Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

I can't run any antivirus software or malware program [Solved]


  • This topic is locked This topic is locked

#16
tea82au

tea82au

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi, Dr Web did find the problems and it did fix them.
I will do the other scans shortly
  • 0

Advertisements


#17
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,008 posts

I thought that was the case. Just wanted to make sure. :)


  • 0

#18
tea82au

tea82au

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

Hi I have completed all the scans these are the results

 

FRST.TXT

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-05-2015
Ran by natasha (administrator) on NATASHA-6117050 on 13-05-2015 11:59:40
Running from C:\Documents and Settings\natasha\Desktop
Loaded Profiles: natasha (Available profiles: natasha)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: 
 
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehRecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehrec.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(MicroStudio) C:\Program Files\Windows Network Accelerater\v3\winvxm.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Telstra) C:\Program Files\Telstra\Mobile Broadband Manager\TelstraUCM.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
(Creative Technology Ltd) C:\Program Files\Creative\Mixer\CTSVolFE.exe
(SigmaTel, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Akamai Technologies, Inc.) C:\Documents and Settings\natasha\Local Settings\Application 
 
Data\Akamai\netsession_win.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(BitTorrent Inc.) C:\Documents and Settings\natasha\Application Data\uTorrent\uTorrent.exe
(Akamai Technologies, Inc.) C:\Documents and Settings\natasha\Local Settings\Application 
 
Data\Akamai\netsession_win.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. 
 
The file will not be moved.)
 
HKLM\...\Run: [ehTray] => C:\WINDOWS\ehome\ehtray.exe [64512 2005-08-05] (Microsoft Corporation)
HKLM\...\Run: [BigPondWirelessBroadbandCM] => C:\Program Files\Telstra\Mobile Broadband 
 
Manager\TelstraUCM.exe [4352408 2010-05-14] (Telstra)
HKLM\...\Run: [IntelZeroConfig] => C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [995328 
 
2007-10-08] (Intel Corporation)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [1101824 
 
2007-10-08] (Intel Corporation)
HKLM\...\Run: [CTSVolFE.exe] => C:\Program Files\Creative\Mixer\CTSVolFE.exe [57344 2005-02-23] 
 
(Creative Technology Ltd)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe 
 
[405504 2007-05-10] (SigmaTel, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761947 2006-03-08] 
 
(Synaptics, Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 
 
2014-12-03] (Adobe Systems Incorporated)
HKU\S-1-5-21-73586283-1580818891-725345543-1003\...\Run: [Akamai NetSession Interface] => 
 
C:\Documents and Settings\natasha\Local Settings\Application Data\Akamai\netsession_win.exe [4673432 
 
2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-73586283-1580818891-725345543-1003\...\Run: [uTorrent] => C:\Documents and 
 
Settings\natasha\Application Data\uTorrent\uTorrent.exe [1694560 2015-05-07] (BitTorrent Inc.)
HKU\S-1-5-21-73586283-1580818891-725345543-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> 
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk [2014-02-18]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom 
 
Corporation.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan 
 
Plus.lnk [2014-08-31]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\FRST\Quarantine\C\Program Files\McAfee Security 
 
Scan\3.8.150\SSScheduler.exe.xBAD (McAfee, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to 
 
default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = 
 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = 
 
HKU\S-1-5-21-73586283-1580818891-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page 
 
= about:blank
HKU\S-1-5-21-73586283-1580818891-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page 
 
HKU\S-1-5-21-73586283-1580818891-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page 
 
HKU\S-1-5-21-73586283-1580818891-725345543-1003\Software\Microsoft\Internet 
 
Explorer\Main,Default_Search_URL = http://www.<!DOCTYPEHTML PUBLIC "-//W3C//DTD HTML 4.01 
 
SearchScopes: HKU\S-1-5-21-73586283-1580818891-725345543-1003 -> 
 
{E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = https://www.google.c...q={searchTerms}
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security 
 
Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO: BigPond Mobile Broadband Auto Dial -> {DB92EC3F-697D-4C3B-9A3B-3ABBD23D4A85} -> C:\Program 
 
Files\Telstra\Mobile Broadband Manager\bpwbb2ad.dll [2010-05-14] (Telstra)
Toolbar: HKLM - No Name - {CCAC5586-44D7-4c43-B64A-F042461A97D2} -  No File
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} 
 
 
3046
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} 
 
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll 
 
[2014-03-07] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-03-07] 
 
(Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
 
FireFox:
========
FF ProfilePath: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default
FF Keyword.URL: 
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll 
 
[2015-04-20] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows 
 
Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program 
 
Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-05-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program 
 
Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-05-11] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] 
 
(VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] 
 
(VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] 
 
(Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-1.xml 
 
[2015-03-16]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-10.xm
 
l [2015-03-22]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-100.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-101.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-102.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-103.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-104.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-105.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-106.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-107.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-108.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-109.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-11.xm
 
l [2015-03-22]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-110.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-111.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-112.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-113.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-114.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-115.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-116.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-117.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-118.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-119.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-12.xm
 
l [2015-03-23]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-120.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-121.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-122.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-123.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-124.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-125.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-126.x
 
ml [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-127.x
 
ml [2015-04-27]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-128.x
 
ml [2015-04-27]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-129.x
 
ml [2015-04-27]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-13.xm
 
l [2015-03-27]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-130.x
 
ml [2015-04-27]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-131.x
 
ml [2015-05-01]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-132.x
 
ml [2015-05-01]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-133.x
 
ml [2015-05-01]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-134.x
 
ml [2015-05-01]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-135.x
 
ml [2015-05-03]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-136.x
 
ml [2015-05-03]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-137.x
 
ml [2015-05-03]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-138.x
 
ml [2015-05-03]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-139.x
 
ml [2015-05-03]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-14.xm
 
l [2015-03-27]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-140.x
 
ml [2015-05-08]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-141.x
 
ml [2015-05-08]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-142.x
 
ml [2015-05-08]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-143.x
 
ml [2015-05-08]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-144.x
 
ml [2015-05-10]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-145.x
 
ml [2015-05-10]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-146.x
 
ml [2015-05-10]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-147.x
 
ml [2015-05-10]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-148.x
 
ml [2015-05-10]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-149.x
 
ml [2015-05-11]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-15.xm
 
l [2015-03-27]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-150.x
 
ml [2015-05-11]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-151.x
 
ml [2015-05-11]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-152.x
 
ml [2015-05-11]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-153.x
 
ml [2015-05-11]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-154.x
 
ml [2015-05-11]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-155.x
 
ml [2015-05-11]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-156.x
 
ml [2015-05-11]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-157.x
 
ml [2015-05-11]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-158.x
 
ml [2015-05-11]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-159.x
 
ml [2015-05-11]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-16.xm
 
l [2015-03-27]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-160.x
 
ml [2015-05-11]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-161.x
 
ml [2015-05-11]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-17.xm
 
l [2015-03-27]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-18.xm
 
l [2015-03-27]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-19.xm
 
l [2015-03-27]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-2.xml 
 
[2015-03-18]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-20.xm
 
l [2015-03-27]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-21.xm
 
l [2015-03-27]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-22.xm
 
l [2015-03-27]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-23.xm
 
l [2015-03-27]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-24.xm
 
l [2015-03-27]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-25.xm
 
l [2015-03-27]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-26.xm
 
l [2015-03-27]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-27.xm
 
l [2015-03-27]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-28.xm
 
l [2015-03-27]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-29.xm
 
l [2015-03-27]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-3.xml 
 
[2015-03-18]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-30.xm
 
l [2015-03-29]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-31.xm
 
l [2015-03-29]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-32.xm
 
l [2015-03-29]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-33.xm
 
l [2015-03-29]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-34.xm
 
l [2015-03-29]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-35.xm
 
l [2015-03-29]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-36.xm
 
l [2015-03-29]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-37.xm
 
l [2015-03-29]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-38.xm
 
l [2015-03-29]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-39.xm
 
l [2015-03-29]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-4.xml 
 
[2015-03-22]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-40.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-41.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-42.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-43.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-44.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-45.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-46.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-47.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-48.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-49.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-5.xml 
 
[2015-03-22]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-50.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-51.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-52.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-53.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-54.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-55.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-56.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-57.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-58.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-59.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-6.xml 
 
[2015-03-22]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-60.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-61.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-62.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-63.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-64.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-65.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-66.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-67.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-68.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-69.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-7.xml 
 
[2015-03-22]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-70.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-71.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-72.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-73.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-74.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-75.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-76.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-77.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-78.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-79.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-8.xml 
 
[2015-03-22]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-80.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-81.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-82.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-83.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-84.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-85.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-86.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-87.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-88.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-89.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-9.xml 
 
[2015-03-22]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-90.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-91.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-92.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-93.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-94.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-95.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-96.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-97.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-98.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4-99.xm
 
l [2015-03-31]
FF SearchPlugin: C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\searchplugins\doctype-html-public--w3cdtd-html-4.xml 
 
[2015-03-16]
FF Extension: Lights Cinema 1.5beta - C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\Extensions\[email protected]
 
com [2015-05-11]
FF Extension: CinemaPlus-3.2c - C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\Extensions\[email protected]
 
3eb.com [2015-05-11]
FF Extension: Zoom It - C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\Extensions\{0067d9be-f2c1-bcc6-6cd5-d85cdc1172ed} 
 
[2015-03-22]
FF Extension: Zoom It - C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\Extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6} 
 
[2015-03-15]
FF Extension: Zoom It - C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\Extensions\{43c09bf1-02ef-e798-3bfe-ac2b872b7152} 
 
[2015-03-15]
FF Extension: Zoom It - C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\Extensions\{aef8bba3-d538-47ec-7f87-c09aa33d3a77} 
 
[2015-05-10]
FF Extension: b6b1a201b252484fb9fe68efbb273fbd - C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\Extensions\{b6b1a201-b252-484f-b9fe-68efbb273fbd} 
 
[2015-03-27]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - 
 
c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows 
 
Presentation Foundation\DotNetAssistantExtension [2014-02-18]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Trend 
 
Micro\AMSP\module\20002\8.0.1173\8.0.1173\firefoxextension
FF HKLM\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend 
 
Micro\AMSP\module\20004\FxExt\firefoxextension
FF HKU\S-1-5-21-73586283-1580818891-725345543-1003\...\Firefox\Extensions: 
 
[{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\Documents and Settings\All Users\Application 
 
Data\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\Documents and Settings\All Users\Application Data\McAfee 
 
Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF Extension: No Name - C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\extensions\[email protected] [Not Found]
FF Extension: No Name - C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\extensions\[email protected] [Not Found]
FF Extension: No Name - C:\Documents and Settings\natasha\Application 
 
Data\Mozilla\Firefox\Profiles\wkxumcp1.default\extensions\[email protected] [Not Found]
FF Extension: No Name - C:\Program Files\Mozilla 
 
Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
 
Chrome: 
=======
CHR Profile: C:\Documents and Settings\natasha\Local Settings\Application Data\Google\Chrome\User 
 
Data\Default
CHR Extension: (Google Slides) - C:\Documents and Settings\natasha\Local Settings\Application 
 
Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-31]
CHR Extension: (Google Docs) - C:\Documents and Settings\natasha\Local Settings\Application 
 
Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-31]
CHR Extension: (Google Drive) - C:\Documents and Settings\natasha\Local Settings\Application 
 
Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-31]
CHR Extension: (YouTube) - C:\Documents and Settings\natasha\Local Settings\Application 
 
Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-31]
CHR Extension: (Google Search) - C:\Documents and Settings\natasha\Local Settings\Application 
 
Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-31]
CHR Extension: (Google Sheets) - C:\Documents and Settings\natasha\Local Settings\Application 
 
Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-31]
CHR Extension: (Bookmark Manager) - C:\Documents and Settings\natasha\Local Settings\Application 
 
Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-23]
CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\natasha\Local 
 
Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg 
 
[2015-03-31]
CHR Extension: (Google Wallet) - C:\Documents and Settings\natasha\Local Settings\Application 
 
Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-31]
CHR Extension: (Gmail) - C:\Documents and Settings\natasha\Local Settings\Application 
 
Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will 
 
not be moved unless listed separately.)
 
R2 btwdins; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [266295 2006-05-24] (Broadcom 
 
Corporation.) [File not signed]
R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [794624 2007-10-08] (Intel Corporation) 
 
[File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 
 
2014-04-09] (McAfee, Inc.)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [483328 2007-10-08] (Intel Corporation) 
 
[File not signed]
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [1183744 2007-10-08] (Intel 
 
Corporation ) [File not signed]
R2 WindowsVNT_R3; C:\Program Files\Windows Network Accelerater\v3\winvxm.exe [2973600 2014-10-20] 
 
(MicroStudio) [File not signed]
R2 WLANKEEPER; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [356352 2007-10-08] (Intel 
 
Corporation) [File not signed]
S3 MHN; %SystemRoot%\System32\mhn.dll [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will 
 
not be moved unless listed separately.)
 
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21361 2014-02-17] (Cisco Systems, Inc.)
R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [851434 2006-05-24] (Broadcom Corporation.) [File 
 
not signed]
R2 BTSERIAL; C:\WINDOWS\system32\drivers\btserial.sys [23271 2006-05-24] (Broadcom Corporation.) 
 
[File not signed]
R3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [66488 2006-05-24] (Broadcom Corporation.) [File 
 
not signed]
S0 cercsr6; C:\WINDOWS\system32\Drivers\cercsr6.sys [39904 2004-12-14] (Adaptec, Inc.) [File not 
 
signed]
R3 CTUSFSYN; C:\WINDOWS\System32\drivers\ctusfsyn.sys [158464 2005-05-25] (Creative Technology Ltd.)
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File 
 
not signed]
R3 monfilt; C:\WINDOWS\System32\drivers\monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)
R3 NETw4x32; C:\WINDOWS\System32\DRIVERS\NETw4x32.sys [2236032 2007-09-26] (Intel Corporation)
S3 PCASp50; C:\WINDOWS\System32\Drivers\PCASp50.sys [27072 2010-05-03] (Printing Communications 
 
Assoc., Inc. (PCAUSA))
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [12288 2007-08-27] (Intel Corporation)
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1222840 2007-05-10] (SigmaTel, Inc.)
S3 ZTEusbnet; C:\WINDOWS\System32\DRIVERS\ZTEusbnet.sys [114688 2009-12-28] (ZTE Corporation)
S1 BAPIDRV; system32\DRIVERS\BAPIDRV.sys [X]
S3 bcm4sbxp; system32\DRIVERS\bcm4sbxp.sys [X]
S3 BS2151321024; \??\C:\DOCUME~1\natasha\LOCALS~1\Temp\NTFS.sys [X]
S3 catchme; \??\C:\DOCUME~1\natasha\LOCALS~1\Temp\catchme.sys [X]
S0 DsArk; No ImagePath
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U2 TMAgent; No ImagePath
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file 
 
could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-12 18:32 - 2015-05-12 18:33 - 01454044 _____ () C:\Documents and 
 
Settings\natasha\Desktop\cureit2.log
2015-05-12 18:01 - 2015-05-12 18:01 - 00592597 _____ () C:\Documents and 
 
Settings\natasha\Desktop\cureit.log
2015-05-12 18:01 - 2015-05-12 18:01 - 00000000 ____D () C:\Device
2015-05-12 17:48 - 2015-05-12 18:01 - 00000000 ____D () C:\Documents and Settings\natasha\Doctor Web
2015-05-12 17:48 - 2015-05-12 17:48 - 00065536 _____ () C:\WINDOWS\system32\config\Doctor Web.evt
2015-05-12 15:45 - 2015-05-12 17:47 - 161541760 _____ () C:\Documents and 
 
Settings\natasha\Desktop\gy9755kn.exe
2015-05-12 14:59 - 2015-05-12 15:00 - 16502728 _____ (Malwarebytes Corp.) C:\Documents and 
 
Settings\natasha\Desktop\mbar-1.09.1.1004.exe
2015-05-12 14:20 - 2015-05-12 14:28 - 16971864 _____ () C:\Documents and 
 
Settings\natasha\Desktop\winlogon.exe
2015-05-11 18:19 - 2015-05-11 18:44 - 00024254 _____ () C:\Documents and 
 
Settings\natasha\Desktop\Addition.txt
2015-05-11 18:18 - 2015-05-13 12:00 - 00046375 _____ () C:\Documents and 
 
Settings\natasha\Desktop\FRST.txt
2015-05-11 18:16 - 2015-05-11 18:16 - 01141248 _____ (Farbar) C:\Documents and 
 
Settings\natasha\Desktop\FRST.exe
2015-05-11 18:14 - 2015-05-11 18:14 - 00000000 ____D () C:\Documents and Settings\natasha\Desktop\New 
 
Folder
2015-05-11 16:44 - 2015-05-11 16:44 - 00000000 ____D () C:\Documents and Settings\natasha\Application 
 
Data\SparkTrust
2015-05-11 16:43 - 2015-05-11 17:35 - 00000000 ____D () C:\Documents and Settings\All 
 
Users\Application Data\SparkTrust
2015-05-11 16:07 - 2015-05-11 16:07 - 00000000 ____D () C:\Documents and 
 
Settings\NetworkService\Local Settings\temp
2015-05-11 16:07 - 2015-05-11 16:07 - 00000000 ____D () C:\Documents and Settings\LocalService\Local 
 
Settings\temp
2015-05-11 16:07 - 2015-05-11 16:07 - 00000000 ____D () C:\Documents and Settings\Default User\Local 
 
Settings\temp
2015-05-11 16:06 - 2015-05-11 16:06 - 00009256 _____ () C:\ComboFix.txt
2015-05-11 15:45 - 2015-05-11 15:46 - 00030415 _____ () C:\TMPatch.log
2015-05-11 15:26 - 2015-05-11 16:38 - 00000000 ____D () C:\Program Files\Uninstall Tool
2015-05-11 15:26 - 2015-05-11 15:26 - 00000000 ____D () C:\Documents and Settings\natasha\Application 
 
Data\CrystalIdea Software
2015-05-11 15:08 - 2015-05-11 15:08 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2015-05-11 15:08 - 2015-05-11 15:08 - 00000000 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
2015-05-11 15:08 - 2015-05-11 15:08 - 00000000 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
2015-05-11 15:08 - 2015-05-11 15:08 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
2015-05-11 15:08 - 2015-05-11 15:08 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
2015-05-11 14:59 - 2015-05-11 14:59 - 00000000 _RSHD () C:\cmdcons
2015-05-11 14:59 - 2014-02-18 09:48 - 00000209 _____ () C:\Boot.bak
2015-05-11 14:59 - 2004-08-03 23:00 - 00260272 __RSH () C:\cmldr
2015-05-11 14:58 - 2011-06-26 16:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2015-05-11 14:58 - 2010-11-08 03:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2015-05-11 14:58 - 2009-04-20 14:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2015-05-11 14:58 - 2000-08-31 10:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2015-05-11 14:58 - 2000-08-31 10:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2015-05-11 14:58 - 2000-08-31 10:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2015-05-11 14:58 - 2000-08-31 10:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2015-05-11 14:58 - 2000-08-31 10:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2015-05-11 14:58 - 2000-08-31 10:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2015-05-11 14:51 - 2015-05-11 14:51 - 00000182 _____ () C:\Documents and Settings\natasha\My 
 
Documents\SAVEKEY1.reg
2015-05-11 14:44 - 2015-05-11 16:07 - 00000000 ____D () C:\Qoobox
2015-05-11 14:43 - 2015-05-11 15:14 - 00000000 ____D () C:\WINDOWS\erdnt
2015-05-11 14:24 - 2015-05-11 15:24 - 00000000 ____D () C:\AdwCleaner
2015-05-11 13:58 - 2015-05-13 11:59 - 00000000 ____D () C:\FRST
2015-05-11 13:20 - 2015-05-11 13:20 - 00001813 _____ () C:\Documents and Settings\All 
 
Users\Desktop\Google Chrome.lnk
2015-05-11 13:20 - 2015-05-11 13:20 - 00000000 ____D () C:\Documents and Settings\All Users\Start 
 
Menu\Programs\Google Chrome
2015-05-11 13:19 - 2015-05-13 11:56 - 00000884 _____ () 
 
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-11 13:19 - 2015-05-12 18:24 - 00000888 _____ () 
 
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-11 12:47 - 2015-05-11 15:27 - 00000051 _____ () C:\WINDOWS\UpdateInfo.ini
2015-05-11 11:08 - 2015-05-11 11:08 - 00000356 _____ () C:\Documents and Settings\natasha\My 
 
Documents\SAVEKEY.reg
2015-05-11 10:44 - 2015-05-11 11:07 - 00000000 ____D () C:\Documents and 
 
Settings\NetworkService\Application Data\tor
2015-05-11 10:36 - 2006-12-29 00:31 - 00019569 _____ () C:\WINDOWS\000003_.tmp
2015-05-11 10:24 - 2015-05-11 10:46 - 00000792 _____ () C:\Documents and Settings\LocalService\Start 
 
Menu\Programs\Windows Media Player.lnk
2015-05-11 10:08 - 2008-04-14 05:41 - 00081920 ____N (Microsoft Corporation) 
 
C:\WINDOWS\system32\ieencode.dll
2015-05-11 10:06 - 2006-12-29 00:31 - 00019569 _____ () C:\WINDOWS\000002_.tmp
2015-05-11 08:50 - 2015-05-11 08:50 - 00000000 ____D () C:\Documents and Settings\natasha\Local 
 
Settings\Application Data\Help
2015-05-11 08:50 - 2015-05-11 08:50 - 00000000 ____D () C:\Documents and Settings\natasha\Application 
 
Data\Help
2015-04-20 17:56 - 2015-04-20 17:56 - 18178736 _____ (Adobe Systems Incorporated) 
 
C:\WINDOWS\system32\FlashPlayerInstaller.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-13 12:00 - 2014-02-17 21:29 - 00000000 ____D () C:\Documents and Settings\natasha\Local 
 
Settings\Temp
2015-05-13 11:59 - 2014-02-18 11:00 - 00000426 ____H () 
 
C:\WINDOWS\Tasks\User_Feed_Synchronization-{020D0B2D-E8B5-494B-B722-C8DD5F0FD533}.job
2015-05-13 11:59 - 2014-02-17 21:23 - 01591330 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-13 11:58 - 2014-02-18 11:33 - 00644816 _____ () C:\WINDOWS\KB973768.log
2015-05-13 11:56 - 2014-04-30 21:38 - 00000226 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of 
 
Service Notification Logon.job
2015-05-13 11:56 - 2014-02-18 14:49 - 00000000 ____D () C:\Documents and Settings\natasha\Application 
 
Data\uTorrent
2015-05-13 11:56 - 2014-02-17 21:28 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-12 19:16 - 2014-02-17 21:29 - 00000178 ___SH () C:\Documents and Settings\natasha\ntuser.ini
2015-05-12 19:16 - 2014-02-17 21:28 - 00032530 _____ () C:\WINDOWS\SchedLgU.Txt
2015-05-12 18:56 - 2014-02-26 19:57 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player 
 
Updater.job
2015-05-12 17:48 - 2014-02-17 21:29 - 00000000 ____D () C:\Documents and Settings\natasha
2015-05-12 15:10 - 2014-02-17 21:28 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2015-05-12 14:08 - 2015-03-14 12:03 - 01246740 _____ () C:\WINDOWS\system32\CFG2151321024
2015-05-11 17:29 - 2014-02-18 07:13 - 00907704 _____ () C:\WINDOWS\setupapi.log
2015-05-11 16:49 - 2014-02-17 21:39 - 00001394 _____ () C:\Documents and 
 
Settings\natasha\Desktop\Media Center.lnk
2015-05-11 16:05 - 2004-08-10 21:00 - 00000227 _____ () C:\WINDOWS\system.ini
2015-05-11 15:45 - 2014-07-28 07:55 - 00000000 ____D () C:\Documents and Settings\All 
 
Users\Application Data\Trend Micro
2015-05-11 15:15 - 2014-02-18 07:07 - 00000000 ____D () C:\WINDOWS\repair
2015-05-11 15:09 - 2014-02-18 07:16 - 00000216 _____ () C:\WINDOWS\wiadebug.log
2015-05-11 15:09 - 2014-02-18 07:12 - 29622272 _____ () C:\WINDOWS\system32\config\software.bak
2015-05-11 15:09 - 2014-02-18 07:12 - 06553600 _____ () C:\WINDOWS\system32\config\system.bak
2015-05-11 15:09 - 2014-02-18 07:12 - 00524288 _____ () C:\WINDOWS\system32\config\default.bak
2015-05-11 15:09 - 2014-02-18 07:12 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.bak
2015-05-11 15:09 - 2014-02-18 07:12 - 00262144 _____ () C:\WINDOWS\system32\config\SAM.bak
2015-05-11 15:06 - 2015-03-27 15:42 - 00000000 ____D () C:\Documents and Settings\natasha\Application 
 
Data\Company
2015-05-11 14:59 - 2014-02-18 07:12 - 00000325 __RSH () C:\boot.ini
2015-05-11 14:57 - 2015-03-16 14:55 - 00000000 ____D () C:\Documents and 
 
Settings\LocalService\Application Data\tor
2015-05-11 14:46 - 2014-02-18 07:16 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-05-11 14:34 - 2014-02-18 15:33 - 00000000 ____D () C:\Documents and Settings\natasha\Local 
 
Settings\Application Data\Deployment
2015-05-11 14:28 - 2014-02-17 21:22 - 00000000 ____D () C:\Program Files\Common Files\System
2015-05-11 13:20 - 2015-03-15 09:15 - 00000000 ____D () C:\Program Files\Google
2015-05-11 12:21 - 2014-02-18 09:57 - 00098128 _____ () C:\WINDOWS\ie8_main.log
2015-05-11 12:13 - 2014-02-17 21:45 - 00000681 _____ () C:\Documents and Settings\natasha\Start 
 
Menu\Programs\Internet Explorer.lnk
2015-05-11 12:07 - 2015-03-06 06:44 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-05-11 11:11 - 2014-02-17 21:22 - 00000000 ____D () C:\WINDOWS\system32\Restore
2015-05-11 11:10 - 2014-05-04 00:00 - 00009235 _____ () C:\WINDOWS\KB2964358-IE8.log
2015-05-11 11:10 - 2014-04-30 21:51 - 00014485 _____ () C:\WINDOWS\KB2936068-IE8.log
2015-05-11 11:10 - 2014-02-18 11:31 - 00017380 _____ () C:\WINDOWS\KB946648.log
2015-05-11 11:10 - 2014-02-17 21:19 - 00000000 ____D () C:\Program Files\Messenger
2015-05-11 10:46 - 2014-02-18 07:14 - 00055099 _____ () C:\WINDOWS\tabletoc.log
2015-05-11 10:46 - 2014-02-17 21:44 - 00146543 _____ () C:\WINDOWS\spupdsvc.log
2015-05-11 10:46 - 2014-02-17 21:20 - 00027775 _____ () C:\WINDOWS\wmsetup.log
2015-05-11 10:46 - 2014-02-17 21:20 - 00001063 _____ () C:\WINDOWS\DtcInstall.log
2015-05-11 10:45 - 2014-02-17 21:24 - 00316640 _____ () C:\WINDOWS\WMSysPr9.prx
2015-05-11 10:44 - 2014-02-18 09:54 - 00000682 _____ () C:\WINDOWS\spupdsvc.log.1.log
2015-05-11 10:43 - 2014-02-18 09:54 - 00000090 _____ () C:\WINDOWS\system32\spupdwxp.log
2015-05-11 10:43 - 2014-02-18 07:14 - 00164144 _____ () C:\WINDOWS\MedCtrOC.log
2015-05-11 10:42 - 2014-02-18 07:07 - 00000000 ____D () C:\WINDOWS\security
2015-05-11 10:42 - 2004-08-10 21:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-05-11 10:41 - 2014-02-18 09:39 - 00820462 _____ () C:\WINDOWS\svcpack.log
2015-05-11 10:37 - 2014-02-17 21:24 - 00001563 _____ () C:\Documents and Settings\All Users\Start 
 
Menu\Set Program Access and Defaults.lnk
2015-05-11 10:37 - 2014-02-17 21:22 - 00002058 _____ () C:\WINDOWS\sessmgr.setup.log
2015-05-11 10:37 - 2014-02-17 21:18 - 00000892 _____ () C:\WINDOWS\cmsetacl.log
2015-05-11 10:37 - 2014-02-17 21:18 - 00000000 ___RD () C:\Documents and Settings\All Users\Start 
 
Menu\Programs\Accessories
2015-05-11 10:36 - 2014-02-18 07:07 - 00000000 ____D () C:\WINDOWS\Help
2015-05-11 10:36 - 2014-02-17 21:40 - 00208053 _____ () C:\WINDOWS\updspapi.log
2015-05-11 10:20 - 2015-03-22 11:01 - 00000000 ____D () C:\Program Files\360
2015-05-11 10:06 - 2014-02-18 10:29 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2015-05-11 08:46 - 2014-02-18 07:14 - 01164178 _____ () C:\WINDOWS\iis6.log
2015-05-11 08:46 - 2014-02-18 07:14 - 01050906 _____ () C:\WINDOWS\FaxSetup.log
2015-05-11 08:46 - 2014-02-18 07:14 - 00513429 _____ () C:\WINDOWS\ocgen.log
2015-05-11 08:46 - 2014-02-18 07:14 - 00484949 _____ () C:\WINDOWS\tsoc.log
2015-05-11 08:46 - 2014-02-18 07:14 - 00362860 _____ () C:\WINDOWS\comsetup.log
2015-05-11 08:46 - 2014-02-18 07:14 - 00217849 _____ () C:\WINDOWS\ntdtcsetup.log
2015-05-11 08:46 - 2014-02-18 07:14 - 00197959 _____ () C:\WINDOWS\netfxocm.log
2015-05-11 08:46 - 2014-02-18 07:14 - 00057945 _____ () C:\WINDOWS\ocmsn.log
2015-05-11 08:46 - 2014-02-18 07:14 - 00052797 _____ () C:\WINDOWS\msgsocm.log
2015-05-11 08:46 - 2014-02-18 07:14 - 00001917 _____ () C:\WINDOWS\imsins.log
2015-05-11 08:45 - 2014-02-18 07:14 - 00327978 _____ () C:\WINDOWS\msmqinst.log
2015-05-10 15:36 - 2014-11-24 09:42 - 00000000 ____D () C:\Documents and Settings\natasha\Local 
 
Settings\Application Data\WinZip
2015-05-08 19:12 - 2014-03-02 21:03 - 00000000 ____D () C:\Documents and Settings\natasha\Application 
 
Data\vlc
2015-05-08 19:12 - 2014-02-24 20:45 - 00112128 _____ () C:\Documents and Settings\natasha\Local 
 
Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-08 16:19 - 2014-04-30 21:38 - 00000220 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of 
 
Service Notification Monthly.job
2015-04-25 16:56 - 2015-03-22 11:05 - 00000000 __SHD () C:\Documents and Settings\All 
 
Users\Application Data\360Quarant
2015-04-24 09:16 - 2015-03-22 09:53 - 00000000 ____D () C:\Documents and Settings\natasha\Local 
 
Settings\Application Data\jamip
2015-04-23 16:50 - 2015-03-15 11:04 - 00000258 __RSH () C:\Documents and Settings\All 
 
Users\ntuser.pol
2015-04-21 00:09 - 2014-04-07 19:13 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-04-20 17:57 - 2014-02-26 19:57 - 00778416 _____ (Adobe Systems Incorporated) 
 
C:\WINDOWS\system32\FlashPlayerApp.exe
2015-04-20 17:57 - 2014-02-26 19:57 - 00142512 _____ (Adobe Systems Incorporated) 
 
C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
 
==================== Files in the root of some directories =======
 
2014-05-01 20:45 - 2014-06-06 21:32 - 0000000 _____ () C:\Program Files\Mozilla 
 
Firefoxsafeguard-secure-search.xml
2015-05-11 16:44 - 2015-05-11 16:49 - 0000053 _____ () C:\Documents and Settings\natasha\Application 
 
Data\LogFile.txt
2015-03-22 09:54 - 2015-03-22 09:54 - 0408088 _____ () C:\Documents and Settings\natasha\Local 
 
Settings\Application Data\bfctsjrfiu.dat
2014-02-24 20:45 - 2015-05-08 19:12 - 0112128 _____ () C:\Documents and Settings\natasha\Local 
 
Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-17 21:34 - 2014-02-17 21:34 - 0000130 _____ () C:\Documents and Settings\natasha\Local 
 
Settings\Application Data\fusioncache.dat
2014-07-28 07:54 - 2014-07-28 07:54 - 0000036 _____ () C:\Documents and Settings\natasha\Local 
 
Settings\Application Data\housecall.guid.cache
2015-03-22 09:53 - 2015-03-22 09:53 - 0000032 _____ () C:\Documents and Settings\natasha\Local 
 
Settings\Application Data\rbkqbnjemt.png
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
==================== End Of Log ============================

  • 0

#19
tea82au

tea82au

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

ADDITION.TXT

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-05-2015
Ran by natasha at 2015-05-13 12:00:23
Running from C:\Documents and Settings\natasha\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-73586283-1580818891-725345543-500 - Administrator - Enabled)
ASPNET (S-1-5-21-73586283-1580818891-725345543-1004 - Limited - Enabled)
Guest (S-1-5-21-73586283-1580818891-725345543-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-73586283-1580818891-725345543-1000 - Limited - Disabled)
natasha (S-1-5-21-73586283-1580818891-725345543-1003 - Administrator - Enabled) => 
 
%SystemDrive%\Documents and Settings\natasha
SUPPORT_388945a0 (S-1-5-21-73586283-1580818891-725345543-1002 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware 
 
programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-73586283-1580818891-725345543-1003\...\uTorrent) (Version: 3.4.3.40298 - 
 
BitTorrent Inc.)
AC3Filter 1.63b (HKLM\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems 
 
Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe 
 
Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-73586283-1580818891-725345543-1003\...\Akamai) (Version:  - 
 
Akamai Technologies, Inc)
Cinema Plus Pro 3.2cV26.03 (HKLM\...\Cinema Plus Pro 3.2cV26.03) (Version: 1.36.01.22 - Cinema 
 
PlusV26.03) <==== ATTENTION!
CinemaP-1.9cV20.03 (HKLM\...\CinemaP-1.9cV20.03) (Version: 1.36.01.22 - Cinema PlusV20.03) <==== 
 
ATTENTION
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) 
 
(Version: 12.0.6514.5001 - Microsoft Corporation)
Conexant HDA D110 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3) 
 
(Version:  - )
Dell System Detect (HKU\S-1-5-21-73586283-1580818891-725345543-1003\...\9204f5692a8faf3b) (Version: 
 
5.4.0.4 - Dell)
ESPNMotion (HKLM\...\ESPNMotion) (Version: 2.1.6.0011 - ESPN Internet Ventures)
GemMaster Mystic (HKLM\...\12133444-BF36-4d4e-B7FB-A3424C645DE4) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Graboid Video (HKU\S-1-5-21-73586283-1580818891-725345543-1003\...\Graboid Video 5.2.1.0) (Version: 
 
5.2.1.0 - Graboid Inc.)
Graboid Video (Version: 5.2.1.0 - Graboid Inc.) Hidden
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - 
 
Microsoft Corporation)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
Intel® PROSet/Wireless Software (HKLM\...\ProInst) (Version: 11.5.0000 - Intel Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
mCore (Version: 11.02.0000 - Intel Corporation) Hidden
mDriver (Version: 11.02.0000 - Intel) Hidden
mDrWiFi (Version: 11.02.0000 - Intel Corporation) Hidden
mHlpDell (Version: 11.02.0000 - Intel) Hidden
Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM\...\KB2742607) (Version:  - Microsoft 
 
Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM\...\KB2904878) (Version:  - Microsoft 
 
Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) 
 
(Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) 
 
(Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft 
 
Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 
 
(HKLM\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 
 
(HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
mIWA (Version: 11.02.0000 - Intel Corporation) Hidden
Mixer (HKLM\...\MIXERLITE) (Version:  - )
mLogView (Version: 11.02.0000 - Intel Corporation) Hidden
mMHouse (Version: 11.02.0000 - Intel Corporation) Hidden
mPfMgr (Version: 11.02.0000 - Intel Corporation) Hidden
mPfWiz (Version: 11.02.0000 - Intel Corporation) Hidden
mProSafe (Version: 9.00.0000 - Intel) Hidden
mSCfg (Version: 11.02.0000 - Intel Corporation) Hidden
mSSO (Version: 11.02.0000 - Intel Corporation) Hidden
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - 
 
Microsoft Corporation)
mWlsSafe (Version: 9.00.0000 - Intel) Hidden
mWMI (Version: 11.02.0000 - Intel Corporation) Hidden
mZConfig (Version: 11.02.0000 - Intel Corporation) Hidden
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5210.0 - SigmaTel)
Sonic Encoders (HKLM\...\{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)
Sound Blaster ADVANCED MB Drivers (HKLM\...\SAMB_ADVMB_FILTER_DRV) (Version:  - )
Sound Blaster Audigy ADVANCED MB Demo (HKLM\...\CTMBDemo_Audigy) (Version:  - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 8.2.4.6 - Synaptics)
Telstra Mobile Broadband Manager (HKLM\...\Telstra Mobile Broadband Manager) (Version: 3.0.514 - 
 
Telstra)
Telstra Mobile Broadband Manager (Version: 3.0.514 - Telstra) Hidden
Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM\...\KB900325) (Version:  - Microsoft 
 
Corporation)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 
 
14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{3F4EC965-28EF-45C3-B063-04B25D4E9679}) (Version: 5.0.1.2609 - 
 
Dell)
Windows Driver Package - Cmotech (cmusbnet) Net  (06/11/2007 2.0.0.9) 
 
(HKLM\...\E7E257830CD4614E7CF1B3792DF19B85FE5E7BE7) (Version: 06/11/2007 2.0.0.9 - Cmotech)
Windows Driver Package - Cmotech Modem  (12/13/2006 2.0.3.5) 
 
(HKLM\...\5E8F128761A9B07EC2DEC909F167D92DB8B3A348) (Version: 12/13/2006 2.0.3.5 - Cmotech)
Windows Driver Package - Cmotech Ports  (12/13/2006 2.0.3.5) 
 
(HKLM\...\6A032F4180B5A0E8F4BC27384D0A423B2595A785) (Version: 12/13/2006 2.0.3.5 - Cmotech)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft 
 
Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft 
 
Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft 
 
Corporation)
WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24013}) (Version: 18.0.10644 - WinZip 
 
Computing, S.L. )
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not 
 
be moved.)
 
 
==================== Restore Points  =========================
 
11-05-2015 11:12:06 System Checkpoint
11-05-2015 11:14:02 repaired restore point dont go past this date
11-05-2015 11:20:00 Software Distribution Service 3.0
11-05-2015 11:44:24 Software Distribution Service 3.0
11-05-2015 12:15:26 Software Distribution Service 3.0
11-05-2015 12:45:26 Software Distribution Service 3.0
11-05-2015 12:52:23 Software Distribution Service 3.0
11-05-2015 13:00:36 Software Distribution Service 3.0
11-05-2015 13:28:40 Software Distribution Service 3.0
11-05-2015 15:27:54 Removed Trend Micro DirectPass
11-05-2015 15:50:58 Software Distribution Service 3.0
11-05-2015 16:47:58 Software Distribution Service 3.0
11-05-2015 17:14:56 Software Distribution Service 3.0
11-05-2015 17:36:12 Software Distribution Service 3.0
11-05-2015 17:41:07 Software Distribution Service 3.0
11-05-2015 18:53:46 Software Distribution Service 3.0
12-05-2015 14:42:47 Software Distribution Service 3.0
12-05-2015 19:16:40 Software Distribution Service 3.0
13-05-2015 11:58:08 Software Distribution Service 3.0
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2004-08-10 21:00 - 2015-05-11 15:10 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is 
 
running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => 
 
C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program 
 
Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program 
 
Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => 
 
C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => 
 
C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{020D0B2D-E8B5-494B-B722-C8DD5F0FD533}.job => 
 
C:\WINDOWS\system32\msfeedssync.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2007-10-08 14:03 - 2007-10-08 14:03 - 00245760 _____ () C:\Program 
 
Files\Intel\Wireless\Bin\IWMSPROV.DLL
2004-08-10 21:00 - 2005-08-05 14:01 - 00282112 _____ () C:\WINDOWS\system32\sbe.dll
2004-08-10 21:00 - 2013-01-02 16:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2004-08-10 21:00 - 2008-04-14 05:41 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2004-08-10 21:00 - 2008-04-14 05:42 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2014-02-18 12:06 - 2014-02-18 12:06 - 03391488 _____ () 
 
c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_b8a16cab\mscorlib.d
 
ll
2006-05-24 18:29 - 2006-05-24 18:29 - 00053248 _____ () C:\Program Files\WIDCOMM\Bluetooth 
 
Software\btkeyind.dll
2007-05-17 14:42 - 2007-05-17 14:42 - 01167360 _____ () C:\Program 
 
Files\Intel\Wireless\Bin\acAuth.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" 
 
will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be 
 
removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-73586283-1580818891-725345543-1003\...\dell.com -> dell.com
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-73586283-1580818891-725345543-1003\Control Panel\Desktop\\Wallpaper -> 
 
C:\WINDOWS\web\wallpaper\Bliss.bmp
DNS Servers: 10.0.0.138
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not 
 
be moved.)
 
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\natasha\Application 
 
Data\uTorrent\uTorrent.exe] => Enabled:µTorrent
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\natasha\Local Settings\Application 
 
Data\Akamai\netsession_win.exe] => Enabled:Akamai NetSession Client
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => 
 
Enabled:Google Chrome
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [1127:TCP] => Enabled:Akamai NetSession Interface
StandardProfile\GloballyOpenPorts: [5000:UDP] => Enabled:Akamai NetSession Interface
 
==================== Faulty Device Manager Devices =============
 
Name: Ethernet Controller
Description: Ethernet Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware 
 
Update wizard.
 
Name: Base System Device
Description: Base System Device
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware 
 
Update wizard.
 
Name: Base System Device
Description: Base System Device
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware 
 
Update wizard.
 
Name: Base System Device
Description: Base System Device
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware 
 
Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/12/2015 02:37:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application ehrec.exe, version 5.1.2600.5512, faulting module ehrec.exe, 
 
version 5.1.2600.5512, fault address 0x00005f67.
Processing media-specific event for [ehrec.exe!ws!]
 
Error: (05/11/2015 06:44:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 42.0.2311.135, faulting module unknown, version 
 
0.0.0.0, fault address 0x00013e58.
Processing media-specific event for [chrome.exe!ws!]
 
Error: (05/11/2015 06:41:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 42.0.2311.135, faulting module unknown, version 
 
0.0.0.0, fault address 0x00013e58.
Processing media-specific event for [chrome.exe!ws!]
 
Error: (05/11/2015 06:39:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 42.0.2311.135, faulting module unknown, version 
 
0.0.0.0, fault address 0x00013e58.
Processing media-specific event for [chrome.exe!ws!]
 
Error: (05/11/2015 06:35:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 42.0.2311.135, faulting module unknown, version 
 
0.0.0.0, fault address 0x00013e58.
Processing media-specific event for [chrome.exe!ws!]
 
Error: (05/11/2015 06:33:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 42.0.2311.135, faulting module unknown, version 
 
0.0.0.0, fault address 0x00013e58.
Processing media-specific event for [chrome.exe!ws!]
 
Error: (05/11/2015 06:29:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 42.0.2311.135, faulting module unknown, version 
 
0.0.0.0, fault address 0x00013e58.
Processing media-specific event for [chrome.exe!ws!]
 
Error: (05/11/2015 06:25:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 42.0.2311.135, faulting module unknown, version 
 
0.0.0.0, fault address 0x00013e58.
Processing media-specific event for [chrome.exe!ws!]
 
Error: (05/11/2015 00:34:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application pfsvc.exe, version 1.10.0.11, faulting module pfsvc.exe, version 
 
1.10.0.11, fault address 0x000250fc.
Processing media-specific event for [pfsvc.exe!ws!]
 
Error: (05/11/2015 00:05:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 37.0.2.5583, faulting module 
 
mozalloc.dll, version 37.0.2.5583, fault address 0x00001aa1.
Processing media-specific event for [plugin-container.exe!ws!]
 
 
System errors:
=============
Error: (05/13/2015 11:58:19 AM) (Source: Windows Update Agent) (EventID: 20) (User: )
Description: Installation Failure: Windows failed to install the following update with error 
 
0x8007f0f4: Security Update for Windows XP (KB973768).
 
Error: (05/12/2015 07:16:43 PM) (Source: Windows Update Agent) (EventID: 20) (User: )
Description: Installation Failure: Windows failed to install the following update with error 
 
0x8007f0f4: Security Update for Windows XP (KB973768).
 
Error: (05/12/2015 02:42:49 PM) (Source: Windows Update Agent) (EventID: 20) (User: )
Description: Installation Failure: Windows failed to install the following update with error 
 
0x8007f0f4: Security Update for Windows XP (KB973768).
 
Error: (05/12/2015 02:04:22 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
nmi1n2y4ndzhyjb
pfnfd_1_10_0_11
qrnfd_1_10_0_9
 
Error: (05/12/2015 02:04:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater18.3.0 service failed to start due to the following error: 
%%2
 
Error: (05/11/2015 06:53:49 PM) (Source: Windows Update Agent) (EventID: 20) (User: )
Description: Installation Failure: Windows failed to install the following update with error 
 
0x8007f0f4: Security Update for Windows XP (KB973768).
 
Error: (05/11/2015 05:43:21 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
nmi1n2y4ndzhyjb
pfnfd_1_10_0_11
qrnfd_1_10_0_9
 
Error: (05/11/2015 05:43:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater18.3.0 service failed to start due to the following error: 
%%2
 
Error: (05/11/2015 05:41:09 PM) (Source: Windows Update Agent) (EventID: 20) (User: )
Description: Installation Failure: Windows failed to install the following update with error 
 
0x8007f0f4: Security Update for Windows XP (KB973768).
 
Error: (05/11/2015 05:37:34 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
nmi1n2y4ndzhyjb
pfnfd_1_10_0_11
qrnfd_1_10_0_9
 
 
Microsoft Office Sessions:
=========================
Error: (05/12/2015 02:37:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ehrec.exe5.1.2600.5512ehrec.exe5.1.2600.551200005f67
 
Error: (05/11/2015 06:44:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe42.0.2311.135unknown0.0.0.000013e58
 
Error: (05/11/2015 06:41:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe42.0.2311.135unknown0.0.0.000013e58
 
Error: (05/11/2015 06:39:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe42.0.2311.135unknown0.0.0.000013e58
 
Error: (05/11/2015 06:35:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe42.0.2311.135unknown0.0.0.000013e58
 
Error: (05/11/2015 06:33:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe42.0.2311.135unknown0.0.0.000013e58
 
Error: (05/11/2015 06:29:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe42.0.2311.135unknown0.0.0.000013e58
 
Error: (05/11/2015 06:25:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe42.0.2311.135unknown0.0.0.000013e58
 
Error: (05/11/2015 00:34:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: pfsvc.exe1.10.0.11pfsvc.exe1.10.0.11000250fc
 
Error: (05/11/2015 00:05:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583mozalloc.dll37.0.2.558300001aa1
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 CPU T5300 @ 1.73GHz
Percentage of memory in use: 34%
Total physical RAM: 2038.37 MB
Available physical RAM: 1336.02 MB
Total Pagefile: 3931.19 MB
Available Pagefile: 3287.09 MB
Total Virtual: 2047.88 MB
Available Virtual: 1934.54 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:111.78 GB) (Free:38.48 GB) NTFS ==>[Drive with boot components (Windows 
 
XP)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 111.8 GB) (Disk ID: 00000080)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

  • 0

#20
tea82au

tea82au

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

FSST.TXT

 

Farbar Service Scanner Version: 17-01-2015
Ran by natasha (administrator) on 13-05-2015 at 12:02:29
Running from "C:\Documents and Settings\natasha\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Policy: 
========================
 
 
Security Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Other Services:
==============
 
 
File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\afd.sys => File is digitally signed
C:\WINDOWS\system32\Drivers\netbt.sys => File is digitally signed
C:\WINDOWS\system32\Drivers\tcpip.sys => File is digitally signed
C:\WINDOWS\system32\Drivers\ipsec.sys => File is digitally signed
C:\WINDOWS\system32\dnsrslvr.dll => File is digitally signed
C:\WINDOWS\system32\ipnathlp.dll => File is digitally signed
C:\WINDOWS\system32\netman.dll => File is digitally signed
C:\WINDOWS\system32\wbem\WMIsvc.dll => File is digitally signed
C:\WINDOWS\system32\srsvc.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\sr.sys => File is digitally signed
C:\WINDOWS\system32\wscsvc.dll => File is digitally signed
C:\WINDOWS\system32\wbem\WMIsvc.dll => File is digitally signed
C:\WINDOWS\system32\wuauserv.dll => File is digitally signed
C:\WINDOWS\system32\qmgr.dll => File is digitally signed
C:\WINDOWS\system32\es.dll => File is digitally signed
C:\WINDOWS\system32\cryptsvc.dll => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
 
Extra List:
=======
AegisP(8) Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4) 
0x120000000B0000000500000001000000020000000300000004000000110000000F000000120000000D000000100000000E0
 
000000C0000000A00000009000000060000000700000008000000
 
 
**** End of log ****

  • 0

#21
tea82au

tea82au

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

I sent Dr web curelt logs results earlier, is  that the same thing of what they found?


  • 0

#22
tea82au

tea82au

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

In my quarantine manager it shows that there is trojans, and adware etc but not sure how to find out Dr web found? other than the curelt logs I sent you earlier


  • 0

#23
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,008 posts

Sorry for the delay in getting back to you. :)

 

I had travel to Auckland for a family matter and was away for a couple of days.

 

 

In my quarantine manager it shows that there is trojans, and adware etc but not sure how to find out Dr web found?

 

Don't worry about that for now. I think Dr Web may have dealt with a nasty back door infection. With these sorts of infections your machine has likely been accessed from an outside source. Change passwords on all sites you use and make sure you check any banking and credit card accounts you accessed with the infected machine.

 

Moving on

 

We need to run a couple more scans to ensure we clean away any other stuff there might be.

 

Please download Junkware Removal Tool to your desktop.
 

  • Shut down your protection software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right click JRT.exe and "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

After that

 

Please download : ADWCleaner to your desktop  (use the Download Now @ BleepingComputer button)..

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs and click on the AdwCleaner icon. AdwCleaner will update itself and then open.

AdwCleaner.jpg

Click on Scan  and follow the prompts. It may appear not to be doing anything, please be patient and let it run unhindered. When the "Please uncheck elements you don't want to remove" appears just go ahead and click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy and paste back here. If a report doesn't appear, press the report button and Copy & Paste the contents on your next reply.

A copy of the report is also saved in the C:\AdwCleaner folder.

 

So when you return please post

  • JRT.txt
  • AdwCleaner.txt

  • 0

#24
tea82au

tea82au

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

Thank you for your help

 

  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.1 (05.14.2015:1)
OS: Microsoft Windows XP x86
Ran by natasha on Fri 05/15/2015 at 17:25:22.59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] C:\Documents and Settings\natasha\Application Data\sparktrust
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 05/15/2015 at 17:29:51.23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
ADWARE CLEANER
 
# AdwCleaner v4.203 - Logfile created 15/05/2015 at 17:37:51
# Updated 30/04/2015 by Xplode
# Database : 2015-05-12.2 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : natasha - NATASHA-6117050
# Running from : C:\Documents and Settings\natasha\My Documents\Desktop\adwcleaner_4.203.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Device
Folder Deleted : C:\Documents and Settings\All Users\Application Data\SparkTrust
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - 
 
<local>
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
 
-\\ Mozilla Firefox v
 
 
-\\ Google Chrome v42.0.2311.152
 
 
*************************
 
AdwCleaner[R0].txt - [25209 bytes] - [11/05/2015 14:25:57]
AdwCleaner[R1].txt - [1587 bytes] - [11/05/2015 14:31:38]
AdwCleaner[R2].txt - [1163 bytes] - [11/05/2015 15:23:37]
AdwCleaner[R3].txt - [1329 bytes] - [15/05/2015 17:32:33]
AdwCleaner[S0].txt - [25465 bytes] - [11/05/2015 14:27:18]
AdwCleaner[S1].txt - [1659 bytes] - [11/05/2015 14:33:50]
AdwCleaner[S2].txt - [1260 bytes] - [15/05/2015 17:37:51]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1319  bytes] ##########
 

  • 0

#25
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,008 posts

Hello again tea82au,

 

How is your machine now?


  • 0

Advertisements


#26
tea82au

tea82au

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi,

My machine seems to be running better, and is faster, and now let's me run programs without any hassles. Thank you so much for all your hard work
  • 0

#27
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,008 posts

Great news. :thumbsup:

 

I think you are good to go.

 

We have a couple of last steps to perform and then you're all set. :)

 

Follow these steps to uninstall Combofix. This will also clean out and reset your Restore Points.

  • Press the Windows Key and R on your keyboard. This will bring up the Run window.
  • Now type Combofix /Uninstall in the runbox  and click OK.  Note the space between the X and the U, it needs to be there.

CF_Uninstall-1.jpg


  • Follow the prompts to uninstall Combofix.

Once done you will receive a message saying Combofix was uninstalled successfully.

 

 

Step 2

To clear away the other tools we have been using download Delfix from here. You will be taken to the download page. Just wait and shortly the download will appear.

Put a check (tick) in the following boxes:
 

  • Remove disinfection tools
  • Purge System Restore
  • Reset System Settings

    Then click Run

The tool will run for a short time. When completed a notepad window will open with a log. Please copy and paste the log back here.

Any remaining tools may be deleted.

-------------------------------------------------------------------------------------------------------------------

A reminder:  Remember to (re-install if uninstalled during cleaning) update and turn back on any anti-malware programs you may have turned off during the cleaning process.
-------------------------------------------------------------------------------------------------------------------

Here are some things that I think are worth having a look at if you don't already know about them:

---------------------------------------------------------------------------------------------------------------------

It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article Strong passwords: How to create and use them.

----------------------------------------------------------------------------------------------------------------------

So many of us use Facebook nowadays. Go here for a guide to Facebook security.

-----------------------------------------------------------------------------------------------------------------------

Java warning

Java is a popular point of entry to your computer for malicious programs. Unless you need it to run an important software the safest approach is to completely uninstall Java. Where you do require it, then the next safest option is to disable it in your browsers until you need it, then enable it.

How to disable Java in your web browser and How to unplug Java from the browser

If you do still need Java then regularly check that it is up to date. Older versions are the most vulnerable to malicious attack.
 

  • Download Java for Windows

    Reboot your computer.
    You also need to unininstall older versions of Java.

       
  • Click Start > Control Panel > Add or Remove Programs
       
  • Remove all Java updates except the latest one you have just installed.

--------------------------------------------------------------------------------------------------------------------

CryptoLocker Warning

There is a particularly nasty infection out there at the moment.

Go here for information about CryptoLocker Ransomeware

Download CryptoPrevent free for home use.

--------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future:



If you do not already have automatic updates set then it is recommended that you do set Windows to check, download and install your updates automatically.

    * Click Start > Control Panel > System and Security > Windows Update
    * Under Windows Update click on Turn automatic updating on or off
    * Check items shown to ensure you receive updates automatically. Click OK.

Be aware of what emails you open and websites you visit.

Go here for some good advice about how to prevent infection.

For some common sense advice about protecting your computer read How to boost your malware defense and protect your PC

A fun way to check your online safety literacy.

Quiz - getsafeonline

Have a safe and happy computing day!

 


  • 0

#28
tea82au

tea82au

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi Sorry for being so late with this but here is the info from the delfix, thank you
 
# DelFix v1.010 - Logfile created 26/05/2015 at 14:40:28
# Updated 26/04/2015 by Xplode
# Username : natasha - NATASHA-6117050
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
 
~ Removing disinfection tools ...
 
Deleted : C:\Qoobox
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\RegBackup
Deleted : C:\Documents and Settings\natasha\Desktop\FRST-OlderVersion
Deleted : C:\Documents and Settings\natasha\Desktop\AdwCleaner[S2].txt
Deleted : C:\Documents and Settings\natasha\Desktop\FSS.exe
Deleted : C:\Documents and Settings\natasha\Desktop\JRT.txt
Deleted : C:\Documents and Settings\natasha\My Documents\Downloads\adwcleaner_4.203.exe
Deleted : C:\Documents and Settings\natasha\My Documents\Downloads\JRT.exe
Deleted : C:\WINDOWS\grep.exe
Deleted : C:\WINDOWS\PEV.exe
Deleted : C:\WINDOWS\NIRCMD.exe
Deleted : C:\WINDOWS\MBR.exe
Deleted : C:\WINDOWS\SED.exe
Deleted : C:\WINDOWS\SWREG.exe
Deleted : C:\WINDOWS\SWSC.exe
Deleted : C:\WINDOWS\SWXCACLS.exe
Deleted : C:\WINDOWS\Zip.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
 
~ Cleaning system restore ...
 
Deleted : RP #1 [System Checkpoint | 05/11/2015 01:12:06]
Deleted : RP #2 [repaired restore point dont go past this date | 05/11/2015 01:14:02]
Deleted : RP #3 [Software Distribution Service 3.0 | 05/11/2015 01:20:00]
Deleted : RP #4 [Software Distribution Service 3.0 | 05/11/2015 01:44:24]
Deleted : RP #5 [Software Distribution Service 3.0 | 05/11/2015 02:15:26]
Deleted : RP #6 [Software Distribution Service 3.0 | 05/11/2015 02:45:26]
Deleted : RP #7 [Software Distribution Service 3.0 | 05/11/2015 02:52:23]
Deleted : RP #8 [Software Distribution Service 3.0 | 05/11/2015 03:00:36]
Deleted : RP #9 [Software Distribution Service 3.0 | 05/11/2015 03:28:40]
Deleted : RP #10 [Removed Trend Micro DirectPass | 05/11/2015 05:27:54]
Deleted : RP #11 [Software Distribution Service 3.0 | 05/11/2015 05:50:58]
Deleted : RP #12 [Software Distribution Service 3.0 | 05/11/2015 06:47:58]
Deleted : RP #13 [Software Distribution Service 3.0 | 05/11/2015 07:14:56]
Deleted : RP #14 [Software Distribution Service 3.0 | 05/11/2015 07:36:12]
Deleted : RP #15 [Software Distribution Service 3.0 | 05/11/2015 07:41:07]
Deleted : RP #16 [Software Distribution Service 3.0 | 05/11/2015 08:53:46]
Deleted : RP #17 [Software Distribution Service 3.0 | 05/12/2015 04:42:47]
Deleted : RP #18 [Software Distribution Service 3.0 | 05/12/2015 09:16:40]
Deleted : RP #19 [Software Distribution Service 3.0 | 05/13/2015 01:58:08]
Deleted : RP #20 [Software Distribution Service 3.0 | 05/13/2015 02:09:48]
Deleted : RP #21 [Software Distribution Service 3.0 | 05/13/2015 05:15:15]
Deleted : RP #22 [Software Distribution Service 3.0 | 05/14/2015 00:58:38]
Deleted : RP #23 [Installed AVG 2015 | 05/14/2015 02:09:11]
Deleted : RP #24 [Installed AVG 2015 | 05/14/2015 02:09:40]
Deleted : RP #25 [Software Distribution Service 3.0 | 05/14/2015 04:19:54]
Deleted : RP #26 [Software Distribution Service 3.0 | 05/14/2015 05:14:36]
Deleted : RP #27 [Software Distribution Service 3.0 | 05/14/2015 09:21:50]
Deleted : RP #28 [Software Distribution Service 3.0 | 05/15/2015 14:00:16]
Deleted : RP #29 [Software Distribution Service 3.0 | 05/16/2015 14:00:14]
Deleted : RP #30 [Software Distribution Service 3.0 | 05/17/2015 14:00:16]
Deleted : RP #31 [Software Distribution Service 3.0 | 05/18/2015 23:58:11]
Deleted : RP #32 [Software Distribution Service 3.0 | 05/19/2015 14:00:15]
Deleted : RP #33 [Software Distribution Service 3.0 | 05/20/2015 14:00:15]
Deleted : RP #34 [Software Distribution Service 3.0 | 05/21/2015 14:00:15]
Deleted : RP #35 [Software Distribution Service 3.0 | 05/22/2015 14:00:15]
Deleted : RP #36 [Software Distribution Service 3.0 | 05/23/2015 14:00:15]
Deleted : RP #37 [Software Distribution Service 3.0 | 05/24/2015 14:00:19]
Deleted : RP #38 [Software Distribution Service 3.0 | 05/25/2015 14:00:20]
 
New restore point created !
 
~ Resetting system settings ... OK
 
########## - EOF - ##########

  • 0

#29
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,008 posts

 

Hi Sorry for being so late with this but here is the info from the delfix,

 

No problem.

 

That has done it's job fine. :)

 

I will keep this topic open for another few days in case any issues arise.


  • 0

#30
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,008 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP