46:24    B6818A6F55437EB1B55698DD05E6A30D    80744    ----a-w-    C:\WINDOWS\System32\FNTCACHE.DAT
====== C:\WINDOWS\system32\drivers =====
2014-09-15 20:05:15    12E71DA845D76665B56753AD149E32B3    110296    ----a-w-    C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2014-09-15 20:04:16    AED25CDB09FB4E56F45DAF6C9A1D3ED3    53208    ----a-w-    C:\WINDOWS\System32\drivers\mbamchameleon.sys
2014-09-15 20:04:16    8683C1B450F4B3872839308D836E0F92    23256    ----a-w-    C:\WINDOWS\System32\drivers\mbam.sys
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
======= C: =====
====== C:\Documents and Settings\Owner\Application Data ======
2014-09-14 09:11:26    88CF0FF92A4A9FA7BD9B7513B2E9E22B    62    --sha-w-    C:\Documents and Settings\Administrator.GATEWAY400VTX\Application Data\desktop.ini
2014-09-14 09:11:25    --------    d-s---w-    C:\Documents and Settings\Administrator.GATEWAY400VTX\Application Data\Microsoft
2014-09-14 09:11:25    --------    d-----w-    C:\Documents and Settings\Administrator.GATEWAY400VTX\Local Settings\Application Data\Microsoft
2014-09-07 19:46:48    --------    d-----r-    C:\Documents and Settings\Owner\Start Menu\Programs\Administrative Tools
====== C:\Documents and Settings\Owner ======
2014-09-20 10:30:47    --------    d--h--r-    C:\Documents and Settings\Owner\Recent
2014-09-14 09:22:48    --------    d--h--r-    C:\Documents and Settings\Administrator.GATEWAY400VTX\Recent
2014-09-14 09:11:27    CBDA6984D2ECC537AEF07205AE001013    178    --sha-w-    C:\Documents and Settings\Administrator.GATEWAY400VTX\ntuser.ini
2014-09-14 09:11:25    --------    d-s---w-    C:\Documents and Settings\Administrator.GATEWAY400VTX\Cookies
2014-09-14 09:11:25    --------    d--h--w-    C:\Documents and Settings\Administrator.GATEWAY400VTX\Templates
2014-09-14 09:11:25    --------    d--h--w-    C:\Documents and Settings\Administrator.GATEWAY400VTX\PrintHood
2014-09-14 09:11:25    --------    d--h--w-    C:\Documents and Settings\Administrator.GATEWAY400VTX\NetHood
2014-09-14 09:11:25    --------    d--h--w-    C:\Documents and Settings\Administrator.GATEWAY400VTX\Local Settings
2014-09-14 09:11:25    --------    d--h--r-    C:\Documents and Settings\Administrator.GATEWAY400VTX\SendTo
2014-09-14 09:11:25    --------    d--h--r-    C:\Documents and Settings\Administrator.GATEWAY400VTX\Application Data
2014-09-14 09:11:25    --------    d-----w-    C:\Documents and Settings\Administrator.GATEWAY400VTX\My Documents
2014-09-14 09:11:25    --------    d-----w-    C:\Documents and Settings\Administrator.GATEWAY400VTX\Favorites
2014-09-14 09:11:25    --------    d-----w-    C:\Documents and Settings\Administrator.GATEWAY400VTX\Desktop
2014-09-14 09:11:25    --------    d-----r-    C:\Documents and Settings\Administrator.GATEWAY400VTX\Start Menu

