Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Malware + Firewall Disabled? [Solved]


  • This topic is locked This topic is locked

#1
HelpNeeded911

HelpNeeded911

    Member

  • Member
  • PipPip
  • 80 posts

My browsers (Internet Explorer and Chrome) were running very slowly, so I ran Malwarebytes which found approximately 300 infected objects. This helped tremendously, but now I wonder if the computer is still infected. Also, Windows shows that my firewall is disabled. However, Norton 360 says otherwise. Thanks for your help! 

 

OTL logfile created on: 10/2/2014 12:43:45 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Chad Frame\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1022.09 Mb Total Physical Memory | 216.08 Mb Available Physical Memory | 21.14% Memory free
2.40 Gb Paging File | 1.17 Gb Available in Paging File | 48.59% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.00 Gb Total Space | 106.76 Gb Free Space | 71.65% Space Free | Partition Type: NTFS
 
Computer Name: DELL-3CCD218591 | User Name: Chad Frame | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/10/02 12:42:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chad Frame\Desktop\OTL.exe
PRC - [2014/09/21 06:17:47 | 000,265,040 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\21.6.0.32\n360.exe
PRC - [2014/09/12 14:14:56 | 004,812,048 | ---- | M] (TeamViewer GmbH) -- c:\Program Files\TeamViewer\Version9\TeamViewer_Desktop.exe
PRC - [2014/09/12 14:14:55 | 013,559,056 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer.exe
PRC - [2014/09/12 14:14:55 | 004,799,760 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014/09/12 14:00:53 | 000,229,648 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\tv_w32.exe
PRC - [2014/07/25 12:52:40 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/05/12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
PRC - [2008/04/14 09:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/03/22 22:20:44 | 000,339,968 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/01/02 02:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/11/02 03:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 03:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/04 21:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2008/04/14 09:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 09:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc -- (gupdatem)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /svc -- (gupdate)
SRV - [2014/10/02 11:19:11 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/09/24 01:09:08 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/09/21 06:17:47 | 000,265,040 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\21.6.0.32\N360.exe -- (N360)
SRV - [2014/09/12 14:14:55 | 004,799,760 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014/07/25 12:52:40 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [File_System | On_Demand | Stopped] -- C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys -- (WinRing0_1_2_0)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (bvrp_pci)
DRV - [2014/10/02 12:50:27 | 000,110,296 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2014/09/12 18:11:20 | 001,137,368 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140912.003\BHDrvx86.sys -- (BHDrvx86)
DRV - [2014/09/09 02:17:59 | 000,378,672 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2014/09/09 02:17:59 | 000,111,408 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014/08/29 11:18:52 | 000,448,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140930.003\IDSXpx86.sys -- (IDSxpx86)
DRV - [2014/08/25 22:20:22 | 000,664,792 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\N360\1506000.020\srtsp.sys -- (SRTSP)
DRV - [2014/08/25 22:20:22 | 000,032,984 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1506000.020\srtspx.sys -- (SRTSPX)
DRV - [2014/08/21 02:51:57 | 001,636,696 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20141001.023\NAVEX15.SYS -- (NAVEX15)
DRV - [2014/08/21 02:51:56 | 000,095,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20141001.023\NAVENG.SYS -- (NAVENG)
DRV - [2014/08/06 15:48:16 | 000,209,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1506000.020\ironx86.sys -- (SymIRON)
DRV - [2014/05/12 07:26:02 | 000,053,208 | ---- | M] (Malwarebytes Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV - [2014/05/12 07:25:54 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2014/03/04 00:18:12 | 000,936,152 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\1506000.020\symefa.sys -- (SymEFA)
DRV - [2014/02/17 21:32:41 | 000,423,256 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1506000.020\symtdi.sys -- (SYMTDI)
DRV - [2014/01/17 19:36:45 | 000,142,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013/09/25 22:50:25 | 000,127,064 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1506000.020\ccsetx86.sys -- (ccSet_N360)
DRV - [2013/09/09 22:47:26 | 000,367,704 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\1506000.020\symds.sys -- (SymDS)
DRV - [2009/12/30 11:20:56 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2005/06/14 21:40:08 | 000,180,864 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/03/30 03:03:06 | 001,035,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003/11/17 19:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 19:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 19:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{3d29c02b-bf3e-4d3b-8a7a-e0e7d0f6dbab}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKLM\..\SearchScopes\{6DBF2236-2ECB-41F6-B9EC-D84DC07F0D93}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{E8B77240-5365-43A3-8276-630338489ABA}: "URL" = http://startsear.ch/...q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: {3f2ae504-aa17-4805-90e8-56e48f98731c} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {6DBF2236-2ECB-41F6-B9EC-D84DC07F0D93}
IE - HKCU\..\SearchScopes\{6DBF2236-2ECB-41F6-B9EC-D84DC07F0D93}: "URL" = http://www.google.co...1I7ADFA_enUS467
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0.3
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014/10/02 10:51:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2014/10/02 09:51:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Chad Frame\Application Data\Mozilla\Extensions
[2014/10/02 10:01:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Chad Frame\Application Data\Mozilla\Firefox\Profiles\y0gfxcyh.default\extensions
[2012/10/12 19:07:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014/10/02 09:42:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/10/02 09:42:58 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2012/11/14 22:47:28 | 000,000,788 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\21.6.0.32\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\21.6.0.32\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\21.6.0.32\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\21.6.0.32\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\windows\stsystra.exe (SigmaTel, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.67.2)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{60CC3C96-80E3-471F-9789-9FCC2B267EF5}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Chad Frame\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Chad Frame\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/10/02 12:42:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Chad Frame\Desktop\OTL.exe
[2014/10/02 10:21:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2014/10/02 10:20:58 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2014/10/02 09:56:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Auslogics
[2014/10/02 09:55:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics
[2014/10/02 09:55:26 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics
[2014/10/02 09:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad Frame\Application Data\Mozilla
[2014/10/02 09:43:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2014/10/02 09:43:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2014/09/29 17:41:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2014/09/29 17:09:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Java
[2014/09/29 16:36:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad Frame\Application Data\MSNInstaller
[2014/09/29 15:55:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad Frame\Local Settings\Application Data\VS Revo Group
[2014/09/29 15:51:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro
[2014/09/29 15:51:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\VS Revo Group
[2014/09/29 15:51:45 | 000,027,064 | ---- | C] (VS Revo Group) -- C:\windows\System32\drivers\revoflt.sys
[2014/09/29 15:51:36 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2014/09/29 14:37:05 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\MBAMSwissArmy.sys
[2014/09/29 14:31:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/09/29 14:29:54 | 000,053,208 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamchameleon.sys
[2014/09/29 14:29:53 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2014/09/29 14:29:38 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/09/29 14:29:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2014/09/29 13:50:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2014/09/29 13:50:11 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/09/29 13:22:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chad Frame\Application Data\TeamViewer
[2014/09/29 13:22:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 9
[2014/09/29 13:21:40 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2014/09/24 10:58:14 | 000,000,000 | -HSD | C] -- C:\found.013
[2014/09/17 17:38:42 | 000,000,000 | -HSD | C] -- C:\found.012
[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/10/02 12:58:03 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/10/02 12:50:27 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\MBAMSwissArmy.sys
[2014/10/02 12:42:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chad Frame\Desktop\OTL.exe
[2014/10/02 12:25:00 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/10/02 10:50:11 | 000,000,288 | ---- | M] () -- C:\windows\tasks\Game_Booster_AutoUpdate.job
[2014/10/02 10:50:10 | 000,000,890 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/10/02 10:50:10 | 000,000,232 | ---- | M] () -- C:\windows\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/10/02 10:49:55 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2014/10/02 10:10:52 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Chad Frame\Desktop\Internet.lnk
[2014/10/02 09:55:34 | 000,000,822 | ---- | M] () -- C:\Documents and Settings\Chad Frame\Desktop\Auslogics DiskDefrag.lnk
[2014/10/02 09:43:04 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Internet.lnk
[2014/10/02 03:23:01 | 000,001,851 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton 360 Premier Edition.LNK
[2014/10/02 03:21:10 | 000,626,391 | ---- | M] () -- C:\windows\System32\drivers\N360\1506000.020\Cat.DB
[2014/10/01 17:10:01 | 000,002,206 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2014/10/01 05:12:00 | 000,045,746 | ---- | M] () -- C:\windows\System32\drivers\N360\1506000.020\VT20141001.003
[2014/09/29 16:23:27 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Chad Frame\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/09/29 15:15:03 | 000,444,494 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2014/09/29 15:15:02 | 000,072,370 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2014/09/29 15:07:29 | 000,282,128 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2014/09/29 13:50:16 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2014/09/25 17:39:00 | 000,000,284 | ---- | M] () -- C:\windows\tasks\AppleSoftwareUpdate.job
[2014/09/21 06:28:12 | 000,000,172 | ---- | M] () -- C:\windows\System32\drivers\N360\1506000.020\isolate.ini
[2014/09/08 18:00:00 | 000,000,226 | ---- | M] () -- C:\windows\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/10/02 10:10:52 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Chad Frame\Desktop\Internet.lnk
[2014/10/02 09:59:19 | 000,000,830 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/10/02 09:55:32 | 000,000,822 | ---- | C] () -- C:\Documents and Settings\Chad Frame\Desktop\Auslogics DiskDefrag.lnk
[2014/10/02 09:43:03 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2014/10/02 09:43:03 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Internet.lnk
[2014/09/29 17:45:03 | 000,225,262 | ---- | C] () -- C:\windows\System32\dllcache\msimain.sdb
[2014/09/29 13:50:16 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2014/07/20 20:38:21 | 000,000,394 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2013/01/07 00:09:15 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Chad Frame\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/11/01 18:04:01 | 000,044,268 | -H-- | C] () -- C:\windows\System32\mlfcache.dat
[2012/01/18 17:50:09 | 000,103,784 | ---- | C] () -- C:\Documents and Settings\Chad Frame\GoToAssistDownloadHelper.exe
[2012/01/16 21:02:36 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Chad Frame\Local Settings\Application Data\fusioncache.dat
 
