Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

infected again please help [Solved]

Started by nickf33 , Oct 31 2014 01:21 PM

  • This topic is locked This topic is locked

#1
nickf33
Posted 31 October 2014 - 01:21 PM

nickf33

    Member

  • Member
  • PipPipPip
  • 101 posts

getting rerouted and when i click on something goes somewhere else. You helped before please help me again. Thanks PC OS XP. Even have trouble logging in when I click to enter user name sends me somewhere else. BHO keeps trying to change home page.Bit defender also blocks pages. Tried the sell help Could not install OTM error not a windows 32 


Edited by nickf33, 01 November 2014 - 10:17 AM.

  • 0

Advertisements

#2
Essexboy
Posted 02 November 2014 - 10:54 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Can you access safe mode at all ? If so then go to safe mode with networking

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.

  • 0

#3
nickf33
Posted 02 November 2014 - 12:25 PM

nickf33

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 101 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-11-2014
Ran by nickf (administrator) on NICK on 02-11-2014 13:22:22
Running from C:\Documents and Settings\nickf\Desktop
Loaded Profile: nickf (Available profiles: nickf & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(globalUpdate) C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\WINDOWS\StartupMonitor.exe
() C:\Program Files\Lexmark Pro200-S500 Series\ezprint.exe
(CMS Products, Inc.) C:\Program Files\CMS Products\BounceBack Ultimate\BBWatcherService.exe
(www.gmailnotifier.com) C:\Program Files\Gmail Notifier\Gmail Notifier.exe
() C:\Program Files\SpywareGuard\sgmain.exe
() C:\Program Files\SpywareGuard\sgbhp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
() C:\Program Files\Lexmark Pro200-S500 Series\lxebmon.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
( ) C:\WINDOWS\system32\lxebcoms.exe
(SupportSoft, Inc.) C:\Program Files\VERIZONDM\bin\sprtsvc.exe
(SupportSoft, Inc.) C:\Program Files\VERIZONDM\bin\tgsrvc.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
() C:\Program Files\CMS Products\BounceBack Ultimate\BBLauncher.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Run StartupMonitor] => C:\WINDOWS\StartupMonitor.exe [86016 2000-05-20] ()
HKLM\...\Run: [] => [X]
HKLM\...\Run: [EzPrint] => C:\Program Files\Lexmark Pro200-S500 Series\ezprint.exe [148280 2010-05-05] ()
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: *‮* <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\188f1432-103a-4ffb-80f1-36b633c5c9e1\geardifx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avgnt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avcenter.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\ipmgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avwebloader.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\presetup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\wsctool.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avguard.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\ccuac.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\licmgr.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\188f1432-103a-4ffb-80f1-36b633c5c9e1\geardifx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\checkt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avupgsvc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\appremover_64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avguard.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\offercast_avirav7_.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\checkt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\presetup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\vcredist_x86.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avupgsvc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\insthlp.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\setuppending.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avconfig.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\sched.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\imp64b.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avguard.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\ipmgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\ipmgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\64bitproxy.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avwebgrd.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\appremover_cli.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\updrgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\checkt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\appremover_64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\wsctool.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avrestart.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avgnt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\inssda64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\appremover_64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\inssda64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\setup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avwsc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\fact.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avscan.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\checkt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avwebg7.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\fact.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avwebgrd.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avwebloader.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avscan.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\insthlp.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\appremover_cli.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\setup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avwebloader.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\guardgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\inssda64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\presetup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avupgsvc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\presetup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\imp64b.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avwebg7.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\gotoassistdownloadhelper.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\insthlp.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\fact.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avconfig.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avconfig.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\setup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\setuppending.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\setuppending.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avwsc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avwebg7.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\ipmgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avgnt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\188f1432-103a-4ffb-80f1-36b633c5c9e1\geardifx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avrestart.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\vcredist_x86.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\wsctool.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\inssda64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\update.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\sched.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avwebgrd.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avrestart.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avscan.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\offercast_avirav7_.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\updrgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\ccuac.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\64bitproxy.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\toastnotifier.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\update.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\setuppending.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\presetup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\offercast_avirav7_.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\licmgr.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avupgsvc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\insthlp.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\appremover_cli.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\64bitproxy.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avscan.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avwebg7.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avrestart.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\licmgr.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\vcredist_x86.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\appremover_64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\vcredist_x86.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\toastnotifier.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avscan.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\update.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avconfig.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avgnt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\gotoassistdownloadhelper.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\fact.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\setuppending.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\sched.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\update.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\imp64b.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\appremover_cli.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avcenter.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\vcredist_x86.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\188f1432-103a-4ffb-80f1-36b633c5c9e1\geardifx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\offercast_avirav7_.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avcenter.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\setup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\guardgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\ccuac.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\setup.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\64bitproxy.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avwsc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\updrgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\updrgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\sched.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avwebloader.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\toastnotifier.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\appremover_64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\updrgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\appremover_cli.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avcenter.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avwsc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\imp64b.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avguard.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\ccuac.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avconfig.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avwebgrd.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\imp64b.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avguard.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avrestart.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\licmgr.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\insthlp.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avcenter.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\ccuac.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\checkt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\guardgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\guardgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\licmgr.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\sched.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\offercast_avirav7_.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\wsctool.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\toastnotifier.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\ipmgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avwebgrd.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\avgnt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avwebloader.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\avwsc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\avwebg7.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\188f1432-103a-4ffb-80f1-36b633c5c9e1\geardifx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\toastnotifier.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\inssda64.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\guardgui.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\64bitproxy.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\aviraresume\wsctool.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\aviraresume\update.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\aviraresume\fact.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\aviraresume\avadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\aviraresume\avupgsvc.exe <====== ATTENTION
HKLM\...\Winlogon: [UIHost] C:\WINDOWS\system32\logonui.exe [514560 2008-04-14] (Microsoft Corporation)
Winlogon\Notify\avldr: C:\WINDOWS\system32\avldr.dll (On-Access Anti-Malware Scanner Sync)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-19\...\Run: [DellSupport] => C:\Program Files\Dell Support\DSAgnt.exe [332800 2005-05-15] (Gteko Ltd.)
HKU\S-1-5-19\...\MountPoints2: {361ac05d-0e0d-11da-9aa9-806d6172696f} - E:\setup.exe
HKU\S-1-5-20\...\Run: [DellSupport] => C:\Program Files\Dell Support\DSAgnt.exe [332800 2005-05-15] (Gteko Ltd.)
HKU\S-1-5-20\...\MountPoints2: {361ac05d-0e0d-11da-9aa9-806d6172696f} - E:\setup.exe
HKU\S-1-5-21-4230650497-4285135782-2684026053-1005\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-03-08] (Google Inc.)
HKU\S-1-5-21-4230650497-4285135782-2684026053-1005\...\Run: [Gmail Notifier.exe] => C:\Program Files\Gmail Notifier\Gmail Notifier.exe [2155008 2011-04-07] (www.gmailnotifier.com)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BounceBack Launcher.lnk
ShortcutTarget: BounceBack Launcher.lnk -> C:\Program Files\CMS Products\BounceBack Ultimate\BBStartup.exe ()
Startup: C:\Documents and Settings\nickf\Start Menu\Programs\Startup\SpywareGuard.lnk
ShortcutTarget: SpywareGuard.lnk -> C:\Program Files\SpywareGuard\sgmain.exe ()
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google%20chrome/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...=en&client=dell
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.co...=en&client=dell
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=en&client=dell
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://www.google.com"
HKU\S-1-5-21-4230650497-4285135782-2684026053-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: SpywareGuardDLBLOCK.CBrowserHelper -> {4A368E80-174F-4872-96B5-0B27DDD11DB2} -> C:\Program Files\SpywareGuard\dlprotect.dll ()
BHO: DriveLetterAccess -> {5CA3D70E-1895-11CF-8E15-001234567890} -> C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: CBrowserHelperObject Object -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> c:\Program Files\GoogleAFE\GoogleAE.dll (Google)
BHO: Lexmark Printable Web -> {D2C5E510-BE6D-42CC-9F61-E4F939078474} -> C:\Program Files\Lexmark Printable Web\bho.dll ()
Toolbar: HKLM - Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
ShellExecuteHooks: SpywareGuard.Handler - {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll [126976 2003-08-03] ()
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-18] (SuperAdBlocker.com)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Documents and Settings\nickf\Application Data\Mozilla\Firefox\Profiles\2j7b0irg.default-1408374960465
FF NewTab: 
FF SelectedSearchEngine: 
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: 
FF NetworkProxy: "socks_remote_dns", true
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\nickf\Application Data\Mozilla\Firefox\Profiles\2j7b0irg.default-1408374960465\searchplugins\.xml
FF Extension: flashlightstephennolancomau - C:\Documents and Settings\nickf\Application Data\Mozilla\Firefox\Profiles\2j7b0irg.default-1408374960465\Extensions\[email protected] [2014-11-01]
FF Extension: Browsers+Apps+1.1 - C:\Documents and Settings\nickf\Application Data\Mozilla\Firefox\Profiles\2j7b0irg.default-1408374960465\Extensions\[email protected] [2014-10-28]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-07-12]
 
Chrome: 
=======
CHR Profile: C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-12]
CHR Extension: (Google Drive) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-12]
CHR Extension: (YouTube) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-12]
CHR Extension: (Google Search) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-12]
CHR Extension: (Google Wallet) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-12]
CHR Extension: (Gmail) - C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-12]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-09-09] (SUPERAntiSpyware.com)
S4 Alerter; C:\WINDOWS\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Corporation) [File not signed]
R3 ALG; C:\WINDOWS\System32\alg.exe [44544 2008-04-14] (Microsoft Corporation) [File not signed]
S3 AppMgmt; C:\WINDOWS\System32\appmgmts.dll [167936 2008-04-14] (Microsoft Corporation) [File not signed]
R2 AudioSrv; C:\WINDOWS\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Corporation) [File not signed]
R2 BBWatcherService; C:\Program Files\CMS Products\BounceBack Ultimate\BBWatcherService.exe [65536 2010-06-14] (CMS Products, Inc.) [File not signed]
R2 BITS; C:\WINDOWS\system32\qmgr.dll [409088 2008-04-14] (Microsoft Corporation) [File not signed]
S2 Browser; C:\WINDOWS\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation) [File not signed]
S3 CiSvc; C:\WINDOWS\system32\cisvc.exe [5632 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ClipSrv; C:\WINDOWS\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Corporation) [File not signed]
R3 COMSysApp; C:\WINDOWS\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\WINDOWS\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\WINDOWS\System32\dhcpcsvc.dll [126976 2008-04-14] (Microsoft Corporation) [File not signed]
S3 dmadmin; C:\WINDOWS\System32\dmadmin.exe [224768 2008-04-14] (Microsoft Corp., Veritas Software) [File not signed]
R2 dmserver; C:\WINDOWS\System32\dmserver.dll [23552 2008-04-14] (Microsoft Corp.) [File not signed]
R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [45568 2009-04-20] (Microsoft Corporation) [File not signed]
S3 Dot3svc; C:\WINDOWS\System32\dot3svc.dll [132096 2008-04-14] (Microsoft Corporation) [File not signed]
S3 EapHost; C:\WINDOWS\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ehRecvr; C:\WINDOWS\eHome\ehRecvr.exe [237568 2006-10-09] (Microsoft Corporation) [File not signed]
R2 ehSched; C:\WINDOWS\eHome\ehSched.exe [102912 2005-08-05] (Microsoft Corporation) [File not signed]
R2 ERSvc; C:\WINDOWS\System32\ersvc.dll [23040 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Eventlog; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation) [File not signed]
R3 EventSystem; C:\WINDOWS\system32\es.dll [253952 2008-07-07] (Microsoft Corporation) [File not signed]
R3 FastUserSwitchingCompatibility; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation) [File not signed]
S2 Fax; C:\WINDOWS\system32\fxssvc.exe [267776 2008-04-14] (Microsoft Corporation) [File not signed]
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-28] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-28] (globalUpdate) [File not signed]
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [57520 2013-10-23] (Bitdefender)
R2 helpsvc; C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Corporation) [File not signed]
R2 HidServ; C:\WINDOWS\System32\hidserv.dll [21504 2008-04-14] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\WINDOWS\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Corporation) [File not signed]
R3 HTTPFilter; C:\WINDOWS\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Corporation) [File not signed]
S2 ImapiService; C:\WINDOWS\system32\imapi.exe [150528 2008-04-14] (Microsoft Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-02-15] (Oracle Corporation)
R2 lanmanserver; C:\WINDOWS\System32\srvsvc.dll [99840 2010-08-27] (Microsoft Corporation) [File not signed]
R2 lanmanworkstation; C:\WINDOWS\System32\wkssvc.dll [132096 2009-06-10] (Microsoft Corporation) [File not signed]
R2 LmHosts; C:\WINDOWS\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Corporation) [File not signed]
S2 lxebCATSCustConnectService; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxebserv.exe [193192 2010-04-14] (Lexmark International, Inc.)
R2 lxeb_device; C:\WINDOWS\system32\lxebcoms.exe [598696 2010-04-14] ( )
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation) [File not signed]
S4 Messenger; C:\WINDOWS\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
S3 mnmsrvc; C:\WINDOWS\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Corporation) [File not signed]
R3 MSDTC; C:\WINDOWS\system32\msdtc.exe [6144 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSIServer; C:\WINDOWS\System32\msiexec.exe [78848 2008-04-14] (Microsoft Corporation) [File not signed]
S3 napagent; C:\WINDOWS\System32\qagentrt.dll [291328 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NetDDE; C:\WINDOWS\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NetDDEdsdm; C:\WINDOWS\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Netman; C:\WINDOWS\System32\netman.dll [198144 2008-04-14] (Microsoft Corporation) [File not signed]
S3 NetSvc; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [147456 2004-11-19] (Intel® Corporation) [File not signed]
R3 Nla; C:\WINDOWS\System32\mswsock.dll [245248 2008-06-20] (Microsoft Corporation) [File not signed]
S3 NtLmSsp; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NtmsSvc; C:\WINDOWS\system32\ntmssvc.dll [435200 2008-04-14] (Microsoft Corporation) [File not signed]
R2 PlugPlay; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation) [File not signed]
R2 PolicyAgent; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ProtectedStorage; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S4 PuranDefrag; C:\WINDOWS\system32\PuranDefragS.exe [258048 2011-12-26] (Puran Software) [File not signed]
S3 RasAuto; C:\WINDOWS\System32\rasauto.dll [88576 2008-04-14] (Microsoft Corporation) [File not signed]
R3 RasMan; C:\WINDOWS\System32\rasmans.dll [186368 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RDSessMgr; C:\WINDOWS\system32\sessmgr.exe [141312 2008-04-14] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\WINDOWS\System32\mprdim.dll [53248 2008-04-14] (Microsoft Corporation) [File not signed]
R2 RemoteRegistry; C:\WINDOWS\system32\regsvc.dll [59904 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [75264 2008-04-14] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\WINDOWS\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed]
S3 RSVP; C:\WINDOWS\system32\rsvp.exe [132608 2004-08-10] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\WINDOWS\System32\SCardSvr.exe [95744 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\WINDOWS\system32\schedsvc.dll [192512 2008-04-14] (Microsoft Corporation) [File not signed]
R2 seclogon; C:\WINDOWS\System32\seclogon.dll [18944 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\WINDOWS\system32\sens.dll [39424 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SharedAccess; C:\WINDOWS\System32\ipnathlp.dll [331264 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\WINDOWS\system32\spoolsv.exe [58880 2010-08-17] (Microsoft Corporation) [File not signed]
R2 sprtsvc_verizondm; C:\Program Files\VERIZONDM\bin\sprtsvc.exe [206120 2012-09-06] (SupportSoft, Inc.)
R2 srservice; C:\WINDOWS\system32\srsvc.dll [171008 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SSDPSRV; C:\WINDOWS\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Corporation) [File not signed]
R2 stisvc; C:\WINDOWS\system32\wiaservc.dll [333824 2008-04-14] (Microsoft Corporation) [File not signed]
S2 SwPrv; C:\WINDOWS\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SysmonLog; C:\WINDOWS\system32\smlogsvc.exe [89600 2008-04-14] (Microsoft Corporation) [File not signed]
R3 TapiSrv; C:\WINDOWS\System32\tapisrv.dll [249856 2008-04-14] (Microsoft Corporation) [File not signed]
R3 TermService; C:\WINDOWS\System32\termsrv.dll [295424 2008-04-14] (Microsoft Corporation) [File not signed]
R2 tgsrvc_verizondm; C:\Program Files\VERIZONDM\bin\tgsrvc.exe [185640 2012-09-06] (SupportSoft, Inc.)
R2 Themes; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation) [File not signed]
S4 TlntSvr; C:\WINDOWS\system32\tlntsvr.exe [73216 2008-04-14] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\WINDOWS\system32\trkwks.dll [90112 2008-04-14] (Microsoft Corporation) [File not signed]
S3 upnphost; C:\WINDOWS\System32\upnphost.dll [185856 2008-04-14] (Microsoft Corporation) [File not signed]
S3 UPS; C:\WINDOWS\System32\ups.exe [18432 2008-04-14] (Microsoft Corporation) [File not signed]
S2 VSS; C:\WINDOWS\System32\vssvc.exe [289792 2008-04-14] (Microsoft Corporation) [File not signed]
R2 w32time; C:\WINDOWS\system32\w32time.dll [175104 2008-04-14] (Microsoft Corporation) [File not signed]
R2 WebClient; C:\WINDOWS\System32\webclnt.dll [68096 2008-04-14] (Microsoft Corporation) [File not signed]
R3 winmgmt; C:\WINDOWS\system32\wbem\WMIsvc.dll [144896 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WmdmPmSN; C:\WINDOWS\system32\MsPMSNSv.dll [27136 2009-01-30] (Microsoft Corporation) [File not signed]
S3 Wmi; C:\WINDOWS\System32\advapi32.dll [617472 2009-02-09] (Microsoft Corporation) [File not signed]
S3 WmiApSrv; C:\WINDOWS\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [913408 2009-01-30] (Microsoft Corporation) [File not signed]
R2 wscsvc; C:\WINDOWS\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Corporation) [File not signed]
R2 wuauserv; C:\WINDOWS\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WudfSvc; C:\WINDOWS\System32\WUDFSvc.dll [55808 2006-09-28] (Microsoft Corporation) [File not signed]
R2 WZCSVC; C:\WINDOWS\System32\wzcsvc.dll [483840 2008-04-14] (Microsoft Corporation) [File not signed]
S3 xmlprov; C:\WINDOWS\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Corporation) [File not signed]
S2 Panda Software Controller; "C:\Program Files\Panda Security\Panda Antivirus Pro 2014\PsCtrls.exe" [X]
S2 PAVSRV; "C:\Program Files\Panda Security\Panda Antivirus Pro 2014\pavsrvx86.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation) [File not signed]
R0 ACPI; C:\WINDOWS\System32\DRIVERS\ACPI.sys [187776 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ACPIEC; C:\WINDOWS\system32\Drivers\ACPIEC.sys [11648 2004-08-10] (Microsoft Corporation) [File not signed]
S4 adpu160m; C:\WINDOWS\system32\DRIVERS\adpu160m.sys [101888 2001-08-17] (Microsoft Corporation) [File not signed]
S3 aec; C:\WINDOWS\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Corporation) [File not signed]
R1 AFD; C:\WINDOWS\System32\drivers\afd.sys [138496 2011-08-17] (Microsoft Corporation) [File not signed]
S4 agp440; C:\WINDOWS\system32\DRIVERS\agp440.sys [42368 2008-04-14] (Microsoft Corporation) [File not signed]
S4 agpCPQ; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [44928 2008-04-14] (Microsoft Corporation) [File not signed]
S4 Aha154x; C:\WINDOWS\system32\DRIVERS\aha154x.sys [12800 2001-08-17] (Microsoft Corporation) [File not signed]
S4 aic78u2; C:\WINDOWS\system32\DRIVERS\aic78u2.sys [55168 2001-08-17] (Microsoft Corporation) [File not signed]
S4 aic78xx; C:\WINDOWS\system32\DRIVERS\aic78xx.sys [56960 2001-08-17] (Microsoft Corporation) [File not signed]
S4 AliIde; C:\WINDOWS\system32\DRIVERS\aliide.sys [5248 2001-08-17] (Acer Laboratories Inc.) [File not signed]
S4 alim1541; C:\WINDOWS\system32\DRIVERS\alim1541.sys [42752 2008-04-14] (Microsoft Corporation) [File not signed]
S4 amdagp; C:\WINDOWS\system32\DRIVERS\amdagp.sys [43008 2008-04-14] (Advanced Micro Devices, Inc.) [File not signed]
R2 AmFSM; C:\WINDOWS\System32\DRIVERS\amm8651.sys [63240 2012-03-26] (Panda Security, S.L.)
S4 amsint; C:\WINDOWS\system32\DRIVERS\amsint.sys [12032 2001-08-17] (Microsoft Corporation) [File not signed]
S4 asc; C:\WINDOWS\system32\DRIVERS\asc.sys [26496 2001-08-17] (Advanced System Products, Inc.) [File not signed]
S4 asc3350p; C:\WINDOWS\system32\DRIVERS\asc3350p.sys [22400 2001-08-17] (Microsoft Corporation) [File not signed]
S4 asc3550; C:\WINDOWS\system32\DRIVERS\asc3550.sys [14848 2001-08-17] (Advanced System Products, Inc.) [File not signed]
S3 AsyncMac; C:\WINDOWS\System32\DRIVERS\asyncmac.sys [14336 2008-04-14] (Microsoft Corporation) [File not signed]
R0 atapi; C:\WINDOWS\System32\DRIVERS\atapi.sys [96512 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Atmarpc; C:\WINDOWS\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] (Microsoft Corporation) [File not signed]
R3 audstub; C:\WINDOWS\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation) [File not signed]
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [633344 2013-04-17] (BitDefender)
R3 avchv; C:\WINDOWS\System32\DRIVERS\avchv.sys [242504 2012-11-02] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [486536 2013-04-17] (BitDefender)
R1 bdftdif; C:\Program Files\Bitdefender\Antivirus Free Edition\bdftdif.sys [148600 2013-04-17] (Bitdefender SRL)
R1 bdselfpr; C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys [135472 2013-07-16] (BitDefender LLC)
R1 Beep; C:\WINDOWS\system32\Drivers\Beep.sys [4224 2004-08-10] (Microsoft Corporation) [File not signed]
S4 cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [13952 2001-08-17] (Microsoft Corporation) [File not signed]
S4 cbidf2k; C:\WINDOWS\system32\Drivers\cbidf2k.sys [13952 2001-08-17] (Microsoft Corporation) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) [File not signed]
S4 cd20xrnt; C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys [7680 2001-08-17] (Microsoft Corporation) [File not signed]
S1 Cdaudio; C:\WINDOWS\system32\Drivers\Cdaudio.sys [18688 2004-08-10] (Microsoft Corporation) [File not signed]
R4 Cdfs; C:\WINDOWS\system32\Drivers\Cdfs.sys [63744 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Cdrom; C:\WINDOWS\System32\DRIVERS\cdrom.sys [62976 2008-04-14] (Microsoft Corporation) [File not signed]
S4 CmdIde; C:\WINDOWS\system32\DRIVERS\cmdide.sys [6656 2001-08-17] (CMD Technology, Inc.) [File not signed]
S4 Cpqarray; C:\WINDOWS\system32\DRIVERS\cpqarray.sys [14976 2001-08-17] (Microsoft Corporation) [File not signed]
S4 dac2w2k; C:\WINDOWS\system32\DRIVERS\dac2w2k.sys [179584 2001-08-17] (Mylex Corporation) [File not signed]
S4 dac960nt; C:\WINDOWS\system32\DRIVERS\dac960nt.sys [14720 2001-08-17] (Microsoft Corporation) [File not signed]
R0 Disk; C:\WINDOWS\System32\DRIVERS\disk.sys [36352 2008-04-13] (Microsoft Corporation) [File not signed]
S4 dmboot; C:\WINDOWS\System32\drivers\dmboot.sys [799744 2008-04-14] (Microsoft Corp., Veritas Software) [File not signed]
R0 dmio; C:\WINDOWS\System32\drivers\dmio.sys [153344 2008-04-14] (Microsoft Corp., Veritas Software) [File not signed]
R0 dmload; C:\WINDOWS\System32\drivers\dmload.sys [5888 2004-08-10] (Microsoft Corp., Veritas Software.) [File not signed]
S3 DMusic; C:\WINDOWS\System32\drivers\DMusic.sys [52864 2008-04-14] (Microsoft Corporation) [File not signed]
S4 dpti2o; C:\WINDOWS\system32\DRIVERS\dpti2o.sys [20192 2001-08-17] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\WINDOWS\System32\drivers\drmkaud.sys [2944 2008-04-14] (Microsoft Corporation) [File not signed]
R0 drvmcdb; C:\WINDOWS\System32\drivers\drvmcdb.sys [87488 2004-12-01] (Sonic Solutions) [File not signed]
R2 drvnddm; C:\WINDOWS\System32\drivers\drvnddm.sys [40480 2004-11-23] (Sonic Solutions) [File not signed]
R3 E100B; C:\WINDOWS\System32\DRIVERS\e100b325.sys [155648 2004-10-14] (Intel Corporation) [File not signed]
R4 Fastfat; C:\WINDOWS\system32\Drivers\Fastfat.sys [143744 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Fdc; C:\WINDOWS\System32\DRIVERS\fdc.sys [27392 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Fips; C:\WINDOWS\system32\Drivers\Fips.sys [44544 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Flpydisk; C:\WINDOWS\System32\DRIVERS\flpydisk.sys [20480 2008-04-14] (Microsoft Corporation) [File not signed]
R0 FltMgr; C:\WINDOWS\System32\drivers\fltmgr.sys [129792 2008-04-14] (Microsoft Corporation) [File not signed]
U1 Fs_Rec; C:\WINDOWS\system32\Drivers\Fs_Rec.sys [7936 2004-08-10] (Microsoft Corporation) [File not signed]
R0 Ftdisk; C:\WINDOWS\System32\DRIVERS\ftdisk.sys [125056 2001-08-17] (Microsoft Corporation) [File not signed]
R3 Gpc; C:\WINDOWS\System32\DRIVERS\msgpc.sys [35072 2008-04-14] (Microsoft Corporation) [File not signed]
R1 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [164952 2013-04-22] (BitDefender LLC)
R3 HDAudBus; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows ® Server 2003 DDK provider) [File not signed]
R3 HidUsb; C:\WINDOWS\System32\DRIVERS\hidusb.sys [10368 2008-04-14] (Microsoft Corporation) [File not signed]
S4 hpn; C:\WINDOWS\system32\DRIVERS\hpn.sys [25952 2001-08-17] (Microsoft Corporation) [File not signed]
R3 HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys [212224 2003-11-17] (Conexant Systems, Inc.) [File not signed]
R3 HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [1042432 2003-11-17] (Conexant Systems, Inc.) [File not signed]
R3 HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [265728 2009-10-20] (Microsoft Corporation) [File not signed]
S3 HWHandSet; C:\WINDOWS\System32\DRIVERS\hw_quusbmdm.sys [195200 2011-10-23] (Huawei Technologies Co., Ltd.) [File not signed]
R1 i2omgmt; C:\WINDOWS\system32\Drivers\i2omgmt.sys [8576 2008-04-14] (Microsoft Corporation) [File not signed]
S4 i2omp; C:\WINDOWS\system32\DRIVERS\i2omp.sys [18560 2008-04-14] (Microsoft Corporation) [File not signed]
S1 i8042prt; C:\WINDOWS\System32\DRIVERS\i8042prt.sys [52480 2008-04-14] (Microsoft Corporation) [File not signed]
R3 ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [1302812 2005-10-14] (Intel Corporation) [File not signed]
R1 Imapi; C:\WINDOWS\System32\DRIVERS\imapi.sys [42112 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ini910u; C:\WINDOWS\system32\DRIVERS\ini910u.sys [16000 2001-08-17] (Microsoft Corporation) [File not signed]
R0 IntelIde; C:\WINDOWS\System32\DRIVERS\intelide.sys [5504 2008-04-14] (Microsoft Corporation) [File not signed]
R1 intelppm; C:\WINDOWS\System32\DRIVERS\intelppm.sys [36352 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Ip6Fw; C:\WINDOWS\System32\drivers\ip6fw.sys [36608 2008-04-14] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [32896 2004-08-10] (Microsoft Corporation) [File not signed]
S3 IpInIp; C:\WINDOWS\System32\DRIVERS\ipinip.sys [20864 2008-04-14] (Microsoft Corporation) [File not signed]
R3 IpNat; C:\WINDOWS\System32\DRIVERS\ipnat.sys [152832 2008-04-14] (Microsoft Corporation) [File not signed]
R1 IPSec; C:\WINDOWS\System32\DRIVERS\ipsec.sys [75264 2008-04-14] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\WINDOWS\System32\DRIVERS\irenum.sys [11264 2008-04-14] (Microsoft Corporation) [File not signed]
R0 isapnp; C:\WINDOWS\System32\DRIVERS\isapnp.sys [37248 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Kbdclass; C:\WINDOWS\System32\DRIVERS\kbdclass.sys [24576 2008-04-14] (Microsoft Corporation) [File not signed]
R1 kbdhid; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [14592 2008-04-14] (Microsoft Corporation) [File not signed]
R3 kmixer; C:\WINDOWS\System32\drivers\kmixer.sys [172416 2008-04-14] (Microsoft Corporation) [File not signed]
R0 KSecDD; C:\WINDOWS\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation) [File not signed]
R3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [114904 2014-11-01] (Malwarebytes Corporation)
R2 mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [11043 2003-04-09] (Conexant) [File not signed]
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
R1 mnmdd; C:\WINDOWS\system32\Drivers\mnmdd.sys [4224 2004-08-10] (Microsoft Corporation) [File not signed]
R3 Modem; C:\WINDOWS\system32\Drivers\Modem.sys [30080 2008-04-14] (Microsoft Corporation) [File not signed]
R3 MODEMCSA; C:\WINDOWS\System32\drivers\MODEMCSA.sys [16128 2001-08-17] (Microsoft Corporation) [File not signed]
R1 Mouclass; C:\WINDOWS\System32\DRIVERS\mouclass.sys [23040 2008-04-14] (Microsoft Corporation) [File not signed]
R3 mouhid; C:\WINDOWS\System32\DRIVERS\mouhid.sys [12160 2001-08-17] (Microsoft Corporation) [File not signed]
R0 MountMgr; C:\WINDOWS\system32\Drivers\MountMgr.sys [42368 2008-04-14] (Microsoft Corporation) [File not signed]
S4 mraid35x; C:\WINDOWS\system32\DRIVERS\mraid35x.sys [17280 2001-08-17] (American Megatrends Inc.) [File not signed]
R3 MRxDAV; C:\WINDOWS\System32\DRIVERS\mrxdav.sys [180608 2008-04-14] (Microsoft Corporation) [File not signed]
R1 MRxSmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [456320 2011-07-15] (Microsoft Corporation) [File not signed]
R1 Msfs; C:\WINDOWS\system32\Drivers\Msfs.sys [19072 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\WINDOWS\System32\drivers\MSKSSRV.sys [7552 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\WINDOWS\System32\drivers\MSPCLOCK.sys [5376 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\WINDOWS\System32\drivers\MSPQM.sys [4992 2008-04-14] (Microsoft Corporation) [File not signed]
R3 mssmbios; C:\WINDOWS\System32\DRIVERS\mssmbios.sys [15488 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\WINDOWS\System32\drivers\MSTEE.sys [5504 2008-04-14] (Microsoft Corporation) [File not signed]
R0 Mup; C:\WINDOWS\system32\Drivers\Mup.sys [105472 2011-04-21] (Microsoft Corporation) [File not signed]
S3 NABTSFEC; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation) [File not signed]
R0 NDIS; C:\WINDOWS\system32\Drivers\NDIS.sys [182656 2008-04-14] (Microsoft Corporation) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation) [File not signed]
R3 Ndisuio; C:\WINDOWS\System32\DRIVERS\ndisuio.sys [14592 2008-04-14] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\WINDOWS\System32\DRIVERS\ndiswan.sys [91520 2008-04-14] (Microsoft Corporation) [File not signed]
R3 NDProxy; C:\WINDOWS\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\WINDOWS\System32\DRIVERS\netbios.sys [34688 2008-04-14] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\WINDOWS\System32\DRIVERS\netbt.sys [162816 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Npfs; C:\WINDOWS\system32\Drivers\Npfs.sys [30848 2008-04-14] (Microsoft Corporation) [File not signed]
R4 Ntfs; C:\WINDOWS\system32\Drivers\Ntfs.sys [574976 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Null; C:\WINDOWS\system32\Drivers\Null.sys [2944 2004-08-10] (Microsoft Corporation) [File not signed]
S3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [1897408 2004-08-03] (NVIDIA Corporation) [File not signed]
S3 NwlnkFlt; C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys [12416 2004-08-10] (Microsoft Corporation) [File not signed]
S3 NwlnkFwd; C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys [32512 2004-08-10] (Microsoft Corporation) [File not signed]
S3 Parport; C:\WINDOWS\System32\DRIVERS\parport.sys [80128 2008-04-14] (Microsoft Corporation) [File not signed]
R0 PartMgr; C:\WINDOWS\system32\Drivers\PartMgr.sys [19712 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ParVdm; C:\WINDOWS\system32\Drivers\ParVdm.sys [6784 2004-08-10] (Microsoft Corporation) [File not signed]
R0 pavboot; C:\WINDOWS\System32\Drivers\pavboot.sys [26696 2010-06-22] (Panda Security, S.L.)
R0 PCI; C:\WINDOWS\System32\DRIVERS\pci.sys [68224 2008-04-14] (Microsoft Corporation) [File not signed]
R0 PCIIde; C:\WINDOWS\System32\DRIVERS\pciide.sys [3328 2001-08-17] (Microsoft Corporation) [File not signed]
S4 Pcmcia; C:\WINDOWS\system32\Drivers\Pcmcia.sys [120192 2008-04-14] (Microsoft Corporation) [File not signed]
S4 perc2; C:\WINDOWS\system32\DRIVERS\perc2.sys [27296 2001-08-17] (Microsoft Corporation) [File not signed]
S4 perc2hib; C:\WINDOWS\system32\DRIVERS\perc2hib.sys [5504 2001-08-17] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:\WINDOWS\System32\DRIVERS\raspptp.sys [48384 2008-04-14] (Microsoft Corporation) [File not signed]
R3 PSched; C:\WINDOWS\System32\DRIVERS\psched.sys [69120 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Ptilink; C:\WINDOWS\System32\DRIVERS\ptilink.sys [17792 2004-08-10] (Parallel Technologies, Inc.) [File not signed]
S4 ql1080; C:\WINDOWS\system32\DRIVERS\ql1080.sys [40320 2001-08-17] (QLogic Corporation) [File not signed]
S4 Ql10wnt; C:\WINDOWS\system32\DRIVERS\ql10wnt.sys [33152 2001-08-17] (Microsoft Corporation) [File not signed]
S4 ql12160; C:\WINDOWS\system32\DRIVERS\ql12160.sys [45312 2001-08-17] (QLogic Corporation) [File not signed]
S4 ql1240; C:\WINDOWS\system32\DRIVERS\ql1240.sys [40448 2001-08-17] (Microsoft Corporation) [File not signed]
S4 ql1280; C:\WINDOWS\system32\DRIVERS\ql1280.sys [49024 2001-08-17] (QLogic Corporation) [File not signed]
R1 RasAcd; C:\WINDOWS\System32\DRIVERS\rasacd.sys [8832 2004-08-10] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\WINDOWS\System32\DRIVERS\rasl2tp.sys [51328 2008-04-14] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [41472 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Raspti; C:\WINDOWS\System32\DRIVERS\raspti.sys [16512 2004-08-10] (Microsoft Corporation) [File not signed]
R1 Rdbss; C:\WINDOWS\System32\DRIVERS\rdbss.sys [175744 2008-04-14] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [4224 2004-08-10] (Microsoft Corporation) [File not signed]
R3 rdpdr; C:\WINDOWS\System32\DRIVERS\rdpdr.sys [196224 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RDPWD; C:\WINDOWS\system32\Drivers\RDPWD.sys [139784 2012-07-04] (Microsoft Corporation) [File not signed]
R1 redbook; C:\WINDOWS\System32\DRIVERS\redbook.sys [57600 2008-04-14] (Microsoft Corporation) [File not signed]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [20480 2008-04-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 serenum; C:\WINDOWS\System32\DRIVERS\serenum.sys [15744 2008-04-14] (Microsoft Corporation) [File not signed]
S1 Serial; C:\WINDOWS\System32\DRIVERS\serial.sys [64512 2008-04-14] (Microsoft Corporation) [File not signed]
S1 Sfloppy; C:\WINDOWS\system32\Drivers\Sfloppy.sys [11392 2008-04-14] (Microsoft Corporation) [File not signed]
S4 sisagp; C:\WINDOWS\system32\DRIVERS\sisagp.sys [40960 2008-04-14] (Silicon Integrated Systems Corporation) [File not signed]
S3 SLIP; C:\WINDOWS\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation) [File not signed]
S4 Sparrow; C:\WINDOWS\system32\DRIVERS\sparrow.sys [19072 2001-08-17] (Adaptec, Inc.) [File not signed]
S3 splitter; C:\WINDOWS\System32\drivers\splitter.sys [6272 2008-04-14] (Microsoft Corporation) [File not signed]
R0 sr; C:\WINDOWS\System32\DRIVERS\sr.sys [73472 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Srv; C:\WINDOWS\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation) [File not signed]
R1 sscdbhk5; C:\WINDOWS\System32\drivers\sscdbhk5.sys [5627 2004-07-14] (Sonic Solutions) [File not signed]
R1 ssrtln; C:\WINDOWS\System32\drivers\ssrtln.sys [23545 2004-07-14] (Sonic Solutions) [File not signed]
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1022040 2005-08-17] (SigmaTel, Inc.) [File not signed]
S3 streamip; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation) [File not signed]
R3 swenum; C:\WINDOWS\System32\DRIVERS\swenum.sys [4352 2008-04-14] (Microsoft Corporation) [File not signed]
S3 swmidi; C:\WINDOWS\System32\drivers\swmidi.sys [56576 2008-04-14] (Microsoft Corporation) [File not signed]
S4 symc810; C:\WINDOWS\system32\DRIVERS\symc810.sys [16256 2001-08-17] (Symbios Logic Inc.) [File not signed]
S4 symc8xx; C:\WINDOWS\system32\DRIVERS\symc8xx.sys [32640 2001-08-17] (LSI Logic) [File not signed]
S4 sym_hi; C:\WINDOWS\system32\DRIVERS\sym_hi.sys [28384 2001-08-17] (LSI Logic) [File not signed]
S4 sym_u3; C:\WINDOWS\system32\DRIVERS\sym_u3.sys [30688 2001-08-17] (LSI Logic) [File not signed]
R3 sysaudio; C:\WINDOWS\System32\drivers\sysaudio.sys [60800 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2008-06-20] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\WINDOWS\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\WINDOWS\system32\Drivers\TDTCP.sys [21896 2008-04-14] (Microsoft Corporation) [File not signed]
R1 TermDD; C:\WINDOWS\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation) [File not signed]
R2 tfsnboio; C:\WINDOWS\System32\dla\tfsnboio.sys [25883 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsncofs; C:\WINDOWS\System32\dla\tfsncofs.sys [34843 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsndrct; C:\WINDOWS\System32\dla\tfsndrct.sys [4123 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsndres; C:\WINDOWS\System32\dla\tfsndres.sys [2239 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnifs; C:\WINDOWS\System32\dla\tfsnifs.sys [86586 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnopio; C:\WINDOWS\System32\dla\tfsnopio.sys [15227 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnpool; C:\WINDOWS\System32\dla\tfsnpool.sys [6363 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnudf; C:\WINDOWS\System32\dla\tfsnudf.sys [98714 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnudfa; C:\WINDOWS\System32\dla\tfsnudfa.sys [100603 2004-12-06] (Sonic Solutions) [File not signed]
S4 TosIde; C:\WINDOWS\system32\DRIVERS\toside.sys [4992 2001-08-17] (Microsoft Corporation) [File not signed]
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [355744 2013-05-28] (BitDefender S.R.L.)
S4 Udfs; C:\WINDOWS\system32\Drivers\Udfs.sys [66048 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ultra; C:\WINDOWS\system32\DRIVERS\ultra.sys [36736 2001-08-17] (Promise Technology, Inc.) [File not signed]
R3 Update; C:\WINDOWS\System32\DRIVERS\update.sys [384768 2008-04-14] (Microsoft Corporation) [File not signed]
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [44032 2012-07-09] (Apple, Inc.) [File not signed]
R3 usbaudio; C:\WINDOWS\System32\drivers\usbaudio.sys [60160 2013-07-16] (Microsoft Corporation) [File not signed]
R0 usbccgp; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [32384 2013-08-08] (Microsoft Corporation) [File not signed]
R0 usbehci; C:\WINDOWS\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation) [File not signed]
R0 usbhub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [59520 2008-04-14] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\WINDOWS\System32\DRIVERS\usbprint.sys [25856 2008-04-14] (Microsoft Corporation) [File not signed]
S3 usbscan; C:\WINDOWS\System32\DRIVERS\usbscan.sys [14976 2013-07-02] (Microsoft Corporation) [File not signed]
R0 USBSTOR; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-13] (Microsoft Corporation) [File not signed]
R0 usbuhci; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [20608 2008-04-14] (Microsoft Corporation) [File not signed]
S3 usbvideo; C:\WINDOWS\System32\Drivers\usbvideo.sys [123008 2013-07-16] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\WINDOWS\System32\drivers\vga.sys [20992 2008-04-14] (Microsoft Corporation) [File not signed]
S4 viaagp; C:\WINDOWS\system32\DRIVERS\viaagp.sys [42240 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ViaIde; C:\WINDOWS\system32\DRIVERS\viaide.sys [5376 2008-04-14] (Microsoft Corporation) [File not signed]
R0 VolSnap; C:\WINDOWS\system32\Drivers\VolSnap.sys [52352 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Wanarp; C:\WINDOWS\System32\DRIVERS\wanarp.sys [34560 2008-04-14] (Microsoft Corporation) [File not signed]
R3 wdmaud; C:\WINDOWS\System32\drivers\wdmaud.sys [83072 2008-04-14] (Microsoft Corporation) [File not signed]
R3 winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [680704 2003-11-17] (Conexant Systems, Inc.) [File not signed]
S3 WSTCODEC; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WudfPf; C:\WINDOWS\System32\DRIVERS\WudfPf.sys [77568 2006-09-28] (Microsoft Corporation) [File not signed]
S3 WudfRd; C:\WINDOWS\System32\DRIVERS\wudfrd.sys [82944 2006-09-28] (Microsoft Corporation) [File not signed]
S3 bvrp_pci; No ImagePath
S0 cfadisk; system32\DRIVERS\cmsMDrv.sys [X]
S3 FilterService; No ImagePath
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2011-10-23] (Huawei Technologies Co., Ltd.) [File not signed]
S1 MpKslfa84aa5f; \??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D89FD71A-C1F3-441C-BB09-304B715B019A}\MpKslfa84aa5f.sys [X]
S3 PavTPK.sys; \??\C:\WINDOWS\system32\PavTPK.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) [File not signed]
S3 wanatw; No ImagePath
U1 WS2IFSL; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-02 13:22 - 2014-11-02 13:22 - 00083143 _____ () C:\Documents and Settings\nickf\Desktop\FRST.txt
2014-11-02 13:21 - 2014-11-02 13:22 - 00000000 ____D () C:\FRST
2014-11-02 13:20 - 2014-11-02 13:20 - 01106432 _____ (Farbar) C:\Documents and Settings\nickf\Desktop\FRST.exe
2014-11-01 11:13 - 2014-11-01 11:13 - 00000000 ___HD () C:\WINDOWS\PIF
2014-11-01 10:18 - 2014-11-01 10:18 - 00000000 ____D () C:\SUPERDelete
2014-10-31 15:41 - 2014-10-31 15:42 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-28 22:29 - 2014-10-28 22:29 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2014-10-28 22:29 - 2014-10-28 22:29 - 00000000 ____D () C:\Documents and Settings\nickf\Application Data\DivX
2014-10-28 22:29 - 2014-10-28 22:29 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\DivX
2014-10-28 22:28 - 2014-10-28 22:29 - 00000000 ____D () C:\Program Files\DivX
2014-10-28 22:27 - 2014-10-28 22:29 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\DivX
2014-10-28 15:18 - 2014-11-02 13:14 - 00000000 ____D () C:\Documents and Settings\nickf\Desktop\New Folder
2014-10-28 14:18 - 2014-10-28 17:47 - 00000000 ____D () C:\Program Files\dvdSanta
2014-10-28 14:18 - 2014-10-28 17:47 - 00000000 ____D () C:\dvdsanta
2014-10-28 14:18 - 2014-10-28 14:18 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\dvdSanta
2014-10-28 14:18 - 2007-04-22 21:11 - 01216512 ____N () C:\WINDOWS\system32\xvidcore.dll
2014-10-28 14:18 - 2007-04-22 21:11 - 00237568 ____N () C:\WINDOWS\system32\xvidvfw.dll
2014-10-28 14:18 - 2007-04-22 21:11 - 00061440 ____N () C:\WINDOWS\system32\xvid.ax
2014-10-28 14:18 - 2007-04-22 21:10 - 00237568 ____N () C:\WINDOWS\system32\OggDS.dll
2014-10-28 14:18 - 2007-04-22 21:09 - 00921600 ____N () C:\WINDOWS\system32\vorbisenc.dll
2014-10-28 14:18 - 2007-04-22 21:09 - 00188416 ____N () C:\WINDOWS\system32\vorbis.dll
2014-10-28 14:18 - 2007-04-22 21:09 - 00045056 ____N () C:\WINDOWS\system32\ogg.dll
2014-10-28 14:18 - 2006-10-28 10:11 - 00516096 ____N () C:\WINDOWS\system32\ac3filter.ax
2014-10-28 14:18 - 2004-09-23 18:20 - 00290304 ____N (DivXNetworks, Inc.) C:\WINDOWS\system32\divxdec.ax
2014-10-28 14:18 - 2004-04-30 20:46 - 00028672 ____N (Cyberlink) C:\WINDOWS\system32\qtalt.ax
2014-10-28 14:18 - 2004-03-26 15:32 - 00116224 ____N (Gabest) C:\WINDOWS\system32\rmalt.ax
2014-10-28 14:18 - 2004-01-10 17:02 - 00258048 ____N (Peter Wimmer, Gabest) C:\WINDOWS\system32\GplMpgDec.ax
2014-10-28 14:02 - 2014-10-28 14:02 - 00000797 ____N () C:\graph.txt
2014-10-28 13:54 - 2014-10-28 17:12 - 00000026 ____N () C:\WINDOWS\dvdSanta.INI
2014-10-28 13:50 - 2014-10-28 13:50 - 00000000 ____D () C:\TempDVD
2014-10-28 11:49 - 2014-10-28 11:49 - 00000000 ____D () C:\Documents and Settings\nickf\Local Settings\Application Data\Panda Security
2014-10-28 11:47 - 2012-11-16 11:08 - 00518432 ____N (Panda Security, S.L.) C:\WINDOWS\system32\PavSHook.dll
2014-10-28 11:47 - 2012-05-17 15:42 - 00087328 ____N (Panda Security, S.L.) C:\WINDOWS\system32\PavLspHook.dll
2014-10-28 11:47 - 2010-06-22 17:13 - 00026696 ____N (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\pavboot.sys
2014-10-28 11:47 - 2010-06-21 16:02 - 00193344 ____N (Panda Security, S.L.) C:\WINDOWS\system32\TpUtil.dll
2014-10-28 11:47 - 2010-06-21 16:01 - 00055616 ____N (Panda Security, S.L.) C:\WINDOWS\system32\pavipc.dll
2014-10-28 11:47 - 2007-03-15 18:38 - 00054832 ____N (Panda Software) C:\WINDOWS\system32\pavcpl.cpl
2014-10-28 11:47 - 2007-02-08 09:53 - 00107568 ____N (Panda Software) C:\WINDOWS\system32\SYSTOOLS.DLL
2014-10-28 11:47 - 2003-10-22 17:23 - 00446464 ____N (eHelp Corporation.) C:\WINDOWS\system32\HHActiveX.dll
2014-10-28 11:46 - 2014-10-28 12:09 - 00000000 ____D () C:\Program Files\Panda Security
2014-10-28 11:46 - 2014-10-28 11:46 - 00000000 ____D () C:\Documents and Settings\nickf\Start Menu\Programs\VOPackage
2014-10-28 11:46 - 2014-10-28 11:46 - 00000000 ____D () C:\Documents and Settings\nickf\Application Data\Panda Security
2014-10-28 11:46 - 2014-10-28 11:46 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Panda Security
2014-10-28 11:46 - 2012-03-26 17:57 - 00063240 ____N (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\amm8651.sys
2014-10-28 11:46 - 2010-03-24 11:55 - 00055552 ____N (On-Access Anti-Malware Scanner Sync) C:\WINDOWS\system32\avldr.dll
2014-10-28 11:45 - 2014-11-02 12:45 - 00002426 _____ () C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-5.job
2014-10-28 11:45 - 2014-10-28 11:46 - 00000000 ____D () C:\Documents and Settings\nickf\Local Settings\Application Data\LPT
2014-10-28 11:45 - 2014-10-28 11:45 - 00000000 ____D () C:\Documents and Settings\nickf\Local Settings\Application Data\Smartbar
2014-10-28 11:44 - 2014-11-02 12:45 - 00002090 _____ () C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-2.job
2014-10-28 11:44 - 2014-11-02 12:44 - 00004138 _____ () C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-4.job
2014-10-28 11:44 - 2014-11-02 12:44 - 00003438 _____ () C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-1.job
2014-10-28 11:44 - 2014-10-28 11:44 - 01499040 ____N (app) C:\Documents and Settings\nickf\Application Data\CC.exe
2014-10-28 11:43 - 2014-11-02 12:43 - 00005164 _____ () C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-11.job
2014-10-28 11:43 - 2014-11-02 12:43 - 00004138 _____ () C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-6.job
2014-10-28 11:43 - 2014-11-02 12:43 - 00003794 _____ () C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-7.job
2014-10-28 11:43 - 2014-11-01 18:13 - 00000874 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-10-28 11:42 - 2014-11-02 12:42 - 00004474 _____ () C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-3.job
2014-10-28 11:42 - 2014-10-28 11:42 - 00000000 ____D () C:\Program Files\globalUpdate
2014-10-28 11:42 - 2014-10-28 11:42 - 00000000 ____D () C:\Documents and Settings\nickf\Local Settings\Application Data\globalUpdate
2014-10-12 06:53 - 2014-10-12 06:55 - 00000071 ____H () C:\Documents and Settings\nickf\My Documents\.picasa.ini
2014-10-11 10:04 - 2014-10-16 06:43 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\msgr. ryan
2014-10-11 08:47 - 2014-10-11 08:56 - 00000000 ____D () C:\Documents and Settings\nickf\ginestris14
2014-10-11 08:46 - 2014-10-11 08:47 - 00000000 ____D () C:\Documents and Settings\nickf\ginestris
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-02 13:22 - 2014-07-12 11:08 - 00000000 ____D () C:\Documents and Settings\nickf\Local Settings\Temp
2014-11-02 13:19 - 2012-03-06 23:55 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-02 06:44 - 2014-07-12 12:19 - 00032202 ____N () C:\WINDOWS\SchedLgU.Txt
2014-11-02 01:19 - 2012-03-06 23:55 - 00000882 ____N () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-01 20:11 - 2014-07-12 12:19 - 00000209 ____N () C:\WINDOWS\wiadebug.log
2014-11-01 20:11 - 2014-07-12 12:19 - 00000049 ____N () C:\WINDOWS\wiaservc.log
2014-11-01 19:12 - 2014-07-12 12:19 - 02004533 ____N () C:\WINDOWS\WindowsUpdate.log
2014-11-01 18:15 - 2013-04-12 19:47 - 00000616 ____H () C:\WINDOWS\Tasks\ConfigExec.job
2014-11-01 18:14 - 2014-07-12 12:06 - 00000000 ____D () C:\WINDOWS\Registration
2014-11-01 18:14 - 2014-07-12 10:59 - 00000000 ____D () C:\Documents and Settings\nickf\Application Data\Gmail Notifier
2014-11-01 18:14 - 2012-03-07 08:32 - 00158818 ____N () C:\Documents and Settings\All Users\lxebscan.log
2014-11-01 18:13 - 2014-08-22 12:15 - 00000510 _____ () C:\WINDOWS\Tasks\Amazon Music Helper.job
2014-11-01 18:13 - 2012-08-30 14:34 - 00000278 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-4230650497-4285135782-2684026053-1005.job
2014-11-01 18:13 - 2005-08-16 05:49 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-01 18:12 - 2014-07-12 11:30 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-01 18:12 - 2012-03-07 09:54 - 00000000 _____ () C:\WINDOWS\system32\Drivers\lvuvc.hs
2014-11-01 15:00 - 2014-07-14 09:05 - 00000000 ____D () C:\Documents and Settings\All Users\Lx_cats
2014-11-01 10:16 - 2014-07-12 11:32 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-11-01 08:54 - 2014-07-12 11:05 - 00000000 ___RD () C:\Documents and Settings\nickf\Desktop\smith lane
2014-11-01 08:47 - 2014-05-18 15:57 - 00114904 ____N (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-01 08:46 - 2014-07-12 11:29 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-11-01 08:46 - 2014-05-18 15:57 - 00000781 ____N () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-01 07:48 - 2014-07-12 11:06 - 00000000 ___RD () C:\Documents and Settings\nickf\Desktop\xmass list
2014-10-31 11:30 - 2014-05-28 12:51 - 00000462 ____N () C:\WINDOWS\Tasks\CMS Application Updater.job
2014-10-29 18:14 - 2012-08-30 14:34 - 00000286 ____N () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-4230650497-4285135782-2684026053-1005.job
2014-10-29 12:45 - 2014-07-13 08:10 - 00340354 ____N () C:\Documents and Settings\LocalService.NT AUTHORITY.004\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-4230650497-4285135782-2684026053-1005-0.dat
2014-10-29 12:45 - 2014-07-12 14:12 - 00340354 ____N () C:\Documents and Settings\LocalService.NT AUTHORITY.004\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-10-29 12:45 - 2014-07-12 12:23 - 00000178 ___SH () C:\Documents and Settings\nickf\ntuser.ini
2014-10-29 12:44 - 2014-07-12 11:11 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\danas wedding
2014-10-28 19:15 - 2014-09-27 17:49 - 00021238 ____N () C:\WINDOWS\setupapi.log
2014-10-28 17:39 - 2012-03-20 20:37 - 00030208 ____N () C:\Documents and Settings\nickf\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-28 17:33 - 2014-07-12 11:14 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\house under const
2014-10-28 14:34 - 2014-07-12 11:05 - 00000000 ___RD () C:\Documents and Settings\nickf\Desktop\unused
2014-10-28 12:57 - 2014-07-12 10:59 - 00000000 ____D () C:\Documents and Settings\nickf\Application Data\DVD Flick
2014-10-28 11:46 - 2014-07-12 11:24 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-10-27 11:34 - 2014-07-12 11:14 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\house finished
2014-10-23 12:52 - 2012-03-21 15:08 - 00004335 ____N () C:\Documents and Settings\All Users\lxebDiagnostics.log
2014-10-22 09:12 - 2014-07-12 10:57 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Lexmark Pro200-S500 Series
2014-10-22 09:11 - 2012-03-07 08:45 - 00042774 ____N () C:\Documents and Settings\All Users\lxebJSW.log
2014-10-20 19:34 - 2014-07-14 12:10 - 00000818 ____N () C:\Documents and Settings\All Users\Desktop\Launch Lexmark Printer Home.LNK
2014-10-20 19:34 - 2014-07-14 12:09 - 00216628 ____N () C:\WINDOWS\system32\LexFiles.ulf
2014-10-20 19:20 - 2014-07-12 11:28 - 00000000 ____D () C:\Program Files\Lexmark Printable Web
2014-10-20 19:19 - 2014-07-14 12:08 - 00000000 ____D () C:\Program Files\Lexmark Pro200-S500 Series
2014-10-19 11:43 - 2012-04-13 21:35 - 00000726 ____N () C:\Documents and Settings\nickf\Application Data\burnaware.ini
2014-10-17 13:41 - 2014-07-12 11:05 - 00000000 ___RD () C:\Documents and Settings\nickf\Desktop\screen shots
2014-10-17 13:40 - 2014-09-26 11:02 - 00001209 ____N () C:\WINDOWS\wmsetup.log
2014-10-15 07:39 - 2014-07-12 12:17 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-15 07:34 - 2012-03-07 01:31 - 100290944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-13 09:08 - 2014-07-12 11:14 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\home depot
2014-10-12 02:21 - 2014-07-12 11:15 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\receipts
2014-10-12 02:20 - 2014-07-12 11:11 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\bern cemataries
2014-10-11 10:47 - 2014-08-17 07:52 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\house2014
2014-10-11 10:39 - 2014-07-12 11:13 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\FFOutput
2014-10-11 09:04 - 2014-07-12 11:14 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\house on8-19-2012
2014-10-11 08:47 - 2014-07-12 10:59 - 00000000 ____D () C:\Documents and Settings\nickf
2014-10-11 08:41 - 2014-07-12 11:15 - 00000000 ____D () C:\Documents and Settings\nickf\My Documents\rome pics
2014-10-07 17:45 - 2012-03-09 14:58 - 00250081 ____N () C:\Documents and Settings\nickf\Desktop\address book 030702.WAB
2014-10-04 16:14 - 2014-07-12 10:59 - 00000000 ____D () C:\Documents and Settings\nickf\Application Data\Audacity
2014-10-04 11:07 - 2014-07-12 11:23 - 00000000 ____D () C:\Program Files\Google
 
Some content of TEMP:
====================
C:\Documents and Settings\nickf\Local Settings\Temp\oadist.exe
C:\Documents and Settings\nickf\Local Settings\Temp\RegClean.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit
 
==================== End Of Log =========================Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-11-2014
Ran by nickf at 2014-11-02 13:23:14
Running from C:\Documents and Settings\nickf\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Bitdefender Antivirus Free Edition (Disabled - Up to date) {9488E0FA-F058-4673-850E-E755F112BABC}
AV: Panda Antivirus Pro 2014 (Disabled - Up to date) {EEE2D94A-D4C1-421A-AB2C-2CE8FE51747A}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.2146.41621 - ABBYY Software House)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.1.102.63 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
AOLIcon (Version: 1.00.0000 - Dell) Hidden
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C0CC75CD-F5B7-46AD-B016-17C0F5171718}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 6 FREE v.6.80 (HKLM\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.0 - ashampoo GmbH & Co. KG)
Auslogics Disk Defrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: version 3.4 - Auslogics Software Pty Ltd)
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BounceBack Ultimate (HKLM\...\{9BEE98B8-E1FC-497C-BC4E-7FC4039FA294}) (Version: 9.2.2 - CMS Products)
BurnAware Free 4.8 (HKLM\...\BurnAware Free_is1) (Version:  - Burnaware Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 3.23 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.2.4.1423 - CDBurnerXP)
Conexant D850 56K V.9x DFVc Modem (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1) (Version:  - )
Dell Digital Jukebox Driver (HKLM\...\Dell Digital Jukebox Driver) (Version:  - )
Dell Driver Reset Tool (HKLM\...\{5905F42D-3F5F-4916-ADA6-94A3646AEE76}) (Version: 1.02.0000 - Dell Inc.)
Dell Support 3.1 (HKLM\...\{548EEA8E-8299-497F-8057-811D2D7097DC}) (Version: 5.1.760 - Dell)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.8.1.1 - Dell)
Dell System Restore (HKLM\...\{74F7662C-B1DB-489E-A8AC-07A06B24978B}) (Version: 2.00.0000 - Dell Inc.)
DesignPro 5 (HKLM\...\InstallShield_{32821558-2C36-4FD0-A891-CA65360B0EC7}) (Version: 5.5.708 - Avery Dennison)
DesignPro 5 (Version: 5.5.708 - Avery Dennison) Hidden
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.10 - BVRP Software, Inc)
DVD Decrypter (Remove Only) (HKLM\...\DVD Decrypter) (Version:  - )
DVD Flick 1.3.0.7 (HKLM\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
dvdSanta 4.50 (HKLM\...\dvdSanta 4.50 - Make your own DVD movies!_is1) (Version:  - ZY Computing, Inc)
EarthLink setup files (HKLM\...\{728278A1-0BB7-45E4-AC5E-91D7C0FD1EDE}) (Version: 2005.1.47.0 - EarthLink)
ELIcon (Version: 1.00.0000 - Dell) Hidden
EVEREST Home Edition v2.20 (HKLM\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
FECFile (HKLM\...\FECFile) (Version: 8.0.1.8 - NIC Technologies, LLC.)
FoneSync (HKLM\...\FoneSync) (Version:  - )
FormatFactory 2.90 (HKLM\...\FormatFactory) (Version: 2.90 - Free Time)
Free Easy Burner V 5.1 (HKLM\...\Free Easy Burner_is1) (Version: 5.1.0.0 - Koyote soft)
GemMaster Mystic (HKLM\...\12133444-BF36-4d4e-B7FB-A3424C645DE4) (Version:  - )
Gmail Notifier (HKLM\...\Gmail Notifier) (Version:  - )
Google (Version: 1.00.0000 - Dell) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Desktop (HKLM\...\Google Desktop) (Version: - - Google)
Google Drive (HKLM\...\{56D4499E-AC3E-4B8D-91C9-C700C148C44B}) (Version: 1.13.5782.599 - Google, Inc.)
Google Drive (HKLM\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
Handset WinDriver 1.02.02.00 (HKLM\...\Handset WinDriver) (Version: 1.02.02.00 - Huawei technologies Co., Ltd.)
High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
ImgBurn (Remove Only) (HKLM\...\ImgBurn) (Version:  - )
InfraRecorder (HKLM\...\InfraRecorder) (Version:  - Christian Kindahl)
Intel® Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4410 - )
Intel® PRO Network Connections Drivers (HKLM\...\PROSet) (Version:  - )
Intel® PROSet for Wired Connections (HKLM\...\{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}) (Version: 9.20.0000 - Dell)
iTunes (HKLM\...\{F32DC846-4457-40A8-BECA-BCC0E960BC53}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
K-Lite Codec Pack 8.7.0 (Standard) (HKLM\...\KLiteCodecPack_is1) (Version: 8.7.0 - )
Lexmark Pro200-S500 Series (HKLM\...\Lexmark Pro200-S500 Series) (Version:  - Lexmark International, Inc.)
Logitech Vid (HKLM\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.10.1009 - Logitech Inc.)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Magic DVD Ripper V6.1.0 (HKLM\...\Magic DVD Ripper_is1) (Version:  - Magic DVD Software, Inc.)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MCU (Version: 1.00.0000 - Dell) Hidden
Microsoft .NET Framework 1.0 Hotfix (KB2572066) (HKLM\...\KB2572066) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2604042) (HKLM\...\KB2604042) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2656378) (HKLM\...\KB2656378) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2698035) (HKLM\...\KB2698035) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM\...\KB2742607) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2833951) (HKLM\...\KB2833951) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM\...\KB2904878) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Automated Troubleshooting Services Shim (HKLM\...\{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb) (Version:  - )
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Fix it Center (HKLM\...\{B7588D45-AFDC-4C93-9E2E-A100F3554B64}) (Version: 1.0.0100 - Microsoft Corporation)
Microsoft Picture It! Publishing Platinum 2002 (HKLM\...\{C769A271-7E1C-48F9-B331-474600DD4C01}) (Version: 6.0.0.0000 - Microsoft)
Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3514 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WinUsb 1.0 (HKLM\...\winusb0100) (Version:  - Microsoft Corporation)
Microsoft Word 2000 SR-1 (HKLM\...\{00170409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3821 - Microsoft Corporation)
Microsoft Works 2001 Setup Launcher (HKLM\...\Works2001Setup) (Version:  - )
Microsoft Works 6.0 (HKLM\...\{F8D0829C-9C6F-11D3-8080-00C04FA329AA}) (Version: 06.00.1829 - Microsoft Corporation)
Microsoft Works Suite Add-in for Microsoft Word (HKLM\...\{5F629FE8-5B4C-4863-937A-AFC2961F7DD3}) (Version: 2.0.0.0000 - Microsoft Corporation)
Modem Helper (HKLM\...\{7F142D56-3326-11D5-B229-002078017FBF}) (Version: 2.40 - BVRP Software)
Mozilla Firefox 33.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 33.0.2 (x86 en-US)) (Version: 33.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.12 - BVRP Software, Inc)
NetZeroInstallers (HKLM\...\{352310C3-E46B-42D3-8F32-54721FDD72D9}) (Version: 1.0.0 - NetZero, Inc.)
Otto (HKLM\...\B3EE3001-DC24-4cd1-8743-5692C716659F) (Version:  - )
PC Inspector smart recovery (HKLM\...\{C9A87D86-FDFD-418B-BF96-EF09320973B3}) (Version: 4.50 - )
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PowerDVD 5.5 (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
Puran Defrag Free Edition 7.3 (HKLM\...\Puran Defrag Free Edition_is1) (Version:  - Puran Software)
QuickTime (HKLM\...\QuickTime) (Version:  - )
Recuva (HKLM\...\Recuva) (Version: 1.35 - Piriform)
Revo Uninstaller 1.94 (HKLM\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
Sonic DLA (HKLM\...\{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 4.95 - Sonic Solutions)
Sonic Encoders (HKLM\...\{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)
Sonic RecordNow Audio (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.0 - Sonic Solutions)
Sonic RecordNow Copy (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.0 - Sonic Solutions)
Sonic RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.0 - Sonic Solutions)
SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
SpywareGuard v2.2 (HKLM\...\SpywareGuard_is1) (Version: 2.2 - Javacool Software LLC)
StartupMonitor (HKLM\...\{76EFAC4F-1712-401F-B2AE-590B170C9BCE}) (Version: 1.0.2.0 - Mike Lin)
Stellar Phoenix Photo Recovery (HKLM\...\Stellar Phoenix Photo Recovery_is1) (Version: 4.0.0.0 - Stellar Information Systems Ltd)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.5.1012 - SUPERAntiSpyware.com)
TomTom HOME (HKLM\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM\...\KB900325) (Version:  - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Verizon Activation (HKLM\...\{92125850-CE9E-405F-8DC7-774DC36AE76C}_is1) (Version:  - Verizon)
Verizon Download Manager (HKLM\...\{6DFF9444-9007-466A-9783-6E7D6749C97B}) (Version: 44 - SupportSoft)
WebCyberCoach 3.2 Dell (HKLM\...\WebCyberCoach_wtrb) (Version:  - )
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (HKLM\...\KB952011) (Version: 1.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Installer 3.1 (KB893803) (HKLM\...\KB893803v2) (Version:  - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information] (HKLM\...\EmeraldQFE2) (Version:  - Microsoft Corporation)
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows PowerShell™ 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2502898 (HKLM\...\KB2502898) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2619340 (HKLM\...\KB2619340) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2628259 (HKLM\...\KB2628259) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB908246 (HKLM\...\KB908246) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB925766 (HKLM\...\KB925766) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (HKLM\...\KB973768) (Version:  - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinPatrol (HKLM\...\{84481A87-2316-4923-8FAB-3BA8CA29323D}) (Version: 30.0.2014.0 - BillP Studios)
Wisdom-soft ScreenHunter 6.0 Free (HKLM\...\Wisdom-soft ScreenHunter 6.0 Free) (Version:  - Wisdom Software Inc.)
Works Suite OS Pack (Version: 1.0.0.0000 - Microsoft Corporation) Hidden
Works Synchronization (Version: 1.0.0.0000 - Your Company Name) Hidden
Youtube Downloader HD v. 2.9.9.13 (HKLM\...\Youtube Downloader HD_is1) (Version:  - YoutubeDownloaderHD.com)
YTD Toolbar v6.2 (HKLM\...\{BCC315E7-2E8F-4EFD-8A0B-F8F276FE73F2}) (Version: 6.2 - Spigot, Inc.) <==== ATTENTION
YTD Video Downloader 3.9.6 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 3.9.6 - GreenTree Applications SRL) <==== ATTENTION
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
17-08-2014 02:23:36 Software Distribution Service 3.0
18-08-2014 07:51:18 System Checkpoint
19-08-2014 13:09:33 System Checkpoint
20-08-2014 20:01:44 System Checkpoint
21-08-2014 20:04:37 System Checkpoint
22-08-2014 19:18:13 Revo Uninstaller's restore point - Amazon Music
22-08-2014 20:46:49 Revo Uninstaller's restore point - Amazon Music Importer
22-08-2014 20:46:58 Removed Amazon Music Importer
22-08-2014 20:48:22 Revo Uninstaller's restore point - Amazon Music
24-08-2014 00:04:38 System Checkpoint
25-08-2014 00:30:54 System Checkpoint
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2005-08-16 05:18 - 2014-02-09 15:46 - 00517700 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 fr.a2dfp.net
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 abcstats.com
0.0.0.0 ad4.abradio.cz
0.0.0.0 a.abv.bg
0.0.0.0 adserver.abv.bg
0.0.0.0 adv.abv.bg
0.0.0.0 bimg.abv.bg
0.0.0.0 ca.abv.bg
0.0.0.0 www2.a-counter.kiev.ua
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 accuserveadsystem.com
0.0.0.0 www.accuserveadsystem.com
0.0.0.0 achmedia.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 ads.activepower.net
0.0.0.0 app.activetrail.com
0.0.0.0 stat.active24stats.nl #[Tracking.Cookie]
0.0.0.0 traffic.acwebconnecting.com
0.0.0.0 office.ad1.ru
0.0.0.0 cms.ad2click.nl
0.0.0.0 ad2games.com
0.0.0.0 ads.ad2games.com
0.0.0.0 content.ad20.net
0.0.0.0 core.ad20.net
 
There are 1000 more lines.
 
 
==================== Scheduled Tasks (whitelisted) =============
 
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-1.job => C:\Program Files\Browsers+Apps+1.1\Browsers+Apps+1.1-codedownloader.exe
Task: C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-11.job => C:\Program Files\Browsers+Apps+1.1\51b32942-05e1-4b0f-930e-da3307d4b5de-11.exe
Task: C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-2.job => C:\Program Files\Browsers+Apps+1.1\51b32942-05e1-4b0f-930e-da3307d4b5de-2.exe
Task: C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-3.job => C:\Program Files\Browsers+Apps+1.1\51b32942-05e1-4b0f-930e-da3307d4b5de-3.exe
Task: C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-4.job => C:\Program Files\Browsers+Apps+1.1\51b32942-05e1-4b0f-930e-da3307d4b5de-4.exe
Task: C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-5.job => C:\Program Files\Browsers+Apps+1.1\51b32942-05e1-4b0f-930e-da3307d4b5de-5.exe
Task: C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-6.job => C:\Program Files\Browsers+Apps+1.1\51b32942-05e1-4b0f-930e-da3307d4b5de-6.exe
Task: C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-7.job => C:\Program Files\Browsers+Apps+1.1\51b32942-05e1-4b0f-930e-da3307d4b5de-7.exe
Task: C:\WINDOWS\Tasks\Amazon Music Helper.job => C:\Documents and Settings\nickf\Local Settings\Application Data\Amazon Music\Amazon Music Helper.exe
Task: C:\WINDOWS\Tasks\CMS Application Updater.job => C:\Program Files\CMS Products\Updater\CmsUpdater.exe
Task: C:\WINDOWS\Tasks\ConfigExec.job => C:\Program Files\Microsoft Fix it Center\MatsApi.dll
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-4230650497-4285135782-2684026053-1005.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-4230650497-4285135782-2684026053-1005.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-04-17 14:13 - 2013-03-19 11:07 - 00508136 ____N () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2014-04-17 14:13 - 2013-09-03 13:29 - 00095088 ____N () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll
2014-07-14 12:11 - 2009-12-31 01:16 - 00049152 _____ () C:\WINDOWS\system32\LXEBPMON.DLL
2014-07-14 12:11 - 2009-01-13 08:15 - 04485120 _____ () C:\WINDOWS\system32\LXEBOEM.DLL
2014-07-14 12:13 - 2009-11-04 08:14 - 00157696 ____N () C:\WINDOWS\System32\spool\PRTPROCS\W32X86\lxebdrpp.dll
2014-07-14 12:13 - 2009-05-18 08:29 - 00819200 ____N () C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxebptpc.dll
2014-07-14 12:13 - 2009-11-04 08:14 - 00165376 ____N () C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxebdrui.dll
2014-07-14 12:13 - 2009-11-09 03:06 - 00159744 ____N () C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxebPRPR.DLL
2003-08-03 00:20 - 2003-08-03 00:20 - 00126976 ____R () C:\Program Files\SpywareGuard\spywareguard.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 ____N () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 01044776 ____N () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2000-05-20 18:23 - 2000-05-20 18:23 - 00086016 ____N () C:\WINDOWS\StartupMonitor.exe
2014-07-14 12:09 - 2010-05-05 07:58 - 00148280 _____ () C:\Program Files\Lexmark Pro200-S500 Series\ezprint.exe
2014-07-14 12:09 - 2010-04-05 05:56 - 00716954 _____ () C:\Program Files\Lexmark Pro200-S500 Series\Epwizard.DLL
2014-07-14 12:09 - 2010-04-05 05:55 - 00159890 _____ () C:\Program Files\Lexmark Pro200-S500 Series\customui.dll
2014-07-14 12:09 - 2010-04-05 05:54 - 00123033 _____ () C:\Program Files\Lexmark Pro200-S500 Series\Eputil.DLL
2014-07-14 12:09 - 2010-04-05 05:54 - 00143502 _____ () C:\Program Files\Lexmark Pro200-S500 Series\Imagutil.DLL
2014-07-14 12:09 - 2010-04-05 05:55 - 00061604 _____ () C:\Program Files\Lexmark Pro200-S500 Series\Epfunct.DLL
2014-07-14 12:09 - 2010-04-05 05:56 - 02203803 _____ () C:\Program Files\Lexmark Pro200-S500 Series\EPWizRes.dll
2014-07-14 12:09 - 2010-04-05 05:56 - 00045221 _____ () C:\Program Files\Lexmark Pro200-S500 Series\epstring.dll
2014-07-14 12:09 - 2010-04-05 05:56 - 00094359 _____ () C:\Program Files\Lexmark Pro200-S500 Series\EPOEMDll.dll
2014-07-14 12:09 - 2009-04-07 14:25 - 00409600 _____ () C:\Program Files\Lexmark Pro200-S500 Series\iptk.dll
2014-07-14 12:09 - 2009-03-02 09:25 - 00151552 _____ () C:\Program Files\Lexmark Pro200-S500 Series\lxebptp.dll
2003-08-29 20:05 - 2003-08-29 20:05 - 00360448 ____N () C:\Program Files\SpywareGuard\sgmain.exe
2003-08-29 12:14 - 2003-08-29 12:14 - 00233472 ____N () C:\Program Files\SpywareGuard\sgbhp.exe
2005-08-16 05:18 - 2011-02-04 18:48 - 00291840 ____N () C:\WINDOWS\system32\sbe.dll
2005-08-16 05:18 - 2013-01-02 01:49 - 01292288 ____N () C:\WINDOWS\system32\quartz.dll
2005-08-16 05:18 - 2008-04-14 06:41 - 00059904 ____N () C:\WINDOWS\system32\devenum.dll
2005-08-16 05:18 - 2008-04-14 06:42 - 00014336 ____N () C:\WINDOWS\system32\msdmo.dll
2014-07-14 12:09 - 2010-05-05 07:58 - 00770728 _____ () C:\Program Files\Lexmark Pro200-S500 Series\lxebmon.exe
2014-07-14 12:09 - 2010-04-01 12:23 - 00389120 _____ () C:\Program Files\Lexmark Pro200-S500 Series\lxebscw.dll
2014-07-14 12:13 - 2009-05-27 07:16 - 00192512 ____N () C:\WINDOWS\system32\spool\drivers\w32x86\3\lxebdatr.dll
2014-07-14 12:09 - 2010-04-01 12:24 - 01159168 _____ () C:\Program Files\Lexmark Pro200-S500 Series\lxebDRS.dll
2014-07-14 12:09 - 2009-03-10 00:43 - 00155648 _____ () C:\Program Files\Lexmark Pro200-S500 Series\lxebcaps.dll
2012-03-07 07:53 - 2009-02-20 03:48 - 00299008 ____R () C:\WINDOWS\system32\lxebsm.dll
2012-03-07 07:53 - 2009-02-20 03:48 - 00023552 ____R () C:\WINDOWS\system32\lxebsmr.dll
2009-12-16 06:42 - 2009-12-16 06:42 - 00167936 _____ () C:\Program Files\Lexmark\Pro200-S500 Series\lxebmicro.dll
2010-04-01 12:24 - 2010-04-01 12:24 - 01159168 _____ () C:\Program Files\Lexmark\Pro200-S500 Series\lxebdrs.dll
2009-03-10 00:43 - 2009-03-10 00:43 - 00155648 _____ () C:\Program Files\Lexmark\Pro200-S500 Series\lxebcaps.dll
2014-05-28 14:48 - 2010-06-14 04:16 - 00112000 ____N () C:\Program Files\CMS Products\BounceBack Ultimate\BBLauncher.exe
2014-10-29 12:20 - 2014-10-21 23:04 - 08910664 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-29 12:20 - 2014-10-21 23:04 - 01681224 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
AlternateDataStreams: C:\Documents and Settings\nickf\Desktop\FRST.exe:BDU
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-4230650497-4285135782-2684026053-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-4230650497-4285135782-2684026053-1006 - Limited - Enabled)
Guest (S-1-5-21-4230650497-4285135782-2684026053-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-4230650497-4285135782-2684026053-1004 - Limited - Disabled)
nickf (S-1-5-21-4230650497-4285135782-2684026053-1005 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\nickf
SUPPORT_388945a0 (S-1-5-21-4230650497-4285135782-2684026053-1002 - Limited - Disabled)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/02/2014 00:24:07 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volume Shadow Copy Service error: Unexpected error CreateFileW(\\?\Volume{85a9ed2c-c90a-11e1-a001-806d6172696f},0xc0000000,0x00000003,...).  hr = 0x80070005.
 
Error: (11/01/2014 06:15:19 PM) (Source: MatSvc) (EventID: 15) (User: )
Description: The scheduled MATS task encountered a failure when collecting configuration data. hr=0x80080005
.
 
Error: (11/01/2014 06:14:49 PM) (Source: MatSvc) (EventID: 1) (User: )
Description: The MATS service failed to start. hr=0x80070005
 
Error: (11/01/2014 06:14:19 PM) (Source: MatSvc) (EventID: 1) (User: )
Description: The MATS service failed to start. hr=0x80070005
 
Error: (11/01/2014 11:56:47 AM) (Source: VSS) (EventID: 12289) (User: )
Description: Volume Shadow Copy Service error: Unexpected error DeviceIoControl(0000024C,0x0053c008,00039D58,0,00038D50,4096,[0]).  hr = 0x800705aa.
 
Error: (11/01/2014 11:56:46 AM) (Source: VSS) (EventID: 12289) (User: )
Description: Volume Shadow Copy Service error: Unexpected error CreateFileW(\\?\Volume{85a9ed2c-c90a-11e1-a001-806d6172696f},0xc0000000,0x00000003,...).  hr = 0x80070005.
 
Error: (11/01/2014 05:12:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 32.0.3.5379, faulting module mozalloc.dll, version 32.0.3.5379, fault address 0x0000141b.
Processing media-specific event for [plugin-container.exe!ws!]
 
Error: (10/31/2014 07:48:00 PM) (Source: MatSvc) (EventID: 15) (User: )
Description: The scheduled MATS task encountered a failure when collecting configuration data. hr=0x80080005
.
 
Error: (10/31/2014 07:47:30 PM) (Source: MatSvc) (EventID: 1) (User: )
Description: The MATS service failed to start. hr=0x80070005
 
Error: (10/31/2014 07:47:00 PM) (Source: MatSvc) (EventID: 1) (User: )
Description: The MATS service failed to start. hr=0x80070005
 
 
System errors:
=============
Error: (11/02/2014 00:25:34 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generate Activation Context failed for C:\Program Files\CMS Products\BounceBack Ultimate\Microsoft.VC80.MFC\MFC80U.DLL.
Reference error message: The operation completed successfully.
.
 
Error: (11/02/2014 00:25:34 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC.
Reference error message: The referenced assembly is not installed on your system.
.
 
Error: (11/02/2014 00:25:34 PM) (Source: SideBySide) (EventID: 32) (User: )
Description: Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.
 
Error: (11/02/2014 00:25:34 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generate Activation Context failed for C:\Program Files\CMS Products\BounceBack Ultimate\Microsoft.VC80.MFC\MFC80U.DLL.
Reference error message: The operation completed successfully.
.
 
Error: (11/02/2014 00:25:34 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC.
Reference error message: The referenced assembly is not installed on your system.
.
 
Error: (11/02/2014 00:25:34 PM) (Source: SideBySide) (EventID: 32) (User: )
Description: Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.
 
Error: (11/02/2014 00:23:48 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generate Activation Context failed for C:\Program Files\CMS Products\BounceBack Ultimate\Microsoft.VC80.MFC\MFC80U.DLL.
Reference error message: The operation completed successfully.
.
 
Error: (11/02/2014 00:23:48 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC.
Reference error message: The referenced assembly is not installed on your system.
.
 
Error: (11/02/2014 00:23:48 PM) (Source: SideBySide) (EventID: 32) (User: )
Description: Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.
 
Error: (11/02/2014 11:23:27 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generate Activation Context failed for C:\Program Files\CMS Products\BounceBack Ultimate\Microsoft.VC80.MFC\MFC80U.DLL.
Reference error message: The operation completed successfully.
.
 
 
Microsoft Office Sessions:
=========================
Error: (11/02/2014 00:24:07 PM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{85a9ed2c-c90a-11e1-a001-806d6172696f},0xc0000000,0x00000003,...)0x80070005
 
Error: (11/01/2014 06:15:19 PM) (Source: MatSvc) (EventID: 15) (User: )
Description: hr=0x80080005
 
Error: (11/01/2014 06:14:49 PM) (Source: MatSvc) (EventID: 1) (User: )
Description: hr=0x80070005
 
Error: (11/01/2014 06:14:19 PM) (Source: MatSvc) (EventID: 1) (User: )
Description: hr=0x80070005
 
Error: (11/01/2014 11:56:47 AM) (Source: VSS) (EventID: 12289) (User: )
Description: DeviceIoControl(0000024C,0x0053c008,00039D58,0,00038D50,4096,[0])0x800705aa
 
Error: (11/01/2014 11:56:46 AM) (Source: VSS) (EventID: 12289) (User: )
Description: CreateFileW(\\?\Volume{85a9ed2c-c90a-11e1-a001-806d6172696f},0xc0000000,0x00000003,...)0x80070005
 
Error: (11/01/2014 05:12:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.3.5379mozalloc.dll32.0.3.53790000141b
 
Error: (10/31/2014 07:48:00 PM) (Source: MatSvc) (EventID: 15) (User: )
Description: hr=0x80080005
 
Error: (10/31/2014 07:47:30 PM) (Source: MatSvc) (EventID: 1) (User: )
Description: hr=0x80070005
 
Error: (10/31/2014 07:47:00 PM) (Source: MatSvc) (EventID: 1) (User: )
Description: hr=0x80070005
 
 
==================== Memory info =========================== 
 
Processor:  Intel® Pentium® 4 CPU 2.80GHz
Percentage of memory in use: 69%
Total physical RAM: 1270.07 MB
Available physical RAM: 389.85 MB
Total Pagefile: 2391.11 MB
Available Pagefile: 1398.82 MB
Total Virtual: 2047.88 MB
Available Virtual: 1916.29 MB
 
==================== Drives ================================
 
Drive c: (BB_2) (Fixed) (Total:926.82 GB) (Free:884.77 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive j: (BB_2) (Fixed) (Total:461.07 GB) (Free:404.37 GB) NTFS ==>[Drive with boot components (Windows XP)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 000241C2)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=926.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=4.6 GB) - (Type=DB)
 
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 005BFC08)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=461.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=4.6 GB) - (Type=DB)
 
==================== End Of Log ===============================

  • 0

#4
nickf33
Posted 02 November 2014 - 12:37 PM

nickf33

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 101 posts

Thanks geeku Just found your reply. Thought it would come in email 


  • 0

#5
Essexboy
Posted 02 November 2014 - 01:04 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets see if we can clear this, on completion of the FRST fix allow the computer to reboot to normal mode to download AdwCleaner

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

Winlogon\Notify\avldr: C:\WINDOWS\system32\avldr.dll (On-Access Anti-Malware Scanner Sync)
HKU\S-1-5-21-4230650497-4285135782-2684026053-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF NetworkProxy: "socks_remote_dns", true
2014-10-28 11:46 - 2010-03-24 11:55 - 00055552 ____N (On-Access Anti-Malware Scanner Sync) C:\WINDOWS\system32\avldr.dll
2014-10-28 11:45 - 2014-11-02 12:45 - 00002426 _____ () C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-5.job
2014-10-28 11:45 - 2014-10-28 11:45 - 00000000 ____D () C:\Documents and Settings\nickf\Local Settings\Application Data\Smartbar
2014-10-28 11:44 - 2014-11-02 12:45 - 00002090 _____ () C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-2.job
2014-10-28 11:44 - 2014-11-02 12:44 - 00004138 _____ () C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-4.job
2014-10-28 11:44 - 2014-11-02 12:44 - 00003438 _____ () C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-1.job
2014-10-28 11:44 - 2014-10-28 11:44 - 01499040 ____N (app) C:\Documents and Settings\nickf\Application Data\CC.exe
2014-10-28 11:43 - 2014-11-02 12:43 - 00005164 _____ () C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-11.job
2014-10-28 11:43 - 2014-11-02 12:43 - 00004138 _____ () C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-6.job
2014-10-28 11:43 - 2014-11-02 12:43 - 00003794 _____ () C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-7.job
2014-10-28 11:42 - 2014-11-02 12:42 - 00004474 _____ () C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-3.job
2014-10-28 11:42 - 2014-10-28 11:42 - 00000000 ____D () C:\Program Files\globalUpdate
2014-10-28 11:42 - 2014-10-28 11:42 - 00000000 ____D () C:\Documents and Settings\nickf\Local Settings\Application Data\globalUpdate
Task: C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-1.job => C:\Program Files\Browsers+Apps+1.1\Browsers+Apps+1.1-codedownloader.exe
Task: C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-11.job => C:\Program Files\Browsers+Apps+1.1\51b32942-05e1-4b0f-930e-da3307d4b5de-11.exe
Task: C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-2.job => C:\Program Files\Browsers+Apps+1.1\51b32942-05e1-4b0f-930e-da3307d4b5de-2.exe
Task: C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-3.job => C:\Program Files\Browsers+Apps+1.1\51b32942-05e1-4b0f-930e-da3307d4b5de-3.exe
Task: C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-4.job => C:\Program Files\Browsers+Apps+1.1\51b32942-05e1-4b0f-930e-da3307d4b5de-4.exe
Task: C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-5.job => C:\Program Files\Browsers+Apps+1.1\51b32942-05e1-4b0f-930e-da3307d4b5de-5.exe
Task: C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-6.job => C:\Program Files\Browsers+Apps+1.1\51b32942-05e1-4b0f-930e-da3307d4b5de-6.exe
Task: C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-7.job => C:\Program Files\Browsers+Apps+1.1\51b32942-05e1-4b0f-930e-da3307d4b5de-7.exe
Task: C:\WINDOWS\Tasks\Amazon Music Helper.job => C:\Documents and Settings\nickf\Local Settings\Application Data\Amazon Music\Amazon Music Helper.exe
C:\Program Files\Browsers+Apps+1.1
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

  • 0

#6
nickf33
Posted 02 November 2014 - 03:25 PM

nickf33

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 101 posts

essexboy Sorry don't know where to paste it I see frst.txt& add.txt - FRST.exe is farbar icon.


Edited by nickf33, 03 November 2014 - 09:05 AM.

  • 0

#7
Essexboy
Posted 03 November 2014 - 09:03 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Not a problem, being a smarty pants I have an answer to everything :)

Download the attached fixlist.txt to your desktop
Attached File  fixlist.txt   3.49KB   130 downloads
Double click FRST and when it opens press Fix

frst.JPG

FRST will then do its' thing and reboot the computer
When it reboots a log will appear
Please post that and then run AdwCleaner
  • 0

#8
nickf33
Posted 03 November 2014 - 07:37 PM

nickf33

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 101 posts

Essexboy I guess i'm pasting fix list  in wrong place When I run tool I get The fix list should be in the same folder/directory as the tool is located . Could you please give me directions? Thanks


  • 0

#9
Essexboy
Posted 04 November 2014 - 09:00 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
According to the log FRST is on your desktop

If it is not then copy it to that location
So when your run FRST it should look like the screen shot below

Capture.JPG
  • 0

#10
nickf33
Posted 04 November 2014 - 11:26 AM

nickf33

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 101 posts

Essexboy your the best. Here is log hopefully i did it right.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 02-11-2014
Ran by nickf at 2014-11-04 12:16:36 Run:1
Running from C:\Documents and Settings\nickf\Desktop
Loaded Profile: nickf (Available profiles: nickf & Administrator)
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
Winlogon\Notify\avldr: C:\WINDOWS\system32\avldr.dll (On-Access Anti-Malware Scanner Sync)
HKU\S-1-5-21-4230650497-4285135782-2684026053-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF NetworkProxy: "socks_remote_dns", true
2014-10-28 11:46 - 2010-03-24 11:55 - 00055552 ____N (On-Access Anti-Malware Scanner Sync) C:\WINDOWS\system32\avldr.dll
2014-10-28 11:45 - 2014-11-02 12:45 - 00002426 _____ () C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-5.job
2014-10-28 11:45 - 2014-10-28 11:45 - 00000000 ____D () C:\Documents and Settings\nickf\Local Settings\Application Data\Smartbar
2014-10-28 11:44 - 2014-11-02 12:45 - 00002090 _____ () C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-2.job
2014-10-28 11:44 - 2014-11-02 12:44 - 00004138 _____ () C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-4.job
2014-10-28 11:44 - 2014-11-02 12:44 - 00003438 _____ () C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-1.job
2014-10-28 11:44 - 2014-10-28 11:44 - 01499040 ____N (app) C:\Documents and Settings\nickf\Application Data\CC.exe
2014-10-28 11:43 - 2014-11-02 12:43 - 00005164 _____ () C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-11.job
2014-10-28 11:43 - 2014-11-02 12:43 - 00004138 _____ () C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-6.job
2014-10-28 11:43 - 2014-11-02 12:43 - 00003794 _____ () C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-7.job
2014-10-28 11:42 - 2014-11-02 12:42 - 00004474 _____ () C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-3.job
2014-10-28 11:42 - 2014-10-28 11:42 - 00000000 ____D () C:\Program Files\globalUpdate
2014-10-28 11:42 - 2014-10-28 11:42 - 00000000 ____D () C:\Documents and Settings\nickf\Local Settings\Application Data\globalUpdate
Task: C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-1.job => C:\Program Files\Browsers+Apps+1.1\Browsers+Apps+1.1-codedownloader.exe
Task: C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-11.job => C:\Program Files\Browsers+Apps+1.1\51b32942-05e1-4b0f-930e-da3307d4b5de-11.exe
Task: C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-2.job => C:\Program Files\Browsers+Apps+1.1\51b32942-05e1-4b0f-930e-da3307d4b5de-2.exe
Task: C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-3.job => C:\Program Files\Browsers+Apps+1.1\51b32942-05e1-4b0f-930e-da3307d4b5de-3.exe
Task: C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-4.job => C:\Program Files\Browsers+Apps+1.1\51b32942-05e1-4b0f-930e-da3307d4b5de-4.exe
Task: C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-5.job => C:\Program Files\Browsers+Apps+1.1\51b32942-05e1-4b0f-930e-da3307d4b5de-5.exe
Task: C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-6.job => C:\Program Files\Browsers+Apps+1.1\51b32942-05e1-4b0f-930e-da3307d4b5de-6.exe
Task: C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-7.job => C:\Program Files\Browsers+Apps+1.1\51b32942-05e1-4b0f-930e-da3307d4b5de-7.exe
Task: C:\WINDOWS\Tasks\Amazon Music Helper.job => C:\Documents and Settings\nickf\Local Settings\Application Data\Amazon Music\Amazon Music Helper.exe
C:\Program Files\Browsers+Apps+1.1
EmptyTemp:
CMD: bitsadmin /reset /allusers
 
*****************
 
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avldr" => Key deleted successfully.
"HKU\S-1-5-21-4230650497-4285135782-2684026053-1005\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}" => Key deleted successfully.
"HKCR\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}" => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}" => Key deleted successfully.
"HKCR\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
Firefox Proxy settings were reset.
C:\WINDOWS\system32\avldr.dll => Moved successfully.
C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-5.job => Moved successfully.
C:\Documents and Settings\nickf\Local Settings\Application Data\Smartbar => Moved successfully.
C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-2.job => Moved successfully.
C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-4.job => Moved successfully.
C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-1.job => Moved successfully.
C:\Documents and Settings\nickf\Application Data\CC.exe => Moved successfully.
C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-11.job => Moved successfully.
C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-6.job => Moved successfully.
C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-7.job => Moved successfully.
C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-3.job => Moved successfully.
 
"C:\Program Files\globalUpdate" directory move:
 
Could not move "C:\Program Files\globalUpdate" directory. => Scheduled to move on reboot.
 
C:\Documents and Settings\nickf\Local Settings\Application Data\globalUpdate => Moved successfully.
C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-1.job not found.
C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-11.job not found.
C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-2.job not found.
C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-3.job not found.
C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-4.job not found.
C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-5.job not found.
C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-6.job not found.
C:\WINDOWS\Tasks\51b32942-05e1-4b0f-930e-da3307d4b5de-7.job not found.
C:\WINDOWS\Tasks\Amazon Music Helper.job => Moved successfully.
"C:\Program Files\Browsers+Apps+1.1" => File/Directory not found.
 
=========  bitsadmin /reset /allusers =========
 
'bitsadmin' is not recognized as an internal or external command,
operable program or batch file.
 
========= End of CMD: =========
 
EmptyTemp: => Removed 841.8 MB temporary data.
 
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-11-04 12:22:12)<=
 
C:\Program Files\globalUpdate => Moved successfully.
 
==== End of Fixlog ====

  • 0

Advertisements

#11
nickf33
Posted 04 November 2014 - 11:42 AM

nickf33

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 101 posts
# AdwCleaner v3.311 - Report created 04/11/2014 at 12:37:28
# Updated 30/09/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : nickf - NICK
# Running from : C:\Documents and Settings\nickf\Desktop\downloads\AdwCleaner (1).exe
# Option : Clean
 
***** [ Services ] *****
 
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Documents and Settings\nickf\Local Settings\Application Data\LPT
Folder Deleted : C:\Documents and Settings\nickf\Start Menu\Programs\VOPackage
File Deleted : C:\WINDOWS\system32\drivers\netfilter.sys
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : globalUpdateUpdateTaskMachineCore
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bho
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\Bitberry Software
Key Deleted : HKCU\Software\Crossrider
Key Deleted : HKCU\Software\eSupport.com
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\smartbarbackup
Key Deleted : HKCU\Software\smartbarlog
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\Tencent
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
 
-\\ Mozilla Firefox v33.0.2 (x86 en-US)
 
[ File : C:\Documents and Settings\nickf\Application Data\Mozilla\Firefox\Profiles\2j7b0irg.default-1408374960465\prefs.js ]
 
Line Deleted : user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%22amazon.com%22%2C%22anthropologie.com[...]
Line Deleted : user_pref("extensions.awrigtdamonyahoocom65055.65055.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%3A%7B%22urls%[...]
Line Deleted : user_pref("extensions.crossrider.bic", "14957abe524114ce26b5302a4d0b1b65");
 
-\\ Google Chrome v38.0.2125.111
 
[ File : C:\Documents and Settings\nickf\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [8394 octets] - [04/11/2014 12:32:59]
AdwCleaner[R1].txt - [8458 octets] - [04/11/2014 12:36:16]
AdwCleaner[S0].txt - [8579 octets] - [04/11/2014 12:37:28]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8639 octets] ##########

  • 0

#12
Essexboy
Posted 04 November 2014 - 12:46 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
What problems are apparent now ?
  • 0

#13
nickf33
Posted 04 November 2014 - 12:56 PM

nickf33

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 101 posts

When I try to log in. I get this   

y.campaignism.com/WLBidRequestHandler?oid=2&width=1300&height=900&pubid=65055&noaop=1&tagid=300214322522000000&revmod=2&born=1414514303&Prof=&BTF=

 

also Java update, Then update mozzila. Have to continue deleting to get back to log in page Seems like all the same problems.

 

Have no trouble using chrome.


Edited by nickf33, 04 November 2014 - 01:04 PM.

  • 0

#14
Essexboy
Posted 04 November 2014 - 01:37 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK I think I have it now, this one snuck past me

After the reboot try FF again and let me know how it goes

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
C:\Program Files\globalUpdate
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#15
nickf33
Posted 04 November 2014 - 02:53 PM

nickf33

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 101 posts

Sme trouble.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 02-11-2014
Ran by nickf at 2014-11-04 15:43:38 Run:2
Running from C:\Documents and Settings\nickf\Desktop
Loaded Profile: nickf (Available profiles: nickf & Administrator)
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
C:\Program Files\globalUpdate
EmptyTemp:
CMD: bitsadmin /reset /allusers
 
*****************
 
"HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10" => Key not found.
C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll not found.
"HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4" => Key not found.
C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll not found.
"C:\Program Files\globalUpdate" => File/Directory not found.
 
=========  bitsadmin /reset /allusers =========
 
'bitsadmin' is not recognized as an internal or external command,
operable program or batch file.
 
========= End of CMD: =========
 
EmptyTemp: => Removed 44.4 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP