i have a dell latituce 120l with windows xp its unning slush and full of junk. does any one have any suggestions?
thank you
william wisdom
Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!
i have a dell latituce 120l with windows xp its unning slush and full of junk. does any one have any suggestions?
thank you
william wisdom
nice to meet you Pystryker
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:23-05-2014 Ran by Valued Customer (administrator) on 8783B561B2C0457 on 23-05-2014 22:40:43 Running from C:\Documents and Settings\Valued Customer\Desktop Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US) Internet Explorer Version 6 Boot Mode: Normal
The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
() C:\WINDOWS\system32\WLTRYSVC.EXE (Dell Inc.) C:\WINDOWS\system32\BCMWLTRY.EXE (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Dell Inc.) C:\WINDOWS\system32\WLTRAY.EXE (SigmaTel, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe (Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Microsoft Corporation) C:\WINDOWS\system32\osk.exe (Microsoft Corporation) C:\WINDOWS\system32\msswchx.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\WINDOWS\system32\WLTRAY.exe [1392640 2006-11-01] (Dell Inc.) HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [405504 2007-05-10] (SigmaTel, Inc.) HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [32768 2005-01-12] (Cyberlink Corp.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761947 2006-03-08] (Synaptics, Inc.) HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2006-06-06] (Intel Corporation) HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [118784 2006-06-06] (Intel Corporation) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM\...\Run: [] => [X] HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3774312 2006-11-07] (AVAST Software) HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect" HKU\S-1-5-21-583907252-1078145449-1177238915-1003\...\MountPoints2: {5581d4f4-4de3-11e1-9668-001422a97fb0} - E:\TL_Bootstrap.exe HKU\S-1-5-21-583907252-1078145449-1177238915-1003\...\MountPoints2: {866574c2-6e84-11e3-9a39-0016ce47aa18} - E:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A02B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B} HKU\S-1-5-21-583907252-1078145449-1177238915-1003\...\MountPoints2: {8d53cf82-328a-11e1-9653-001422a97fb0} - E:\RunClubSanDisk.exe Startup: C:\Documents and Settings\Valued Customer\Start Menu\Programs\Startup\IMVU.lnk ShortcutTarget: IMVU.lnk -> C:\Documents and Settings\Valued Customer\Application Data\IMVUClient\IMVUQualityAgent.exe (No File) Startup: C:\Documents and Settings\Valued Customer\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3510 series.lnk ShortcutTarget: Monitor Ink Alerts - HP Deskjet 3510 series.lnk -> C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo...._g_e&fr=conduit HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8 HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...er=6&ar=msnhome HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...B_PVER}&ar=home URLSearchHook: HKCU - Default Value = {CFBFAE00-17A6-11D0-99CB-00C04FD64497} URLSearchHook: HKCU - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - DefaultScope {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo....erms}&fr=mkg028 SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKCU - {4C4C7AAB-5854-4241-A414-E2F1EF119C4A} URL = http://www.dnsbasic....ds={searchTerms} SearchScopes: HKCU - {5320B10F-040D-4C5A-93C6-E20CC123CE96} URL = http://ecostartpage....?q={searchTerms} SearchScopes: HKCU - {536B710E-863A-417A-B905-FFEDADE9AD36} URL = http://delicious.com...?p={searchTerms} SearchScopes: HKCU - {59F925C3-024B-4C10-8400-E53E0F826D91} URL = http://www.mysearchr...&q={searchTerms} SearchScopes: HKCU - {93122B3C-764A-4120-ADA8-06ABC3246CEE} URL = http://www.flickr.co...?q={searchTerms} SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://dts.search-re...&q={searchTerms} SearchScopes: HKCU - {AAE0DFD1-128D-42A5-B269-7E7243252B15} URL = http://rover.ebay.co...le={searchTerms} SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo....erms}&fr=mkg028 BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: DefaultTab Browser Helper - {7F6AFBF1-E065-4627-A2FD-810366367D01} - No File BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - No File Toolbar: HKLM - No Name - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKLM - No Name - !{EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate...b?1323105735812 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25
FireFox: ======== FF ProfilePath: C:\Documents and Settings\Valued Customer\Application Data\Mozilla\Firefox\Profiles\e3y9d7tb.default-1399343344640 FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.) FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-05-10] FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-05-10] FF Extension: DnsBasic - C:\Program Files\Mozilla Firefox\browser\extensions\{650EED71-89E2-453B-8DCF-2AA1B4AE6EF3} [2014-05-10] FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-09]
Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR RestoreOnStartup: "https://www.google.c...e&btmpl=authsub" CHR Extension: (Radio) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\agljkoinmcdnopnlbhhjibjiablccgoh [2013-01-18] CHR Extension: (Google Docs) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-18] CHR Extension: (Google Drive) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-18] CHR Extension: (YouTube) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-18] CHR Extension: (HelloFax: 50 Free Fax Pages) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bocmleclimfnadgmcdgecijlblfcmfnm [2013-01-18] CHR Extension: (Classic Games) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ckmoikambnjgjnhaefiklkblfjoolnaf [2013-01-18] CHR Extension: (Google Search) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-18] CHR Extension: (Pandora) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl [2013-01-18] CHR Extension: (Digital Clock) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2013-01-18] CHR Extension: (UNO 3 3D) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hnljegjnioppmpieleiegimongopeanj [2013-01-18] CHR Extension: (Glitterboo) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ikkpgihagilojnkmkkfcbhlainmnkicp [2013-01-18] CHR Extension: (Faerie Alchemy HD) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\imdilajngppdgdbemeighbingnbmpnpl [2013-01-18] CHR Extension: (Lady Popular) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jnamdlacgipmoldlhfgjficjiclhgibm [2013-01-18] CHR Extension: (Planner 5D) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcafejemebbngbglfoinpoaannbihjna [2013-01-18] CHR Extension: (Egypt Crystals) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nkeakaijkcjjkiiomkamofognihfnckl [2013-01-18] CHR Extension: (My Chrome Theme) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2013-01-18] CHR Extension: (Sassy Susan DressUp) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\oghdemokodfinoaoiilibelpkmconine [2013-01-18] CHR Extension: (Gmail) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-18] CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-09]
========================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-09] (AVAST Software) S3 Imapi Helper; C:\Program Files\ISO Recorder\ImapiHelper.exe [163840 2006-01-05] (Alex Feinman) R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation) R2 wltrysvc; C:\WINDOWS\System32\bcmwltry.exe [1253376 2006-11-01] (Dell Inc.) S2 DnsBasic Service; "C:\Program Files\DnsBasic\dnsbasic.exe" "C:\Program Files\DnsBasic\dnsbasic.dll" jipigizom wososurar
==================== Drivers (Whitelisted) ====================
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-03-09] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-03-09] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-03-09] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2014-03-09] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410784 2014-03-09] (AVAST Software) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-03-09] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180248 2014-03-09] () R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [604928 2006-10-12] (Broadcom Corporation) R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1222840 2007-05-10] (SigmaTel, Inc.) S3 SWDUMon; C:\WINDOWS\System32\DRIVERS\SWDUMon.sys [13464 2014-01-20] () S3 taphss; C:\WINDOWS\System32\DRIVERS\taphss.sys [33512 2012-10-10] (AnchorFree Inc) S3 Andbus; system32\DRIVERS\lgandbus.sys [X] S3 AndDiag; system32\DRIVERS\lganddiag.sys [X] S3 AndGps; system32\DRIVERS\lgandgps.sys [X] S3 ANDModem; system32\DRIVERS\lgandmodem.sys [X] S3 BCMH43XX; system32\DRIVERS\bcmwlhigh5.sys [X] S3 NPF; system32\DRIVERS\npf.sys [X] S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X] S3 USBAAPL; System32\Drivers\usbaapl.sys [X] S3 usbbus; system32\DRIVERS\lgusbbus.sys [X] S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X] S3 UsbGps; system32\DRIVERS\lgusbgps.sys [X] S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X] U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-23 22:40 - 2014-05-23 22:41 - 00018465 _____ () C:\Documents and Settings\Valued Customer\Desktop\FRST.txt 2014-05-23 22:30 - 2014-05-23 22:40 - 00000000 ____D () C:\FRST 2014-05-23 22:28 - 2014-05-23 22:28 - 01056768 _____ (Farbar) C:\Documents and Settings\Valued Customer\Desktop\FRST.exe 2014-05-10 11:58 - 2014-05-10 11:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-05-06 18:01 - 2014-05-06 18:04 - 00005554 _____ () C:\WINDOWS\KB2964358-IE8.log 2014-04-28 15:31 - 2014-04-28 15:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$ 2014-04-28 15:26 - 2014-04-28 15:31 - 00011180 _____ () C:\WINDOWS\KB2936068-IE8.log 2014-04-23 17:15 - 2014-04-23 17:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$ 2014-04-23 17:14 - 2014-04-23 17:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$ 2014-04-23 17:14 - 2014-04-23 17:14 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Yahoo! 2014-04-23 17:00 - 2014-04-28 15:32 - 00014259 _____ () C:\WINDOWS\KB2930275.log 2014-04-23 16:48 - 2014-04-23 17:15 - 00132021 _____ () C:\WINDOWS\KB2922229.log 2014-04-23 16:47 - 2014-04-23 17:15 - 00131725 _____ () C:\WINDOWS\KB2929961.log 2014-04-23 16:41 - 2014-04-23 16:41 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\SearchProtect
==================== One Month Modified Files and Folders =======
2014-05-23 22:41 - 2014-05-23 22:40 - 00018465 _____ () C:\Documents and Settings\Valued Customer\Desktop\FRST.txt 2014-05-23 22:40 - 2014-05-23 22:30 - 00000000 ____D () C:\FRST 2014-05-23 22:28 - 2014-05-23 22:28 - 01056768 _____ (Farbar) C:\Documents and Settings\Valued Customer\Desktop\FRST.exe 2014-05-23 22:25 - 2012-04-09 20:28 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-05-23 22:04 - 2013-12-09 14:37 - 00000496 _____ () C:\WINDOWS\Tasks\HP Photo Creations Communicator.job 2014-05-23 21:26 - 2011-12-05 11:24 - 01432234 _____ () C:\WINDOWS\WindowsUpdate.log 2014-05-23 20:40 - 2013-07-18 11:06 - 00000456 _____ () C:\WINDOWS\Tasks\At2.job 2014-05-23 18:49 - 2011-12-05 11:31 - 00032516 _____ () C:\WINDOWS\SchedLgU.Txt 2014-05-23 15:17 - 2014-03-09 15:17 - 00000382 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job 2014-05-23 14:54 - 2011-12-05 03:07 - 00521886 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-05-23 14:51 - 2011-12-05 11:21 - 00046241 ____C () C:\WINDOWS\wmsetup.log 2014-05-23 14:50 - 2004-08-12 03:34 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2014-05-23 14:49 - 2011-12-05 11:31 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-05-23 14:49 - 2011-12-05 03:09 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-05-23 14:49 - 2011-12-05 03:09 - 00000049 _____ () C:\WINDOWS\wiaservc.log 2014-05-23 14:49 - 2006-11-07 01:03 - 00000242 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job 2014-05-23 14:48 - 2011-12-05 11:35 - 00000178 ___SH () C:\Documents and Settings\Valued Customer\ntuser.ini 2014-05-23 14:48 - 2011-12-05 11:35 - 00000000 ____D () C:\Documents and Settings\Valued Customer 2014-05-23 14:44 - 2011-12-05 12:40 - 00001718 ____C () C:\WINDOWS\system32\ROXECDC6Inst.log 2014-05-23 14:39 - 2012-11-12 13:29 - 00000000 ____D () C:\Program Files\QuickTime 2014-05-23 14:15 - 2013-10-04 13:46 - 00000000 ____D () C:\Documents and Settings\Valued Customer\Desktop\New Folder 2014-05-23 14:00 - 2013-07-18 11:06 - 00000456 _____ () C:\WINDOWS\Tasks\At4.job 2014-05-22 21:57 - 2013-12-06 06:49 - 00383989 _____ () C:\WINDOWS\setupapi.log 2014-05-22 11:06 - 2013-07-18 11:06 - 00000456 _____ () C:\WINDOWS\Tasks\At3.job 2014-05-22 10:10 - 2013-07-18 11:06 - 00000456 _____ () C:\WINDOWS\Tasks\At1.job 2014-05-17 09:22 - 2012-11-01 08:31 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk 2014-05-17 09:21 - 2012-11-01 08:30 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-05-14 09:29 - 2012-04-09 20:28 - 00692400 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-05-14 09:29 - 2012-01-02 19:20 - 00070832 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-05-11 19:55 - 2012-04-07 15:59 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-05-10 11:59 - 2014-05-10 11:58 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-05-08 08:14 - 2014-01-20 18:45 - 00000803 _____ () C:\Documents and Settings\Valued Customer\Start Menu\Programs\Internet Explorer.lnk 2014-05-08 08:14 - 2014-01-20 18:45 - 00000000 ____D () C:\Documents and Settings\Valued Customer\Start Menu\Programs\Accessories 2014-05-08 08:13 - 2011-12-05 02:57 - 00000000 ____D () C:\WINDOWS\Help 2014-05-07 23:22 - 2013-01-14 06:01 - 00109977 ____C () C:\WINDOWS\ie8Uninst.log 2014-05-07 23:22 - 2011-12-05 12:33 - 00000000 ____D () C:\WINDOWS\ie8updates 2014-05-07 23:22 - 2011-12-05 03:07 - 01685083 ____C () C:\WINDOWS\iis6.log 2014-05-07 23:22 - 2011-12-05 03:07 - 00704816 ____C () C:\WINDOWS\tsoc.log 2014-05-07 23:22 - 2011-12-05 03:07 - 00521899 ____C () C:\WINDOWS\comsetup.log 2014-05-07 23:22 - 2011-12-05 03:07 - 00314462 ____C () C:\WINDOWS\ntdtcsetup.log 2014-05-07 23:22 - 2011-12-05 03:07 - 00085017 ____C () C:\WINDOWS\ocmsn.log 2014-05-07 23:22 - 2011-12-05 03:07 - 00077800 ____C () C:\WINDOWS\tabletoc.log 2014-05-07 23:22 - 2011-12-05 03:07 - 00001355 _____ () C:\WINDOWS\imsins.log 2014-05-07 23:21 - 2011-12-05 12:32 - 00244087 ____C () C:\WINDOWS\updspapi.log 2014-05-07 23:21 - 2011-12-05 02:57 - 00000000 ____D () C:\WINDOWS\Media 2014-05-07 23:20 - 2011-12-05 03:07 - 01532509 ____C () C:\WINDOWS\FaxSetup.log 2014-05-07 23:20 - 2011-12-05 03:07 - 00741948 ____C () C:\WINDOWS\ocgen.log 2014-05-07 23:20 - 2011-12-05 03:07 - 00472258 ____C () C:\WINDOWS\msmqinst.log 2014-05-07 23:20 - 2011-12-05 03:07 - 00269208 ____C () C:\WINDOWS\netfxocm.log 2014-05-07 23:20 - 2011-12-05 03:07 - 00106048 ____C () C:\WINDOWS\MedCtrOC.log 2014-05-07 23:20 - 2011-12-05 03:07 - 00076885 ____C () C:\WINDOWS\msgsocm.log 2014-05-06 18:04 - 2014-05-06 18:01 - 00005554 _____ () C:\WINDOWS\KB2964358-IE8.log 2014-05-06 18:04 - 2011-12-05 03:07 - 00001355 _____ () C:\WINDOWS\imsins.BAK 2014-05-06 08:57 - 2006-11-07 01:03 - 00000236 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job 2014-05-05 22:05 - 2013-12-06 06:53 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-04-28 15:32 - 2014-04-28 15:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$ 2014-04-28 15:32 - 2014-04-23 17:00 - 00014259 _____ () C:\WINDOWS\KB2930275.log 2014-04-28 15:31 - 2014-04-28 15:26 - 00011180 _____ () C:\WINDOWS\KB2936068-IE8.log 2014-04-23 17:15 - 2014-04-23 17:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$ 2014-04-23 17:15 - 2014-04-23 16:48 - 00132021 _____ () C:\WINDOWS\KB2922229.log 2014-04-23 17:15 - 2014-04-23 16:47 - 00131725 _____ () C:\WINDOWS\KB2929961.log 2014-04-23 17:15 - 2014-01-07 00:32 - 00000000 ____D () C:\WINDOWS\system32\cache 2014-04-23 17:14 - 2014-04-23 17:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$ 2014-04-23 17:14 - 2014-04-23 17:14 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Yahoo! 2014-04-23 17:14 - 2014-01-20 18:42 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2014-04-23 17:05 - 2012-04-06 21:01 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight 2014-04-23 16:41 - 2014-04-23 16:41 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\SearchProtect
Files to move or delete: ==================== C:\Windows\Tasks\At1.job C:\Windows\Tasks\At2.job C:\Windows\Tasks\At3.job C:\Windows\Tasks\At4.job
Some content of TEMP: ==================== C:\Documents and Settings\Valued Customer\Local Settings\Temp\nsx55.exe C:\Documents and Settings\Valued Customer\Local Settings\Temp\SPSetup.exe C:\Documents and Settings\Valued Customer\Local Settings\Temp\UNINSTALL.EXE
==================== Bamital & volsnap Check =================
C:\WINDOWS\explorer.exe => MD5 is legit C:\WINDOWS\system32\winlogon.exe => MD5 is legit C:\WINDOWS\system32\svchost.exe => MD5 is legit C:\WINDOWS\system32\services.exe => MD5 is legit C:\WINDOWS\system32\User32.dll => MD5 is legit C:\WINDOWS\system32\userinit.exe => MD5 is legit C:\WINDOWS\system32\rpcss.dll => MD5 is legit C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version:23-05-2014 Ran by Valued Customer at 2014-05-23 22:41:52 Running from C:\Documents and Settings\Valued Customer\Desktop Boot Mode: Normal ==========================================================
==================== Security Center ========================
AV: PC Cleaner Pro (Disabled - Up to date) {737A8864-C2D9-4337-B49A-B5E35815B9BB} AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
==================== Installed Programs ======================
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated) Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated) Adobe Reader XI (11.0.07) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.) Atomic Clock Sync (HKLM\...\Atomic Clock Sync) (Version: - ) avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2013 - Avast Software) Broadcom 440x 10/100 Integrated Controller (HKLM\...\{9C9D0F85-5658-4A5E-95A9-65F7DB2916EE}) (Version: 8.03.06 - Broadcom Corporation) Conexant HDA D110 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3) (Version: - ) Dell Wireless WLAN Card (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.100.15.8 - Dell Inc.) DnsBasic 1.0 build 111 (HKLM\...\DnsBasic) (Version: - ) HP Deskjet 3510 series Basic Device Software (HKLM\...\{93E5D4DF-E42D-4E26-9B27-BB6A3CA5AF0C}) (Version: 28.0.989.0 - Hewlett-Packard Co.) HP Deskjet 3510 series Help (HKLM\...\{97C1C98D-6AE5-4C71-9B00-EBBD9E014450}) (Version: 28.0.0 - Hewlett Packard) HP Deskjet 3510 series Product Improvement Study (HKLM\...\{E5930634-77B2-46FF-B5B1-EFD86D41E2E9}) (Version: 28.0.989.0 - Hewlett-Packard Co.) HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.12412 - HP) HP Update (HKLM\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) Intel® Graphics Media Accelerator Driver for Mobile (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4609 - ) IrfanView (remove only) (HKLM\...\IrfanView) (Version: - ) ISO Recorder (HKLM\...\{DFC6573E-124D-4026-BFA4-B433C9D3FF21}) (Version: 2.0.0 - Alex Feinman) Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation) Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 (Version: - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Works (HKLM\...\{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}) (Version: 08.04.0623 - Microsoft Corporation) Mozilla Firefox 29.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - CyberLink Corporation) SanDiskSecureAccess_Manager.exe (HKCU\...\@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe) (Version: 1.0.0 - DMAILER) SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5210.0 - SigmaTel) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 8.2.4.6 - Synaptics) The Print Shop Deluxe III (HKLM\...\The Print Shop Deluxe) (Version: - ) Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation) Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation) Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation) VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation) Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation) Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - ) Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - ) Windows Media Player 11 (Version: - Microsoft Corporation) Hidden WinZip (HKLM\...\WinZip) (Version: - ) Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version: - Yahoo! Inc.)
==================== Restore Points =========================
06-05-2014 23:00:44 Software Distribution Service 3.0 07-05-2014 23:52:31 System Checkpoint 08-05-2014 04:14:52 Removed Bing Bar 09-05-2014 04:45:47 System Checkpoint 10-05-2014 16:12:05 System Checkpoint 11-05-2014 16:43:48 System Checkpoint 12-05-2014 16:52:26 System Checkpoint 13-05-2014 17:09:33 System Checkpoint 14-05-2014 22:33:32 System Checkpoint 15-05-2014 22:35:54 System Checkpoint 16-05-2014 23:44:10 System Checkpoint 17-05-2014 23:54:13 System Checkpoint 19-05-2014 02:27:33 System Checkpoint 20-05-2014 02:59:35 System Checkpoint 21-05-2014 03:02:40 System Checkpoint 22-05-2014 03:06:08 System Checkpoint 23-05-2014 19:18:39 Removed Apple Application Support 23-05-2014 19:20:14 Removed Apple Mobile Device Support 23-05-2014 19:22:00 Removed Apple Software Update 23-05-2014 19:39:07 Removed QuickTime 23-05-2014 19:40:31 Removed Roxio Creator DE 23-05-2014 19:41:12 Removed Roxio Activation Module 23-05-2014 19:41:33 Removed Roxio Creator Audio 23-05-2014 19:41:48 Removed Roxio Creator Copy 23-05-2014 19:42:02 Removed Roxio Creator Data 23-05-2014 19:42:16 Removed Roxio Creator Tools 23-05-2014 19:44:19 Removed Roxio Drag-to-Disc 23-05-2014 19:44:45 Removed Roxio Express Labeler 3
==================== Hosts content: ==========================
2004-08-12 03:19 - 2004-08-12 03:19 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\At1.job => C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPCustPartic.exe Task: C:\WINDOWS\Tasks\At2.job => C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPCustPartic.exe Task: C:\WINDOWS\Tasks\At3.job => C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPCustPartic.exe Task: C:\WINDOWS\Tasks\At4.job => C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPCustPartic.exe Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\Documents and Settings\All Users\Application Data\HP Photo Creations\Communicator.exe Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
==================== Loaded Modules (whitelisted) =============
2011-12-05 11:56 - 1998-10-17 10:00 - 00033792 _____ () C:\Program Files\WinZip\WZSHLEXT.DLL 2011-12-05 11:50 - 2006-11-01 15:48 - 00020480 _____ () C:\WINDOWS\System32\WLTRYSVC.EXE 2011-12-05 11:50 - 2006-11-01 15:48 - 00757760 _____ () C:\WINDOWS\System32\bcm1xsup.dll 2014-05-23 13:10 - 2014-05-23 10:56 - 02255872 _____ () C:\Program Files\AVAST Software\Avast\defs\14052300\algo.dll 2014-03-09 15:15 - 2014-03-09 15:15 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-05-10 11:58 - 2014-05-10 11:59 - 03839088 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll 2014-05-14 09:28 - 2014-05-14 09:29 - 16361136 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:B54E4B5A
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors: ================== Error: (05/23/2014 10:30:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application frst.exe, version 21.5.2014.0, faulting module , version 0.0.0.0, fault address 0x00000000. Processing media-specific event for [frst.exe!ws!]
Error: (05/23/2014 10:01:56 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY) Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.
Error: (05/23/2014 10:01:56 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY) Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.
Error: (05/23/2014 09:56:55 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY) Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.
Error: (05/23/2014 09:56:55 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY) Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.
Error: (05/23/2014 08:12:55 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY) Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.
Error: (05/23/2014 08:12:55 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY) Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.
Error: (05/23/2014 08:03:56 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY) Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.
Error: (05/23/2014 08:03:56 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY) Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.
Error: (05/23/2014 06:31:55 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY) Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.
System errors: ============= Error: (05/23/2014 02:21:01 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Apple Mobile Device service, but this action failed with the following error: %%1058
Error: (05/23/2014 02:20:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (05/22/2014 03:01:38 PM) (Source: DCOM) (EventID: 10010) (User: 8783B561B2C0457) Description: The server {F25AF245-4A81-40DC-92F9-E9021F207706} did not register with DCOM within the required timeout.
Error: (05/18/2014 08:47:10 PM) (Source: Dhcp) (EventID: 1002) (User: ) Description: The IP address lease 192.168.0.37 for the Network Card with network address 001422A97FB0 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
Error: (05/17/2014 04:31:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Adobe Flash Player Update Service service failed to start due to the following error: %%1053
Error: (05/17/2014 04:31:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Timeout (30000 milliseconds) waiting for the Adobe Flash Player Update Service service to connect.
Error: (05/17/2014 01:56:10 PM) (Source: DCOM) (EventID: 10010) (User: 8783B561B2C0457) Description: The server {F25AF245-4A81-40DC-92F9-E9021F207706} did not register with DCOM within the required timeout.
Error: (05/17/2014 01:53:01 PM) (Source: DCOM) (EventID: 10010) (User: 8783B561B2C0457) Description: The server {F25AF245-4A81-40DC-92F9-E9021F207706} did not register with DCOM within the required timeout.
Error: (05/17/2014 00:42:01 AM) (Source: DCOM) (EventID: 10010) (User: 8783B561B2C0457) Description: The server {F25AF245-4A81-40DC-92F9-E9021F207706} did not register with DCOM within the required timeout.
Error: (05/17/2014 00:39:42 AM) (Source: DCOM) (EventID: 10010) (User: 8783B561B2C0457) Description: The server {F25AF245-4A81-40DC-92F9-E9021F207706} did not register with DCOM within the required timeout.
Microsoft Office Sessions: ========================= Error: (05/23/2014 10:30:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: frst.exe21.5.2014.00.0.0.000000000
Error: (05/23/2014 10:01:56 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY) Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
Error: (05/23/2014 10:01:56 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY) Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}
Error: (05/23/2014 09:56:55 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY) Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
Error: (05/23/2014 09:56:55 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY) Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}
Error: (05/23/2014 08:12:55 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY) Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
Error: (05/23/2014 08:12:55 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY) Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}
Error: (05/23/2014 08:03:56 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY) Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
Error: (05/23/2014 08:03:56 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY) Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}
Error: (05/23/2014 06:31:55 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY) Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
==================== Memory info ===========================
Percentage of memory in use: 66% Total physical RAM: 1015.37 MB Available physical RAM: 339.23 MB Total Pagefile: 2442.4 MB Available Pagefile: 1858.29 MB Total Virtual: 2047.88 MB Available Virtual: 1971.63 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:37.25 GB) (Free:21.59 GB) NTFS ==>[Drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
======================================================== Disk: 0 (MBR Code: Windows XP) (Size: 37 GB) (Disk ID: 5C405C40) Partition 1: (Active) - (Size=37 GB) - (Type=07 NTFS)
==================== End Of Log ============================
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software Run date: 2014-05-23 22:45:18 ----------------------------- 22:45:18.296 OS Version: Windows 5.1.2600 Service Pack 3 22:45:18.296 Number of processors: 1 586 0xD08 22:45:18.296 ComputerName: 8783B561B2C0457 UserName: Valued Customer 22:45:19.781 Initialize success 22:45:24.500 AVAST engine defs: 14052300 22:45:37.390 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 22:45:37.390 Disk 0 Vendor: Hitachi_HTS541040G9AT00 MB2OA61A Size: 38154MB BusType: 3 22:45:37.625 Disk 0 MBR read successfully 22:45:37.625 Disk 0 MBR scan 22:45:37.625 Disk 0 Windows XP default MBR code 22:45:37.640 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 38146 MB offset 63 22:45:37.656 Disk 0 scanning sectors +78124095 22:45:37.687 Disk 0 scanning C:\WINDOWS\system32\drivers 22:45:47.703 Service scanning 22:46:04.406 Modules scanning 22:46:12.671 Disk 0 trace - called modules: 22:46:12.703 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys PCIIDEX.SYS 22:46:12.703 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86d72ab8] 22:46:13.062 3 CLASSPNP.SYS[f75c7fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x86d35d98] 22:46:13.562 AVAST engine scan C:\WINDOWS 22:46:29.359 AVAST engine scan C:\WINDOWS\system32 22:48:26.843 AVAST engine scan C:\WINDOWS\system32\drivers 22:48:39.078 AVAST engine scan C:\Documents and Settings\Valued Customer 23:11:45.609 AVAST engine scan C:\Documents and Settings\All Users 23:13:46.015 Scan finished successfully 23:15:38.500 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Valued Customer\Desktop\MBR.dat" 23:15:38.500 The log file has been saved successfully to "C:\Documents and Settings\Valued Customer\Desktop\aswMBR.txt"
nice to meet you Pystryker
im sorry about that i dont know what happen i hope its right this time
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:23-05-2014
Ran by Valued Customer (administrator) on 8783B561B2C0457 on 23-05-2014 22:40:43
Running from C:\Documents and Settings\Valued Customer\Desktop
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 6
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
() C:\WINDOWS\system32\WLTRYSVC.EXE
(Dell Inc.) C:\WINDOWS\system32\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Dell Inc.) C:\WINDOWS\system32\WLTRAY.EXE
(SigmaTel, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\WINDOWS\system32\osk.exe
(Microsoft Corporation) C:\WINDOWS\system32\msswchx.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\WINDOWS\system32\WLTRAY.exe [1392640 2006-11-01] (Dell Inc.)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [405504 2007-05-10] (SigmaTel, Inc.)
HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [32768 2005-01-12] (Cyberlink Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761947 2006-03-08] (Synaptics, Inc.)
HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2006-06-06] (Intel Corporation)
HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [118784 2006-06-06] (Intel Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3774312 2006-11-07] (AVAST Software)
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect"
HKU\S-1-5-21-583907252-1078145449-1177238915-1003\...\MountPoints2: {5581d4f4-4de3-11e1-9668-001422a97fb0} - E:\TL_Bootstrap.exe
HKU\S-1-5-21-583907252-1078145449-1177238915-1003\...\MountPoints2: {866574c2-6e84-11e3-9a39-0016ce47aa18} - E:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A02B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-583907252-1078145449-1177238915-1003\...\MountPoints2: {8d53cf82-328a-11e1-9653-001422a97fb0} - E:\RunClubSanDisk.exe
Startup: C:\Documents and Settings\Valued Customer\Start Menu\Programs\Startup\IMVU.lnk
ShortcutTarget: IMVU.lnk -> C:\Documents and Settings\Valued Customer\Application Data\IMVUClient\IMVUQualityAgent.exe (No File)
Startup: C:\Documents and Settings\Valued Customer\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3510 series.lnk
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 3510 series.lnk -> C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo...._g_e&fr=conduit
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...er=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...B_PVER}&ar=home
URLSearchHook: HKCU - Default Value = {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
URLSearchHook: HKCU - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo....erms}&fr=mkg028
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKCU - {4C4C7AAB-5854-4241-A414-E2F1EF119C4A} URL = http://www.dnsbasic....s={searchTerms}
SearchScopes: HKCU - {5320B10F-040D-4C5A-93C6-E20CC123CE96} URL = http://ecostartpage....q={searchTerms}
SearchScopes: HKCU - {536B710E-863A-417A-B905-FFEDADE9AD36} URL = http://delicious.com...p={searchTerms}
SearchScopes: HKCU - {59F925C3-024B-4C10-8400-E53E0F826D91} URL = http://www.mysearchr...q={searchTerms}
SearchScopes: HKCU - {93122B3C-764A-4120-ADA8-06ABC3246CEE} URL = http://www.flickr.co...q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKCU - {AAE0DFD1-128D-42A5-B269-7E7243252B15} URL = http://rover.ebay.co...e={searchTerms}
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo....erms}&fr=mkg028
BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: DefaultTab Browser Helper - {7F6AFBF1-E065-4627-A2FD-810366367D01} - No File
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - No File
Toolbar: HKLM - No Name - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKLM - No Name - !{EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate...b?1323105735812
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Valued Customer\Application Data\Mozilla\Firefox\Profiles\e3y9d7tb.default-1399343344640
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-05-10]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-05-10]
FF Extension: DnsBasic - C:\Program Files\Mozilla Firefox\browser\extensions\{650EED71-89E2-453B-8DCF-2AA1B4AE6EF3} [2014-05-10]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-09]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "https://www.google.c...&btmpl=authsub"
CHR Extension: (Radio) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\agljkoinmcdnopnlbhhjibjiablccgoh [2013-01-18]
CHR Extension: (Google Docs) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-18]
CHR Extension: (Google Drive) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-18]
CHR Extension: (YouTube) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-18]
CHR Extension: (HelloFax: 50 Free Fax Pages) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bocmleclimfnadgmcdgecijlblfcmfnm [2013-01-18]
CHR Extension: (Classic Games) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ckmoikambnjgjnhaefiklkblfjoolnaf [2013-01-18]
CHR Extension: (Google Search) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-18]
CHR Extension: (Pandora) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl [2013-01-18]
CHR Extension: (Digital Clock) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2013-01-18]
CHR Extension: (UNO 3 3D) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hnljegjnioppmpieleiegimongopeanj [2013-01-18]
CHR Extension: (Glitterboo) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ikkpgihagilojnkmkkfcbhlainmnkicp [2013-01-18]
CHR Extension: (Faerie Alchemy HD) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\imdilajngppdgdbemeighbingnbmpnpl [2013-01-18]
CHR Extension: (Lady Popular) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jnamdlacgipmoldlhfgjficjiclhgibm [2013-01-18]
CHR Extension: (Planner 5D) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcafejemebbngbglfoinpoaannbihjna [2013-01-18]
CHR Extension: (Egypt Crystals) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nkeakaijkcjjkiiomkamofognihfnckl [2013-01-18]
CHR Extension: (My Chrome Theme) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2013-01-18]
CHR Extension: (Sassy Susan DressUp) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\oghdemokodfinoaoiilibelpkmconine [2013-01-18]
CHR Extension: (Gmail) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-18]
CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-09]
========================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-09] (AVAST Software)
S3 Imapi Helper; C:\Program Files\ISO Recorder\ImapiHelper.exe [163840 2006-01-05] (Alex Feinman)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)
R2 wltrysvc; C:\WINDOWS\System32\bcmwltry.exe [1253376 2006-11-01] (Dell Inc.)
S2 DnsBasic Service; "C:\Program Files\DnsBasic\dnsbasic.exe" "C:\Program Files\DnsBasic\dnsbasic.dll" jipigizom wososurar
==================== Drivers (Whitelisted) ====================
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-03-09] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-03-09] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-03-09] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2014-03-09] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410784 2014-03-09] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-03-09] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180248 2014-03-09] ()
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [604928 2006-10-12] (Broadcom Corporation)
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1222840 2007-05-10] (SigmaTel, Inc.)
S3 SWDUMon; C:\WINDOWS\System32\DRIVERS\SWDUMon.sys [13464 2014-01-20] ()
S3 taphss; C:\WINDOWS\System32\DRIVERS\taphss.sys [33512 2012-10-10] (AnchorFree Inc)
S3 Andbus; system32\DRIVERS\lgandbus.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem.sys [X]
S3 BCMH43XX; system32\DRIVERS\bcmwlhigh5.sys [X]
S3 NPF; system32\DRIVERS\npf.sys [X]
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
S3 usbbus; system32\DRIVERS\lgusbbus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
S3 UsbGps; system32\DRIVERS\lgusbgps.sys [X]
S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X]
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-23 22:40 - 2014-05-23 22:41 - 00018465 _____ () C:\Documents and Settings\Valued Customer\Desktop\FRST.txt
2014-05-23 22:30 - 2014-05-23 22:40 - 00000000 ____D () C:\FRST
2014-05-23 22:28 - 2014-05-23 22:28 - 01056768 _____ (Farbar) C:\Documents and Settings\Valued Customer\Desktop\FRST.exe
2014-05-10 11:58 - 2014-05-10 11:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-06 18:01 - 2014-05-06 18:04 - 00005554 _____ () C:\WINDOWS\KB2964358-IE8.log
2014-04-28 15:31 - 2014-04-28 15:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-04-28 15:26 - 2014-04-28 15:31 - 00011180 _____ () C:\WINDOWS\KB2936068-IE8.log
2014-04-23 17:15 - 2014-04-23 17:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-04-23 17:14 - 2014-04-23 17:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-04-23 17:14 - 2014-04-23 17:14 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Yahoo!
2014-04-23 17:00 - 2014-04-28 15:32 - 00014259 _____ () C:\WINDOWS\KB2930275.log
2014-04-23 16:48 - 2014-04-23 17:15 - 00132021 _____ () C:\WINDOWS\KB2922229.log
2014-04-23 16:47 - 2014-04-23 17:15 - 00131725 _____ () C:\WINDOWS\KB2929961.log
2014-04-23 16:41 - 2014-04-23 16:41 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\SearchProtect
==================== One Month Modified Files and Folders =======
2014-05-23 22:41 - 2014-05-23 22:40 - 00018465 _____ () C:\Documents and Settings\Valued Customer\Desktop\FRST.txt
2014-05-23 22:40 - 2014-05-23 22:30 - 00000000 ____D () C:\FRST
2014-05-23 22:28 - 2014-05-23 22:28 - 01056768 _____ (Farbar) C:\Documents and Settings\Valued Customer\Desktop\FRST.exe
2014-05-23 22:25 - 2012-04-09 20:28 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-05-23 22:04 - 2013-12-09 14:37 - 00000496 _____ () C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
2014-05-23 21:26 - 2011-12-05 11:24 - 01432234 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-23 20:40 - 2013-07-18 11:06 - 00000456 _____ () C:\WINDOWS\Tasks\At2.job
2014-05-23 18:49 - 2011-12-05 11:31 - 00032516 _____ () C:\WINDOWS\SchedLgU.Txt
2014-05-23 15:17 - 2014-03-09 15:17 - 00000382 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-05-23 14:54 - 2011-12-05 03:07 - 00521886 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-23 14:51 - 2011-12-05 11:21 - 00046241 ____C () C:\WINDOWS\wmsetup.log
2014-05-23 14:50 - 2004-08-12 03:34 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-05-23 14:49 - 2011-12-05 11:31 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-23 14:49 - 2011-12-05 03:09 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-05-23 14:49 - 2011-12-05 03:09 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-05-23 14:49 - 2006-11-07 01:03 - 00000242 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-05-23 14:48 - 2011-12-05 11:35 - 00000178 ___SH () C:\Documents and Settings\Valued Customer\ntuser.ini
2014-05-23 14:48 - 2011-12-05 11:35 - 00000000 ____D () C:\Documents and Settings\Valued Customer
2014-05-23 14:44 - 2011-12-05 12:40 - 00001718 ____C () C:\WINDOWS\system32\ROXECDC6Inst.log
2014-05-23 14:39 - 2012-11-12 13:29 - 00000000 ____D () C:\Program Files\QuickTime
2014-05-23 14:15 - 2013-10-04 13:46 - 00000000 ____D () C:\Documents and Settings\Valued Customer\Desktop\New Folder
2014-05-23 14:00 - 2013-07-18 11:06 - 00000456 _____ () C:\WINDOWS\Tasks\At4.job
2014-05-22 21:57 - 2013-12-06 06:49 - 00383989 _____ () C:\WINDOWS\setupapi.log
2014-05-22 11:06 - 2013-07-18 11:06 - 00000456 _____ () C:\WINDOWS\Tasks\At3.job
2014-05-22 10:10 - 2013-07-18 11:06 - 00000456 _____ () C:\WINDOWS\Tasks\At1.job
2014-05-17 09:22 - 2012-11-01 08:31 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-17 09:21 - 2012-11-01 08:30 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-14 09:29 - 2012-04-09 20:28 - 00692400 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-05-14 09:29 - 2012-01-02 19:20 - 00070832 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-05-11 19:55 - 2012-04-07 15:59 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-10 11:59 - 2014-05-10 11:58 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-08 08:14 - 2014-01-20 18:45 - 00000803 _____ () C:\Documents and Settings\Valued Customer\Start Menu\Programs\Internet Explorer.lnk
2014-05-08 08:14 - 2014-01-20 18:45 - 00000000 ____D () C:\Documents and Settings\Valued Customer\Start Menu\Programs\Accessories
2014-05-08 08:13 - 2011-12-05 02:57 - 00000000 ____D () C:\WINDOWS\Help
2014-05-07 23:22 - 2013-01-14 06:01 - 00109977 ____C () C:\WINDOWS\ie8Uninst.log
2014-05-07 23:22 - 2011-12-05 12:33 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-05-07 23:22 - 2011-12-05 03:07 - 01685083 ____C () C:\WINDOWS\iis6.log
2014-05-07 23:22 - 2011-12-05 03:07 - 00704816 ____C () C:\WINDOWS\tsoc.log
2014-05-07 23:22 - 2011-12-05 03:07 - 00521899 ____C () C:\WINDOWS\comsetup.log
2014-05-07 23:22 - 2011-12-05 03:07 - 00314462 ____C () C:\WINDOWS\ntdtcsetup.log
2014-05-07 23:22 - 2011-12-05 03:07 - 00085017 ____C () C:\WINDOWS\ocmsn.log
2014-05-07 23:22 - 2011-12-05 03:07 - 00077800 ____C () C:\WINDOWS\tabletoc.log
2014-05-07 23:22 - 2011-12-05 03:07 - 00001355 _____ () C:\WINDOWS\imsins.log
2014-05-07 23:21 - 2011-12-05 12:32 - 00244087 ____C () C:\WINDOWS\updspapi.log
2014-05-07 23:21 - 2011-12-05 02:57 - 00000000 ____D () C:\WINDOWS\Media
2014-05-07 23:20 - 2011-12-05 03:07 - 01532509 ____C () C:\WINDOWS\FaxSetup.log
2014-05-07 23:20 - 2011-12-05 03:07 - 00741948 ____C () C:\WINDOWS\ocgen.log
2014-05-07 23:20 - 2011-12-05 03:07 - 00472258 ____C () C:\WINDOWS\msmqinst.log
2014-05-07 23:20 - 2011-12-05 03:07 - 00269208 ____C () C:\WINDOWS\netfxocm.log
2014-05-07 23:20 - 2011-12-05 03:07 - 00106048 ____C () C:\WINDOWS\MedCtrOC.log
2014-05-07 23:20 - 2011-12-05 03:07 - 00076885 ____C () C:\WINDOWS\msgsocm.log
2014-05-06 18:04 - 2014-05-06 18:01 - 00005554 _____ () C:\WINDOWS\KB2964358-IE8.log
2014-05-06 18:04 - 2011-12-05 03:07 - 00001355 _____ () C:\WINDOWS\imsins.BAK
2014-05-06 08:57 - 2006-11-07 01:03 - 00000236 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-05-05 22:05 - 2013-12-06 06:53 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-04-28 15:32 - 2014-04-28 15:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-04-28 15:32 - 2014-04-23 17:00 - 00014259 _____ () C:\WINDOWS\KB2930275.log
2014-04-28 15:31 - 2014-04-28 15:26 - 00011180 _____ () C:\WINDOWS\KB2936068-IE8.log
2014-04-23 17:15 - 2014-04-23 17:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-04-23 17:15 - 2014-04-23 16:48 - 00132021 _____ () C:\WINDOWS\KB2922229.log
2014-04-23 17:15 - 2014-04-23 16:47 - 00131725 _____ () C:\WINDOWS\KB2929961.log
2014-04-23 17:15 - 2014-01-07 00:32 - 00000000 ____D () C:\WINDOWS\system32\cache
2014-04-23 17:14 - 2014-04-23 17:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-04-23 17:14 - 2014-04-23 17:14 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Yahoo!
2014-04-23 17:14 - 2014-01-20 18:42 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2014-04-23 17:05 - 2012-04-06 21:01 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
2014-04-23 16:41 - 2014-04-23 16:41 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\SearchProtect
Files to move or delete:
====================
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job
Some content of TEMP:
====================
C:\Documents and Settings\Valued Customer\Local Settings\Temp\nsx55.exe
C:\Documents and Settings\Valued Customer\Local Settings\Temp\SPSetup.exe
C:\Documents and Settings\Valued Customer\Local Settings\Temp\UNINSTALL.EXE
==================== Bamital & volsnap Check =================
C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version:23-05-2014
Ran by Valued Customer at 2014-05-23 22:41:52
Running from C:\Documents and Settings\Valued Customer\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: PC Cleaner Pro (Disabled - Up to date) {737A8864-C2D9-4337-B49A-B5E35815B9BB}
AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
==================== Installed Programs ======================
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Atomic Clock Sync (HKLM\...\Atomic Clock Sync) (Version: - )
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2013 - Avast Software)
Broadcom 440x 10/100 Integrated Controller (HKLM\...\{9C9D0F85-5658-4A5E-95A9-65F7DB2916EE}) (Version: 8.03.06 - Broadcom Corporation)
Conexant HDA D110 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3) (Version: - )
Dell Wireless WLAN Card (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.100.15.8 - Dell Inc.)
DnsBasic 1.0 build 111 (HKLM\...\DnsBasic) (Version: - )
HP Deskjet 3510 series Basic Device Software (HKLM\...\{93E5D4DF-E42D-4E26-9B27-BB6A3CA5AF0C}) (Version: 28.0.989.0 - Hewlett-Packard Co.)
HP Deskjet 3510 series Help (HKLM\...\{97C1C98D-6AE5-4C71-9B00-EBBD9E014450}) (Version: 28.0.0 - Hewlett Packard)
HP Deskjet 3510 series Product Improvement Study (HKLM\...\{E5930634-77B2-46FF-B5B1-EFD86D41E2E9}) (Version: 28.0.989.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.12412 - HP)
HP Update (HKLM\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
Intel® Graphics Media Accelerator Driver for Mobile (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4609 - )
IrfanView (remove only) (HKLM\...\IrfanView) (Version: - )
ISO Recorder (HKLM\...\{DFC6573E-124D-4026-BFA4-B433C9D3FF21}) (Version: 2.0.0 - Alex Feinman)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 (Version: - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}) (Version: 08.04.0623 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - CyberLink Corporation)
SanDiskSecureAccess_Manager.exe (HKCU\...\@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe) (Version: 1.0.0 - DMAILER)
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5210.0 - SigmaTel)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 8.2.4.6 - Synaptics)
The Print Shop Deluxe III (HKLM\...\The Print Shop Deluxe) (Version: - )
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Media Player 11 (Version: - Microsoft Corporation) Hidden
WinZip (HKLM\...\WinZip) (Version: - )
Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version: - Yahoo! Inc.)
==================== Restore Points =========================
06-05-2014 23:00:44 Software Distribution Service 3.0
07-05-2014 23:52:31 System Checkpoint
08-05-2014 04:14:52 Removed Bing Bar
09-05-2014 04:45:47 System Checkpoint
10-05-2014 16:12:05 System Checkpoint
11-05-2014 16:43:48 System Checkpoint
12-05-2014 16:52:26 System Checkpoint
13-05-2014 17:09:33 System Checkpoint
14-05-2014 22:33:32 System Checkpoint
15-05-2014 22:35:54 System Checkpoint
16-05-2014 23:44:10 System Checkpoint
17-05-2014 23:54:13 System Checkpoint
19-05-2014 02:27:33 System Checkpoint
20-05-2014 02:59:35 System Checkpoint
21-05-2014 03:02:40 System Checkpoint
22-05-2014 03:06:08 System Checkpoint
23-05-2014 19:18:39 Removed Apple Application Support
23-05-2014 19:20:14 Removed Apple Mobile Device Support
23-05-2014 19:22:00 Removed Apple Software Update
23-05-2014 19:39:07 Removed QuickTime
23-05-2014 19:40:31 Removed Roxio Creator DE
23-05-2014 19:41:12 Removed Roxio Activation Module
23-05-2014 19:41:33 Removed Roxio Creator Audio
23-05-2014 19:41:48 Removed Roxio Creator Copy
23-05-2014 19:42:02 Removed Roxio Creator Data
23-05-2014 19:42:16 Removed Roxio Creator Tools
23-05-2014 19:44:19 Removed Roxio Drag-to-Disc
23-05-2014 19:44:45 Removed Roxio Express Labeler 3
==================== Hosts content: ==========================
2004-08-12 03:19 - 2004-08-12 03:19 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\At1.job => C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At2.job => C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At3.job => C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At4.job => C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\Documents and Settings\All Users\Application Data\HP Photo Creations\Communicator.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
==================== Loaded Modules (whitelisted) =============
2011-12-05 11:56 - 1998-10-17 10:00 - 00033792 _____ () C:\Program Files\WinZip\WZSHLEXT.DLL
2011-12-05 11:50 - 2006-11-01 15:48 - 00020480 _____ () C:\WINDOWS\System32\WLTRYSVC.EXE
2011-12-05 11:50 - 2006-11-01 15:48 - 00757760 _____ () C:\WINDOWS\System32\bcm1xsup.dll
2014-05-23 13:10 - 2014-05-23 10:56 - 02255872 _____ () C:\Program Files\AVAST Software\Avast\defs\14052300\algo.dll
2014-03-09 15:15 - 2014-03-09 15:15 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-05-10 11:58 - 2014-05-10 11:59 - 03839088 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-05-14 09:28 - 2014-05-14 09:29 - 16361136 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:B54E4B5A
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/23/2014 10:30:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application frst.exe, version 21.5.2014.0, faulting module , version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [frst.exe!ws!]
Error: (05/23/2014 10:01:56 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.
Error: (05/23/2014 10:01:56 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.
Error: (05/23/2014 09:56:55 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.
Error: (05/23/2014 09:56:55 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.
Error: (05/23/2014 08:12:55 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.
Error: (05/23/2014 08:12:55 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.
Error: (05/23/2014 08:03:56 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.
Error: (05/23/2014 08:03:56 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.
Error: (05/23/2014 06:31:55 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.
System errors:
=============
Error: (05/23/2014 02:21:01 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Apple Mobile Device service, but this action failed with the following error:
%%1058
Error: (05/23/2014 02:20:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (05/22/2014 03:01:38 PM) (Source: DCOM) (EventID: 10010) (User: 8783B561B2C0457)
Description: The server {F25AF245-4A81-40DC-92F9-E9021F207706} did not register with DCOM within the required timeout.
Error: (05/18/2014 08:47:10 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: The IP address lease 192.168.0.37 for the Network Card with network address 001422A97FB0 has been
denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
Error: (05/17/2014 04:31:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Adobe Flash Player Update Service service failed to start due to the following error:
%%1053
Error: (05/17/2014 04:31:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Adobe Flash Player Update Service service to connect.
Error: (05/17/2014 01:56:10 PM) (Source: DCOM) (EventID: 10010) (User: 8783B561B2C0457)
Description: The server {F25AF245-4A81-40DC-92F9-E9021F207706} did not register with DCOM within the required timeout.
Error: (05/17/2014 01:53:01 PM) (Source: DCOM) (EventID: 10010) (User: 8783B561B2C0457)
Description: The server {F25AF245-4A81-40DC-92F9-E9021F207706} did not register with DCOM within the required timeout.
Error: (05/17/2014 00:42:01 AM) (Source: DCOM) (EventID: 10010) (User: 8783B561B2C0457)
Description: The server {F25AF245-4A81-40DC-92F9-E9021F207706} did not register with DCOM within the required timeout.
Error: (05/17/2014 00:39:42 AM) (Source: DCOM) (EventID: 10010) (User: 8783B561B2C0457)
Description: The server {F25AF245-4A81-40DC-92F9-E9021F207706} did not register with DCOM within the required timeout.
Microsoft Office Sessions:
=========================
Error: (05/23/2014 10:30:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: frst.exe21.5.2014.00.0.0.000000000
Error: (05/23/2014 10:01:56 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
Error: (05/23/2014 10:01:56 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}
Error: (05/23/2014 09:56:55 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
Error: (05/23/2014 09:56:55 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}
Error: (05/23/2014 08:12:55 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
Error: (05/23/2014 08:12:55 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}
Error: (05/23/2014 08:03:56 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
Error: (05/23/2014 08:03:56 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}
Error: (05/23/2014 06:31:55 PM) (Source: Userenv) (EventID: 1041) (User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
==================== Memory info ===========================
Percentage of memory in use: 66%
Total physical RAM: 1015.37 MB
Available physical RAM: 339.23 MB
Total Pagefile: 2442.4 MB
Available Pagefile: 1858.29 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.63 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:37.25 GB) (Free:21.59 GB) NTFS ==>[Drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 37 GB) (Disk ID: 5C405C40)
Partition 1: (Active) - (Size=37 GB) - (Type=07 NTFS)
==================== End Of Log ============================
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-05-23 22:45:18
-----------------------------
22:45:18.296 OS Version: Windows 5.1.2600 Service Pack 3
22:45:18.296 Number of processors: 1 586 0xD08
22:45:18.296 ComputerName: 8783B561B2C0457 UserName: Valued Customer
22:45:19.781 Initialize success
22:45:24.500 AVAST engine defs: 14052300
22:45:37.390 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
22:45:37.390 Disk 0 Vendor: Hitachi_HTS541040G9AT00 MB2OA61A Size: 38154MB BusType: 3
22:45:37.625 Disk 0 MBR read successfully
22:45:37.625 Disk 0 MBR scan
22:45:37.625 Disk 0 Windows XP default MBR code
22:45:37.640 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 38146 MB offset 63
22:45:37.656 Disk 0 scanning sectors +78124095
22:45:37.687 Disk 0 scanning C:\WINDOWS\system32\drivers
22:45:47.703 Service scanning
22:46:04.406 Modules scanning
22:46:12.671 Disk 0 trace - called modules:
22:46:12.703 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys PCIIDEX.SYS
22:46:12.703 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86d72ab8]
22:46:13.062 3 CLASSPNP.SYS[f75c7fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x86d35d98]
22:46:13.562 AVAST engine scan C:\WINDOWS
22:46:29.359 AVAST engine scan C:\WINDOWS\system32
22:48:26.843 AVAST engine scan C:\WINDOWS\system32\drivers
22:48:39.078 AVAST engine scan C:\Documents and Settings\Valued Customer
23:11:45.609 AVAST engine scan C:\Documents and Settings\All Users
23:13:46.015 Scan finished successfully
23:15:38.500 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Valued Customer\Desktop\MBR.dat"
23:15:38.500 The log file has been saved successfully to "C:\Documents and Settings\Valued Customer\Desktop\aswMBR.txt"
im sorry about that i dont know what happen i hope its right this time
Start
SearchScopes: HKCU - {4C4C7AAB-5854-4241-A414-E2F1EF119C4A} URL = http://www.dnsbasic....s={searchTerms}
SearchScopes: HKCU - {5320B10F-040D-4C5A-93C6-E20CC123CE96} URL = http://ecostartpage....q={searchTerms}
SearchScopes: HKCU - {536B710E-863A-417A-B905-FFEDADE9AD36} URL = http://delicious.com...p={searchTerms}
SearchScopes: HKCU - {59F925C3-024B-4C10-8400-E53E0F826D91} URL = http://www.mysearchr...q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://dts.search-re...q={searchTerms}
BHO: DefaultTab Browser Helper - {7F6AFBF1-E065-4627-A2FD-810366367D01} - No File
BHO: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - No File
Toolbar: HKLM - No Name - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKLM - No Name - !{EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
FF Extension: DnsBasic - C:\Program Files\Mozilla Firefox\browser\extensions\{650EED71-89E2-453B-8DCF-2AA1B4AE6EF3} [2014-05-10]
S2 DnsBasic Service; "C:\Program Files\DnsBasic\dnsbasic.exe" "C:\Program Files\DnsBasic\dnsbasic.dll" jipigizom wososurar
C:\Program Files\DnsBasic
2014-04-23 16:41 - 2014-04-23 16:41 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\SearchProtect
C:\Windows\Tasks\At*.job
2004-08-12 03:19 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:B54E4B5A
End
its running a litte better know and here are the logs you requested
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:24-05-2014 1
Ran by Valued Customer at 2014-05-24 15:04:50 Run:1
Running from C:\Documents and Settings\Valued Customer\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
SearchScopes: HKCU - {4C4C7AAB-5854-4241-A414-E2F1EF119C4A} URL = http://www.dnsbasic....s={searchTerms}
SearchScopes: HKCU - {5320B10F-040D-4C5A-93C6-E20CC123CE96} URL = http://ecostartpage....q={searchTerms}
SearchScopes: HKCU - {536B710E-863A-417A-B905-FFEDADE9AD36} URL = http://delicious.com...p={searchTerms}
SearchScopes: HKCU - {59F925C3-024B-4C10-8400-E53E0F826D91} URL = http://www.mysearchr...q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://dts.search-re...q={searchTerms}
BHO: DefaultTab Browser Helper - {7F6AFBF1-E065-4627-A2FD-810366367D01} - No File
BHO: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - No File
Toolbar: HKLM - No Name - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKLM - No Name - !{EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
FF Extension: DnsBasic - C:\Program Files\Mozilla Firefox\browser\extensions\{650EED71-89E2-453B-8DCF-2AA1B4AE6EF3} [2014-05-10]
S2 DnsBasic Service; "C:\Program Files\DnsBasic\dnsbasic.exe" "C:\Program Files\DnsBasic\dnsbasic.dll" jipigizom wososurar
C:\Program Files\DnsBasic
2014-04-23 16:41 - 2014-04-23 16:41 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\SearchProtect
C:\Windows\Tasks\At*.job
2004-08-12 03:19 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:B54E4B5A
End
*****************
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4C4C7AAB-5854-4241-A414-E2F1EF119C4A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{4C4C7AAB-5854-4241-A414-E2F1EF119C4A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5320B10F-040D-4C5A-93C6-E20CC123CE96} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{5320B10F-040D-4C5A-93C6-E20CC123CE96} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{536B710E-863A-417A-B905-FFEDADE9AD36} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{536B710E-863A-417A-B905-FFEDADE9AD36} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{59F925C3-024B-4C10-8400-E53E0F826D91} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{59F925C3-024B-4C10-8400-E53E0F826D91} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} => Key deleted successfully.
HKCR\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} => Key deleted successfully.
HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.
HKCR\CLSID\!{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{EF99BD32-C1FB-11D2-892F-0090271D4F88} => Value deleted successfully.
HKCR\CLSID\!{EF99BD32-C1FB-11D2-892F-0090271D4F88} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Value deleted successfully.
HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Key deleted successfully.
C:\Program Files\Mozilla Firefox\browser\extensions\{650EED71-89E2-453B-8DCF-2AA1B4AE6EF3} => Moved successfully.
DnsBasic Service => Service deleted successfully.
C:\Program Files\DnsBasic => Moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\SearchProtect => Moved successfully.
C:\Windows\Tasks\At*.job => Moved successfully.
"C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost" => File/Directory not found.
C:\Documents and Settings\All Users\Application Data\TEMP => ":B54E4B5A" ADS removed successfully.
==== End of Fixlog ====
# AdwCleaner v3.210 - Report created 24/05/2014 at 15:19:10
# Updated 19/05/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Valued Customer - 8783B561B2C0457
# Running from : C:\Documents and Settings\Valued Customer\Desktop\adwcleaner_3.210.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : DnsBasic Service
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\All Users\Application Data\PC Optimizer Pro
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Tarma Installer
Folder Deleted : C:\Program Files\Free Offers from Freeze.com
Folder Deleted : C:\WINDOWS\system32\hotspot shield
Folder Deleted : C:\Documents and Settings\Valued Customer\Local Settings\Application Data\apn
Folder Deleted : C:\Documents and Settings\Valued Customer\Local Settings\Application Data\FileTypeAssistant
Folder Deleted : C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Ilivid Player
Folder Deleted : C:\Documents and Settings\Valued Customer\Local Settings\Application Data\PackageAware
Folder Deleted : C:\Documents and Settings\Valued Customer\Local Settings\Application Data\visi_coupon
Folder Deleted : C:\Documents and Settings\Valued Customer\AppData\LocalLow\DataMngr
Folder Deleted : C:\Documents and Settings\Valued Customer\Application Data\SearchProtect
File Deleted : C:\END
File Deleted : C:\DOCUME~1\VALUED~1\LOCALS~1\Temp\Uninstall.exe
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B939CF93-F2CB-443D-956C-DC523D85C9DB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B939CF93-F2CB-443D-956C-DC523D85C9DB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List [C:\Program Files\BearShare Applications\BearShare\BearShare.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\BearShare Applications\BearShare\BearShare.exe]
Key Deleted : HKCU\Software\anchorfree
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\Crossrider
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\pc optimizer pro
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\PriceGong
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Tarma Installer
***** [ Browsers ] *****
-\\ Internet Explorer v6.0.2900.5512
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v29.0.1 (en-US)
[ File : C:\Documents and Settings\Valued Customer\Application Data\Mozilla\Firefox\Profiles\e3y9d7tb.default-1399343344640\prefs.js ]
-\\ Google Chrome v
[ File : C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://dts.search-results.com/sr?src=ieb&appid=100&systemid=2&sr=0&q={searchTerms}
Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={5232C620-2A01-4898-8E46-F359EDD6A55C}&mid=15da2e04517947d0bb17d15d644d9643-550bc7a85795ba4b0e3a92ccb8abb4ea19ad0497&lang=en&ds=AVG&pr=fr&d=2013-01-15 20:34:01&v=13.3.0.17&sap=dsp&q={searchTerms}
Deleted [Search Provider] : hxxp://dts.search-results.com/sr?src=crb&appid=100&systemid=2&sr=0&q={searchTerms}
Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Deleted [Search Provider] : hxxp://uk.ask.com/ar?siteid=38302770&qsrc=999&l=dis&x=-401&y=-200&q={searchTerms}
Deleted [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Deleted [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Deleted [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Deleted [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Deleted [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
Deleted [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc
*************************
AdwCleaner[R0].txt - [10480 octets] - [24/05/2014 15:17:33]
AdwCleaner[S0].txt - [10397 octets] - [24/05/2014 15:19:10]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10458 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by Valued Customer on Sat 05/24/2014 at 15:31:28.26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011461139}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110211101158}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011461139}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110211101158}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211101158}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011461139}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\big fish games"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\boost_interprocess"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\pc1data"
Successfully deleted: [Folder] "C:\Documents and Settings\Valued Customer\Application Data\pc cleaners"
Successfully deleted: [Folder] "C:\Documents and Settings\Valued Customer\Application Data\pcpro"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 05/24/2014 at 15:38:53.40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:24-05-2014 1
Ran by Valued Customer (administrator) on 8783B561B2C0457 on 24-05-2014 15:55:14
Running from C:\Documents and Settings\Valued Customer\Desktop
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 6
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
() C:\WINDOWS\system32\WLTRYSVC.EXE
(Dell Inc.) C:\WINDOWS\system32\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Dell Inc.) C:\WINDOWS\system32\WLTRAY.EXE
(SigmaTel, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\WINDOWS\system32\WLTRAY.exe [1392640 2006-11-01] (Dell Inc.)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [405504 2007-05-10] (SigmaTel, Inc.)
HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [32768 2005-01-12] (Cyberlink Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761947 2006-03-08] (Synaptics, Inc.)
HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2006-06-06] (Intel Corporation)
HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [118784 2006-06-06] (Intel Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3774312 2006-11-07] (AVAST Software)
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect"
HKU\S-1-5-21-583907252-1078145449-1177238915-1003\...\MountPoints2: {5581d4f4-4de3-11e1-9668-001422a97fb0} - E:\TL_Bootstrap.exe
HKU\S-1-5-21-583907252-1078145449-1177238915-1003\...\MountPoints2: {866574c2-6e84-11e3-9a39-0016ce47aa18} - E:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A02B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-583907252-1078145449-1177238915-1003\...\MountPoints2: {8d53cf82-328a-11e1-9653-001422a97fb0} - E:\RunClubSanDisk.exe
Startup: C:\Documents and Settings\Valued Customer\Start Menu\Programs\Startup\IMVU.lnk
ShortcutTarget: IMVU.lnk -> C:\Documents and Settings\Valued Customer\Application Data\IMVUClient\IMVUQualityAgent.exe (No File)
Startup: C:\Documents and Settings\Valued Customer\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3510 series.lnk
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 3510 series.lnk -> C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...er=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...B_PVER}&ar=home
URLSearchHook: HKCU - Default Value = {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
URLSearchHook: HKCU - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {93122B3C-764A-4120-ADA8-06ABC3246CEE} URL = http://www.flickr.co...q={searchTerms}
SearchScopes: HKCU - {AAE0DFD1-128D-42A5-B269-7E7243252B15} URL = http://rover.ebay.co...e={searchTerms}
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo....erms}&fr=mkg028
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate...b?1323105735812
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Valued Customer\Application Data\Mozilla\Firefox\Profiles\e3y9d7tb.default-1399343344640
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-05-10]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-05-10]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-09]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "https://www.google.c...&btmpl=authsub"
CHR Plugin: (Shockwave Flash) - C:\program files\google\chrome\application\27.0.1453.110\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\program files\google\chrome\application\27.0.1453.110\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\program files\google\chrome\application\27.0.1453.110\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File
CHR Plugin: (Java Platform SE 7 U9) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\WINDOWS\system32\npdeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (Radio) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\agljkoinmcdnopnlbhhjibjiablccgoh [2013-01-18]
CHR Extension: (Google Docs) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-18]
CHR Extension: (Google Drive) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-18]
CHR Extension: (YouTube) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-18]
CHR Extension: (HelloFax: 50 Free Fax Pages) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bocmleclimfnadgmcdgecijlblfcmfnm [2013-01-18]
CHR Extension: (Classic Games) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ckmoikambnjgjnhaefiklkblfjoolnaf [2013-01-18]
CHR Extension: (Google Search) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-18]
CHR Extension: (Pandora) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl [2013-01-18]
CHR Extension: (Digital Clock) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2013-01-18]
CHR Extension: (UNO 3 3D) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hnljegjnioppmpieleiegimongopeanj [2013-01-18]
CHR Extension: (Glitterboo) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ikkpgihagilojnkmkkfcbhlainmnkicp [2013-01-18]
CHR Extension: (Faerie Alchemy HD) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\imdilajngppdgdbemeighbingnbmpnpl [2013-01-18]
CHR Extension: (Lady Popular) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jnamdlacgipmoldlhfgjficjiclhgibm [2013-01-18]
CHR Extension: (Planner 5D) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcafejemebbngbglfoinpoaannbihjna [2013-01-18]
CHR Extension: (Egypt Crystals) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nkeakaijkcjjkiiomkamofognihfnckl [2013-01-18]
CHR Extension: (My Chrome Theme) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2013-01-18]
CHR Extension: (Sassy Susan DressUp) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\oghdemokodfinoaoiilibelpkmconine [2013-01-18]
CHR Extension: (Gmail) - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-18]
CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-09]
========================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-09] (AVAST Software)
S3 Imapi Helper; C:\Program Files\ISO Recorder\ImapiHelper.exe [163840 2006-01-05] (Alex Feinman)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)
R2 wltrysvc; C:\WINDOWS\System32\bcmwltry.exe [1253376 2006-11-01] (Dell Inc.)
==================== Drivers (Whitelisted) ====================
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-03-09] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-03-09] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-03-09] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2014-03-09] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410784 2014-03-09] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-03-09] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180248 2014-03-09] ()
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [604928 2006-10-12] (Broadcom Corporation)
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1222840 2007-05-10] (SigmaTel, Inc.)
S3 SWDUMon; C:\WINDOWS\System32\DRIVERS\SWDUMon.sys [13464 2014-01-20] ()
S3 taphss; C:\WINDOWS\System32\DRIVERS\taphss.sys [33512 2012-10-10] (AnchorFree Inc)
S3 Andbus; system32\DRIVERS\lgandbus.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem.sys [X]
S3 BCMH43XX; system32\DRIVERS\bcmwlhigh5.sys [X]
S3 NPF; system32\DRIVERS\npf.sys [X]
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
S3 usbbus; system32\DRIVERS\lgusbbus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
S3 UsbGps; system32\DRIVERS\lgusbgps.sys [X]
S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X]
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-24 15:41 - 2014-05-24 15:41 - 00448512 _____ (OldTimer Tools) C:\Documents and Settings\Valued Customer\Desktop\TFC.exe
2014-05-24 15:38 - 2014-05-24 15:38 - 00002174 _____ () C:\Documents and Settings\Valued Customer\Desktop\JRT.txt
2014-05-24 15:31 - 2014-05-24 15:31 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-05-24 15:30 - 2014-05-24 15:30 - 01016261 _____ (Thisisu) C:\Documents and Settings\Valued Customer\Desktop\JRT.exe
2014-05-24 15:23 - 2014-05-24 15:23 - 00010539 _____ () C:\Documents and Settings\Valued Customer\Desktop\AdwCleaner[S0].txt
2014-05-24 15:18 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll
2014-05-24 15:13 - 2014-05-24 15:19 - 00000000 ____D () C:\AdwCleaner
2014-05-24 15:12 - 2014-05-24 15:12 - 01326389 _____ () C:\Documents and Settings\Valued Customer\Desktop\adwcleaner_3.210.exe
2014-05-24 15:03 - 2014-05-24 15:03 - 00000000 ____D () C:\Documents and Settings\Valued Customer\Desktop\FRST-OlderVersion
2014-05-23 23:15 - 2014-05-23 23:15 - 00001892 _____ () C:\Documents and Settings\Valued Customer\Desktop\aswMBR.txt
2014-05-23 23:15 - 2014-05-23 23:15 - 00000512 _____ () C:\Documents and Settings\Valued Customer\Desktop\MBR.dat
2014-05-23 22:44 - 2014-05-23 22:45 - 04745728 _____ (AVAST Software) C:\Documents and Settings\Valued Customer\Desktop\aswmbr.exe
2014-05-23 22:41 - 2014-05-23 22:42 - 00019165 _____ () C:\Documents and Settings\Valued Customer\Desktop\Addition.txt
2014-05-23 22:40 - 2014-05-24 15:56 - 00018603 _____ () C:\Documents and Settings\Valued Customer\Desktop\FRST.txt
2014-05-23 22:30 - 2014-05-24 15:55 - 00000000 ____D () C:\FRST
2014-05-23 22:28 - 2014-05-24 15:03 - 01055232 _____ (Farbar) C:\Documents and Settings\Valued Customer\Desktop\FRST.exe
2014-05-10 11:58 - 2014-05-10 11:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-06 18:01 - 2014-05-06 18:04 - 00005554 _____ () C:\WINDOWS\KB2964358-IE8.log
2014-04-28 15:31 - 2014-04-28 15:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-04-28 15:26 - 2014-04-28 15:31 - 00011180 _____ () C:\WINDOWS\KB2936068-IE8.log
==================== One Month Modified Files and Folders =======
2014-05-24 15:56 - 2014-05-23 22:40 - 00018603 _____ () C:\Documents and Settings\Valued Customer\Desktop\FRST.txt
2014-05-24 15:55 - 2014-05-23 22:30 - 00000000 ____D () C:\FRST
2014-05-24 15:54 - 2011-12-05 03:07 - 00521886 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-24 15:51 - 2011-12-05 11:24 - 01449660 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-24 15:50 - 2014-03-09 15:17 - 00000382 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-05-24 15:50 - 2011-12-05 11:31 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-24 15:50 - 2011-12-05 03:09 - 00000157 _____ () C:\WINDOWS\wiadebug.log
2014-05-24 15:50 - 2011-12-05 03:09 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-05-24 15:50 - 2006-11-07 01:03 - 00000242 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-05-24 15:50 - 2004-08-12 03:34 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-05-24 15:49 - 2013-12-09 14:37 - 00000496 _____ () C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
2014-05-24 15:49 - 2011-12-05 11:35 - 00000178 ___SH () C:\Documents and Settings\Valued Customer\ntuser.ini
2014-05-24 15:49 - 2011-12-05 11:31 - 00032516 _____ () C:\WINDOWS\SchedLgU.Txt
2014-05-24 15:41 - 2014-05-24 15:41 - 00448512 _____ (OldTimer Tools) C:\Documents and Settings\Valued Customer\Desktop\TFC.exe
2014-05-24 15:38 - 2014-05-24 15:38 - 00002174 _____ () C:\Documents and Settings\Valued Customer\Desktop\JRT.txt
2014-05-24 15:31 - 2014-05-24 15:31 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-05-24 15:30 - 2014-05-24 15:30 - 01016261 _____ (Thisisu) C:\Documents and Settings\Valued Customer\Desktop\JRT.exe
2014-05-24 15:25 - 2012-04-09 20:28 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-05-24 15:23 - 2014-05-24 15:23 - 00010539 _____ () C:\Documents and Settings\Valued Customer\Desktop\AdwCleaner[S0].txt
2014-05-24 15:19 - 2014-05-24 15:13 - 00000000 ____D () C:\AdwCleaner
2014-05-24 15:12 - 2014-05-24 15:12 - 01326389 _____ () C:\Documents and Settings\Valued Customer\Desktop\adwcleaner_3.210.exe
2014-05-24 15:03 - 2014-05-24 15:03 - 00000000 ____D () C:\Documents and Settings\Valued Customer\Desktop\FRST-OlderVersion
2014-05-24 15:03 - 2014-05-23 22:28 - 01055232 _____ (Farbar) C:\Documents and Settings\Valued Customer\Desktop\FRST.exe
2014-05-23 23:15 - 2014-05-23 23:15 - 00001892 _____ () C:\Documents and Settings\Valued Customer\Desktop\aswMBR.txt
2014-05-23 23:15 - 2014-05-23 23:15 - 00000512 _____ () C:\Documents and Settings\Valued Customer\Desktop\MBR.dat
2014-05-23 22:45 - 2014-05-23 22:44 - 04745728 _____ (AVAST Software) C:\Documents and Settings\Valued Customer\Desktop\aswmbr.exe
2014-05-23 22:42 - 2014-05-23 22:41 - 00019165 _____ () C:\Documents and Settings\Valued Customer\Desktop\Addition.txt
2014-05-23 14:51 - 2011-12-05 11:21 - 00046241 ____C () C:\WINDOWS\wmsetup.log
2014-05-23 14:48 - 2011-12-05 11:35 - 00000000 ____D () C:\Documents and Settings\Valued Customer
2014-05-23 14:44 - 2011-12-05 12:40 - 00001718 ____C () C:\WINDOWS\system32\ROXECDC6Inst.log
2014-05-23 14:39 - 2012-11-12 13:29 - 00000000 ____D () C:\Program Files\QuickTime
2014-05-23 14:15 - 2013-10-04 13:46 - 00000000 ____D () C:\Documents and Settings\Valued Customer\Desktop\New Folder
2014-05-22 21:57 - 2013-12-06 06:49 - 00383989 _____ () C:\WINDOWS\setupapi.log
2014-05-17 09:22 - 2012-11-01 08:31 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-17 09:21 - 2012-11-01 08:30 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-14 09:29 - 2012-04-09 20:28 - 00692400 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-05-14 09:29 - 2012-01-02 19:20 - 00070832 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-05-11 19:55 - 2012-04-07 15:59 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-10 11:59 - 2014-05-10 11:58 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-08 08:14 - 2014-01-20 18:45 - 00000803 _____ () C:\Documents and Settings\Valued Customer\Start Menu\Programs\Internet Explorer.lnk
2014-05-08 08:14 - 2014-01-20 18:45 - 00000000 ____D () C:\Documents and Settings\Valued Customer\Start Menu\Programs\Accessories
2014-05-08 08:13 - 2011-12-05 02:57 - 00000000 ____D () C:\WINDOWS\Help
2014-05-07 23:22 - 2013-01-14 06:01 - 00109977 ____C () C:\WINDOWS\ie8Uninst.log
2014-05-07 23:22 - 2011-12-05 12:33 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-05-07 23:22 - 2011-12-05 03:07 - 01685083 ____C () C:\WINDOWS\iis6.log
2014-05-07 23:22 - 2011-12-05 03:07 - 00704816 ____C () C:\WINDOWS\tsoc.log
2014-05-07 23:22 - 2011-12-05 03:07 - 00521899 ____C () C:\WINDOWS\comsetup.log
2014-05-07 23:22 - 2011-12-05 03:07 - 00314462 ____C () C:\WINDOWS\ntdtcsetup.log
2014-05-07 23:22 - 2011-12-05 03:07 - 00085017 ____C () C:\WINDOWS\ocmsn.log
2014-05-07 23:22 - 2011-12-05 03:07 - 00077800 ____C () C:\WINDOWS\tabletoc.log
2014-05-07 23:22 - 2011-12-05 03:07 - 00001355 _____ () C:\WINDOWS\imsins.log
2014-05-07 23:21 - 2011-12-05 12:32 - 00244087 ____C () C:\WINDOWS\updspapi.log
2014-05-07 23:21 - 2011-12-05 02:57 - 00000000 ____D () C:\WINDOWS\Media
2014-05-07 23:20 - 2011-12-05 03:07 - 01532509 ____C () C:\WINDOWS\FaxSetup.log
2014-05-07 23:20 - 2011-12-05 03:07 - 00741948 ____C () C:\WINDOWS\ocgen.log
2014-05-07 23:20 - 2011-12-05 03:07 - 00472258 ____C () C:\WINDOWS\msmqinst.log
2014-05-07 23:20 - 2011-12-05 03:07 - 00269208 ____C () C:\WINDOWS\netfxocm.log
2014-05-07 23:20 - 2011-12-05 03:07 - 00106048 ____C () C:\WINDOWS\MedCtrOC.log
2014-05-07 23:20 - 2011-12-05 03:07 - 00076885 ____C () C:\WINDOWS\msgsocm.log
2014-05-06 18:04 - 2014-05-06 18:01 - 00005554 _____ () C:\WINDOWS\KB2964358-IE8.log
2014-05-06 18:04 - 2011-12-05 03:07 - 00001355 _____ () C:\WINDOWS\imsins.BAK
2014-05-06 08:57 - 2006-11-07 01:03 - 00000236 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-05-05 22:05 - 2013-12-06 06:53 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-04-28 15:32 - 2014-04-28 15:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-04-28 15:32 - 2014-04-23 17:00 - 00014259 _____ () C:\WINDOWS\KB2930275.log
2014-04-28 15:31 - 2014-04-28 15:26 - 00011180 _____ () C:\WINDOWS\KB2936068-IE8.log
==================== Bamital & volsnap Check =================
C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
its running a litte better know and here are the logs you requested
i thank this is the eset scan log
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=57d9caf2d0f7414bbc6cd467b01115ec
# engine=18399
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-05-24 11:14:29
# local_time=2014-05-24 06:14:29 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=774 16777213 71 76 6490711 237179636 0 0
# scanned=39507
# found=5
# cleaned=0
# scan_time=2181
sh=9FE1F2B1FB6F2E1BBBE7B068CD5F79832C36BE39 ft=1 fh=526118062f73ede6 vn="Win32/Conduit.SearchProtect.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Documents and Settings\Valued Customer\Application Data\SearchProtect\Res\SPSetup.exe.vir"
sh=F4F2E1AEAC893207C23FD85BF4E22044811114FD ft=1 fh=8f4bdf14802df49f vn="a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application" ac=I fn="C:\Documents and Settings\Valued Customer\.frostwire5\updates\frostwire-5.5.1.windows.exe"
sh=52FD1CAB5E1CAF9749632E8F212DC0BAD2E1274A ft=1 fh=c71c001128bc6050 vn="a variant of Win32/Adware.OneStep.CG application" ac=I fn="C:\FRST\Quarantine\C\Program Files\DnsBasic\dnsbasic.dll"
sh=5670E93A2679CCB54AA0AA99B6D603951572C552 ft=0 fh=0000000000000000 vn="Win32/Adware.OneStep application" ac=I fn="C:\FRST\Quarantine\C\Program Files\Mozilla Firefox\browser\extensions\{650EED71-89E2-453B-8DCF-2AA1B4AE6EF3}\chrome\dnsbasic.jar"
sh=69595AF44CCF38529A1B60B104155B4B9AC56488 ft=1 fh=3c59a9600311861f vn="a variant of Win32/PCCleaners potentially unwanted application" ac=I fn="C:\WINDOWS\uninst.exe"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=57d9caf2d0f7414bbc6cd467b01115ec
# engine=18399
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-24 11:25:32
# local_time=2014-05-24 06:25:32 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=774 16777213 71 76 6491374 237180061 0 0
# scanned=12
# found=0
# cleaned=0
# scan_time=23
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 5/24/2014
Scan Time: 4:57:47 PM
Logfile: 1222.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.05.24.08
Rootkit Database: v2014.05.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: Valued Customer
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 263832
Time Elapsed: 13 min, 30 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 6
PUP.Optional.DefaultTab.A, HKU\S-1-5-21-583907252-1078145449-1177238915-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7F6AFBF1-E065-4627-A2FD-810366367D01}, Quarantined, [5db2ce86fd7ea98d7e2b6cc4f80a6997],
PUP.Optional.Qwiklinx.A, HKU\S-1-5-21-583907252-1078145449-1177238915-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3E7C8B5A-96AB-438F-BF9B-782400655440}, Quarantined, [97787ada8af1a6907f2f6ac37f8310f0],
PUP.Optional.Qwiklinx.A, HKU\S-1-5-21-583907252-1078145449-1177238915-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3E7C8B5A-96AB-438F-BF9B-782400655440}, Quarantined, [97787ada8af1a6907f2f6ac37f8310f0],
PUP.Optional.ShopToWin, HKU\S-1-5-21-583907252-1078145449-1177238915-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{EE146ACC-D881-1414-2148-B1D008B47ADB}, Quarantined, [97780054661556e0efb3d164ec169f61],
PUP.Optional.ShopToWin, HKU\S-1-5-21-583907252-1078145449-1177238915-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{EE146ACC-D881-1414-2148-B1D008B47ADB}, Quarantined, [97780054661556e0efb3d164ec169f61],
PUP.Optional.ShopToWin, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{EE146ACC-D881-1414-2148-B1D008B47ADB}, Quarantined, [97780054661556e0efb3d164ec169f61],
Registry Values: 0
(No malicious items detected)
Registry Data: 2
PUM.Disabled.SecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|AntiVirusDisableNotify, 1, Good: (0), Bad: (1),Replaced,[33dcf3617a0137ffe4baba97a46043bd]
PUM.Disabled.SecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|UpdatesDisableNotify, 1, Good: (0), Bad: (1),Replaced,[19f6d08491ea6fc79d0387ca2ed609f7]
Folders: 26
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\bookmarksplugin, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\bookmarksplugin\proppage, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\bookmarksplugin\proppage\images, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\common, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\common\proppage, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\emailchecker, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\emailchecker\proppage, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\emailchecker\proppage\widgets, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\msgboxplugin, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\css, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\images, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\widgets, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader\proppage, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader\proppage\images, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\searchcomponent, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\weatherplugin, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\weatherplugin\proppage, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\util, Quarantined, [0f0030248af1b1853078720bfc06758b],
Files: 167
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\bookmarksplugin.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\emailchecker.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\msgboxplugin.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\radioplugin.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\rssreader.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\searchcomponent.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\weatherplugin.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\bookmarksplugin\proppage\drag-drop-folder-tree.css, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\bookmarksplugin\proppage\drag-drop-folder-tree.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\bookmarksplugin\proppage\dummy.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\bookmarksplugin\proppage\editDlg.html, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\bookmarksplugin\proppage\importDlg.html, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\bookmarksplugin\proppage\labelDlg.html, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\bookmarksplugin\proppage\manageDlg.html, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\bookmarksplugin\proppage\menuarrow.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\bookmarksplugin\proppage\removeDlg.html, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\bookmarksplugin\proppage\images\bookmark_on.bmp, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\bookmarksplugin\proppage\images\context-menu-gradient.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\bookmarksplugin\proppage\images\dhtmlgoodies_folder.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\bookmarksplugin\proppage\images\dhtmlgoodies_minus.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\bookmarksplugin\proppage\images\dhtmlgoodies_plus.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\bookmarksplugin\proppage\images\dhtmlgoodies_sheet.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\bookmarksplugin\proppage\images\dragDrop_ind1.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\bookmarksplugin\proppage\images\dragDrop_ind2.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\bookmarksplugin\proppage\images\folder_close.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\bookmarksplugin\proppage\images\folder_dots.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\bookmarksplugin\proppage\images\folder_folder.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\bookmarksplugin\proppage\images\folder_lastsub.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\bookmarksplugin\proppage\images\folder_open.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\bookmarksplugin\proppage\images\folder_sub.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\common\proppage\container.html, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\common\proppage\loading.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\emailchecker\proppage\accountDlg.html, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\emailchecker\proppage\configure.html, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\emailchecker\proppage\pwdDlg.html, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\emailchecker\proppage\widgets\jscompatibilitylib.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\emailchecker\proppage\widgets\jsgeneral.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\emailchecker\proppage\widgets\jsimage.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\emailchecker\proppage\widgets\jslabel.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\emailchecker\proppage\widgets\jslistview.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\emailchecker\proppage\widgets\jslistviewitem.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\emailchecker\proppage\widgets\jsstyle.css, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\emailchecker\proppage\widgets\jstranslation.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\msgboxplugin\bubble.xsl, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\msgboxplugin\popup.xsl, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\ui-vol.html, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\ui.html, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\css\boxsizing.htc, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\css\winclassic.css, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\btn_stop_over.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\audio.bmp, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\btn_dropdwn_down.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\btn_dropdwn_over.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\btn_dropdwn_up.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\btn_max_down.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\btn_max_over.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\btn_max_up.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\btn_min_down.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\btn_min_over.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\btn_min_up.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\btn_pause_down.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\btn_pause_over.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\btn_pause_up.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\btn_playcntrl_over.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\btn_playcntrl_up.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\btn_play_down.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\btn_play_over.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\btn_play_up.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\btn_stop_down.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\btn_stop_up.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\btn_volcntrl_over.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\btn_volcntrl_up.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\efolder.bmp, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\equalizer.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\equalizer_loading.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\folder.bmp, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\podcast.bmp, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\radio.bmp, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\radio.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\radio_minimalized.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\radio_minimalized_old.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\radio_old.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\volslide_bg.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\vol_01.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\vol_02.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\images\vol_03.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\js\range.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\js\slider.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\js\timer.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\drag-drop-folder-tree.css, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\drag-drop-folder-tree.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\folderDeleteDlg.html, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\folderEditDlg.html, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\mediaAddDlg.html, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\mediaEditDlg.html, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\mediaSearchDlg.html, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\optionsDlg.html, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\tabctrl.css, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\tabctrl.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\images\context-menu-gradient.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\images\dhtmlgoodies_folder.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\images\dhtmlgoodies_minus.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\images\dhtmlgoodies_plus.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\images\dhtmlgoodies_sheet.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\images\dragDrop_ind1.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\images\dragDrop_ind2.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\images\dummy.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\images\folder.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\images\folder_close.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\images\folder_dots.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\images\folder_folder.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\images\folder_lastsub.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\images\folder_open.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\images\folder_sub.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\images\itemAudio.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\images\itemPodcast.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\images\itemRadio.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\widgets\jscompatibilitylib.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\widgets\jsgeneral.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\widgets\jsimage.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\widgets\jslabel.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\widgets\jslistview.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\widgets\jslistviewitem.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\widgets\jsstyle.css, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\radioplugin\proppage\widgets\jstranslation.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader\atom2rss.xsl, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader\rdf2rss.xsl, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader\transform.xsl, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader\proppage\channelEditDlg.html, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader\proppage\configureDlg.html, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader\proppage\drag-drop-folder-tree.css, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader\proppage\drag-drop-folder-tree.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader\proppage\folderDeleteDlg.html, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader\proppage\folderEditDlg.html, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader\proppage\images\context-menu-gradient.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader\proppage\images\dhtmlgoodies_folder.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader\proppage\images\dhtmlgoodies_minus.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader\proppage\images\dhtmlgoodies_plus.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader\proppage\images\dhtmlgoodies_sheet.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader\proppage\images\dragDrop_ind1.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader\proppage\images\dragDrop_ind2.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader\proppage\images\feed.bmp, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader\proppage\images\folder.bmp, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader\proppage\images\folder_close.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader\proppage\images\folder_dots.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader\proppage\images\folder_folder.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader\proppage\images\folder_lastsub.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader\proppage\images\folder_open.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\rssreader\proppage\images\folder_sub.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\searchcomponent\defsearch.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\searchcomponent\droparrow.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\searchcomponent\droparrow_over.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\searchcomponent\logoyahoo.bmp, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\searchcomponent\menuarrow.gif, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\searchcomponent\transform.xsl, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\searchcomponent\ui-ac.html, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\searchcomponent\ui.html, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\weatherplugin\bubble.xsl, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\weatherplugin\dummy.png, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\weatherplugin\proppage\search_location.html, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\res\weatherplugin\proppage\settings.html, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\util\commalist.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\util\commands.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\util\consts.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\util\dialogs.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\util\json.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
PUP.Optional.ShopToWin.A, C:\Program Files\Shop to Win 27\js_components\util\utils.js, Quarantined, [0f0030248af1b1853078720bfc06758b],
Physical Sectors: 0
(No malicious items detected)
(end)
Results of screen317's Security Check version 0.99.83
Windows XP Service Pack 3 x86
Internet Explorer 6 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
PC Cleaner Pro
avast! Antivirus
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 51
Java version out of Date!
Adobe Flash Player 13.0.0.214
Adobe Reader XI
Mozilla Firefox (29.0.1)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes Anti-Malware mbamscheduler.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 9%
````````````````````End of Log``````````````````````
Start
HKLM\...\Run: [] => [X]
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect"
2004-08-12 03:19 - 2004-08-12 03:19 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
C:\WINDOWS\uninst.exe
End
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:24-05-2014 1
Ran by Valued Customer at 2014-05-24 19:08:57 Run:2
Running from C:\Documents and Settings\Valued Customer\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [] => [X]
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect"
2004-08-12 03:19 - 2004-08-12 03:19 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
C:\WINDOWS\uninst.exe
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir => Value deleted successfully.
C:\WINDOWS\system32\Drivers\etc\hosts => Moved successfully.
C:\WINDOWS\uninst.exe => Moved successfully.
==== End of Fixlog ====
its running better and not freezing up like it was
its running better and not freezing up like it was
# DelFix v10.7 - Logfile created 24/05/2014 at 19:47:57
# Updated 27/04/2014 by Xplode
# Username : Valued Customer - 8783B561B2C0457
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
~ Removing disinfection tools ...
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Documents and Settings\Valued Customer\Desktop\FRST-OlderVersion
Deleted : C:\Documents and Settings\Valued Customer\Desktop\Addition.txt
Deleted : C:\Documents and Settings\Valued Customer\Desktop\AdwCleaner[S0].txt
Deleted : C:\Documents and Settings\Valued Customer\Desktop\adwcleaner_3.210.exe
Deleted : C:\Documents and Settings\Valued Customer\Desktop\aswmbr.exe
Deleted : C:\Documents and Settings\Valued Customer\Desktop\aswMBR.txt
Deleted : C:\Documents and Settings\Valued Customer\Desktop\esetsmartinstaller_enu.exe
Deleted : C:\Documents and Settings\Valued Customer\Desktop\Fixlog.txt
Deleted : C:\Documents and Settings\Valued Customer\Desktop\FRST.exe
Deleted : C:\Documents and Settings\Valued Customer\Desktop\FRST.txt
Deleted : C:\Documents and Settings\Valued Customer\Desktop\FRST5.txt
Deleted : C:\Documents and Settings\Valued Customer\Desktop\JRT.exe
Deleted : C:\Documents and Settings\Valued Customer\Desktop\JRT.txt
Deleted : C:\Documents and Settings\Valued Customer\Desktop\loges.txt
Deleted : C:\Documents and Settings\Valued Customer\Desktop\MBR.dat
Deleted : C:\Documents and Settings\Valued Customer\Desktop\SecurityCheck.exe
Deleted : C:\Documents and Settings\Valued Customer\Desktop\TFC.exe
Deleted : C:\Documents and Settings\Valued Customer\My Documents\Downloads\Extras.Txt
Deleted : C:\Documents and Settings\Valued Customer\My Documents\Downloads\OTL.Txt
Deleted : C:\Documents and Settings\Valued Customer\My Documents\Downloads\OTL.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR
~ Creating registry backup ... OK
~ Cleaning system restore ...
Deleted : RP #456 [Software Distribution Service 3.0 | 05/06/2014 23:00:44]
Deleted : RP #457 [System Checkpoint | 05/07/2014 23:52:31]
Deleted : RP #458 [Removed Bing Bar | 05/08/2014 04:14:52]
Deleted : RP #459 [System Checkpoint | 05/09/2014 04:45:47]
Deleted : RP #460 [System Checkpoint | 05/10/2014 16:12:05]
Deleted : RP #461 [System Checkpoint | 05/11/2014 16:43:48]
Deleted : RP #462 [System Checkpoint | 05/12/2014 16:52:26]
Deleted : RP #463 [System Checkpoint | 05/13/2014 17:09:33]
Deleted : RP #464 [System Checkpoint | 05/14/2014 22:33:32]
Deleted : RP #465 [System Checkpoint | 05/15/2014 22:35:54]
Deleted : RP #466 [System Checkpoint | 05/16/2014 23:44:10]
Deleted : RP #467 [System Checkpoint | 05/17/2014 23:54:13]
Deleted : RP #468 [System Checkpoint | 05/19/2014 02:27:33]
Deleted : RP #469 [System Checkpoint | 05/20/2014 02:59:35]
Deleted : RP #470 [System Checkpoint | 05/21/2014 03:02:40]
Deleted : RP #471 [System Checkpoint | 05/22/2014 03:06:08]
Deleted : RP #472 [Removed Apple Application Support | 05/23/2014 19:18:39]
Deleted : RP #473 [Removed Apple Mobile Device Support | 05/23/2014 19:20:14]
Deleted : RP #474 [Removed Apple Software Update | 05/23/2014 19:22:00]
Deleted : RP #475 [Removed QuickTime | 05/23/2014 19:39:07]
Deleted : RP #476 [Removed Roxio Creator DE | 05/23/2014 19:40:31]
Deleted : RP #477 [Removed Roxio Activation Module | 05/23/2014 19:41:12]
Deleted : RP #478 [Removed Roxio Creator Audio | 05/23/2014 19:41:33]
Deleted : RP #479 [Removed Roxio Creator Copy | 05/23/2014 19:41:48]
Deleted : RP #480 [Removed Roxio Creator Data | 05/23/2014 19:42:02]
Deleted : RP #481 [Removed Roxio Creator Tools | 05/23/2014 19:42:16]
Deleted : RP #482 [Removed Roxio Drag-to-Disc | 05/23/2014 19:44:19]
Deleted : RP #483 [Removed Roxio Express Labeler 3 | 05/23/2014 19:44:45]
Deleted : RP #484 [System Checkpoint | 05/24/2014 22:48:14]
New restore point created !
########## - EOF - ##########
0 members, 0 guests, 0 anonymous users
Community Forum Software by IP.Board
Licensed to: Geeks to Go, Inc.