====== C: exe-files ==
2014-09-20 08:20:56    CF35CD168C1BF3DD7276BDDBD97369D8    1027006    ----a-w-    C:\Documents and Settings\Owner\My Documents\Downloads\JRT.exe
2014-09-20 08:13:25    1B151CCE618BE06C22B55FD4B502B75E    1373475    ----a-w-    C:\Documents and Settings\Owner\My Documents\Downloads\AdwCleaner.exe
2014-09-19 10:43:53    4ADCFEE16EE9978F06157634669D36FB    602112    ----a-w-    C:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe
=== C: other files ==
2014-09-20 10:08:44    4A14C702FBE2F1301CC0A382FD548A7B    81546    ----a-w-    C:\_OTL\MovedFiles\09202014_140231\C_Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\[email protected]
2014-09-20 09:31:28    30815FC1FF0E28EFF252B15A03AEFCE2    126171    ----a-w-    C:\_OTL\MovedFiles\09202014_140231\C_Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\[email protected]
2014-09-20 09:31:17    AABDE142299853C2B551B54D97720D29    967685    ----a-w-    C:\_OTL\MovedFiles\09202014_140231\C_Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
2014-09-20 09:30:39    F77515EBF9C0757223203917ED7D6760    947620    ----a-w-    C:\_OTL\MovedFiles\09202014_140231\C_Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\[email protected]
2014-09-20 09:30:03    7D54A51D0C8B132900810B5D5CED39C0    314781    ----a-w-    C:\_OTL\MovedFiles\09202014_140231\C_Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\[email protected]
2014-09-15 20:05:15    12E71DA845D76665B56753AD149E32B3    110296    ----a-w-    C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2014-09-15 20:04:16    AED25CDB09FB4E56F45DAF6C9A1D3ED3    53208    ----a-w-    C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-09-15 20:04:16    8683C1B450F4B3872839308D836E0F92    23256    ----a-w-    C:\WINDOWS\system32\drivers\mbam.sys

==== Startup Registry Enabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="prio.dll"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GWMDMMSG]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GWMDMMSG"
"hkey"="HKLM"
"command"="GWMDMMSG.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\igfxhkcmd]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="igfxhkcmd"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\hkcmd.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\igfxtray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="igfxtray"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\igfxtray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]


==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [06/14/2014 11:24 PM]

==== Firefox Extensions ======================

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379
DFC9460CC37E5C414DC4680B10C19E7A    - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll -    Shockwave Flash
AB87EEFFD18F2BAAFC274E7075EA6C67    - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll -    Windows Presentation Foundation / Windows Presentation Foundation
28000D7EEB2FD95A36E1A7539F599C3B    - C:\Program Files\Windows Media Player\npdrmv2.dll -    Microsoft® DRM
5D41BCD19A3D90E4EBB58A6BFB79E4F7    - C:\Program Files\Windows Media Player\npdsplay.dll -    Windows Media Player Plug-in Dynamic Link Library
8B6884E3E1E5F8ABA5FA0C6A2B13181D    - C:\Program Files\Windows Media Player\npwmsdrm.dll -    Microsoft® DRM


==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on Sat 09/20/2014 at 14:23:16.92 ======================
 

Edited by reach1, 20 September 2014 - 02:36 PM.

[reach1]

Funny I have google update helper. I don't even have any programs from google. google helper is not in scheduled tasks or add/remove but it is in regedit. can I just delete google from regedit completely?

 

Ccleaner Drive Wiper. I just did a 3 pass wipe and it finished at 33%.

Edited by reach1, 20 September 2014 - 04:26 PM.

[Biscuithd]

Things are looking better

 

A couple of things. Please don't edit posts. I can't tell what you've added, changed, updated, etc. Just make an additional post with whatever corrections or updates you want me to see.

 

Next, please re-run OTL as in Post #2 and post the results for me. Also, how is the machine running?

[reach1]

ok, I I ran OTL again but this time only one window popped up just to let you know.

 

I would also let you know I don't have any games on this laptop at all or at least I should not.

Ccleaner Drive Wiper. I did a 3 pass wipe and it finished at 33% (I added this to my last post).

When I run defrag there is one fragmented folder that never gos away, this started like a month ago.

 

My computer is running a little better than before we started. For example there is a 2:33 youtube video I play "ALOT" just to check frames lost on before I was dropping 880 frames now im dropping around 650 frames. Some of my processing power has been freed up from something you did.

 

 

 

 

 

 

 

 

 

 

OTL logfile created on: 9/21/2014 1:41:32 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Owner\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1014.42 Mb Total Physical Memory | 764.65 Mb Available Physical Memory | 75.38% Memory free
2.38 Gb Paging File | 2.03 Gb Available in Paging File | 85.08% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 31.56 Gb Free Space | 84.72% Space Free | Partition Type: NTFS
 
Computer Name: GATEWAY400VTX | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/09/19 04:44:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe
PRC - [2013/10/23 18:24:25 | 000,235,728 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
PRC - [2013/10/23 18:24:25 | 000,057,520 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
PRC - [2008/04/14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/06/15 01:01:22 | 003,186,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2014/06/15 01:01:22 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2014/06/15 01:01:18 | 004,550,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2014/06/15 01:01:16 | 000,626,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2014/06/15 01:01:10 | 000,010,752 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2014/06/15 01:01:07 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2014/06/14 23:18:18 | 005,283,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
MOD - [2014/06/14 23:18:18 | 000,196,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
MOD - [2014/06/14 23:18:18 | 000,139,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.classic.dll
MOD - [2014/06/14 23:18:14 | 001,245,184 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
MOD - [2014/06/14 23:18:14 | 000,098,304 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
MOD - [2014/06/14 23:18:14 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
MOD - [2014/06/14 23:18:12 | 004,210,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
MOD - [2013/09/03 14:29:38 | 000,095,088 | ---- | M] () -- C:\Program Files\Bitdefender\Antivirus Free Edition\bdmetrics.dll
MOD - [2013/06/18 18:46:41 | 000,129,608 | ---- | M] () -- \\?\C:\Program Files\Bitdefender\Antivirus Free Edition\bdnc.dll
MOD - [2013/03/19 12:07:15 | 000,508,136 | ---- | M] () -- C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2014/09/18 23:55:50 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/09/09 15:26:47 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/23 18:24:25 | 000,057,520 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe -- (gzserv)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2014/05/13 17:02:25 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DrvAgent32.sys -- (DrvAgent32)
DRV - [2013/07/16 15:06:06 | 000,135,472 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys -- (bdselfpr)
DRV - [2013/05/28 12:11:21 | 000,355,744 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\trufos.sys -- (trufos)
DRV - [2013/04/22 13:20:34 | 000,164,952 | ---- | M] (BitDefender LLC) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\gzflt.sys -- (gzflt)
DRV - [2013/04/17 17:19:36 | 000,148,600 | ---- | M] (Bitdefender SRL) [Kernel | System | Running] -- C:\Program Files\Bitdefender\Antivirus Free Edition\bdftdif.sys -- (bdftdif)
DRV - [2013/04/17 14:59:04 | 000,633,344 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avc3.sys -- (avc3)
DRV - [2013/04/17 14:59:04 | 000,486,536 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avckf.sys -- (avckf)
DRV - [2012/11/02 14:17:14 | 000,242,504 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avchv.sys -- (avchv)
DRV - [2009/11/11 06:26:02 | 002,216,064 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51)
DRV - [2008/09/24 09:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2003/10/02 06:43:20 | 000,244,560 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stac97.sys -- (STAC97)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {31090377-0740-419E-BEFC-A56E50500D5B}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1606980848-1957994488-289805187-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKU\S-1-5-21-1606980848-1957994488-289805187-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-1606980848-1957994488-289805187-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1606980848-1957994488-289805187-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1606980848-1957994488-289805187-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.bing.com/"
FF - prefs.js..extensions.enabledAddons: 2.0%40disconnect.me:3.14.0
FF - prefs.js..extensions.enabledAddons: zoompage%40DW-dev:10.9
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/09/18 23:55:38 | 000,000,000 | ---D | M]
 
[2014/09/20 14:07:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2014/09/20 14:34:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions
[2014/09/20 14:32:14 | 000,947,620 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\[email protected]
[2014/09/20 14:32:52 | 000,126,171 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\[email protected]
[2014/09/20 14:34:05 | 000,314,781 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\[email protected]
[2014/09/20 14:33:24 | 000,081,546 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\[email protected]
[2014/09/20 14:32:41 | 000,967,685 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
 
O1 HOSTS File: ([2014/09/20 14:02:48 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1606980848-1957994488-289805187-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.5.22.0.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.43
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CC7B1CA5-90E8-4381-A54C-9C148FE0EAC6}: DhcpNameServer = 192.168.0.43
O20 - AppInit_DLLs: (prio.dll) - C:\Program Files\Prio\prio.dll (O&K Software)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/04/05 14:22:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/09/21 03:34:46 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2014/09/20 14:14:51 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2014/09/20 02:21:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/09/20 02:13:58 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/09/20 01:54:19 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/09/18 23:55:31 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/09/15 14:05:15 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/09/15 14:04:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/09/15 14:04:16 | 000,053,208 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2014/09/15 14:04:16 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2014/09/15 14:04:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/09/07 13:46:48 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Administrative Tools
[2014/08/30 15:04:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
 
========== Files - Modified Within 30 Days ==========
 
[2014/09/21 13:27:36 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014/09/21 13:26:02 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/09/21 13:21:49 | 000,012,984 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/09/21 13:21:44 | 000,080,744 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014/09/21 13:21:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/09/20 16:29:25 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/09/20 14:02:48 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2014/09/15 14:04:23 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/09/09 15:26:45 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014/09/09 15:26:41 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
 
========== Files Created - No Company Name ==========
 
[2014/09/21 13:21:44 | 000,080,744 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014/09/15 14:04:23 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/06/15 00:07:36 | 000,175,113 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1402812380.bdinstall.bin
[2014/06/14 22:55:15 | 000,099,995 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1402808078.bdinstall.bin
[2014/06/14 22:54:37 | 000,038,313 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1402808073.bdinstall.bin
[2014/06/14 22:11:40 | 000,271,632 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2014/06/14 19:24:49 | 000,266,618 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1606980848-1957994488-289805187-1003-0.dat
[2014/06/14 19:24:40 | 000,065,610 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2014/06/09 04:50:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\exctrlst.INI
[2014/06/02 23:57:55 | 000,000,278 | ---- | C] () -- C:\WINDOWS\prio.ini
[2014/05/29 20:56:02 | 001,067,008 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\file__0.localstorage
[2014/05/25 13:00:17 | 000,209,163 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1401044282.bdinstall.bin
[2014/05/25 12:44:58 | 000,096,374 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1401043447.bdinstall.bin
[2014/05/25 12:44:06 | 000,037,224 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1401043442.bdinstall.bin
[2014/05/24 23:31:03 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2014/05/24 22:46:47 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2014/05/20 01:24:30 | 000,000,008 | R--- | C] () -- C:\WINDOWS\System32\drivers\RtkHDAud.dat
[2014/05/14 18:54:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2014/05/14 00:27:27 | 000,170,649 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400048794.bdinstall.bin
[2014/05/14 00:26:14 | 000,126,614 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400048663.bdinstall.bin
[2014/05/14 00:12:12 | 000,042,109 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400047925.2220.bin
[2014/05/14 00:12:07 | 000,003,557 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400047925.2196.bin
[2014/05/14 00:12:07 | 000,003,012 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400047925.2200.bin
[2014/05/14 00:12:05 | 000,042,309 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400047925.2116.bin
[2014/05/14 00:12:05 | 000,037,729 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400047919.bdinstall.bin
[2014/05/14 00:09:18 | 000,177,984 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400047705.bdinstall.bin
[2014/05/13 23:43:49 | 000,008,071 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400046219.3892.bin
[2014/05/13 23:43:44 | 000,002,406 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400046219.3836.bin
[2014/05/13 23:43:44 | 000,001,361 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400046219.3708.bin
[2014/05/13 23:43:39 | 000,039,404 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400046219.3796.bin
[2014/05/13 23:43:37 | 000,037,481 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400046213.bdinstall.bin
[2014/05/13 23:14:53 | 000,034,506 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400044373.bdinstall.bin
[2014/05/13 23:14:27 | 000,032,027 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400044454.bdinstall.bin
[2014/05/13 23:13:13 | 000,213,838 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400044038.bdinstall.bin
[2014/05/13 22:40:23 | 000,044,828 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400042371.bdinstall.bin
[2014/05/13 22:20:03 | 000,044,960 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1400041171.bdinstall.bin
[2014/05/09 08:26:08 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2014/05/09 07:45:42 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014/04/05 17:04:45 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2014/04/05 14:24:50 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2014/04/05 14:19:09 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2014/04/05 08:07:04 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
 
========== ZeroAccess Check ==========
 
[2014/05/08 16:07:41 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2014/02/24 21:30:52 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 06:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 04:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2014/05/18 21:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\bdch
[2014/05/12 17:43:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2014/05/13 23:22:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\QuickScan
[2014/06/15 00:10:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\QuickScan
[2014/05/13 20:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DriverFinder
[2014/05/19 22:12:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Easeware
[2014/06/21 22:26:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InfraRecorder
[2014/05/09 03:40:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\MSNInstaller
[2014/05/14 16:18:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Oracle
[2014/05/13 23:08:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\QuickScan
[2014/05/14 19:20:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TreeCardGames
[2014/05/08 18:23:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Windows Search
 
========== Purity Check ==========
 
 

< End of report >

[Biscuithd]

Looking better

 

Next step.

 

Scan with ComboFix

This is a very powerful tool that should be used only if advised by Malware Analyst.
Do not run ComboFix on your own!

Referring to this instruction, please download ComboFix by sUBs and save it to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

• Right-click on icon and select Run as Administrator to start the tool.
• Accept the disclaimer and agree if prompted to install Recovery Console.
• Do not take any actions while ComboFix goes through your System - it may cause it to stall!
• This scan may take some time!
• When finished - it will display a logfile (located also on your main drive, usually C:\ComboFix.txt).

Include that log in your next reply.
If you'll encounter any issues with internet connection after running ComboFix, please visit this link.
If an error about operation on the key marked for deletion will appear after running the tool, please reboot your machine.

 

[reach1]

ComboFix 14-09-22.01 - Owner 09/22/2014  15:40:35.1.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.1014.658 [GMT -6:00]
Running from: c:\documents and settings\Owner\My Documents\Downloads\ComboFix.exe
AV: Bitdefender Antivirus Free Edition *Disabled/Updated* {9488E0FA-F058-4673-850E-E755F112BABC}
FW:  *Enabled* {9488E0FA-F058-4673-850E-E755F112BABC}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\docume~1\Owner\LOCALS~1\Temp\RarSFX0\additional.dll
c:\docume~1\Owner\LOCALS~1\Temp\RarSFX0\avcheck.exe
c:\docume~1\Owner\LOCALS~1\Temp\RarSFX0\bdardrv.dll
c:\docume~1\Owner\LOCALS~1\Temp\RarSFX0\bdmetrics.dll
c:\docume~1\Owner\LOCALS~1\Temp\RarSFX0\bdnc.dll
c:\docume~1\Owner\LOCALS~1\Temp\RarSFX0\bdselfpr.sys
c:\docume~1\Owner\LOCALS~1\Temp\RarSFX0\core\bdcore.dll
c:\docume~1\Owner\LOCALS~1\Temp\RarSFX0\gzflt.sys
c:\docume~1\Owner\LOCALS~1\Temp\RarSFX0\gzfltum.dll
c:\docume~1\Owner\LOCALS~1\Temp\RarSFX0\htmlayout.dll
c:\docume~1\Owner\LOCALS~1\Temp\RarSFX0\Installer.exe
c:\docume~1\Owner\LOCALS~1\Temp\RarSFX0\installerpackage.exe
c:\docume~1\Owner\LOCALS~1\Temp\RarSFX0\lang\en-US.exe
c:\docume~1\Owner\LOCALS~1\Temp\RarSFX0\lang\it-IT.exe
c:\docume~1\Owner\LOCALS~1\Temp\RarSFX0\lang\pt-BR.exe
c:\docume~1\Owner\LOCALS~1\Temp\RarSFX0\lang\ro-RO.exe
c:\docume~1\Owner\LOCALS~1\Temp\RarSFX0\npcomm.dll
c:\docume~1\Owner\LOCALS~1\Temp\RarSFX0\setuplauncher.exe
c:\docume~1\Owner\LOCALS~1\Temp\RarSFX0\trufos.dll
c:\docume~1\Owner\LOCALS~1\Temp\RarSFX0\trufos.sys
c:\docume~1\Owner\LOCALS~1\Temp\RarSFX0\unrar.dll
c:\docume~1\Owner\LOCALS~1\Temp\RarSFX0\WPFKickstarter.exe
c:\docume~1\Owner\LOCALS~1\Temp\RarSFX0\WPFKickstarter4.exe
c:\docume~1\Owner\LOCALS~1\Temp\RarSFX0\wslib.dll
c:\docume~1\Owner\LOCALS~1\Temp\RarSFX0\wspack.dll
c:\docume~1\Owner\LOCALS~1\Temp\RarSFX0\wsutils.dll
c:\documents and settings\All Users\Application Data\1400041171.bdinstall.bin
c:\documents and settings\All Users\Application Data\1400042371.bdinstall.bin
c:\documents and settings\All Users\Application Data\1400044038.bdinstall.bin
c:\documents and settings\All Users\Application Data\1400044373.bdinstall.bin
c:\documents and settings\All Users\Application Data\1400044454.bdinstall.bin
c:\documents and settings\All Users\Application Data\1400046213.bdinstall.bin
c:\documents and settings\All Users\Application Data\1400046219.3708.bin
c:\documents and settings\All Users\Application Data\1400046219.3796.bin
c:\documents and settings\All Users\Application Data\1400046219.3836.bin
c:\documents and settings\All Users\Application Data\1400046219.3892.bin
c:\documents and settings\All Users\Application Data\1400047705.bdinstall.bin
c:\documents and settings\All Users\Application Data\1400047919.bdinstall.bin
c:\documents and settings\All Users\Application Data\1400047925.2116.bin
c:\documents and settings\All Users\Application Data\1400047925.2196.bin
c:\documents and settings\All Users\Application Data\1400047925.2200.bin
c:\documents and settings\All Users\Application Data\1400047925.2220.bin
c:\documents and settings\All Users\Application Data\1400048663.bdinstall.bin
c:\documents and settings\All Users\Application Data\1400048794.bdinstall.bin
c:\documents and settings\All Users\Application Data\1401043442.bdinstall.bin
c:\documents and settings\All Users\Application Data\1401043447.bdinstall.bin
c:\documents and settings\All Users\Application Data\1401044282.bdinstall.bin
c:\documents and settings\All Users\Application Data\1402808073.bdinstall.bin
c:\documents and settings\All Users\Application Data\1402808078.bdinstall.bin
c:\documents and settings\All Users\Application Data\1402812380.bdinstall.bin
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Owner\Local Settings\Temp\RarSFX0\additional.dll
c:\documents and settings\Owner\Local Settings\Temp\RarSFX0\avcheck.exe
c:\documents and settings\Owner\Local Settings\Temp\RarSFX0\bdardrv.dll
c:\documents and settings\Owner\Local Settings\Temp\RarSFX0\bdmetrics.dll
c:\documents and settings\Owner\Local Settings\Temp\RarSFX0\bdnc.dll
c:\documents and settings\Owner\Local Settings\Temp\RarSFX0\bdselfpr.sys
c:\documents and settings\Owner\Local Settings\Temp\RarSFX0\core\bdcore.dll
c:\documents and settings\Owner\Local Settings\Temp\RarSFX0\gzflt.sys
c:\documents and settings\Owner\Local Settings\Temp\RarSFX0\gzfltum.dll
c:\documents and settings\Owner\Local Settings\Temp\RarSFX0\htmlayout.dll
c:\documents and settings\Owner\Local Settings\Temp\RarSFX0\Installer.exe
c:\documents and settings\Owner\Local Settings\Temp\RarSFX0\installerpackage.exe
c:\documents and settings\Owner\Local Settings\Temp\RarSFX0\lang\en-US.exe
c:\documents and settings\Owner\Local Settings\Temp\RarSFX0\lang\it-IT.exe
c:\documents and settings\Owner\Local Settings\Temp\RarSFX0\lang\pt-BR.exe
c:\documents and settings\Owner\Local Settings\Temp\RarSFX0\lang\ro-RO.exe
c:\documents and settings\Owner\Local Settings\Temp\RarSFX0\npcomm.dll
c:\documents and settings\Owner\Local Settings\Temp\RarSFX0\setuplauncher.exe
c:\documents and settings\Owner\Local Settings\Temp\RarSFX0\trufos.dll
c:\documents and settings\Owner\Local Settings\Temp\RarSFX0\trufos.sys
c:\documents and settings\Owner\Local Settings\Temp\RarSFX0\unrar.dll
c:\documents and settings\Owner\Local Settings\Temp\RarSFX0\WPFKickstarter.exe
c:\documents and settings\Owner\Local Settings\Temp\RarSFX0\WPFKickstarter4.exe
c:\documents and settings\Owner\Local Settings\Temp\RarSFX0\wslib.dll
c:\documents and settings\Owner\Local Settings\Temp\RarSFX0\wspack.dll
c:\documents and settings\Owner\Local Settings\Temp\RarSFX0\wsutils.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_GLOBALUPDATE
.
.
(((((((((((((((((((((((((   Files Created from 2014-08-22 to 2014-09-22  )))))))))))))))))))))))))))))))
.
.
2014-09-20 20:14 . 2014-09-20 20:14    --------    d-----w-    C:\zoek_backup
2014-09-20 08:21 . 2014-09-20 08:21    --------    d-----w-    c:\windows\ERUNT
2014-09-20 08:13 . 2014-09-20 09:57    --------    d-----w-    C:\AdwCleaner
2014-09-20 07:54 . 2014-09-20 07:54    --------    d-----w-    C:\_OTL
2014-09-15 20:05 . 2014-09-20 22:29    110296    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-09-15 20:04 . 2014-05-12 13:26    53208    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2014-09-15 20:04 . 2014-05-12 13:25    23256    ----a-w-    c:\windows\system32\drivers\mbam.sys
2014-09-15 20:04 . 2014-09-15 20:04    --------    d-----w-    c:\program files\Malwarebytes Anti-Malware
2014-09-14 09:11 . 2014-09-14 09:22    --------    d-----w-    c:\documents and settings\Administrator.GATEWAY400VTX
2014-08-30 21:04 . 2014-08-30 21:04    --------    d-----w-    c:\documents and settings\All Users\Application Data\Malwarebytes
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-09 21:26 . 2014-06-13 23:40    701104    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2014-09-09 21:26 . 2014-06-13 23:40    71344    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-02-07 118784]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2006-02-07 13:36    77824    ----a-w-    c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
2006-02-07 14:39    94208    ----a-w-    c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"LmHosts"=2 (0x2)
"ERSvc"=2 (0x2)
"WZCSVC"=2 (0x2)
"RasMan"=3 (0x3)
"ALG"=3 (0x3)
"wuauserv"=2 (0x2)
"helpsvc"=2 (0x2)
"seclogon"=2 (0x2)
"lanmanserver"=2 (0x2)
"TermService"=3 (0x3)
"WebClient"=2 (0x2)
"W32Time"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R0 avc3;avc3;c:\windows\system32\drivers\avc3.sys [6/15/2014 12:07 AM 633344]
R1 gzflt;gzflt;c:\windows\system32\drivers\gzflt.sys [6/15/2014 12:06 AM 164952]
R2 gzserv;Bitdefender Antivirus Free Edition;c:\program files\Bitdefender\Antivirus Free Edition\gzserv.exe [6/15/2014 12:07 AM 57520]
R3 avchv;avchv Function Driver;c:\windows\system32\drivers\avchv.sys [6/15/2014 12:07 AM 242504]
R3 avckf;avckf;c:\windows\system32\drivers\avckf.sys [6/15/2014 12:07 AM 486536]
S3 CFcatchme;CFcatchme;\??\c:\combofix\CFcatchme.sys --> c:\combofix\CFcatchme.sys [?]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [5/13/2014 5:02 PM 23456]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2014-09-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-13 21:26]
.
.
------- Supplementary Scan -------
.
uStart Page =
mStart Page = www.google.com
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 192.168.0.43
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\
FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com/
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-GWMDMMSG - GWMDMMSG.exe
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Common Files\Java\Java Update\jusched.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-09-22 15:55
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ...
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Bitdefender\Antivirus Free Edition\gziface.exe
c:\program files\Bitdefender\Antivirus Free Edition\update.exe
.
**************************************************************************
.
Completion time: 2014-09-22  15:59:41 - machine was rebooted
ComboFix-quarantined-files.txt  2014-09-22 21:59
.
Pre-Run: 33,783,910,400 bytes free
Post-Run: 33,588,420,608 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 533AE823A38CAC5672082726A3014917
8F558EB6672622401DA993E1E865C861
 

[reach1]

Now my computer is dramatically slower than its ever been.