========== ZeroAccess Check ==========
 
[2012/01/16 18:51:41 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 09:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 09:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012/09/22 10:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2014/07/20 20:43:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\31c4f1c7753df4ef
[2014/10/02 09:56:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Auslogics
[2014/08/26 15:02:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avg_Update_0814tb
[2012/10/12 19:07:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2014/09/29 17:26:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Big Fish Games
[2013/06/10 12:49:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/07/11 11:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Firefly Studios
[2012/10/14 15:48:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2014/01/17 18:19:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2013/05/18 10:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2014/09/29 15:51:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VS Revo Group
[2012/01/16 22:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/10/12 19:07:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad Frame\Application Data\Babylon
[2013/01/15 19:08:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad Frame\Application Data\enchant
[2012/10/14 14:14:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad Frame\Application Data\LolClient
[2014/09/29 16:36:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad Frame\Application Data\MSNInstaller
[2014/09/29 13:22:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad Frame\Application Data\TeamViewer
[2012/01/23 23:58:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chad Frame\Application Data\Utherverse
 
========== Purity Check ==========
 
 
 
< End of report >
 

 


  • 0

Advertisements


#2
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Sorry that it has taken so long to respond to your post.

 

We have been very busy lately. However, I have time and desire to help you :thumbsup:

 

While I assess the log you posted, would you look for (it's in the same location as the OTL.txt file) the Extras.txt file and post that for me please?


  • 0

#3
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Ok, let's get started :)     (Also, still go ahead and post the Extras.txt when you get a chance)

 

51a5d669693dd-icon_OTL.png Fix with OTL

Please re-run OTL with this removal script included.



icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

  • Right-click on 51a5d669693dd-icon_OTL.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Under the Custom Scans/Fixes bar in the box paste in the following:
    
    :COMMANDS
    
    [CREATERESTOREPOINT]
    :OTL
    
    SRV - File not found [Auto | Stopped] -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
    
    SRV - File not found [On_Demand | Stopped] -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
    
    SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
    
    SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc -- (gupdatem)
    
    SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /svc -- (gupdate)
    
    DRV - File not found [File_System | On_Demand | Stopped] -- C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys -- (WinRing0_1_2_0)
    
    DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
    
    DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
    
    DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
    
    DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
    
    DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
    
    DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
    
    DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
    
    DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
    
    DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
    
    DRV - File not found [Kernel | On_Demand | Stopped] --  -- (bvrp_pci)
    
    IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
    
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
    
    IE - HKLM\..\SearchScopes\{3d29c02b-bf3e-4d3b-8a7a-e0e7d0f6dbab}: "URL" = http://search.mywebs...r={searchTerms}
    
    IE - HKLM\..\SearchScopes\{6DBF2236-2ECB-41F6-B9EC-D84DC07F0D93}: "URL" = http://www.google.co...g}&sourceid=ie7
    
    IE - HKLM\..\SearchScopes\{E8B77240-5365-43A3-8276-630338489ABA}: "URL" = http://startsear.ch/...q={searchTerms}
    
    IE - HKCU\..\URLSearchHook: {3f2ae504-aa17-4805-90e8-56e48f98731c} - No CLSID value found
    
    IE - HKCU\..\SearchScopes,DefaultScope = {6DBF2236-2ECB-41F6-B9EC-D84DC07F0D93}
    
    IE - HKCU\..\SearchScopes\{6DBF2236-2ECB-41F6-B9EC-D84DC07F0D93}: "URL" = http://www.google.co...1I7ADFA_enUS467
    
    FF - user.js - File not found
    
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
    
    FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
    
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll File not found
    
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll File not found
    
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    
    O4 - HKLM..\Run: []  File not found
    
    O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
    :COMMANDS
    
    [RESETHOSTS]
    
    [EMPTYTEMP]
    
    [REBOOT]
  • Push Run Fix and wait patiently.
  • If asked to reboot, please allow it to.
  • A notepad window with a logfile will open after this run. It will be also saved in _OTL\MovedFiles directory on your main drive as (date)_(time).log.

Please include the content of this logfile in your next reply.

 

 

adwcleaner_new.png Scan with AdwCleaner
 
Please download AdwCleaner by Xplode and save the file to your desktop.
 
  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and click Scan.
  • Upon completion, click Report. A log (AdwCleaner[R*].txt) will open.
 
Please include the contents of that file in your reply.
 
JRTbythisisu.png Fix with Junkware Removal Tool
 
Please download JRT by Thisisu and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
 
  • Right-click on JRTbythisisu.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and let this process run uninterrupted.
  • This scan can take a while, depending on your System specs.
  • Upon completion, a log (JRT.txt) will open on your desktop.
 
Please include the contents of that file in your reply.
 
Do not forget to re-enable your previously switched off protection software!
Please also manually reboot your machine after this procedure.

 

51a612a8b27e2-Zoek.png Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.



  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    createsrpoint;
    
    process;
    
    services-list;
    
    systemspecs;
    
    startupall;
    
    skipfix-iedefaults;
    
    firefoxlook;
    
    chromelook;
    
    filesrcm;
    
    installedprogs;
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

 

 


  • 0

#4
HelpNeeded911

HelpNeeded911

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts

Sorry that it has taken so long to respond to your post.

 

We have been very busy lately. However, I have time and desire to help you :thumbsup:

 

While I assess the log you posted, would you look for (it's in the same location as the OTL.txt file) the Extras.txt file and post that for me please?

No problem! Here's that log. Thanks again! :wave:

 

OTL Extras logfile created on: 10/2/2014 12:43:45 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Chad Frame\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1022.09 Mb Total Physical Memory | 216.08 Mb Available Physical Memory | 21.14% Memory free
2.40 Gb Paging File | 1.17 Gb Available in Paging File | 48.59% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.00 Gb Total Space | 106.76 Gb Free Space | 71.65% Space Free | Partition Type: NTFS
 
Computer Name: DELL-3CCD218591 | User Name: Chad Frame | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\TeamViewer\Version9\TeamViewer.exe" = C:\Program Files\TeamViewer\Version9\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1CB34CE9-0E6B-493F-BB66-3425E5DF76E5}" = CP_CalendarTemplates1
"{23B35809-5E4A-4F14-8332-1CDEDDFAC089}" = CP_Package_Variety2
"{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 67
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2A548002-9042-4083-A270-B67473DE1073}" = SkinsHP1
"{31263605-FC84-4787-B847-BA445B147E24}" = ScannerCopy
"{34F3FCF1-817B-4D61-B6AF-19D9486AFEA0}" = Unload
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{390FF986-468D-4CA9-8830-2C4B313F447F}" = ATI Parental Control
"{3CF99DC3-38FD-46E6-A6B4-9C70074E020C}" = DocumentViewer
"{3FE0CFAB-584A-4AA5-B8CD-C32284CFA308}" = RandMap
"{4462265B-3DC7-44AD-B56D-D09BA67BA422}" = 6300
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{494D17B5-3369-4905-8C4B-80C972C5E0FF}" = CP_Panorama1Config
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CEA6811-DFAD-4892-828D-49941FE3B779}" = Intel® PROSet for Wired Connections
"{51D386C4-0227-46A9-AC45-61F0A50E7AFF}" = Rome - Total War
"{522D1D79-9C0A-4361-91F8-2AFF8EC6C2E1}" = CP_Package_Variety1
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{54F0998F-73C8-4b51-8286-FE903C231BED}" = cp_PosterPrintConfig
"{5E730665-26CF-4cd5-BBDC-D005665B01F6}" = ps_app_npi_software
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 3.1.1
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{730837D4-FF5E-48DB-BA49-33E732DFF0B3}" = PanoStandAlone
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{766633B3-1AFA-44B6-A3FC-1DE991CD9C52}" = CP_Package_Basic1
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79F8E1D4-36C1-439C-95FA-F695050B5B07}" = Sonic_PrimoSDK
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{869C3062-4745-4949-B6C9-98AF24D89030}" = PhotoGallery
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (English) 14
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{93F54611-2701-454e-94AB-623F458D9E6B}" = DeviceDiscovery
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{994E24A6-EC47-4201-8D0B-D4563B7AD66B}" = CivCity
"{9D4ABB0C-F60B-44A6-956C-A4A63D5495C9}" = CueTour
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{B11E71BA-498C-42D4-9F1A-9D7A89D9DA61}" = CP_AtenaShokunin1Config
"{B57F2FF0-5A25-4332-B503-4592B370C02F}" = CP_Package_Variety3
"{BB7DEA41-298E-450B-9C3A-E7B48D9D021B}" = 6300_Help
"{BBD3BF67-5B89-4CBB-BA58-5818ED5F3290}" = cp_OnlineProjectsConfig
"{BF4E9ED0-EF26-4A4C-A123-6A6A1ABEE411}" = DocProc
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C6812939-B117-48E6-A3BA-1709C14A3C8C}" = Scan
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{C98E8D9D-21DE-4F87-A9B7-142BB89840FC}" = Toolbox
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF911E7B-1B9D-4e1c-8534-60E70FA45BC1}" = ps_app_npi_software_req
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{DA1CD94B-826A-4bba-AC46-EF352F47BC81}" = InstantShareDevices
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics DiskDefrag
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F2AB49F2-D632-446C-9A6E-5B4A98DFF13B}" = 6300Trb
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FCD9CD52-7222-4672-94A0-A722BA702FD0}" = Dell Resource CD
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"DealCabby" = DealCabby
"HP Document Viewer" = HP Document Viewer 6.1
"HulkSearch" = HulkSearch 1.3
"ie8" = Windows Internet Explorer 8
"InstallShield_{390FF986-468D-4CA9-8830-2C4B313F447F}" = ATI Parental Control
"Little Fighter 2.5 - v2.0" = Little Fighter 2.5 - v2.0
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 32.0.3 (x86 en-US)" = Mozilla Firefox 32.0.3 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"N360" = Norton 360
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"PROSet" = Intel® PRO Network Connections Drivers
"TeamViewer 9" = TeamViewer 9
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 9/29/2014 4:50:39 PM | Computer Name = DELL-3CCD218591 | Source = crypt32 | ID = 131077
Description = Failed auto update retrieval of third-party root certificate from:
 <http://www.download....1A61C7DC25.crt>
 with error: This operation returned because the timeout period expired.  
 
Error - 9/29/2014 5:00:38 PM | Computer Name = DELL-3CCD218591 | Source = crypt32 | ID = 131077
Description = Failed auto update retrieval of third-party root certificate from:
 <http://www.download....1A61C7DC25.crt>
 with error: This operation returned because the timeout period expired.  
 
Error - 9/29/2014 5:03:34 PM | Computer Name = DELL-3CCD218591 | Source = crypt32 | ID = 131077
Description = Failed auto update retrieval of third-party root certificate from:
 <http://www.download....1A61C7DC25.crt>
 with error: This operation returned because the timeout period expired.  
 
Error - 9/29/2014 5:05:08 PM | Computer Name = DELL-3CCD218591 | Source = MsiInstaller | ID = 11706
Description = Product: SolutionCenter -- Error 1706. An installation package for
 the product SolutionCenter cannot be found. Try the installation again using a
valid copy of the installation package 'SolutionCenter.msi'.
 
Error - 9/29/2014 5:09:21 PM | Computer Name = DELL-3CCD218591 | Source = MsiInstaller | ID = 11500
Description = Product: Java 7 Update 67 -- Error 1500.Another installation is in
 progress. You must complete that installation before continuing this one.
 
Error - 9/29/2014 5:41:44 PM | Computer Name = DELL-3CCD218591 | Source = crypt32 | ID = 131077
Description = Failed auto update retrieval of third-party root certificate from:
 <http://www.download....2852CAE474.crt>
 with error: This operation returned because the timeout period expired.  
 
Error - 9/29/2014 5:43:30 PM | Computer Name = DELL-3CCD218591 | Source = crypt32 | ID = 131077
Description = Failed auto update retrieval of third-party root certificate from:
 <http://www.download....2852CAE474.crt>
 with error: This operation returned because the timeout period expired.  
 
Error - 9/29/2014 5:56:34 PM | Computer Name = DELL-3CCD218591 | Source = COM+ | ID = 135761
Description = The run-time environment has detected an inconsistency in its internal
 state. This indicates a potential instability in the process that could be caused
 by the custom components running in the COM+ application, the components they make
 use of, or other factors. Error in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184),
 hr = 8007041d: InitEventCollector fail
 
Error - 10/1/2014 7:56:55 PM | Computer Name = DELL-3CCD218591 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 10/1/2014 8:22:40 PM | Computer Name = DELL-3CCD218591 | Source = Application Hang | ID = 1001
Description = Fault bucket 1180947459.
 
[ System Events ]
Error - 9/29/2014 5:56:36 PM | Computer Name = DELL-3CCD218591 | Source = Service Control Manager | ID = 7000
Description = The COM+ System Application service failed to start due to the following
 error:   %%1053
 
Error - 9/29/2014 5:59:34 PM | Computer Name = DELL-3CCD218591 | Source = DCOM | ID = 10010
Description = The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register
 with DCOM within the required timeout.
 
Error - 9/30/2014 6:12:48 PM | Computer Name = DELL-3CCD218591 | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {ABC01078-F197-4B0B-ADBC-CFE684B39C82}.
The
 error:  "%3"  Happened while starting this command:  "C:\Program Files\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe"
 -Embedding
 
Error - 10/1/2014 3:11:58 PM | Computer Name = DELL-3CCD218591 | Source = DCOM | ID = 10000
Description = Unable to start a DCOM Server: {ABC01078-F197-4B0B-ADBC-CFE684B39C82}.
The
 error:  "%3"  Happened while starting this command:  "C:\Program Files\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe"
 -Embedding
 
Error - 10/2/2014 3:22:57 AM | Computer Name = DELL-3CCD218591 | Source = Service Control Manager | ID = 7000
Description = The Google Update Service (gupdate) service failed to start due to
 the following error:   %%2
 
Error - 10/2/2014 3:23:00 AM | Computer Name = DELL-3CCD218591 | Source = Service Control Manager | ID = 7023
Description = The HP CUE DeviceDiscovery Service service terminated with the following
 error:   %%126
 
Error - 10/2/2014 3:23:31 AM | Computer Name = DELL-3CCD218591 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
 the MBAMService service.
 
Error - 10/2/2014 10:51:43 AM | Computer Name = DELL-3CCD218591 | Source = Service Control Manager | ID = 7000
Description = The Google Update Service (gupdate) service failed to start due to
 the following error:   %%2
 
Error - 10/2/2014 10:51:43 AM | Computer Name = DELL-3CCD218591 | Source = Service Control Manager | ID = 7023
Description = The HP CUE DeviceDiscovery Service service terminated with the following
 error:   %%126
 
Error - 10/2/2014 10:52:48 AM | Computer Name = DELL-3CCD218591 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
 the MBAMService service.
 
 
< End of report >
 


  • 0

#5
HelpNeeded911

HelpNeeded911

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts

I was unable to run AdwCleaner. After trying to download AdwCleaner the first time, Norton popped up with "Auto-Protect is processing security risk Suspicious.Cloud.7.EP." Then I received an "unable to open the script file" error when trying to run the program.

 

When I tried to run JRT, I received the following

JRT: error. Could not open archive file "C:\Documents and Settings\Chad Frame\Desktop\JRT.exe". Access is denied.

 

Here is the OTL log.

 

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Service hpqddsvc stopped successfully!
Service hpqddsvc deleted successfully!
File C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll not found.
Service hpqcxs08 stopped successfully!
Service hpqcxs08 deleted successfully!
File C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll not found.
Service HidServ stopped successfully!
Service HidServ deleted successfully!
File %SystemRoot%\System32\hidserv.dll not found.
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
File C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc not found.
Service gupdate stopped successfully!
Service gupdate deleted successfully!
File C:\Program Files\Google\Update\GoogleUpdate.exe /svc not found.
Service WinRing0_1_2_0 stopped successfully!
Service WinRing0_1_2_0 deleted successfully!
File C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys not found.
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Service bvrp_pci stopped successfully!
Service bvrp_pci deleted successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3d29c02b-bf3e-4d3b-8a7a-e0e7d0f6dbab}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d29c02b-bf3e-4d3b-8a7a-e0e7d0f6dbab}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6DBF2236-2ECB-41F6-B9EC-D84DC07F0D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6DBF2236-2ECB-41F6-B9EC-D84DC07F0D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E8B77240-5365-43A3-8276-630338489ABA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E8B77240-5365-43A3-8276-630338489ABA}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{3f2ae504-aa17-4805-90e8-56e48f98731c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3f2ae504-aa17-4805-90e8-56e48f98731c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{3f2ae504-aa17-4805-90e8-56e48f98731c}\ deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6DBF2236-2ECB-41F6-B9EC-D84DC07F0D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6DBF2236-2ECB-41F6-B9EC-D84DC07F0D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
[EMPTYTEMP]
 
User: Administrator
 
User: All Users
 
User: ASPNET
 
User: Chad Frame
->Temp folder emptied: 225936 bytes
->Temporary Internet Files folder emptied: 9748614 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 362194157 bytes
->Flash cache emptied: 8198012 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56475 bytes
 
User: dub_cm_auto
 
User: Guest
 
User: HelpAssistant
 
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 41182 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 2100440 bytes
 
User: SUPPORT_388945a0
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16864 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 797333243 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 180562 bytes
RecycleBin emptied: 104640 bytes
 
Total Files Cleaned = 1,126.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 10122014_164438

Files\Folders moved on Reboot...
File\Folder C:\windows\temp\Perflib_Perfdata_87c.dat not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 


  • 0

#6
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Hi,

 

I noted your trouble running the tools. Did you disable your A/V (Norton) before running? Although not mentioned in the adwCleaner instructions it was in the JRT. ;)  Try that see how they run. Also, Zoek is the last tool you should run because it gives me a full system scan. If you are unable to run it, let me know and I will chose a different tool for the scan. :thumbsup:


  • 0

#7
HelpNeeded911

HelpNeeded911

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts

For whatever reason, I had to run a reboot. Norton showed that it was disabled but still kept flagging items. Here are the logs. :yes:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.14.2014:1)
OS: Microsoft Windows XP x86
Ran by C on Wed 10/15/2014 at  8:58:36.01
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\BibleTriviaTime_4l.SkinLauncher
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\BibleTriviaTime_4l.SkinLauncher.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011501160}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn"
Successfully deleted: [Registry Key] "hkey_current_user\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\apn"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\appid\genericasktoolbar.dll"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\appid\{9b0cb95c-933a-4b8c-b6d4-edcd19a43874}"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\babylon"
Successfully deleted: [Folder] "C:\Documents and Settings\Chad Frame\Application Data\babylon"
Successfully deleted: [Folder] "C:\Documents and Settings\Chad Frame\Local Settings\Application Data\chromatic browser"
Successfully deleted: [Folder] "C:\Documents and Settings\Chad Frame\Local Settings\Application Data\conduit"
Successfully deleted: [Folder] "C:\Documents and Settings\Chad Frame\Local Settings\Application Data\dealcabby"
Successfully deleted: [Folder] "C:\Documents and Settings\Chad Frame\Local Settings\Application Data\torch"
Successfully deleted: [Folder] "C:\Program Files\babylontoolbar"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\domaiq uninstaller"
Successfully deleted: [Folder] "C:\windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}"



~~~ FireFox

Emptied folder: C:\Documents and Settings\Chad Frame\Application Data\mozilla\firefox\profiles\y0gfxcyh.default\minidumps [1 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 10/15/2014 at  9:08:08.57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

 

Zoek.exe v5.0.0.0 Updated 14-10-2014
Tool run by Chad Frame on Wed 10/15/2014 at  9:44:52.17.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Chad Frame\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

10/15/2014 9:46:40 AM Zoek.exe System Restore Point Created Succesfully.

==== Installed Programs ======================

32 Bit HP CIO Components Installer  
6300  
6300_Help  
6300Trb  
Adobe AIR  
Adobe Flash Player 15 ActiveX  
Adobe Flash Player 15 Plugin  
Adobe Reader X (10.1.4)  
AiO_Scan_CDA  
AiOSoftwareNPI  
Apple Application Support  
Apple Mobile Device Support  
Apple Software Update  
ATI - Software Uninstall Utility  
ATI Control Panel  
ATI Display Driver  
ATI Parental Control  
Auslogics DiskDefrag  
Bonjour  
BufferChm  
CCleaner  
CivCity  
Conexant D850 56K V.9x DFVc Modem  
CP_AtenaShokunin1Config  
CP_CalendarTemplates1  
cp_OnlineProjectsConfig  
CP_Package_Basic1  
CP_Package_Variety1  
CP_Package_Variety2  
CP_Package_Variety3  
CP_Panorama1Config  
cp_PosterPrintConfig  
CueTour  
CustomerResearchQFolder  
DealCabby  
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition  
Dell Resource CD  
Destinations  
DeviceDiscovery  
DeviceFunctionQFolder  
DocProc  
DocumentViewer  
DocumentViewerQFolder  
DomaIQ  
Fax_CDA  
FullDPAppQFolder  
Google Update Helper  
High Definition Audio Driver Package - KB835221  
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)  
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)  
Hotfix for Windows Media Player 10 (KB903157)  
Hotfix for Windows XP (KB2633952)  
Hotfix for Windows XP (KB2756822)  
Hotfix for Windows XP (KB2779562)  
Hotfix for Windows XP (KB952287)  
Hotfix for Windows XP (KB954550-v5)  
Hotfix for Windows XP (KB961118)  
Hotfix for Windows XP (KB981793)  
HP Document Viewer 6.1  
HP Photosmart Essential2.01  
HP Update  
HPProductAssistant  
HulkSearch 1.3  
InstantShareDevices  
Intel® PRO Network Connections Drivers  
Intel® PROSet for Wired Connections  
iTunes  
Java 2 Runtime Environment, SE v1.4.2_03  
Java 7 Update 67  
Java Auto Updater  
Little Fighter 2.5 - v2.0  
Malwarebytes Anti-Malware version 2.0.2.1012  
MarketResearch  
Microsoft .NET Framework 1.0 Hotfix (KB2572066)  
Microsoft .NET Framework 1.0 Hotfix (KB2604042)  
Microsoft .NET Framework 1.0 Hotfix (KB2656378)  
Microsoft .NET Framework 1.0 Security Update (KB2698035)  
Microsoft .NET Framework 1.0 Security Update (KB2742607)  
Microsoft .NET Framework 1.0 Security Update (KB2833951)  
Microsoft .NET Framework 1.0 Security Update (KB2904878)  
Microsoft .NET Framework 1.1  
Microsoft .NET Framework 1.1 Security Update (KB2698023)  
Microsoft .NET Framework 1.1 Security Update (KB2833941)  
Microsoft .NET Framework 1.1 Security Update (KB979906)  
Microsoft .NET Framework 2.0 Service Pack 2  
Microsoft .NET Framework 3.0 Service Pack 2  
Microsoft .NET Framework 3.5 SP1  
Microsoft Office Access MUI (English) 2010  
Microsoft Office Access Setup Metadata MUI (English) 2010  
Microsoft Office Excel MUI (English) 2010  
Microsoft Office Home and Business 2010  
Microsoft Office OneNote MUI (English) 2010  
Microsoft Office Outlook MUI (English) 2010  
Microsoft Office PowerPoint MUI (English) 2010  
Microsoft Office Proof (English) 2010  
Microsoft Office Proof (French) 2010  
Microsoft Office Proof (Spanish) 2010  
Microsoft Office Proofing (English) 2010  
Microsoft Office Publisher MUI (English) 2010  
Microsoft Office Shared MUI (English) 2010  
Microsoft Office Shared Setup Metadata MUI (English) 2010  
Microsoft Office Single Image 2010  
Microsoft Office Word MUI (English) 2010  
Microsoft Silverlight  
Microsoft Software Update for Web Folders  (English) 14  
Modem Helper  
Mozilla Firefox 32.0.3 (x86 en-US)  
Mozilla Maintenance Service  
MSXML 4.0 SP2 (KB954430)  
MSXML 4.0 SP2 (KB973688)  
NewCopy_CDA  
Norton 360  
Otto  
PanoStandAlone  
PhotoGallery  
ProductContextNPI  
ps_app_npi_software  
ps_app_npi_software_req  
PSSWCORE  
QuickTime 7  
RandMap  
Readme  
Revo Uninstaller Pro 3.1.1  
Rome - Total War  
Scan  
ScannerCopy  
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)  
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)  
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)  
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)  
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2863942) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition  
Security Update for Microsoft Windows (KB2564958)  
Security Update for Windows Internet Explorer 8 (KB2510531)  
Security Update for Windows Internet Explorer 8 (KB2544521)  
Security Update for Windows Internet Explorer 8 (KB2618444)  
Security Update for Windows Internet Explorer 8 (KB2647516)  
Security Update for Windows Internet Explorer 8 (KB2675157)  
Security Update for Windows Internet Explorer 8 (KB2699988)  
Security Update for Windows Internet Explorer 8 (KB2722913)  
Security Update for Windows Internet Explorer 8 (KB2744842)  
Security Update for Windows Internet Explorer 8 (KB2761465)  
Security Update for Windows Internet Explorer 8 (KB2792100)  
Security Update for Windows Internet Explorer 8 (KB2797052)  
Security Update for Windows Internet Explorer 8 (KB2799329)  
Security Update for Windows Internet Explorer 8 (KB2809289)  
Security Update for Windows Internet Explorer 8 (KB2817183)  
Security Update for Windows Internet Explorer 8 (KB2829530)  
Security Update for Windows Internet Explorer 8 (KB2838727)  
Security Update for Windows Internet Explorer 8 (KB2846071)  
Security Update for Windows Internet Explorer 8 (KB2847204)  
Security Update for Windows Internet Explorer 8 (KB2862772)  
Security Update for Windows Internet Explorer 8 (KB2870699)  
Security Update for Windows Internet Explorer 8 (KB2879017)  
Security Update for Windows Internet Explorer 8 (KB2888505)  
Security Update for Windows Internet Explorer 8 (KB2898785)  
Security Update for Windows Internet Explorer 8 (KB2909210)  
Security Update for Windows Internet Explorer 8 (KB2909921)  
Security Update for Windows Internet Explorer 8 (KB2925418)  
Security Update for Windows Internet Explorer 8 (KB2936068)  
Security Update for Windows Internet Explorer 8 (KB2964358)  
Security Update for Windows Internet Explorer 8 (KB971961)  
Security Update for Windows Internet Explorer 8 (KB981332)  
Security Update for Windows Internet Explorer 8 (KB982381)  
Security Update for Windows Media Player (KB2378111)  
Security Update for Windows Media Player (KB2834905-v2)  
Security Update for Windows Media Player (KB2834905)  
Security Update for Windows Media Player (KB952069)  
Security Update for Windows Media Player (KB954155)  
Security Update for Windows Media Player (KB973540)  
Security Update for Windows Media Player (KB975558)  
Security Update for Windows Media Player (KB978695)  
Security Update for Windows XP (KB2079403)  
Security Update for Windows XP (KB2115168)  
Security Update for Windows XP (KB2229593)  
Security Update for Windows XP (KB2296011)  
Security Update for Windows XP (KB2347290)  
Security Update for Windows XP (KB2360937)  
Security Update for Windows XP (KB2387149)  
Security Update for Windows XP (KB2393802)  
Security Update for Windows XP (KB2412687)  
Security Update for Windows XP (KB2419632)  
Security Update for Windows XP (KB2423089)  
Security Update for Windows XP (KB2440591)  
Security Update for Windows XP (KB2443105)  
Security Update for Windows XP (KB2476490)  
Security Update for Windows XP (KB2478960)  
Security Update for Windows XP (KB2478971)  
Security Update for Windows XP (KB2481109)  
Security Update for Windows XP (KB2483185)  
Security Update for Windows XP (KB2485663)  
Security Update for Windows XP (KB2506212)  
Security Update for Windows XP (KB2507618)  
Security Update for Windows XP (KB2507938)  
Security Update for Windows XP (KB2508429)  
Security Update for Windows XP (KB2509553)  
Security Update for Windows XP (KB2535512)  
Security Update for Windows XP (KB2536276-v2)  
Security Update for Windows XP (KB2544893-v2)  
Security Update for Windows XP (KB2566454)  
Security Update for Windows XP (KB2570222)  
Security Update for Windows XP (KB2570947)  
Security Update for Windows XP (KB2584146)  
Security Update for Windows XP (KB2585542)  
Security Update for Windows XP (KB2592799)  
Security Update for Windows XP (KB2598479)  
Security Update for Windows XP (KB2603381)  
Security Update for Windows XP (KB2618451)  
Security Update for Windows XP (KB2620712)  
Security Update for Windows XP (KB2621440)  
Security Update for Windows XP (KB2624667)  
Security Update for Windows XP (KB2631813)  
Security Update for Windows XP (KB2633171)  
Security Update for Windows XP (KB2639417)  
Security Update for Windows XP (KB2641653)  
Security Update for Windows XP (KB2646524)  
Security Update for Windows XP (KB2647518)  
Security Update for Windows XP (KB2653956)  
Security Update for Windows XP (KB2655992)  
Security Update for Windows XP (KB2659262)  
Security Update for Windows XP (KB2660465)  
Security Update for Windows XP (KB2661637)  
Security Update for Windows XP (KB2676562)  
Security Update for Windows XP (KB2685939)  
Security Update for Windows XP (KB2686509)  
Security Update for Windows XP (KB2691442)  
Security Update for Windows XP (KB2695962)  
Security Update for Windows XP (KB2698365)  
Security Update for Windows XP (KB2705219)  
Security Update for Windows XP (KB2707511)  
Security Update for Windows XP (KB2709162)  
Security Update for Windows XP (KB2712808)  
Security Update for Windows XP (KB2718523)  
Security Update for Windows XP (KB2719985)  
Security Update for Windows XP (KB2723135)  
Security Update for Windows XP (KB2724197)  
Security Update for Windows XP (KB2727528)  
Security Update for Windows XP (KB2731847)  
Security Update for Windows XP (KB2753842-v2)  
Security Update for Windows XP (KB2753842)  
Security Update for Windows XP (KB2757638)  
Security Update for Windows XP (KB2758857)  
Security Update for Windows XP (KB2761226)  
Security Update for Windows XP (KB2770660)  
Security Update for Windows XP (KB2778344)  
Security Update for Windows XP (KB2779030)  
Security Update for Windows XP (KB2780091)  
Security Update for Windows XP (KB2799494)  
Security Update for Windows XP (KB2802968)  
Security Update for Windows XP (KB2807986)  
Security Update for Windows XP (KB2808735)  
Security Update for Windows XP (KB2813170)  
Security Update for Windows XP (KB2813345)  
Security Update for Windows XP (KB2820197)  
Security Update for Windows XP (KB2820917)  
Security Update for Windows XP (KB2829361)  
Security Update for Windows XP (KB2834886)  
Security Update for Windows XP (KB2839229)  
Security Update for Windows XP (KB2845187)  
Security Update for Windows XP (KB2847311)  
Security Update for Windows XP (KB2849470)  
Security Update for Windows XP (KB2850851)  
Security Update for Windows XP (KB2850869)  
Security Update for Windows XP (KB2859537)  
Security Update for Windows XP (KB2862152)  
Security Update for Windows XP (KB2862330)  
Security Update for Windows XP (KB2862335)  
Security Update for Windows XP (KB2864063)  
Security Update for Windows XP (KB2868038)  
Security Update for Windows XP (KB2868626)  
Security Update for Windows XP (KB2876217)  
Security Update for Windows XP (KB2876315)  
Security Update for Windows XP (KB2876331)  
Security Update for Windows XP (KB2883150)  
Security Update for Windows XP (KB2892075)  
Security Update for Windows XP (KB2893294)  
Security Update for Windows XP (KB2893984)  
Security Update for Windows XP (KB2898715)  
Security Update for Windows XP (KB2900986)  
Security Update for Windows XP (KB2914368)  
Security Update for Windows XP (KB2916036)  
Security Update for Windows XP (KB2922229)  
Security Update for Windows XP (KB2929961)  
Security Update for Windows XP (KB2930275)  
Security Update for Windows XP (KB923561)  
Security Update for Windows XP (KB923789)  
Security Update for Windows XP (KB941569)  
Security Update for Windows XP (KB946648)  
Security Update for Windows XP (KB950762)  
Security Update for Windows XP (KB950974)  
Security Update for Windows XP (KB951376-v2)  
Security Update for Windows XP (KB951748)  
Security Update for Windows XP (KB952004)  
Security Update for Windows XP (KB952954)  
Security Update for Windows XP (KB955069)  
Security Update for Windows XP (KB956572)  
Security Update for Windows XP (KB956744)  
Security Update for Windows XP (KB956802)  
Security Update for Windows XP (KB956803)  
Security Update for Windows XP (KB956844)  
Security Update for Windows XP (KB958644)  
Security Update for Windows XP (KB958869)  
Security Update for Windows XP (KB959426)  
Security Update for Windows XP (KB960225)  
Security Update for Windows XP (KB960803)  
Security Update for Windows XP (KB960859)  
Security Update for Windows XP (KB961501)  
Security Update for Windows XP (KB969059)  
Security Update for Windows XP (KB970238)  
Security Update for Windows XP (KB970430)  
Security Update for Windows XP (KB971468)  
Security Update for Windows XP (KB971657)  
Security Update for Windows XP (KB972270)  
Security Update for Windows XP (KB973507)  
Security Update for Windows XP (KB973869)  
Security Update for Windows XP (KB973904)  
Security Update for Windows XP (KB974112)  
Security Update for Windows XP (KB974318)  
Security Update for Windows XP (KB974392)  
Security Update for Windows XP (KB974571)  
Security Update for Windows XP (KB975025)  
Security Update for Windows XP (KB975467)  
Security Update for Windows XP (KB975560)  
Security Update for Windows XP (KB975561)  
Security Update for Windows XP (KB975562)  
Security Update for Windows XP (KB975713)  
Security Update for Windows XP (KB977816)  
Security Update for Windows XP (KB977914)  
Security Update for Windows XP (KB978037)  
Security Update for Windows XP (KB978338)  
Security Update for Windows XP (KB978542)  
Security Update for Windows XP (KB978601)  
Security Update for Windows XP (KB978706)  
Security Update for Windows XP (KB979309)  
Security Update for Windows XP (KB979482)  
Security Update for Windows XP (KB979559)  
Security Update for Windows XP (KB979683)  
Security Update for Windows XP (KB979687)  
Security Update for Windows XP (KB980195)  
Security Update for Windows XP (KB980218)  
Security Update for Windows XP (KB980232)  
Security Update for Windows XP (KB980436)  
Security Update for Windows XP (KB981322)  
Security Update for Windows XP (KB981997)  
Security Update for Windows XP (KB982132)  
Security Update for Windows XP (KB982381)  
Security Update for Windows XP (KB982665)  
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition  
SigmaTel Audio  
SkinsHP1  
Sonic Encoders  
Sonic_PrimoSDK  
Status  
TeamViewer 9  
Toolbox  
TrayApp  
Unload  
UnloadSupport  
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)  
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition  
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition  
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition  
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition  
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition  
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition  
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition  
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition  
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition  
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition  
Update for Windows Internet Explorer 8 (KB2598845)  
Update for Windows Internet Explorer 8 (KB2632503)  
Update for Windows Internet Explorer 8 (KB976662)  
Update for Windows Media Player 10 (KB913800)  
Update for Windows Media Player 10 (KB926251)  
Update for Windows XP (KB2345886)  
Update for Windows XP (KB2492386)  
Update for Windows XP (KB2541763)  
Update for Windows XP (KB2641690)  
Update for Windows XP (KB2661254-v2)  
Update for Windows XP (KB2718704)  
Update for Windows XP (KB2736233)  
Update for Windows XP (KB2749655)  
Update for Windows XP (KB2808679)  
Update for Windows XP (KB2863058)  
Update for Windows XP (KB2904266)  
Update for Windows XP (KB2934207)  
Update for Windows XP (KB951978)  
Update for Windows XP (KB955759)  
Update for Windows XP (KB967715)  
Update for Windows XP (KB968389)  
Update for Windows XP (KB971029)  
Update for Windows XP (KB971737)  
Update for Windows XP (KB973687)  
Update for Windows XP (KB973815)  
Update Rollup 2 for Windows XP Media Center Edition 2005  
VideoToolkit01  
WebFldrs XP  
WebReg  
Windows Genuine Advantage Validation Tool (KB892130)  
Windows Internet Explorer 8  
Windows Media Format Runtime  
Windows XP Media Center Edition 2005 KB2502898  
Windows XP Media Center Edition 2005 KB2619340  
Windows XP Media Center Edition 2005 KB2628259  
Windows XP Media Center Edition 2005 KB925766  
Windows XP Media Center Edition 2005 KB973768  
Windows XP Service Pack 3  

==== Running Processes ======================

C:\windows\System32\smss.exe
C:\windows\system32\csrss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\stsystra.exe
C:\windows\eHome\ehRecvr.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\windows\eHome\ehSched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Norton 360\Engine\21.6.0.32\N360.exe
C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
C:\windows\ehome\mcrdsvc.exe
C:\Program Files\TeamViewer\Version9\TeamViewer.exe
C:\Program Files\TeamViewer\Version9\tv_w32.exe
C:\Program Files\Norton 360\Engine\21.6.0.32\N360.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\windows\System32\alg.exe
c:\program files\teamviewer\version9\TeamViewer_Desktop.exe
C:\windows\system32\wscntfy.exe
C:\Documents and Settings\Chad Frame\Desktop\zoek.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\windows\System32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k imgsvc

==== Services ======================

You do not have Microsoft .NET Framework 4.0(or higher) installed.
Download it here v4.0: http://www.microsoft...s.aspx?id=17851
Download it here v4.5: http://www.microsoft...s.aspx?id=30653

==== System Specs ======================

Windows: Windows XP Professional Service Pack 3 (Build 2600)
Memory (RAM): 1023 MB
CPU Info: Intel® Pentium® D CPU 2.80GHz
CPU Speed: 2727.6 MHz
Sound Card: SigmaTel Audio |
Display Adapters: RADEON X300 SE 128MB HyperMemory | RADEON X300 SE 128MB HyperMemory Secondary | NetMeeting driver | RDPDD Chained DD
Monitors: 1x; Plug and Play Monitor |
Screen Resolution: 1280 X 1024 - 32 bit
Network: Network Present
Network Adapters: Intel® PRO/1000 PL Network Connection - Packet Scheduler Miniport
CD / DVD Drives: 2x (D: | E: | ) D: HL-DT-STDVD-ROM GDR8164B | E: HL-DT-STDVD+-RW GWA4164B
Ports: COM3 LPT Port NOT Present.
Mouse: 3 Button Wheel Mouse Present
Hard Disks: C:  149.0GB
Hard Disks - Free: C:  106.9GB
Manufacturer *: Dell Inc.                
BIOS Info: AT/AT COMPATIBLE | 05/30/06 | DELL   - 7
Time Zone: Eastern Standard Time
Motherboard *: Dell Inc.           0FJ030
Country: United States
Language: ENU

==== System Specs (Software) ======================

Anti-Virus: Norton 360 Premier Edition On-access scanning disabled (Updated)
Firewall: Norton 360 Premier Edition disabled
Default Browser: Firefox    32.0.3
Internet Explorer version: 8.0.6001.18702
Mozilla Firefox version: 32.0.3 (x86 en-US)
Adobe Reader version: 10.1.4.38
Sun Java version: 1.7.0_67 (32-bit)
Flash Player version: 15.0.0.152

==== Files Recently Created / Modified ======================

====== C:\windows ====
====== C:\DOCUME~1\CHADFR~1\LOCALS~1\Temp ====
2014-10-15 12:54:58    E0DC8C6BBC787B972A9A468648DBFD85    1008128    ----a-w-    C:\Documents and Settings\Chad Frame\Local Settings\Temp\jrt\libiconv2.dll
2014-10-15 12:54:58    D202BAA425176287017FFE1FB5D1B77C    103424    ----a-w-    C:\Documents and Settings\Chad Frame\Local Settings\Temp\jrt\libintl3.dll
2014-10-15 12:54:58    57CAC848FA14AE38F14F9441F8933282    140288    ----a-w-    C:\Documents and Settings\Chad Frame\Local Settings\Temp\jrt\pcre3.dll
2014-10-15 12:54:58    547C43567AB8C08EB30F6C6BACB479A3    79360    ----a-w-    C:\Documents and Settings\Chad Frame\Local Settings\Temp\jrt\regex2.dll
2014-10-15 12:54:58    2E0323A94915FAAB10A25F3BABF82584    157696    ----a-w-    C:\Documents and Settings\Chad Frame\Local Settings\Temp\jrt\erunt\ERUNT.EXE
====== Java Cache =====
====== C:\windows\system32 =====
====== C:\windows\system32\drivers =====
2014-09-29 19:51:45    8B5B8A11306190C6963D3473F052D3C8    27064    ----a-w-    C:\windows\System32\drivers\revoflt.sys
2014-09-29 18:37:05    12E71DA845D76665B56753AD149E32B3    110296    ----a-w-    C:\windows\System32\drivers\MBAMSwissArmy.sys
2014-09-29 18:29:54    AED25CDB09FB4E56F45DAF6C9A1D3ED3    53208    ----a-w-    C:\windows\System32\drivers\mbamchameleon.sys
2014-09-29 18:29:53    8683C1B450F4B3872839308D836E0F92    23256    ----a-w-    C:\windows\System32\drivers\mbam.sys
====== C:\windows\Tasks ======
2014-10-02 13:59:19    7262ADBFED4DF855A3F7CE18A3A28C2D    830    ----a-w-    C:\windows\Tasks\Adobe Flash Player Updater.job
====== C:\windows\Temp ======
======= C:\Program Files =====
2014-10-02 14:20:58    --------    d-----w-    C:\Program Files\QuickTime
2014-10-02 13:43:01    --------    d-----w-    C:\Program Files\Mozilla Maintenance Service
2014-09-29 19:51:36    --------    d-----w-    C:\Program Files\VS Revo Group
2014-09-29 17:21:40    --------    d-----w-    C:\Program Files\TeamViewer
======= C: =====
====== C:\Documents and Settings\Chad Frame\Application Data ======
2014-10-02 13:43:17    --------    d-----w-    C:\Documents and Settings\Chad Frame\Application Data\Mozilla
2014-09-29 20:36:04    --------    d-----w-    C:\Documents and Settings\Chad Frame\Application Data\MSNInstaller
2014-09-29 19:55:51    --------    d-----w-    C:\Documents and Settings\Chad Frame\Local Settings\Application Data\VS Revo Group
2014-09-29 17:22:52    --------    d-----w-    C:\Documents and Settings\Chad Frame\Application Data\TeamViewer
====== C:\Documents and Settings\Chad Frame ======
2014-10-15 12:55:18    3F5D9D75F6523CB30924999EDFDAD28B    1705698    ----a-w-    C:\Documents and Settings\Chad Frame\Desktop\JRT_NEW.exe
2014-10-12 22:07:55    7BC1685F75F0A1FC33E060B19F761AA5    1705755    ----a-w-    C:\Documents and Settings\Chad Frame\Desktop\JRT.exe
2014-10-12 22:00:58    590AE97695A21AE8FA5B419BE3E13452    1976320    ----a-w-    C:\Documents and Settings\Chad Frame\Desktop\adwcleaner_4.000.exe

====== C: exe-files ==
2014-10-15 12:55:18    3F5D9D75F6523CB30924999EDFDAD28B    1705698    ----a-w-    C:\Documents and Settings\Chad Frame\Desktop\JRT_NEW.exe
2014-10-15 12:54:58    2E0323A94915FAAB10A25F3BABF82584    157696    ----a-w-    C:\Documents and Settings\Chad Frame\Local Settings\Temp\jrt\erunt\ERUNT.EXE
2014-10-15 12:53:38    3F5D9D75F6523CB30924999EDFDAD28B    1705698    ----a-w-    C:\Documents and Settings\Chad Frame\My Documents\My Music\iTunes\iTunes Media\Automatically Add to iTunes\JRT.exe
2014-10-12 22:07:55    7BC1685F75F0A1FC33E060B19F761AA5    1705755    ----a-w-    C:\Documents and Settings\Chad Frame\Desktop\JRT.exe
2014-10-12 22:00:58    590AE97695A21AE8FA5B419BE3E13452    1976320    ----a-w-    C:\Documents and Settings\Chad Frame\Desktop\adwcleaner_4.000.exe
=== C: other files ==
2014-10-15 12:54:57    FC1F36A7844235BACFE12DF3FD486026    14957    ----a-w-    C:\Documents and Settings\Chad Frame\Local Settings\Temp\jrt\get.bat
2014-10-15 12:54:57    F56A319979F631C141F5FF02DF87FDB1    43563    ----a-w-    C:\Documents and Settings\Chad Frame\Local Settings\Temp\jrt\prelim.bat
2014-10-15 12:54:57    E5E1041DE1DBDDF20D704BA894BEAD05    183929    ----a-w-    C:\Documents and Settings\Chad Frame\Local Settings\Temp\jrt\misc.bat
2014-10-15 12:54:57    E01FF880FC345F56C61E80C91FA03687    9384    ----a-w-    C:\Documents and Settings\Chad Frame\Local Settings\Temp\jrt\runvalues.bat
2014-10-15 12:54:57    DD1E4D974B1672ABD09EFFB225791C4A    1230    ----a-w-    C:\Documents and Settings\Chad Frame\Local Settings\Temp\jrt\TDL4.bat
2014-10-15 12:54:57    AD2F52DC72B10AF331692E4A4DD80DFC    18670    ----a-w-    C:\Documents and Settings\Chad Frame\Local Settings\Temp\jrt\medfos.bat
2014-10-15 12:54:57    AA0C656F898523BEDF2DA6923197BB80    1264    ----a-w-    C:\Documents and Settings\Chad Frame\Local Settings\Temp\jrt\surfvox.bat
2014-10-15 12:54:57    8E6020C14F982CF11B3FE7DBB0CB8EDE    24738    ----a-w-    C:\Documents and Settings\Chad Frame\Local Settings\Temp\jrt\searchlnk.bat
2014-10-15 12:54:57    86707BCE5CBB65D9B1C41E249B4423BA    152733    ----a-w-    C:\Documents and Settings\Chad Frame\Local Settings\Temp\jrt\firefox.bat
2014-10-15 12:54:57    83F691D8398F0E37E71E9355BF730DB9    719    ----a-w-    C:\Documents and Settings\Chad Frame\Local Settings\Temp\jrt\ev_clear.bat
2014-10-15 12:54:57    654E9FE74B930A454EE5BDE165794B65    85    ----a-w-    C:\Documents and Settings\Chad Frame\Local Settings\Temp\jrt\delorphans.bat
2014-10-15 12:54:57    4D80C7010E2CE44AB25FA25B013649E4    8085    ----a-w-    C:\Documents and Settings\Chad Frame\Local Settings\Temp\jrt\mws.bat
2014-10-15 12:54:57    38A0BDF322ACCC968B0A824C38D50157    29635    ----a-w-    C:\Documents and Settings\Chad Frame\Local Settings\Temp\jrt\ask.bat
2014-10-15 12:54:57    335DFF8F23E5EC02B5426362F0F8509B    31401    ----a-w-    C:\Documents and Settings\Chad Frame\Local Settings\Temp\jrt\iexplore.bat
2014-10-15 12:54:57    1EFD82B5DDC672FE3D2AFE731898BAF4    14044    ----a-w-    C:\Documents and Settings\Chad Frame\Local Settings\Temp\jrt\chrome.bat
2014-10-15 12:54:57    0C4649A62845AB5D5DBCC4998477FF6D    1813    ----a-w-    C:\Documents and Settings\Chad Frame\Local Settings\Temp\jrt\delfolders.bat

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-57989841-1482476501-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background"
"ctfmon.exe"="C:\windows\system32\ctfmon.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe"
"SigmatelSysTrayApp"="stsystra.exe"
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"
"KernelFaultCheck"="%systemroot%\system32\dumprep 0 -k"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background"
"ctfmon.exe"="C:\windows\system32\ctfmon.exe"

==== Task Scheduler Jobs ======================

C:\windows\tasks\Adobe Flash Player Updater.job --a------ :C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe []
C:\windows\tasks\AppleSoftwareUpdate.job --a------ C:\Program Files\AppleC:oftware Update\SoftwareUpdate.exe []
C:\windows\tasks\Game_Booster_AutoUpdate.job --a------ C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe []
C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe []
C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe []
C:\windows\tasks\Microsoft Windows XP End of Service Notification Logon.job --a------ C:\WINDOWS\system32\xp_eos.exe [02/25/2014 09:59 PM]
C:\windows\tasks\Microsoft Windows XP End of Service Notification Monthly.job --a------ C:\WINDOWS\system32\xp_eos.exe [02/25/2014 09:59 PM]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn" [10/15/2014 09:23 AM]

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\Chad Frame\Application Data\Mozilla\Firefox\Profiles\y0gfxcyh.default
6B34823748BD3C10EB2816858025AFE9    - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll -    QuickTime Plug-in 7.7.5
233F187A5425045011A0DD51F8B48E0F    - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll -    QuickTime Plug-in 7.7.5
81CB790A6AD230090086C644DC871FC3    - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll -    QuickTime Plug-in 7.7.5
4AD1613FEDB87B4B18CADE745235A625    - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll -    QuickTime Plug-in 7.7.5
1FBB6E454767A5B43DD980C7DE5D89F6    - C:\Program Files\QuickTime\Plugins\npqtplugin.dll -    QuickTime Plug-in 7.7.5
DFC9460CC37E5C414DC4680B10C19E7A    - C:\windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll -    Shockwave Flash
14D06C3796CE3F6BA8F43CDF3AD65D76    - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll -    Java™ Platform SE 7 U67
893BF7D2261C56C24F813405D9D018E0    - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll -    Silverlight Plug-In
C1680C34DE8A405C8829AB93236576FD    - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll -    iTunes Application Detector
84CBD6F6AA7EE399FBDC265B8EA64474    - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll -    Adobe Acrobat
0A7B01235B1CBFA387B04A91E2F2B7D0    - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll -    Adobe Acrobat
AB87EEFFD18F2BAAFC274E7075EA6C67    - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll -    Windows Presentation Foundation / Windows Presentation Foundation
8DA2ED6B04EA33F2EAE8BA883F903729    - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll -    Microsoft® Silverlight


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
iikflkcanblccfahdhdonehdalibjnif - No path found[]
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx[09/20/2014 04:52 AM]

MySearch - Administrator\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - Administrator\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - Administrator\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln
MySearch - Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln
MySearch - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln
MySearch - Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln
MySearch - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln
MySearch - ASPNET\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - ASPNET\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - ASPNET\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln
MySearch - ASPNET\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - ASPNET\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - ASPNET\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln
MySearch - ASPNET\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - ASPNET\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - ASPNET\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln
MySearch - ASPNET\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - ASPNET\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - ASPNET\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln
MySearch - ASPNET\Local Settings\Application Data\Torch\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - ASPNET\Local Settings\Application Data\Torch\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - ASPNET\Local Settings\Application Data\Torch\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln
MySearch - Chad Frame\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - Chad Frame\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - Chad Frame\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln
MySearch - Chad Frame\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - Chad Frame\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - Chad Frame\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln
MySearch - Guest\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - Guest\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - Guest\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln
MySearch - Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln
MySearch - Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln
MySearch - Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln
MySearch - Guest\Local Settings\Application Data\Torch\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - Guest\Local Settings\Application Data\Torch\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - Guest\Local Settings\Application Data\Torch\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln
MySearch - HelpAssistant\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - HelpAssistant\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - HelpAssistant\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln
MySearch - HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln
MySearch - HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln
MySearch - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln
MySearch - HelpAssistant\Local Settings\Application Data\Torch\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - HelpAssistant\Local Settings\Application Data\Torch\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - HelpAssistant\Local Settings\Application Data\Torch\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln
MySearch - SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln
MySearch - SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln
MySearch - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln
MySearch - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln
MySearch - SUPPORT_388945a0\Local Settings\Application Data\Torch\User Data\Default\Extensions\lclhjnidkghcoebihliibcfmmmhpfjln
PuriceCohoop - SUPPORT_388945a0\Local Settings\Application Data\Torch\User Data\Default\Extensions\miajmeknknnbgdegjgkcddgkkclohhad
SaveMass - SUPPORT_388945a0\Local Settings\Application Data\Torch\User Data\Default\Extensions\opeafggcojkfpldljlooeenjealhchln

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{C3B8F3C6-60CC-42DD-BEB5-96A2822F7839}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown  Url="Not_Found"
{3d29c02b-bf3e-4d3b-8a7a-e0e7d0f6dbab} Unknown  Url="Not_Found"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Unknown  Url="Not_Found"
{C3B8F3C6-60CC-42DD-BEB5-96A2822F7839} Google  Url="http://www.google.co...tputEncoding?}"
{E8B77240-5365-43A3-8276-630338489ABA} Unknown  Url="Not_Found"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on Wed 10/15/2014 at  9:53:11.42 ======================
 


Edited by HelpNeeded911, 15 October 2014 - 08:27 AM.

  • 0

#8
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Ok, looks like you got through all the scans and the logs look good. That said, how the machine working?


  • 0

#9
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP