[dtekka]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 18-11-2013
Ran by Associate at 2013-11-19 15:10:35 Run:3
Running from C:\Documents and Settings\Associate\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
FF SearchPlugin: C:\Documents and Settings\Associate\Application Data\Mozilla\Firefox\Profiles\j8alfuol.default\searchplugins\safeguard-secure-search.xml
C:\Documents and Settings\Associate\Application Data\Mozilla\Firefox\Profiles\j8alfuol.default\searchplugins\safeguard-secure-search.xml
*****************

C:\Documents and Settings\Associate\Application Data\Mozilla\Firefox\Profiles\j8alfuol.default\searchplugins\safeguard-secure-search.xml => Moved successfully.
"C:\Documents and Settings\Associate\Application Data\Mozilla\Firefox\Profiles\j8alfuol.default\searchplugins\safeguard-secure-search.xml" => File/Directory not found.

==== End of Fixlog ====

[Advertisements]

Oh' just realized that I posted the wrong thing... Here are the new scan results after a restart.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-11-2013
Ran by Associate (administrator) on ASSOCIATE on 19-11-2013 15:16:20
Running from C:\Documents and Settings\Associate\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsty.exe
(ScanSoft, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter2\brctrcen.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Akamai Technologies, Inc.) C:\Documents and Settings\Associate\Local Settings\Application Data\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Documents and Settings\Associate\Local Settings\Application Data\Akamai\netsession_win.exe
(Gemalto N.V.) C:\Documents and Settings\Associate\Application Data\SanDisk\SanDisk_Button_Manager.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MpCmdRun.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Smapp] - C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [143360 2003-07-30] (Analog Devices, Inc.)
HKLM\...\Run: [PDF Complete] - C:\Program Files\PDF Complete\pdfsty.exe [219648 2006-01-03] (PDF Complete Inc)
HKLM\...\Run: [SetRefresh] - C:\Program Files\Compaq\SetRefresh\SetRefresh.exe [525824 2003-11-20] (Hewlett-Packard Company)
HKLM\...\Run: [SSBkgdUpdate] - C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe [155648 2003-10-14] (Scansoft, Inc.)
HKLM\...\Run: [PaperPort PTD] - C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [57393 2005-03-17] (ScanSoft, Inc.)
HKLM\...\Run: [IndexSearch] - C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [40960 2005-03-17] (ScanSoft, Inc.)
HKLM\...\Run: [ControlCenter2.0] - C:\Program Files\Brother\ControlCenter2\brctrcen.exe [995328 2005-11-11] (Brother Industries, Ltd.)
HKLM\...\Run: [igfxhkcmd] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [igfxpers] - C:\WINDOWS\system32\igfxpers.exe [114688 2005-09-20] (Intel Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Documents and Settings\Associate\Local Settings\Application Data\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [SanDisk_Button_Manager.exe] - C:\Documents and Settings\Associate\Application Data\SanDisk\SanDisk_Button_Manager.exe [29078632 2013-04-04] (Gemalto N.V.)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-04-11] (Google Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - {645701DB-0A59-AE3F-8D62-BAA040AFB663} URL = http://www.bing.com/...007&form=ZGAIDF
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} http://static.ak.fac...fbootloader.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1264309798530
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Associate\Application Data\Mozilla\Firefox\Profiles\j8alfuol.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 - C:\Documents and Settings\Associate\Application Data\Facebook\npfbplugin_1_0_3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Associate\Local Settings\Application Data\Google\Update\1.3.21.53\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Associate\Local Settings\Application Data\Google\Update\1.3.21.53\npGoogleUpdate3.dll No File
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{3112ca9c-de6d-4884-a869-9855de68056c}] - C:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
FF Extension: Google Toolbar for Firefox - C:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}

========================== Services (Whitelisted) =================

R2 Akamai; c:\program files\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R2 SoundMAX Agent Service (default); C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [45056 2002-09-20] (Analog Devices, Inc.)

==================== Drivers (Whitelisted) ====================

S3 ac97intc; C:\Windows\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
S3 Blfp; C:\Windows\System32\DRIVERS\baspxp32.sys [51584 2004-02-04] (Broadcom Corporation)
S3 i81x; C:\Windows\System32\DRIVERS\i81xnt5.sys [161020 2004-08-03] (Intel® Corporation)
S3 iAimFP0; C:\Windows\System32\DRIVERS\wADV01nt.sys [12415 2004-08-03] (Intel® Corporation)
S3 iAimFP1; C:\Windows\System32\DRIVERS\wADV02NT.sys [12127 2004-08-03] (Intel® Corporation)
S3 iAimFP2; C:\Windows\System32\DRIVERS\wADV05NT.sys [11775 2004-08-03] (Intel® Corporation)
S3 iAimFP3; C:\Windows\System32\DRIVERS\wSiINTxx.sys [12063 2004-08-03] (Intel® Corporation)
S3 iAimFP4; C:\Windows\System32\DRIVERS\wVchNTxx.sys [19455 2004-08-03] (Intel® Corporation)
S3 iAimFP5; C:\Windows\System32\DRIVERS\wADV07nt.sys [11807 2004-08-03] (Intel® Corporation)
S3 iAimFP6; C:\Windows\System32\DRIVERS\wADV08nt.sys [11295 2004-08-03] (Intel® Corporation)
S3 iAimFP7; C:\Windows\System32\DRIVERS\wADV09nt.sys [11871 2004-08-03] (Intel® Corporation)
S3 iAimTV0; C:\Windows\System32\DRIVERS\wATV01nt.sys [29311 2004-08-03] (Intel® Corporation)
S3 iAimTV1; C:\Windows\System32\DRIVERS\wATV02NT.sys [19551 2004-08-03] (Intel® Corporation)
S3 iAimTV3; C:\Windows\System32\DRIVERS\wATV04nt.sys [33599 2004-08-03] (Intel® Corporation)
S3 iAimTV4; C:\Windows\System32\DRIVERS\wCh7xxNT.sys [23615 2004-08-03] (Intel® Corporation)
S3 iAimTV5; C:\Windows\System32\DRIVERS\wATV10nt.sys [25471 2004-08-03] (Intel® Corporation)
S3 iAimTV6; C:\Windows\System32\DRIVERS\wATV06nt.sys [22271 2004-08-03] (Intel® Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R2 NwlnkIpx; C:\Windows\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-13] (Microsoft Corporation)
R2 NwlnkNb; C:\Windows\System32\DRIVERS\nwlnknb.sys [63232 2001-08-17] (Microsoft Corporation)
R2 NwlnkSpx; C:\Windows\System32\DRIVERS\nwlnkspx.sys [55936 2001-08-17] (Microsoft Corporation)
S1 P3; C:\Windows\System32\DRIVERS\p3.sys [42752 2008-04-13] (Microsoft Corporation)
S4 Symmpi; C:\Windows\system32\DRIVERS\symmpi.sys [28416 2002-04-03] (LSI Logic)
S3 catchme; \??\C:\DOCUME~1\ASSOCI~1\LOCALS~1\Temp\catchme.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-19 14:53 - 2013-11-19 15:16 - 00011661 _____ C:\Documents and Settings\Associate\Desktop\FRST.txt
2013-11-19 14:21 - 2013-11-19 14:21 - 00068840 _____ C:\Documents and Settings\Associate\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2013-11-19 13:35 - 2013-11-19 14:12 - 00014028 _____ C:\WINDOWS\setupapi.log
2013-11-19 13:22 - 2013-11-19 13:22 - 00015329 _____ C:\ComboFix.txt
2013-11-19 13:14 - 2013-11-19 13:14 - 00000000 _RSHD C:\cmdcons
2013-11-19 13:14 - 2013-09-30 13:25 - 00000211 _____ C:\Boot.bak
2013-11-19 13:14 - 2004-08-03 23:00 - 00260272 __RSH C:\cmldr
2013-11-19 13:12 - 2013-11-19 13:22 - 00000000 ____D C:\Qoobox
2013-11-19 13:11 - 2013-11-19 13:11 - 05146522 ____R (Swearware) C:\Documents and Settings\Associate\Desktop\ComboFix.exe
2013-11-19 13:01 - 2013-11-19 13:01 - 00000150 _____ C:\Documents and Settings\Associate\Desktop\combofix_error.URL
2013-11-19 10:51 - 2013-11-19 10:51 - 00000467 _____ C:\Documents and Settings\Associate\My Documents\eset.txt
2013-11-19 03:11 - 2013-11-19 14:58 - 00000384 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-11-19 01:13 - 2013-11-19 01:13 - 00000000 ____D C:\Program Files\ESET
2013-11-18 23:16 - 2013-11-19 14:46 - 00000000 ____D C:\FRST
2013-11-18 23:14 - 2013-11-18 23:14 - 01090881 _____ (Farbar) C:\Documents and Settings\Associate\Desktop\FRST.exe
2013-11-13 16:53 - 2013-11-13 16:53 - 00009068 _____ C:\WINDOWS\KB2900986.log
2013-11-13 16:53 - 2013-11-13 16:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-13 16:53 - 2013-11-13 16:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-13 16:53 - 2013-11-13 16:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-13 16:52 - 2013-11-13 16:53 - 00034037 _____ C:\WINDOWS\iis6.log
2013-11-13 16:52 - 2013-11-13 16:53 - 00030915 _____ C:\WINDOWS\FaxSetup.log
2013-11-13 16:52 - 2013-11-13 16:53 - 00014780 _____ C:\WINDOWS\ocgen.log
2013-11-13 16:52 - 2013-11-13 16:53 - 00014105 _____ C:\WINDOWS\tsoc.log
2013-11-13 16:52 - 2013-11-13 16:53 - 00010267 _____ C:\WINDOWS\comsetup.log
2013-11-13 16:52 - 2013-11-13 16:53 - 00009642 _____ C:\WINDOWS\msmqinst.log
2013-11-13 16:52 - 2013-11-13 16:53 - 00006227 _____ C:\WINDOWS\ntdtcsetup.log
2013-11-13 16:52 - 2013-11-13 16:53 - 00005415 _____ C:\WINDOWS\netfxocm.log
2013-11-13 16:52 - 2013-11-13 16:53 - 00002125 _____ C:\WINDOWS\MedCtrOC.log
2013-11-13 16:52 - 2013-11-13 16:53 - 00001710 _____ C:\WINDOWS\ocmsn.log
2013-11-13 16:52 - 2013-11-13 16:53 - 00001555 _____ C:\WINDOWS\tabletoc.log
2013-11-13 16:52 - 2013-11-13 16:53 - 00001545 _____ C:\WINDOWS\msgsocm.log
2013-11-13 16:52 - 2013-11-13 16:53 - 00001393 _____ C:\WINDOWS\imsins.log
2013-11-13 16:52 - 2013-11-13 16:53 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-11-13 16:52 - 2013-11-13 16:52 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-13 16:52 - 2013-11-13 16:52 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-11-13 16:52 - 2013-11-13 16:52 - 00000000 _____ C:\WINDOWS\setupact.log
2013-11-13 16:51 - 2013-11-13 16:53 - 00004119 _____ C:\WINDOWS\updspapi.log
2013-11-13 16:51 - 2013-11-13 16:52 - 00011232 _____ C:\WINDOWS\KB2888505-IE8.log
2013-11-13 10:21 - 2013-11-13 16:53 - 00014833 _____ C:\WINDOWS\KB2868626.log
2013-11-13 10:21 - 2013-11-13 16:53 - 00013816 _____ C:\WINDOWS\KB2862152.log
2013-11-13 10:21 - 2013-11-13 16:52 - 00013342 _____ C:\WINDOWS\KB2876331.log
2013-10-29 14:23 - 2013-10-29 14:23 - 00003309 _____ C:\Documents and Settings\Associate\reset.log
2013-10-29 13:24 - 2011-06-25 22:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2013-10-29 13:24 - 2010-11-07 09:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2013-10-29 13:24 - 2009-04-19 20:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2013-10-29 13:24 - 2000-08-30 16:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2013-10-29 13:24 - 2000-08-30 16:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2013-10-29 13:24 - 2000-08-30 16:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2013-10-29 13:24 - 2000-08-30 16:00 - 00098816 _____ C:\WINDOWS\sed.exe
2013-10-29 13:24 - 2000-08-30 16:00 - 00080412 _____ C:\WINDOWS\grep.exe
2013-10-29 13:24 - 2000-08-30 16:00 - 00068096 _____ C:\WINDOWS\zip.exe
2013-10-29 13:00 - 2013-11-19 13:21 - 00000000 ____D C:\WINDOWS\erdnt
2013-10-29 12:08 - 2013-10-29 12:08 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-29 11:19 - 2013-10-29 11:19 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-29 11:19 - 2013-10-29 11:19 - 00000000 ____D C:\Documents and Settings\Associate\Application Data\Malwarebytes
2013-10-29 11:19 - 2013-10-29 11:19 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2013-10-29 11:19 - 2013-10-29 11:19 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2013-10-29 11:19 - 2013-04-04 13:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-10-29 11:06 - 2013-10-29 11:08 - 00000000 ____D C:\AdwCleaner
2013-10-29 10:52 - 2013-10-29 15:10 - 00000000 ____D C:\Documents and Settings\Associate\Desktop\tools
2013-10-29 10:21 - 2013-10-29 10:21 - 00000815 _____ C:\Documents and Settings\All Users\Desktop\TeamViewer 8.lnk
2013-10-29 10:21 - 2013-10-29 10:21 - 00000000 ____D C:\Program Files\TeamViewer
2013-10-29 10:21 - 2013-10-29 10:21 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 8

==================== One Month Modified Files and Folders =======

2013-11-19 15:16 - 2013-11-19 14:53 - 00011661 _____ C:\Documents and Settings\Associate\Desktop\FRST.txt
2013-11-19 15:14 - 2011-08-25 14:36 - 00000000 ____D C:\Program Files\Common Files\Akamai
2013-11-19 15:14 - 2011-04-11 08:48 - 00000888 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-19 15:14 - 2009-07-24 09:14 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2013-11-19 15:14 - 2009-07-24 09:14 - 00000259 _____ C:\WINDOWS\wiadebug.log
2013-11-19 15:14 - 2009-07-24 09:14 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-11-19 15:14 - 2004-08-10 10:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-19 15:13 - 2010-01-23 21:20 - 00000278 ___SH C:\Documents and Settings\Associate\ntuser.ini
2013-11-19 15:13 - 2010-01-23 21:20 - 00000000 ____D C:\Documents and Settings\Associate
2013-11-19 15:13 - 2009-07-24 09:09 - 00032652 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-19 15:13 - 2004-08-09 13:00 - 01536778 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-19 15:10 - 2011-04-11 08:48 - 00000892 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-19 14:58 - 2013-11-19 03:11 - 00000384 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-11-19 14:46 - 2013-11-18 23:16 - 00000000 ____D C:\FRST
2013-11-19 14:34 - 2012-07-09 08:22 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-19 14:21 - 2013-11-19 14:21 - 00068840 _____ C:\Documents and Settings\Associate\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2013-11-19 14:21 - 2011-11-09 16:20 - 00000000 ____D C:\Documents and Settings\Associate\Local Settings\Application Data\Akamai
2013-11-19 14:12 - 2013-11-19 13:35 - 00014028 _____ C:\WINDOWS\setupapi.log
2013-11-19 13:22 - 2013-11-19 13:22 - 00015329 _____ C:\ComboFix.txt
2013-11-19 13:22 - 2013-11-19 13:12 - 00000000 ____D C:\Qoobox
2013-11-19 13:22 - 2009-07-24 09:30 - 00000000 __SHD C:\Documents and Settings\NetworkService
2013-11-19 13:21 - 2013-10-29 13:00 - 00000000 ____D C:\WINDOWS\erdnt
2013-11-19 13:20 - 2009-07-24 09:11 - 00000227 _____ C:\WINDOWS\system.ini
2013-11-19 13:14 - 2013-11-19 13:14 - 00000000 _RSHD C:\cmdcons
2013-11-19 13:14 - 2009-07-24 09:14 - 00000327 __RSH C:\boot.ini
2013-11-19 13:11 - 2013-11-19 13:11 - 05146522 ____R (Swearware) C:\Documents and Settings\Associate\Desktop\ComboFix.exe
2013-11-19 13:02 - 2013-07-03 11:25 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-19 13:01 - 2013-11-19 13:01 - 00000150 _____ C:\Documents and Settings\Associate\Desktop\combofix_error.URL
2013-11-19 10:51 - 2013-11-19 10:51 - 00000467 _____ C:\Documents and Settings\Associate\My Documents\eset.txt
2013-11-19 03:01 - 2012-04-25 08:32 - 00001698 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
2013-11-19 03:01 - 2011-05-18 23:11 - 00001945 ____C C:\WINDOWS\epplauncher.mif
2013-11-19 03:00 - 2011-05-18 23:09 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-19 02:21 - 2011-05-18 23:17 - 00230048 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2013-11-19 01:13 - 2013-11-19 01:13 - 00000000 ____D C:\Program Files\ESET
2013-11-18 23:14 - 2013-11-18 23:14 - 01090881 _____ (Farbar) C:\Documents and Settings\Associate\Desktop\FRST.exe
2013-11-18 12:21 - 2010-01-23 21:13 - 00000000 __SHD C:\WINDOWS\CSC
2013-11-18 09:52 - 2013-04-04 15:50 - 00000000 ____D C:\Documents and Settings\Associate\Application Data\SanDisk
2013-11-15 09:10 - 2004-08-09 12:44 - 00569878 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-13 16:53 - 2013-11-13 16:53 - 00009068 _____ C:\WINDOWS\KB2900986.log
2013-11-13 16:53 - 2013-11-13 16:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-13 16:53 - 2013-11-13 16:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-13 16:53 - 2013-11-13 16:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-13 16:53 - 2013-11-13 16:52 - 00034037 _____ C:\WINDOWS\iis6.log
2013-11-13 16:53 - 2013-11-13 16:52 - 00030915 _____ C:\WINDOWS\FaxSetup.log
2013-11-13 16:53 - 2013-11-13 16:52 - 00014780 _____ C:\WINDOWS\ocgen.log
2013-11-13 16:53 - 2013-11-13 16:52 - 00014105 _____ C:\WINDOWS\tsoc.log
2013-11-13 16:53 - 2013-11-13 16:52 - 00010267 _____ C:\WINDOWS\comsetup.log
2013-11-13 16:53 - 2013-11-13 16:52 - 00009642 _____ C:\WINDOWS\msmqinst.log
2013-11-13 16:53 - 2013-11-13 16:52 - 00006227 _____ C:\WINDOWS\ntdtcsetup.log
2013-11-13 16:53 - 2013-11-13 16:52 - 00005415 _____ C:\WINDOWS\netfxocm.log
2013-11-13 16:53 - 2013-11-13 16:52 - 00002125 _____ C:\WINDOWS\MedCtrOC.log
2013-11-13 16:53 - 2013-11-13 16:52 - 00001710 _____ C:\WINDOWS\ocmsn.log
2013-11-13 16:53 - 2013-11-13 16:52 - 00001555 _____ C:\WINDOWS\tabletoc.log
2013-11-13 16:53 - 2013-11-13 16:52 - 00001545 _____ C:\WINDOWS\msgsocm.log
2013-11-13 16:53 - 2013-11-13 16:52 - 00001393 _____ C:\WINDOWS\imsins.log
2013-11-13 16:53 - 2013-11-13 16:52 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-11-13 16:53 - 2013-11-13 16:51 - 00004119 _____ C:\WINDOWS\updspapi.log
2013-11-13 16:53 - 2013-11-13 10:21 - 00014833 _____ C:\WINDOWS\KB2868626.log
2013-11-13 16:53 - 2013-11-13 10:21 - 00013816 _____ C:\WINDOWS\KB2862152.log
2013-11-13 16:52 - 2013-11-13 16:52 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-13 16:52 - 2013-11-13 16:52 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-11-13 16:52 - 2013-11-13 16:52 - 00000000 _____ C:\WINDOWS\setupact.log
2013-11-13 16:52 - 2013-11-13 16:51 - 00011232 _____ C:\WINDOWS\KB2888505-IE8.log
2013-11-13 16:52 - 2013-11-13 10:21 - 00013342 _____ C:\WINDOWS\KB2876331.log
2013-11-13 16:51 - 2010-01-24 13:53 - 00000000 ____D C:\WINDOWS\ie8updates
2013-11-13 16:50 - 2013-08-14 16:01 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-13 16:47 - 2010-01-24 13:50 - 80340640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-10-29 15:10 - 2013-10-29 10:52 - 00000000 ____D C:\Documents and Settings\Associate\Desktop\tools
2013-10-29 14:23 - 2013-10-29 14:23 - 00003309 _____ C:\Documents and Settings\Associate\reset.log
2013-10-29 12:35 - 2013-07-16 10:38 - 00000000 ____D C:\Program Files\CCleaner
2013-10-29 12:08 - 2013-10-29 12:08 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-29 11:43 - 2010-01-24 13:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB956744$
2013-10-29 11:19 - 2013-10-29 11:19 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-29 11:19 - 2013-10-29 11:19 - 00000000 ____D C:\Documents and Settings\Associate\Application Data\Malwarebytes
2013-10-29 11:19 - 2013-10-29 11:19 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2013-10-29 11:19 - 2013-10-29 11:19 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2013-10-29 11:09 - 2004-08-09 12:40 - 00267800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-29 11:08 - 2013-10-29 11:06 - 00000000 ____D C:\AdwCleaner
2013-10-29 10:21 - 2013-10-29 10:21 - 00000815 _____ C:\Documents and Settings\All Users\Desktop\TeamViewer 8.lnk
2013-10-29 10:21 - 2013-10-29 10:21 - 00000000 ____D C:\Program Files\TeamViewer
2013-10-29 10:21 - 2013-10-29 10:21 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 8
2013-10-29 10:08 - 2010-01-24 12:53 - 00000426 ____C C:\WINDOWS\BRWMARK.INI
2013-10-29 09:52 - 2010-11-30 13:59 - 00002531 _____ C:\Documents and Settings\All Users\Desktop\DraftSight.lnk
2013-10-29 09:42 - 2010-02-22 09:54 - 00000000 ____D C:\Documents and Settings\Associate\Local Settings\Application Data\Google

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

[dtekka]

Oh' just realized that I posted the wrong thing... Here are the new scan results after a restart.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-11-2013
Ran by Associate (administrator) on ASSOCIATE on 19-11-2013 15:16:20
Running from C:\Documents and Settings\Associate\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsty.exe
(ScanSoft, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter2\brctrcen.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Akamai Technologies, Inc.) C:\Documents and Settings\Associate\Local Settings\Application Data\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Documents and Settings\Associate\Local Settings\Application Data\Akamai\netsession_win.exe
(Gemalto N.V.) C:\Documents and Settings\Associate\Application Data\SanDisk\SanDisk_Button_Manager.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MpCmdRun.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Smapp] - C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [143360 2003-07-30] (Analog Devices, Inc.)
HKLM\...\Run: [PDF Complete] - C:\Program Files\PDF Complete\pdfsty.exe [219648 2006-01-03] (PDF Complete Inc)
HKLM\...\Run: [SetRefresh] - C:\Program Files\Compaq\SetRefresh\SetRefresh.exe [525824 2003-11-20] (Hewlett-Packard Company)
HKLM\...\Run: [SSBkgdUpdate] - C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe [155648 2003-10-14] (Scansoft, Inc.)
HKLM\...\Run: [PaperPort PTD] - C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [57393 2005-03-17] (ScanSoft, Inc.)
HKLM\...\Run: [IndexSearch] - C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [40960 2005-03-17] (ScanSoft, Inc.)
HKLM\...\Run: [ControlCenter2.0] - C:\Program Files\Brother\ControlCenter2\brctrcen.exe [995328 2005-11-11] (Brother Industries, Ltd.)
HKLM\...\Run: [igfxhkcmd] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [igfxpers] - C:\WINDOWS\system32\igfxpers.exe [114688 2005-09-20] (Intel Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Documents and Settings\Associate\Local Settings\Application Data\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [SanDisk_Button_Manager.exe] - C:\Documents and Settings\Associate\Application Data\SanDisk\SanDisk_Button_Manager.exe [29078632 2013-04-04] (Gemalto N.V.)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-04-11] (Google Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - {645701DB-0A59-AE3F-8D62-BAA040AFB663} URL = http://www.bing.com/...007&form=ZGAIDF
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} http://static.ak.fac...fbootloader.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1264309798530
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Associate\Application Data\Mozilla\Firefox\Profiles\j8alfuol.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 - C:\Documents and Settings\Associate\Application Data\Facebook\npfbplugin_1_0_3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Associate\Local Settings\Application Data\Google\Update\1.3.21.53\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Associate\Local Settings\Application Data\Google\Update\1.3.21.53\npGoogleUpdate3.dll No File
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{3112ca9c-de6d-4884-a869-9855de68056c}] - C:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
FF Extension: Google Toolbar for Firefox - C:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}

========================== Services (Whitelisted) =================

R2 Akamai; c:\program files\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R2 SoundMAX Agent Service (default); C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [45056 2002-09-20] (Analog Devices, Inc.)

==================== Drivers (Whitelisted) ====================

S3 ac97intc; C:\Windows\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
S3 Blfp; C:\Windows\System32\DRIVERS\baspxp32.sys [51584 2004-02-04] (Broadcom Corporation)
S3 i81x; C:\Windows\System32\DRIVERS\i81xnt5.sys [161020 2004-08-03] (Intel® Corporation)
S3 iAimFP0; C:\Windows\System32\DRIVERS\wADV01nt.sys [12415 2004-08-03] (Intel® Corporation)
S3 iAimFP1; C:\Windows\System32\DRIVERS\wADV02NT.sys [12127 2004-08-03] (Intel® Corporation)
S3 iAimFP2; C:\Windows\System32\DRIVERS\wADV05NT.sys [11775 2004-08-03] (Intel® Corporation)
S3 iAimFP3; C:\Windows\System32\DRIVERS\wSiINTxx.sys [12063 2004-08-03] (Intel® Corporation)
S3 iAimFP4; C:\Windows\System32\DRIVERS\wVchNTxx.sys [19455 2004-08-03] (Intel® Corporation)
S3 iAimFP5; C:\Windows\System32\DRIVERS\wADV07nt.sys [11807 2004-08-03] (Intel® Corporation)
S3 iAimFP6; C:\Windows\System32\DRIVERS\wADV08nt.sys [11295 2004-08-03] (Intel® Corporation)
S3 iAimFP7; C:\Windows\System32\DRIVERS\wADV09nt.sys [11871 2004-08-03] (Intel® Corporation)
S3 iAimTV0; C:\Windows\System32\DRIVERS\wATV01nt.sys [29311 2004-08-03] (Intel® Corporation)
S3 iAimTV1; C:\Windows\System32\DRIVERS\wATV02NT.sys [19551 2004-08-03] (Intel® Corporation)
S3 iAimTV3; C:\Windows\System32\DRIVERS\wATV04nt.sys [33599 2004-08-03] (Intel® Corporation)
S3 iAimTV4; C:\Windows\System32\DRIVERS\wCh7xxNT.sys [23615 2004-08-03] (Intel® Corporation)
S3 iAimTV5; C:\Windows\System32\DRIVERS\wATV10nt.sys [25471 2004-08-03] (Intel® Corporation)
S3 iAimTV6; C:\Windows\System32\DRIVERS\wATV06nt.sys [22271 2004-08-03] (Intel® Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R2 NwlnkIpx; C:\Windows\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-13] (Microsoft Corporation)
R2 NwlnkNb; C:\Windows\System32\DRIVERS\nwlnknb.sys [63232 2001-08-17] (Microsoft Corporation)
R2 NwlnkSpx; C:\Windows\System32\DRIVERS\nwlnkspx.sys [55936 2001-08-17] (Microsoft Corporation)
S1 P3; C:\Windows\System32\DRIVERS\p3.sys [42752 2008-04-13] (Microsoft Corporation)
S4 Symmpi; C:\Windows\system32\DRIVERS\symmpi.sys [28416 2002-04-03] (LSI Logic)
S3 catchme; \??\C:\DOCUME~1\ASSOCI~1\LOCALS~1\Temp\catchme.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-19 14:53 - 2013-11-19 15:16 - 00011661 _____ C:\Documents and Settings\Associate\Desktop\FRST.txt
2013-11-19 14:21 - 2013-11-19 14:21 - 00068840 _____ C:\Documents and Settings\Associate\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2013-11-19 13:35 - 2013-11-19 14:12 - 00014028 _____ C:\WINDOWS\setupapi.log
2013-11-19 13:22 - 2013-11-19 13:22 - 00015329 _____ C:\ComboFix.txt
2013-11-19 13:14 - 2013-11-19 13:14 - 00000000 _RSHD C:\cmdcons
2013-11-19 13:14 - 2013-09-30 13:25 - 00000211 _____ C:\Boot.bak
2013-11-19 13:14 - 2004-08-03 23:00 - 00260272 __RSH C:\cmldr
2013-11-19 13:12 - 2013-11-19 13:22 - 00000000 ____D C:\Qoobox
2013-11-19 13:11 - 2013-11-19 13:11 - 05146522 ____R (Swearware) C:\Documents and Settings\Associate\Desktop\ComboFix.exe
2013-11-19 13:01 - 2013-11-19 13:01 - 00000150 _____ C:\Documents and Settings\Associate\Desktop\combofix_error.URL
2013-11-19 10:51 - 2013-11-19 10:51 - 00000467 _____ C:\Documents and Settings\Associate\My Documents\eset.txt
2013-11-19 03:11 - 2013-11-19 14:58 - 00000384 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-11-19 01:13 - 2013-11-19 01:13 - 00000000 ____D C:\Program Files\ESET
2013-11-18 23:16 - 2013-11-19 14:46 - 00000000 ____D C:\FRST
2013-11-18 23:14 - 2013-11-18 23:14 - 01090881 _____ (Farbar) C:\Documents and Settings\Associate\Desktop\FRST.exe
2013-11-13 16:53 - 2013-11-13 16:53 - 00009068 _____ C:\WINDOWS\KB2900986.log
2013-11-13 16:53 - 2013-11-13 16:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-13 16:53 - 2013-11-13 16:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-13 16:53 - 2013-11-13 16:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-13 16:52 - 2013-11-13 16:53 - 00034037 _____ C:\WINDOWS\iis6.log
2013-11-13 16:52 - 2013-11-13 16:53 - 00030915 _____ C:\WINDOWS\FaxSetup.log
2013-11-13 16:52 - 2013-11-13 16:53 - 00014780 _____ C:\WINDOWS\ocgen.log
2013-11-13 16:52 - 2013-11-13 16:53 - 00014105 _____ C:\WINDOWS\tsoc.log
2013-11-13 16:52 - 2013-11-13 16:53 - 00010267 _____ C:\WINDOWS\comsetup.log
2013-11-13 16:52 - 2013-11-13 16:53 - 00009642 _____ C:\WINDOWS\msmqinst.log
2013-11-13 16:52 - 2013-11-13 16:53 - 00006227 _____ C:\WINDOWS\ntdtcsetup.log
2013-11-13 16:52 - 2013-11-13 16:53 - 00005415 _____ C:\WINDOWS\netfxocm.log
2013-11-13 16:52 - 2013-11-13 16:53 - 00002125 _____ C:\WINDOWS\MedCtrOC.log
2013-11-13 16:52 - 2013-11-13 16:53 - 00001710 _____ C:\WINDOWS\ocmsn.log
2013-11-13 16:52 - 2013-11-13 16:53 - 00001555 _____ C:\WINDOWS\tabletoc.log
2013-11-13 16:52 - 2013-11-13 16:53 - 00001545 _____ C:\WINDOWS\msgsocm.log
2013-11-13 16:52 - 2013-11-13 16:53 - 00001393 _____ C:\WINDOWS\imsins.log
2013-11-13 16:52 - 2013-11-13 16:53 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-11-13 16:52 - 2013-11-13 16:52 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-13 16:52 - 2013-11-13 16:52 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-11-13 16:52 - 2013-11-13 16:52 - 00000000 _____ C:\WINDOWS\setupact.log
2013-11-13 16:51 - 2013-11-13 16:53 - 00004119 _____ C:\WINDOWS\updspapi.log
2013-11-13 16:51 - 2013-11-13 16:52 - 00011232 _____ C:\WINDOWS\KB2888505-IE8.log
2013-11-13 10:21 - 2013-11-13 16:53 - 00014833 _____ C:\WINDOWS\KB2868626.log
2013-11-13 10:21 - 2013-11-13 16:53 - 00013816 _____ C:\WINDOWS\KB2862152.log
2013-11-13 10:21 - 2013-11-13 16:52 - 00013342 _____ C:\WINDOWS\KB2876331.log
2013-10-29 14:23 - 2013-10-29 14:23 - 00003309 _____ C:\Documents and Settings\Associate\reset.log
2013-10-29 13:24 - 2011-06-25 22:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2013-10-29 13:24 - 2010-11-07 09:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2013-10-29 13:24 - 2009-04-19 20:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2013-10-29 13:24 - 2000-08-30 16:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2013-10-29 13:24 - 2000-08-30 16:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2013-10-29 13:24 - 2000-08-30 16:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2013-10-29 13:24 - 2000-08-30 16:00 - 00098816 _____ C:\WINDOWS\sed.exe
2013-10-29 13:24 - 2000-08-30 16:00 - 00080412 _____ C:\WINDOWS\grep.exe
2013-10-29 13:24 - 2000-08-30 16:00 - 00068096 _____ C:\WINDOWS\zip.exe
2013-10-29 13:00 - 2013-11-19 13:21 - 00000000 ____D C:\WINDOWS\erdnt
2013-10-29 12:08 - 2013-10-29 12:08 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-29 11:19 - 2013-10-29 11:19 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-29 11:19 - 2013-10-29 11:19 - 00000000 ____D C:\Documents and Settings\Associate\Application Data\Malwarebytes
2013-10-29 11:19 - 2013-10-29 11:19 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2013-10-29 11:19 - 2013-10-29 11:19 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2013-10-29 11:19 - 2013-04-04 13:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-10-29 11:06 - 2013-10-29 11:08 - 00000000 ____D C:\AdwCleaner
2013-10-29 10:52 - 2013-10-29 15:10 - 00000000 ____D C:\Documents and Settings\Associate\Desktop\tools
2013-10-29 10:21 - 2013-10-29 10:21 - 00000815 _____ C:\Documents and Settings\All Users\Desktop\TeamViewer 8.lnk
2013-10-29 10:21 - 2013-10-29 10:21 - 00000000 ____D C:\Program Files\TeamViewer
2013-10-29 10:21 - 2013-10-29 10:21 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 8

==================== One Month Modified Files and Folders =======

2013-11-19 15:16 - 2013-11-19 14:53 - 00011661 _____ C:\Documents and Settings\Associate\Desktop\FRST.txt
2013-11-19 15:14 - 2011-08-25 14:36 - 00000000 ____D C:\Program Files\Common Files\Akamai
2013-11-19 15:14 - 2011-04-11 08:48 - 00000888 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-19 15:14 - 2009-07-24 09:14 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2013-11-19 15:14 - 2009-07-24 09:14 - 00000259 _____ C:\WINDOWS\wiadebug.log
2013-11-19 15:14 - 2009-07-24 09:14 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-11-19 15:14 - 2004-08-10 10:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-19 15:13 - 2010-01-23 21:20 - 00000278 ___SH C:\Documents and Settings\Associate\ntuser.ini
2013-11-19 15:13 - 2010-01-23 21:20 - 00000000 ____D C:\Documents and Settings\Associate
2013-11-19 15:13 - 2009-07-24 09:09 - 00032652 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-19 15:13 - 2004-08-09 13:00 - 01536778 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-19 15:10 - 2011-04-11 08:48 - 00000892 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-19 14:58 - 2013-11-19 03:11 - 00000384 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-11-19 14:46 - 2013-11-18 23:16 - 00000000 ____D C:\FRST
2013-11-19 14:34 - 2012-07-09 08:22 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-19 14:21 - 2013-11-19 14:21 - 00068840 _____ C:\Documents and Settings\Associate\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2013-11-19 14:21 - 2011-11-09 16:20 - 00000000 ____D C:\Documents and Settings\Associate\Local Settings\Application Data\Akamai
2013-11-19 14:12 - 2013-11-19 13:35 - 00014028 _____ C:\WINDOWS\setupapi.log
2013-11-19 13:22 - 2013-11-19 13:22 - 00015329 _____ C:\ComboFix.txt
2013-11-19 13:22 - 2013-11-19 13:12 - 00000000 ____D C:\Qoobox
2013-11-19 13:22 - 2009-07-24 09:30 - 00000000 __SHD C:\Documents and Settings\NetworkService
2013-11-19 13:21 - 2013-10-29 13:00 - 00000000 ____D C:\WINDOWS\erdnt
2013-11-19 13:20 - 2009-07-24 09:11 - 00000227 _____ C:\WINDOWS\system.ini
2013-11-19 13:14 - 2013-11-19 13:14 - 00000000 _RSHD C:\cmdcons
2013-11-19 13:14 - 2009-07-24 09:14 - 00000327 __RSH C:\boot.ini
2013-11-19 13:11 - 2013-11-19 13:11 - 05146522 ____R (Swearware) C:\Documents and Settings\Associate\Desktop\ComboFix.exe
2013-11-19 13:02 - 2013-07-03 11:25 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-19 13:01 - 2013-11-19 13:01 - 00000150 _____ C:\Documents and Settings\Associate\Desktop\combofix_error.URL
2013-11-19 10:51 - 2013-11-19 10:51 - 00000467 _____ C:\Documents and Settings\Associate\My Documents\eset.txt
2013-11-19 03:01 - 2012-04-25 08:32 - 00001698 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
2013-11-19 03:01 - 2011-05-18 23:11 - 00001945 ____C C:\WINDOWS\epplauncher.mif
2013-11-19 03:00 - 2011-05-18 23:09 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-19 02:21 - 2011-05-18 23:17 - 00230048 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2013-11-19 01:13 - 2013-11-19 01:13 - 00000000 ____D C:\Program Files\ESET
2013-11-18 23:14 - 2013-11-18 23:14 - 01090881 _____ (Farbar) C:\Documents and Settings\Associate\Desktop\FRST.exe
2013-11-18 12:21 - 2010-01-23 21:13 - 00000000 __SHD C:\WINDOWS\CSC
2013-11-18 09:52 - 2013-04-04 15:50 - 00000000 ____D C:\Documents and Settings\Associate\Application Data\SanDisk
2013-11-15 09:10 - 2004-08-09 12:44 - 00569878 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-13 16:53 - 2013-11-13 16:53 - 00009068 _____ C:\WINDOWS\KB2900986.log
2013-11-13 16:53 - 2013-11-13 16:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-13 16:53 - 2013-11-13 16:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-13 16:53 - 2013-11-13 16:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-13 16:53 - 2013-11-13 16:52 - 00034037 _____ C:\WINDOWS\iis6.log
2013-11-13 16:53 - 2013-11-13 16:52 - 00030915 _____ C:\WINDOWS\FaxSetup.log
2013-11-13 16:53 - 2013-11-13 16:52 - 00014780 _____ C:\WINDOWS\ocgen.log
2013-11-13 16:53 - 2013-11-13 16:52 - 00014105 _____ C:\WINDOWS\tsoc.log
2013-11-13 16:53 - 2013-11-13 16:52 - 00010267 _____ C:\WINDOWS\comsetup.log
2013-11-13 16:53 - 2013-11-13 16:52 - 00009642 _____ C:\WINDOWS\msmqinst.log
2013-11-13 16:53 - 2013-11-13 16:52 - 00006227 _____ C:\WINDOWS\ntdtcsetup.log
2013-11-13 16:53 - 2013-11-13 16:52 - 00005415 _____ C:\WINDOWS\netfxocm.log
2013-11-13 16:53 - 2013-11-13 16:52 - 00002125 _____ C:\WINDOWS\MedCtrOC.log
2013-11-13 16:53 - 2013-11-13 16:52 - 00001710 _____ C:\WINDOWS\ocmsn.log
2013-11-13 16:53 - 2013-11-13 16:52 - 00001555 _____ C:\WINDOWS\tabletoc.log
2013-11-13 16:53 - 2013-11-13 16:52 - 00001545 _____ C:\WINDOWS\msgsocm.log
2013-11-13 16:53 - 2013-11-13 16:52 - 00001393 _____ C:\WINDOWS\imsins.log
2013-11-13 16:53 - 2013-11-13 16:52 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-11-13 16:53 - 2013-11-13 16:51 - 00004119 _____ C:\WINDOWS\updspapi.log
2013-11-13 16:53 - 2013-11-13 10:21 - 00014833 _____ C:\WINDOWS\KB2868626.log
2013-11-13 16:53 - 2013-11-13 10:21 - 00013816 _____ C:\WINDOWS\KB2862152.log
2013-11-13 16:52 - 2013-11-13 16:52 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-13 16:52 - 2013-11-13 16:52 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-11-13 16:52 - 2013-11-13 16:52 - 00000000 _____ C:\WINDOWS\setupact.log
2013-11-13 16:52 - 2013-11-13 16:51 - 00011232 _____ C:\WINDOWS\KB2888505-IE8.log
2013-11-13 16:52 - 2013-11-13 10:21 - 00013342 _____ C:\WINDOWS\KB2876331.log
2013-11-13 16:51 - 2010-01-24 13:53 - 00000000 ____D C:\WINDOWS\ie8updates
2013-11-13 16:50 - 2013-08-14 16:01 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-13 16:47 - 2010-01-24 13:50 - 80340640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-10-29 15:10 - 2013-10-29 10:52 - 00000000 ____D C:\Documents and Settings\Associate\Desktop\tools
2013-10-29 14:23 - 2013-10-29 14:23 - 00003309 _____ C:\Documents and Settings\Associate\reset.log
2013-10-29 12:35 - 2013-07-16 10:38 - 00000000 ____D C:\Program Files\CCleaner
2013-10-29 12:08 - 2013-10-29 12:08 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-29 11:43 - 2010-01-24 13:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB956744$
2013-10-29 11:19 - 2013-10-29 11:19 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-29 11:19 - 2013-10-29 11:19 - 00000000 ____D C:\Documents and Settings\Associate\Application Data\Malwarebytes
2013-10-29 11:19 - 2013-10-29 11:19 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2013-10-29 11:19 - 2013-10-29 11:19 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2013-10-29 11:09 - 2004-08-09 12:40 - 00267800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-29 11:08 - 2013-10-29 11:06 - 00000000 ____D C:\AdwCleaner
2013-10-29 10:21 - 2013-10-29 10:21 - 00000815 _____ C:\Documents and Settings\All Users\Desktop\TeamViewer 8.lnk
2013-10-29 10:21 - 2013-10-29 10:21 - 00000000 ____D C:\Program Files\TeamViewer
2013-10-29 10:21 - 2013-10-29 10:21 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 8
2013-10-29 10:08 - 2010-01-24 12:53 - 00000426 ____C C:\WINDOWS\BRWMARK.INI
2013-10-29 09:52 - 2010-11-30 13:59 - 00002531 _____ C:\Documents and Settings\All Users\Desktop\DraftSight.lnk
2013-10-29 09:42 - 2010-02-22 09:54 - 00000000 ____D C:\Documents and Settings\Associate\Local Settings\Application Data\Google

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

[emeraldnzl]

Oh' just realized that I posted the wrong thing... Here are the new scan results after a restart.

No, you did right. I needed to see both.

How is MSE now?

[dtekka]

It is enabled and green! Things seem to be running well.

[emeraldnzl]

Just a couple of things to make sure we haven't missed anything. After that, all going well, we will go to clearing away the tools we have been using.

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software to avoid potential conflicts.
  
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right click JRT.exe and "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

After that

Run a quick scan with MSE and tell me how it went. Also tell me how the computer is now, has it speeded up?

So when you return please post

• JRT.txt
• tell me if MSE found anything
• tell me how the computer is now

[dtekka]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Microsoft Windows XP x86
Ran by Associate on Tue 11/19/2013 at 15:36:07.67
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 11/19/2013 at 15:41:40.64
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[dtekka]

MSE did not find anything, and the computer is running quite a bit faster.

[emeraldnzl]

Hello again dtekka,

Unless you have anything you want to raise I think your machines is good to go now.

We have a couple of last steps to perform and then you're all set.

Follow these steps to uninstall Combofix and tools used in the removal of malware. This will also clean out and reset your Restore Points.

• Go to Start > Programs > Accessories and click on Run
• Copy and paste the the bolded text below in the box then hit OK
  
  Combofix /Uninstall
  
  

Step 2

• Double-click OTL.exe to run it. (Vista users, please right click on OTL.exe and select "Run as an Administrator")
• Click on the CleanUp! button
• Click Yes to begin the Cleanup process and remove these components, including this application.
• You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

Any remaining tools may be deleted.

-------------------------------------------------------------------------------------------------------------------

A reminder: Remember to (re-install if uninstalled during cleaning) update and turn back on any anti-malware programs you may have turned off during the cleaning process.
-------------------------------------------------------------------------------------------------------------------

Here are some things that I think are worth having a look at if you don't already know about them:

---------------------------------------------------------------------------------------------------------------------

It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article Strong passwords: How to create and use them.

----------------------------------------------------------------------------------------------------------------------

Java warning

Java is a popular point of entry to your computer for malicous programs. The United States Department of Homeland Security recommends that computer users disable Java see here. Unless you need it to run an important software the safest approach is to completely uninstall Java. Where you do require it then the next safest option is to disable it in your browsers until you need it, then enable it.

How to disable Java in your web browser and How to unplug Java from the browser

If you do still need Java then regularly check that it is up to date. Older versions are the most vulnerable to malicious attack.

• Download Java for Windows
  
  Reboot your computer.
  You also need to unininstall older versions of Java.
  
• Click Start > Control Panel > Add or Remove Programs
• Remove all Java updates except the latest one you have just installed.

----------------------------------------------------------------------------------------------------------------------

CryptoLocker Warning

There is a particularly nasty infection out there at the moment.

Go here for information about CryptoLocker Ransomeware

Download CryptoPrevent free for home use.

--------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future:



If you do not already have automatic updates set then it is recommended that you do set Windows to check, download and install your updates automatically.

* Click Start > Control Panel > System and Security > Windows Update
* Under Windows Update click on Turn automatic updating on or off
* Check items shown to ensure you receive updates automatically. Click OK.

Be aware of what emails you open and websites you visit.

Go here for some good advice about how to prevent infection.

A fun way to check your online safety literacy.

Quiz - getsafeonline

Have a safe and happy computing day!

[dtekka]

I almost forgot to mention that last night I ran ESET the online scanner to see what if any virus were on the machine. I made sure to uncheck remove found threats. I wanted to show you the log of that, because it did find two threats. If I remember correctly they were in a quarantine folder. I believe it was ADWCleaner quarantine. At any rate, I was going to see if I could find the logs or run the scan again to show you.

[emeraldnzl]

Sounds like it found stuff already quarantined but nothing wrong with running it again.

Might be best to carry out the instructions in my last post first otherwise it will likely find what we have quarantined in the tools we have been using.

When you do run it please let it remove what it finds.

[dtekka]

I think this may be that log from last night.

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=4658fc6b861397498359c336dc478fbf
# engine=15940
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-11-19 10:18:26
# local_time=2013-11-19 02:18:26 (-0800, Pacific Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=5892 16777213 88 94 2715551 48563214 0 0
# scanned=52366
# found=3
# cleaned=0
# scan_time=3426
sh=824AD1921C3177E5EB3F065D4C67528D2268AA46 ft=1 fh=b95ea4b0e41e9476 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir"
sh=1F15642CFCFC3825E7CAE4B38B822BBA5FEDCFE4 ft=0 fh=0000000000000000 vn="Win32/Adware.Yontoo application" ac=I fn="C:\AdwCleaner\Quarantine\C\Documents and Settings\Associate\Application Data\Mozilla\Firefox\Profiles\j8alfuol.default\Extensions\[email protected]"
sh=C5912ADCCBC82B264D6DA36667D017A77F05E937 ft=0 fh=0000000000000000 vn="LNK/URL.B trojan" ac=I fn="C:\Documents and Settings\Associate\Desktop\Improve Your PC.lnk"

[emeraldnzl]

The only one there that might need dealing with if it is not already gone is this:

C:\Documents and Settings\Associate\Desktop\Improve Your PC.lnk"

It might be bad or it may be a false positive.

If you want to check it out do this:

Please go to Virus Total

Click on the button Choose File

Copy/paste this file and path into the white box beside File Name in the window that pops up:

C:\Documents and Settings\Associate\Desktop\Improve Your PC.lnk

Press Scan it- this will submit the file for testing.

Please wait for all the scanners to finish then copy and paste the results in your next response.

Otherwise if you don't need it just delete it.

[dtekka]

I just deleted it. It is not necessary.
Quick questions...
I updated Java, in add/remove programs it says Java 7 Update 45 (the one I just installed)
Should I remove "Java 2 Runtime Environment, SE v1.42_03" I wasnt sure if that was the main program and the update was separate from it?

Also how should I remove JRT and Adwcleaner?

[emeraldnzl]

JRT and any related files/folders can be deleted.

To remove AdwCleaner double click on adwcleaner.exe to run the tool.
Click on Uninstall, then confirm with yes to remove AdwCleaner from your computer.

[emeraldnzl]

Oh I see I missed replying about Java.

Yes remove it. If for some reason you find you need it just download Java again.