Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Malware info from NotePad. I need help. [Solved]

Started by itsmesunny , Jun 13 2014 12:54 PM

This topic is locked

#1
itsmesunny

Posted 13 June 2014 - 12:54 PM

Member

Member
305 posts

Hi,

the instructions were to run OTL and copy here from the notepad when the scan was done. Well, here it is below.

Here is the link from my first post below. I do NOT exactly remember what I have done, cuz I have been doing it for days it seems. All I want to do is get rid of these darn popups and have the sound back. I am not even sure which plug the speakers go in, so I put on a video & turned up the sound and plugged in any that will fit one at a time and none work - because I switch them back and forth from the Dell to the Mac.

When I lost the sound I shut the Dell down, removed the cable to the modem etc. and used my Mac again. I cannot do both at the same time. At least not until I hook up the wireless to the dell, but one thing at a time.

Right now the Windows Security alerts in in red with a white x at the bottom:

Firewall is ON

Automatic Updates is ON

Virus Protection is NOT FOUND

i hope this helps:

http://www.geekstogo...ep_filter_set=*

OTL logfile created on: 6/13/2014 2:31:33 PM - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\User\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.00 Mb Total Physical Memory | 383.73 Mb Available Physical Memory | 37.51% Memory free
2.40 Gb Paging File | 1.77 Gb Available in Paging File | 73.69% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.87 Gb Total Space | 43.70 Gb Free Space | 78.22% Space Free | Partition Type: NTFS
Drive F: | 37.26 Gb Total Space | 37.12 Gb Free Space | 99.63% Space Free | Partition Type: NTFS

Computer Name: USER-R6PHPMKAQL | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\User\My Documents\Downloads\OTL(2).exe (OldTimer Tools)
PRC - C:\Documents and Settings\User\Local Settings\Apps\2.0\A8LMOTVO.4B3\RO0X0G3X.50N\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe (Dell)
PRC - C:\Documents and Settings\User\Application Data\VOPackage\VOsrv.exe ()
PRC - C:\Program Files\AVG SafeGuard toolbar\vprot.exe ()
PRC - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe (AVG Secure Search)
PRC - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe ()
PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
PRC - C:\Program Files\pcmax\pcmax.exe ()
PRC - C:\Program Files\SearchProtect\SearchProtect\bin\cltmng.exe (Client Connect LTD)
PRC - C:\Program Files\SearchProtect\UI\bin\cltmngui.exe (Client Connect LTD)
PRC - C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe (Client Connect LTD)
PRC - C:\Program Files\Consumer Input\Monitoring\dca-monitoring.exe ()
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Documents and Settings\User\Application Data\VOPackage\VOsrv.exe ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b6e70acd99dc22e29b7fc8f9ac340c4\System.Configuration.ni.dll ()
MOD - C:\Program Files\AVG SafeGuard toolbar\vprot.exe ()
MOD - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\log4cplusU.dll ()
MOD - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1cdfe1998ad6794db3237006906c6fa2\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\7faf645dc46781225cb722edf9e1e738\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\424bff3295c6e7539cc6df62b9425bd0\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4b0455ae94e3cecca4bb3ba8c96828c9\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\dae02331a443fb52216ca83292cb2f21\mscorlib.ni.dll ()
MOD - C:\Program Files\pcmax\pcmax.exe ()
MOD - C:\Program Files\Consumer Input\Monitoring\dca-monitoring.exe ()
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\WINDOWS\system32\quartz.dll ()

========== Services (SafeList) ==========

SRV - (MBAMService) -- mbamservice.exe File not found
SRV - (MBAMScheduler) -- mbamscheduler.exe File not found
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (consumerinput_updatem) -- C:\Program Files\Consumer Input\Update\ConsumerInputUpdate.exe (ConsumerInput)
SRV - (consumerinput_update) -- C:\Program Files\Consumer Input\Update\ConsumerInputUpdate.exe (ConsumerInput)
SRV - (vosr) -- C:\Documents and Settings\User\Application Data\VOPackage\VOsrv.exe ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (vToolbarUpdater18.1.0) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe (AVG Secure Search)
SRV - (pcmaxservice) -- C:\Program Files\pcmax\pcmax.exe ()
SRV - (CltMngSvc) -- C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe (Client Connect LTD)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)

========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys File not found
DRV - (lbrtfdc) -- File not found
DRV - (JL2005C) -- System32\Drivers\jl2005c.sys File not found
DRV - (i2omgmt) -- File not found
DRV - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found
DRV - (Changer) -- File not found
DRV - (SWDUMon) -- C:\WINDOWS\system32\drivers\SWDUMon.sys ()
DRV - (avgtp) -- C:\WINDOWS\system32\drivers\avgtpx86.sys (AVG Technologies)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (COMMONFX.DLL) -- C:\WINDOWS\system32\COMMONFX.DLL (Creative Technology Ltd)
DRV - (CT20XUT.DLL) -- C:\WINDOWS\system32\CT20XUT.DLL (Creative Technology Ltd.)
DRV - (CTHWIUT.DLL) -- C:\WINDOWS\system32\CTHWIUT.DLL (Creative Technology Ltd.)
DRV - (CTEXFIFX.DLL) -- C:\WINDOWS\system32\CTEXFIFX.DLL (Creative Technology Ltd.)
DRV - (CTEDSPSY.DLL) -- C:\WINDOWS\system32\CTEDSPSY.DLL (Creative Technology Ltd)
DRV - (CTEDSPIO.DLL) -- C:\WINDOWS\system32\CTEDSPIO.DLL (Creative Technology Ltd)
DRV - (CTEDSPFX.DLL) -- C:\WINDOWS\system32\CTEDSPFX.DLL (Creative Technology Ltd)
DRV - (CTERFXFX.DLL) -- C:\WINDOWS\system32\CTERFXFX.DLL (Creative Technology Ltd)
DRV - (CTEAPSFX.DLL) -- C:\WINDOWS\system32\CTEAPSFX.DLL (Creative Technology Ltd)
DRV - (CTSBLFX.DLL) -- C:\WINDOWS\system32\CTSBLFX.DLL (Creative Technology Ltd)
DRV - (CTAUDFX.DLL) -- C:\WINDOWS\system32\CTAUDFX.DLL (Creative Technology Ltd)
DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (PfModNT) -- C:\WINDOWS\system32\drivers\pfmodnt.sys (Creative Technology Ltd.)
DRV - (hap17v2k) -- C:\WINDOWS\system32\drivers\haP17v2k.sys (Creative Technology Ltd)
DRV - (hap16v2k) -- C:\WINDOWS\system32\drivers\haP16v2k.sys (Creative Technology Ltd)
DRV - (ha10kx2k) -- C:\WINDOWS\system32\drivers\ha10kx2k.sys (Creative Technology Ltd)
DRV - (emupia) -- C:\WINDOWS\system32\drivers\emupia2k.sys (Creative Technology Ltd)
DRV - (ctprxy2k) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV - (ctdvda2k) -- C:\WINDOWS\system32\drivers\ctdvda2k.sys (Creative Technology Ltd)
DRV - (ctaud2k) -- C:\WINDOWS\system32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV - (ctac32k) -- C:\WINDOWS\system32\drivers\ctac32k.sys (Creative Technology Ltd)
DRV - (bpusbflt) -- C:\WINDOWS\system32\drivers\bpusbflt.sys (Micro Solutions, Inc.)
DRV - (OMCI) -- C:\WINDOWS\system32\drivers\omci.sys (Dell Computer Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?t...psd&t=343b7fff2
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.v9.com...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.v9.com...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?t...psd&t=343b7fff2
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.v9.com...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.v9.com...q={searchTerms}
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.v9.com...q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search.as...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?t...psd&t=343b7fff2
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.v9.com...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.v9.com...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.trovi.com...2430C54BE&SSPV=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.condui...2430C54BE&SSPV=
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0B3C2C3D-A31D-45F9-96FB-6A70FA831FA1}: "URL" = http://search.condui...4941131319&UM=2
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://securedsearch...q={searchTerms}
IE - HKCU\..\SearchScopes\{87D11DC9-F398-4292-ABB0-4DF9D2EF17D0}: "URL" = http://www.flickr.co...q={searchTerms}
IE - HKCU\..\SearchScopes\{8CC1BEF9-4220-409E-B8F1-7734AC0191A2}: "URL" = http://www.search.as...rms}&psv=&pt=tb
IE - HKCU\..\SearchScopes\{8E02D41C-5924-4816-9490-33CCD28BEB72}: "URL" = http://search.yahoo....q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search.as...q={searchTerms}
IE - HKCU\..\SearchScopes\{C47C311F-AA0D-437B-8EA1-A9557ECCBED7}: "URL" = http://www.mysearchr...q={searchTerms}
IE - HKCU\..\SearchScopes\{C9E2458E-64D8-48D2-93D9-B4D234A8D777}: "URL" = http://rover.ebay.co...e={searchTerms}
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....erms}&fr=mkg028
IE - HKCU\..\SearchScopes\{ED11499D-4B64-42BC-89CF-86F8BE566741}: "URL" = http://delicious.com...p={searchTerms}
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...4-0007E9759CBC}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://startpage.com"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.0\\npsitesafety.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar\FireFoxExt\18.1.0.443 [2014/06/06 08:18:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\3nfzcra3.default\extensions\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Consumer Input\Firefox\ciff-3.2.0-12171.xpi [2013/11/14 05:21:20 | 000,296,749 | ---- | M] ()

[2014/06/05 15:40:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions
[2014/06/13 13:51:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\asymwfoh.default-1402681398921\extensions
[2014/06/07 20:23:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/06/07 20:23:59 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2002/09/03 12:34:19 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Discount Buddy) - {11111111-1111-1111-1111-110211671166} - C:\Program Files\Discount Buddy\Discount Buddy.dll File not found
O2 - BHO: (Plus-HD-04) - {11111111-1111-1111-1111-110511831152} - C:\Program Files\Plus-HD-04\Plus-HD-04-bho.dll File not found
O2 - BHO: (DownloadTerms) - {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - C:\Documents and Settings\User\Local Settings\Application Data\DownloadTerms\temp.dat ()
O2 - BHO: (IETabPage Class) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll File not found
O2 - BHO: (Search-Results Toolbar) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~1\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Documents and Settings\User\Application Data\DefaultTab\DefaultTab\DefaultTabBHO.dll File not found
O2 - BHO: (Consumer Input DCA BHO) - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files\Consumer Input\InternetExplorer\dca-bho.dll (Compete, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {E8861423-0DAB-459E-A8D5-DB264E69E70C} - No CLSID value found.
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~1\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll File not found
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [fst_us_92] File not found
O4 - HKLM..\Run: [PC HealthFix] C:\Documents and Settings\All Users\Application Data\PC HealthFix\PCHealthFix.exe (PC HealthFix)
O4 - HKLM..\Run: [pcreg] C:\Program Files\pcmax\service.exe ()
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG SafeGuard toolbar\vprot.exe ()
O4 - HKCU..\Run: [DellSystemDetect] C:\Documents and Settings\User\Local Settings\Apps\2.0\A8LMOTVO.4B3\RO0X0G3X.50N\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe (Dell)
O4 - HKCU..\Run: [pcreg] C:\Program Files\pcmax\service.exe ()
O4 - HKCU..\Run: [SB Audigy 2 Startup Menu] /L:ENG File not found
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
O4 - Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\New Folder [2013/03/26 17:31:22 | 000,000,000 | -H-D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O15 - HKCU\..Trusted Domains:   ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1361498489609 (WUWebControl Class)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 207.5.171.1 207.5.171.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{634B396E-E712-4557-A5CD-7BD60338E14C}: DhcpNameServer = 207.5.171.1 207.5.171.2
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll (AVG Secure Search)
O20 - AppInit_DLLs: (C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\SupTab\SEARCH~1.DLL) - C:\Program Files\SupTab\SearchProtect32.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/17 09:13:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll) - File not found
O36 - AppCertDlls: x86 - (c:\program files\movies toolbar\datamngr\apcrtldr.dll) - File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/06/13 13:20:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Compete
[2014/06/13 13:20:27 | 000,000,000 | ---D | C] -- C:\Program Files\Setup Support for Consumer Input
[2014/06/13 13:18:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\Consumer Input
[2014/06/13 13:18:49 | 000,000,000 | ---D | C] -- C:\Program Files\Consumer Input
[2014/06/13 13:18:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PC HealthFix
[2014/06/13 13:18:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC HealthFix
[2014/06/13 13:17:43 | 000,000,000 | ---D | C] -- C:\Program Files\pcmax
[2014/06/13 13:17:12 | 000,000,000 | ---D | C] -- C:\Program Files\Software Updater
[2014/06/12 20:58:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\SUPERAntiSpyware.com
[2014/06/12 20:57:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Start Menu\Programs\SUPERAntiSpyware
[2014/06/12 20:57:01 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2014/06/12 20:57:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2014/06/12 19:10:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Dell
[2014/06/12 19:10:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell
[2014/06/12 19:10:12 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Support Center
[2014/06/12 18:51:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Start Menu\Programs\Dell
[2014/06/12 15:55:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2014/06/12 15:52:46 | 000,000,000 | ---D | C] -- C:\Program Files\My Dell
[2014/06/12 15:49:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\PCDr
[2014/06/12 15:49:20 | 000,000,000 | ---D | C] -- C:\temp
[2014/06/09 13:06:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\ParetoLogic
[2014/06/09 13:05:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2014/06/09 12:56:31 | 000,000,000 | ---D | C] -- C:\Program Files\predm
[2014/06/09 11:46:03 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/06/09 11:22:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\DriverCure
[2014/06/09 11:22:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\SparkTrust
[2014/06/09 11:21:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SparkTrust
[2014/06/08 19:06:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2014/06/08 19:06:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/06/08 18:41:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Uniblue
[2014/06/08 18:29:10 | 000,000,000 | ---D | C] -- C:\Program Files\TotalSystemCare
[2014/06/08 10:33:11 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2014/06/07 13:25:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\Downloads
[2014/06/07 12:57:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\AMERICA IN DEEP TROUBLE
[2014/06/07 11:12:19 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2014/06/07 11:11:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2014/06/07 10:07:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2014/06/06 21:36:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Idmsq
[2014/06/06 21:28:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\freeSOFTtoday
[2014/06/06 21:28:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\PCHealth
[2014/06/06 21:10:35 | 000,000,000 | ---D | C] -- C:\Program Files\ScanTack
[2014/06/06 21:10:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\SupTab
[2014/06/06 21:10:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IePluginServices
[2014/06/06 21:10:18 | 000,000,000 | ---D | C] -- C:\Program Files\SupTab
[2014/06/06 21:10:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\v9
[2014/06/06 21:00:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\com
[2014/06/06 20:57:15 | 000,000,000 | ---D | C] -- C:\Program Files\globalUpdate
[2014/06/06 20:57:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\globalUpdate
[2014/06/06 20:56:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\Local_Weather_LLC
[2014/06/06 20:55:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Start Menu\Programs\Weather Alerts
[2014/06/06 20:55:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Start Menu\Programs\VOPackage
[2014/06/06 20:55:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\VOPackage
[2014/06/06 20:54:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\WeatherAlerts
[2014/06/06 17:37:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\HpUpdate
[2014/06/06 17:37:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\Hewlett-Packard
[2014/06/06 13:06:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Apple Computer
[2014/06/06 12:51:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2014/06/06 12:48:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2014/06/06 12:30:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\Apple
[2014/06/06 12:30:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\Apple Computer
[2014/06/06 12:14:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\.swt
[2014/06/06 12:14:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Browser Extensions
[2014/06/06 12:13:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Azureus
[2014/06/06 12:13:17 | 000,000,000 | ---D | C] -- C:\Program Files\Vuze
[2014/06/06 10:51:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Windows Search
[2014/06/06 10:15:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\ApplicationHistory
[2014/06/06 09:15:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell
[2014/06/06 09:15:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2014/06/06 09:15:12 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2014/06/06 09:14:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Windows Desktop Search
[2014/06/06 09:13:10 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2014/06/06 09:13:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2014/06/06 09:10:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2014/06/06 08:40:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\adawarebp
[2014/06/06 08:40:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection
[2014/06/06 08:39:26 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2014/06/06 08:34:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\LavasoftStatistics
[2014/06/06 08:31:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2014/06/06 08:18:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\AVG SafeGuard toolbar
[2014/06/06 08:18:14 | 000,042,272 | ---- | C] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2014/06/06 08:17:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2014/06/06 08:17:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2014/06/06 08:17:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\AVG SafeGuard toolbar
[2014/06/06 08:17:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar
[2014/06/06 08:17:34 | 000,000,000 | ---D | C] -- C:\Program Files\AVG SafeGuard toolbar
[2014/06/06 08:17:30 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Common Files
[2014/06/06 08:15:32 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2014/06/05 20:17:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\SlimWare Utilities Inc
[2014/06/05 20:17:14 | 000,000,000 | ---D | C] -- C:\Program Files\DriverUpdate
[2014/06/05 20:17:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Downloaded Installers
[2014/06/05 15:40:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\Mozilla
[2014/06/05 15:40:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Mozilla
[2014/06/05 15:40:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2014/06/05 15:40:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2014/06/05 15:40:19 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/06/05 15:08:42 | 000,000,000 | ---D | C] -- C:\Program Files\MyPC Backup
[2014/06/05 15:08:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\SearchProtect
[2014/06/05 15:07:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Systweak
[2014/06/05 15:07:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Start Menu\Programs\IDMSQ
[2014/06/05 15:06:40 | 000,000,000 | ---D | C] -- C:\Program Files\IDMSQ
[2014/06/05 15:05:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\IDM2
[2014/06/05 14:52:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\Deployment
[2014/06/05 14:30:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT
[2014/06/05 13:38:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2014/06/05 13:38:39 | 000,000,000 | ---D | C] -- C:\Users
[2014/06/05 13:38:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2014/06/05 13:37:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Java
[2014/06/05 13:28:16 | 000,000,000 | ---D | C] -- C:\Program Files\Movies Toolbar
[2014/06/05 13:28:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Datamngr
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[15 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/06/13 14:24:00 | 000,000,954 | ---- | M] () -- C:\WINDOWS\tasks\ConsumerInputUpdateTaskMachineUA.job
[2014/06/13 14:22:35 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014/06/13 14:04:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/06/13 13:33:37 | 000,000,716 | ---- | M] () -- C:\WINDOWS\PCHealthFix.INI
[2014/06/13 13:32:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\CIMT_S-1-5-21-602162358-1275210071-725345543-1004.job
[2014/06/13 13:31:45 | 000,000,950 | ---- | M] () -- C:\WINDOWS\tasks\ConsumerInputUpdateTaskMachineCore.job
[2014/06/13 13:31:44 | 000,000,392 | ---- | M] () -- C:\WINDOWS\tasks\AmiUpdXp.job
[2014/06/13 13:31:44 | 000,000,360 | ---- | M] () -- C:\WINDOWS\tasks\Wise Care 365.job
[2014/06/13 13:31:44 | 000,000,220 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/06/13 13:31:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/06/13 13:30:35 | 000,011,564 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000003-00001102-00000004-10031102}.rfx
[2014/06/13 13:18:37 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\PC HealthFix Scan Results Alert 2.job
[2014/06/13 13:18:35 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\PC HealthFix Scan Results Alert.job
[2014/06/13 13:18:33 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\PC HealthFix Malware Alert.job
[2014/06/13 13:18:32 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\PC HealthFix Desktop Warning.job
[2014/06/13 13:18:30 | 000,000,330 | ---- | M] () -- C:\WINDOWS\tasks\PC HealthFix Desktop Alert.job
[2014/06/13 13:17:56 | 000,000,354 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2014/06/13 13:01:38 | 000,000,458 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2014/06/13 12:46:01 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\DTChk.job
[2014/06/13 11:10:22 | 000,013,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys
[2014/06/13 10:32:24 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/06/13 10:31:29 | 000,001,917 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2014/06/13 09:03:13 | 000,740,632 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014/06/12 20:57:07 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\User\Desktop\SUPERAntiSpyware Free Edition.lnk
[2014/06/12 19:37:55 | 000,000,289 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2014/06/12 18:25:09 | 000,000,520 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2014/06/12 15:41:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/06/09 13:23:44 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2014/06/09 13:22:23 | 000,526,752 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/06/09 13:22:23 | 000,096,608 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/06/09 13:21:06 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2014/06/09 13:21:06 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2014/06/09 13:06:28 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3_triggeronce.job
[2014/06/09 12:35:53 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\Wise Turbo Checker.job
[2014/06/09 11:46:03 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/06/09 11:21:40 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\SparkTrust Update Version3_triggeronce.job
[2014/06/08 09:19:53 | 000,003,888 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000002-00000000-00000003-00001102-00000004-10031102}.rfx
[2014/06/08 09:19:53 | 000,003,888 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000002-00000000-00000003-00001102-00000004-10031102}.rfx
[2014/06/07 20:24:01 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014/06/07 20:24:01 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2014/06/06 12:13:55 | 000,001,505 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2014/06/06 10:36:39 | 000,005,632 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/06/06 09:13:30 | 000,001,787 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2014/06/06 08:18:18 | 000,000,000 | ---- | M] () -- C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
[2014/06/06 08:17:18 | 000,042,272 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2014/06/05 15:13:17 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[15 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/06/13 13:20:13 | 000,000,346 | ---- | C] () -- C:\WINDOWS\tasks\CIMT_S-1-5-21-602162358-1275210071-725345543-1004.job
[2014/06/13 13:19:03 | 000,000,954 | ---- | C] () -- C:\WINDOWS\tasks\ConsumerInputUpdateTaskMachineUA.job
[2014/06/13 13:19:03 | 000,000,950 | ---- | C] () -- C:\WINDOWS\tasks\ConsumerInputUpdateTaskMachineCore.job
[2014/06/13 13:18:37 | 000,000,334 | ---- | C] () -- C:\WINDOWS\tasks\PC HealthFix Scan Results Alert 2.job
[2014/06/13 13:18:35 | 000,000,334 | ---- | C] () -- C:\WINDOWS\tasks\PC HealthFix Scan Results Alert.job
[2014/06/13 13:18:33 | 000,000,334 | ---- | C] () -- C:\WINDOWS\tasks\PC HealthFix Malware Alert.job
[2014/06/13 13:18:31 | 000,000,334 | ---- | C] () -- C:\WINDOWS\tasks\PC HealthFix Desktop Warning.job
[2014/06/13 13:18:30 | 000,000,330 | ---- | C] () -- C:\WINDOWS\tasks\PC HealthFix Desktop Alert.job
[2014/06/13 13:18:29 | 000,000,716 | ---- | C] () -- C:\WINDOWS\PCHealthFix.INI
[2014/06/13 13:17:56 | 000,000,354 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2014/06/13 10:32:24 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/06/13 10:32:23 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\User\Start Menu\Programs\Internet Explorer.lnk
[2014/06/12 20:57:07 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\User\Desktop\SUPERAntiSpyware Free Edition.lnk
[2014/06/12 18:25:09 | 000,000,520 | ---- | C] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2014/06/12 18:25:07 | 000,000,458 | ---- | C] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2014/06/12 18:16:18 | 000,455,560 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-602162358-1275210071-725345543-1004-0.dat
[2014/06/09 13:21:06 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2014/06/09 13:21:06 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2014/06/09 13:06:26 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3_triggeronce.job
[2014/06/09 12:39:32 | 000,740,632 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014/06/09 12:35:52 | 000,000,360 | ---- | C] () -- C:\WINDOWS\tasks\Wise Care 365.job
[2014/06/09 12:35:52 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\Wise Turbo Checker.job
[2014/06/09 11:21:38 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\SparkTrust Update Version3_triggeronce.job
[2014/06/09 10:18:05 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2014/06/08 09:21:32 | 000,011,564 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000003-00001102-00000004-10031102}.rfx
[2014/06/07 20:24:01 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014/06/07 20:24:01 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2014/06/07 20:24:01 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2014/06/06 21:01:55 | 000,417,078 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2014/06/06 12:13:55 | 000,001,505 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2014/06/06 12:13:43 | 000,001,505 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Vuze.lnk
[2014/06/06 10:43:24 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\User\Start Menu\Programs\Windows Media Player.lnk
[2014/06/06 09:13:30 | 000,001,803 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Search.lnk
[2014/06/06 09:13:30 | 000,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2014/06/06 08:18:18 | 000,000,000 | ---- | C] () -- C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
[2014/06/05 20:17:24 | 000,013,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys
[2014/06/05 15:07:17 | 000,018,776 | ---- | C] () -- C:\WINDOWS\System32\roboot.exe
[2014/06/05 14:47:18 | 000,000,220 | ---- | C] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/06/05 14:47:16 | 000,000,214 | ---- | C] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/06/05 13:38:39 | 000,000,260 | ---- | C] () -- C:\WINDOWS\tasks\DTChk.job
[2013/04/13 15:36:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2013/04/13 15:13:38 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2013/03/27 16:09:08 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2013/02/28 21:22:09 | 000,000,375 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2013/02/23 03:04:13 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/02/20 19:53:12 | 000,000,289 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/06/11 16:16:50 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/10 12:44:16 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\User\Ÿ9Ÿ9

========== ZeroAccess Check ==========

[2009/06/17 09:47:36 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\System32\shdocvw.dll -- [2009/04/29 00:46:52 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008/04/13 20:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014/06/08 18:17:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection
[2013/03/27 19:40:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\APN
[2014/05/30 16:40:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2014/06/06 08:18:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar
[2014/06/06 08:17:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2014/06/06 08:15:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2014/06/06 21:22:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Datamngr
[2012/07/28 13:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hallmark
[2014/06/12 21:14:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IePluginServices
[2014/06/09 13:09:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2014/06/13 13:23:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC HealthFix
[2014/06/12 15:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2013/03/26 17:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\rse
[2014/06/09 11:59:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SparkTrust
[2014/06/07 10:31:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wincert
[2014/06/06 08:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\AVG SafeGuard toolbar
[2014/06/08 11:23:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Azureus
[2013/05/21 19:32:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\BitTorrent
[2014/06/12 21:14:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Browser Extensions
[2014/06/13 13:20:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Compete
[2013/03/26 17:46:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\DefaultTab
[2014/06/09 11:22:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\DriverCure
[2013/03/04 18:37:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\egamestoolbar
[2013/02/23 03:08:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\FoxyTunes
[2013/05/18 21:45:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Free Download Manager
[2014/06/12 21:14:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\IDM2
[2014/06/06 21:36:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Idmsq
[2013/03/27 20:14:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\ilividtoolbargaw
[2011/10/18 18:31:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Individual Software
[2014/06/09 13:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\ParetoLogic
[2014/06/12 15:49:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\PCDr
[2013/02/20 19:39:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\PhotoParade
[2013/05/21 19:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\player
[2014/06/05 13:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\PriceGong
[2013/03/27 16:09:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\searchresultstb
[2014/06/09 11:22:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\SparkTrust
[2014/06/06 21:10:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\SupTab
[2013/03/27 20:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\SwvUpdater
[2014/06/05 15:27:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Systweak
[2014/06/07 11:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\v9
[2014/06/12 21:14:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\VOPackage
[2014/06/06 09:14:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Windows Desktop Search
[2014/06/06 10:51:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Windows Search

========== Purity Check ==========

< End of report >

#2
Naathim

Posted 13 June 2014 - 01:14 PM

GeekU Minion

Expert
4,568 posts

As I was the one who told you to come here, I will take your thread and guide you through the cleanup process

My name's Naathim and I'm a GeekU Minion! Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat

Before we start please note the following:

Analysis and research take some time, also sometimes real life gets in the way, please be patient.
Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
Paste the logs in your posts, attachments make my work harder and more complicated.
Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
Note that we may live in totally different time zones, what may cause some delays between answers.

I can't foresee everything, so if anything unexpected happens, please stop and inform me!
There are no silly questions. Never be afraid to ask if in doubt!

Let's start the fight!

Please run all the tools asked from your desktop. They work better from there.

= = = = = = = = = = = = = = = = = = = =

Performing general FRST scan

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Right click on to Run as Administrator
(XP users first by double-click and then click run after receipt of Windows Security Warning - Open File).
When the tool opens click Yes to disclaimer.
You will be presented with a window like below:
Press Scan button.
It will produce a log called FRST.txt in the same directory the tool is run from.
Please copy and paste log back here.
The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

= = = = = = = = = = = = = = = = = = = =

GMER scanner for the lurking rootkits

Please download GMER and save it to your desktop.

it will come as a randomly named file (like a6ge38b4.exe) - that's absolutely normal.
Disconnect from the Internet and close all running programs
Temporarily disable any real-time active protection
It is very important you do not use your computer while GMER is running
Right-click on the randomly named GMER icon and choose Run as Administrator
GMER will open to the Rootkit/Malware tab and perform an automatic quick scan

If you receive a warning about rootkit activity and are asked to fully scan your system click NO!

Please check in the Quick scan box
Please uncheck the following:

IAT/EAT
Show All

Click Scan
If you see a rootkit warning window click OK
When the scan is finished, Save the results to your desktop as gmer.log
Click Copy then paste the results in your reply
Exit GMER and be sure to re-enable your Antivirus, Firewall and any other security programs you had disabled

If you encounter any problems, try running GMER in Safe Mode
If GMER crashes or keeps resulting in a Blue Screen of Death, uncheck Devices on the right side before scanning

= = = = = = = = = = = = = = = = = = = =

Now in your next reply please include these ones for my review:
FRST.txt
Addition.txt
Gmer.log

I don't mind multiple posts if necessary.

Cheers,
Naat

#3
Naathim

Posted 15 June 2014 - 12:57 PM

GeekU Minion

Expert
4,568 posts

Are you still with me?

Cheers,
Naat

#4
Dakeyras

Posted 17 June 2014 - 02:08 PM

Anti-Malware Mammoth

Expert
9,770 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.

#5
Naathim

Posted 21 June 2014 - 03:15 AM

GeekU Minion

Expert
4,568 posts

User returned.

#6
itsmesunny

Posted 23 June 2014 - 08:36 AM

Member

Topic Starter
Member
305 posts

Yes, I am still with you.

Later on today - probably this evening - I can get to this.

What I am doing is saving your instructions on my Mac and use the page as a guide when I hook up the Dell.

Thanks,

Sunny

#7
Naathim

Posted 23 June 2014 - 09:01 AM

GeekU Minion

Expert
4,568 posts

Hello Sunny,

Awaiting for the logs I've asked previously. Stay in touch and check this thread at least once per day.

Regards,
Naat

#8
itsmesunny

Posted 23 June 2014 - 04:25 PM

Member

Topic Starter
Member
305 posts

Ok. Here it is. I never did anywhere "Run as Administrator" or "Yes to Disclaimer" cuz I kept downloading it more than once trying to find it and only saw "Yes to Disclaimer" on the first try. So - I just hit scan and did it.

Here's the huge printout:

Additional scan result of Farbar Recovery Scan Tool (x86) Version:22-06-2014
Ran by User at 2014-06-23 18:20:00
Running from C:\Documents and Settings\User\My Documents\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

==================== Installed Programs ======================

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
3D Ultra NASCAR Pinball (HKLM\...\3D Ultra NASCAR Pinball) (Version: - )
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1017 - )
ATI AVIVO Codecs (HKLM\...\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}) (Version: 9.14.0.60504 - ATI Technologies Inc.)
ATI Catalyst Control Center (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.007.0815.2325 - )
ATI HYDRAVISION (HKLM\...\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}) (Version: 3.25.0006 - )
ATI Parental Control & Encoder (Version: 3.0 - ATI Technologies Inc.) Hidden
AVG SafeGuard toolbar (HKLM\...\AVG SafeGuard toolbar) (Version: 18.1.0.443 - AVG Technologies)
Bob the Builder (HKLM\...\{36373CE1-6999-11D5-96DC-98302790D441}) (Version: - )
Browser Extensions (HKCU\...\{3A787631-66A2-4634-B928-A37E73B58FB6}) (Version: 1.7 - Spigot, Inc.) <==== ATTENTION
Cook'n with Betty Crocker (HKLM\...\Cook'n with Betty Crocker) (Version: - )
DefaultTab (HKLM\...\DefaultTab) (Version: 2.2.3.0 - Search Results, LLC) <==== ATTENTION
Dell ResourceCD (HKLM\...\{D78653C3-A8FF-415F-92E6-D774E634FF2D}) (Version: - )
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.8.1.1 - Dell)
Download Manager and Options (HKLM\...\Download_Manager_and_Options) (Version: 1.0 - Download Manager and Options)
DownloadTerms (HKCU\...\DownloadTerms) (Version: 1.0 - Unlimited Downloads, LLC) <==== ATTENTION
eGames Toolbar (HKLM\...\egamestoolbar) (Version: - )
Family Tree Heritage (HKLM\...\Family Tree Heritage) (Version: - )
Family Tree Heritage Collaboration Support (HKLM\...\InstallShield_{50BD0B15-5197-4EAF-8BCD-81117D1324B1}) (Version: 1.10.0010 - Individual Software)
Family Tree Heritage Collaboration Support (Version: 1.10.0010 - Individual Software) Hidden
Horsez (HKLM\...\Horsez) (Version: - )
IHRA Drag Racing (HKLM\...\{A6EBD60F-6EEF-4032-90A3-310B54AD8BF4}) (Version: - )
Installer (HKLM\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
Intel® PRO Network Connections Drivers (HKLM\...\PROSet) (Version: - )
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (Version: 2.1.60.19 - Oracle, Inc.) Hidden
Lets Ride Corral Club (HKLM\...\InstallShield_{DB299A0A-69B8-4DD2-BB76-A17CF14CE649}) (Version: 1.00.0000 - ValuSoft)
Lets Ride Corral Club (Version: 1.00.0000 - ValuSoft) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
My Fantasy Wedding (HKLM\...\{C3AC8DD1-A754-46D6-A777-6155D627D196}) (Version: 1.00.000 - )
Nancy Drew: The Haunted Carousel (HKLM\...\{750B354A-BF46-45E0-86D6-620026703B92}) (Version: - )
Search Protect (HKLM\...\SearchProtect) (Version: 2.13.3.38 - Client Connect LTD) <==== ATTENTION
Search-Results Toolbar (HKLM\...\ilividtoolbargaw) (Version: 1.2.0.0 - APN LLC) <==== ATTENTION
Software Version Updater (HKLM\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.3.6 - ) <==== ATTENTION
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1026 - SUPERAntiSpyware.com)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2492386) (HKLM\...\KB2492386) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2808679) (HKLM\...\KB2808679) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.3.0.0 - Azureus Software, Inc.)
WebFldrs XP (Version: 9.50.6513 - Microsoft Corporation) Hidden
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )
Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version: - )

==================== Restore Points =========================

09-06-2014 16:52:16 Removed Apple Application Support
12-06-2014 19:53:21 Software Distribution Service 3.0
12-06-2014 22:50:20 Restore Operation
12-06-2014 23:19:51 Installed Dell Driver Reset Tool
13-06-2014 01:18:48 Software Distribution Service 3.0
13-06-2014 01:34:02 Software Distribution Service 3.0
13-06-2014 01:39:44 Removed Microsoft Office Professional Edition 2003
13-06-2014 01:46:08 Removed Microsoft Office File Validation Add-In
13-06-2014 15:25:50 Removed Driver Support.
13-06-2014 15:26:27 Removed DriverUpdate
13-06-2014 17:23:17 Removed Dell Driver Reset Tool

==================== Hosts content: ==========================

2002-09-03 12:34 - 2002-09-03 12:34 - 00000734 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AmiUpdXp.job => C:\Documents and Settings\User\Application Data\SwvUpdater\Updater.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\At1.job => c:\Program Files\pcmax\service.exe
Task: C:\WINDOWS\Tasks\DTChk.job => C:\Users\Public\Util\DTChk.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\ParetoLogic Update Version3_triggeronce.job => c:\program files\common files\paretologic\uus3\Pareto_Update3.exe
Task: C:\WINDOWS\Tasks\PC HealthFix Desktop Alert.job => C:\Documents and Settings\All Users\Application Data\PC HealthFix\PCHealthFix.exe
Task: C:\WINDOWS\Tasks\PC HealthFix Desktop Warning.job => C:\Documents and Settings\All Users\Application Data\PC HealthFix\PCHealthFix.exe
Task: C:\WINDOWS\Tasks\PC HealthFix Malware Alert.job => C:\Documents and Settings\All Users\Application Data\PC HealthFix\PCHealthFix.exe
Task: C:\WINDOWS\Tasks\PC HealthFix Scan Results Alert 2.job => C:\Documents and Settings\All Users\Application Data\PC HealthFix\PCHealthFix.exe
Task: C:\WINDOWS\Tasks\PC HealthFix Scan Results Alert.job => C:\Documents and Settings\All Users\Application Data\PC HealthFix\PCHealthFix.exe
Task: C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\My Dell\uaclauncher.exe
Task: C:\WINDOWS\Tasks\SparkTrust Update Version3_triggeronce.job => c:\program files\common files\sparktrust\uus3\Update3.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\SystemToolsDailyTest.job => C:\Program Files\My Dell\uaclauncher.exe
Task: C:\WINDOWS\Tasks\Wise Care 365.job => C:\Downloads\Wise Care 365\WiseTray.exe
Task: C:\WINDOWS\Tasks\Wise Turbo Checker.job => C:\Downloads\Wise Care 365\WiseTurbo.exe

==================== Loaded Modules (whitelisted) =============

2014-05-29 07:16 - 2014-05-29 07:16 - 00241344 _____ () C:\Program Files\pcmax\pcmax.exe
2014-06-06 20:58 - 2014-06-06 20:58 - 00055808 _____ () C:\Documents and Settings\User\Application Data\VOPackage\VOsrv.exe
2014-06-06 08:17 - 2014-06-06 08:17 - 00159768 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe
2014-06-06 08:17 - 2014-06-06 08:17 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\log4cplusU.dll
2014-06-06 08:17 - 2014-06-06 08:17 - 02557976 _____ () C:\Program Files\AVG SafeGuard toolbar\vprot.exe
2014-06-23 17:51 - 2014-06-23 17:51 - 00011264 _____ () C:\Documents and Settings\User\Local Settings\Temp\nsq10.tmp\System.dll
2014-06-23 17:51 - 2014-06-23 17:51 - 00011264 _____ () C:\Documents and Settings\User\Local Settings\Temp\nsz16.tmp\System.dll
2014-06-05 15:40 - 2014-05-06 22:27 - 03839088 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-06-05 20:12 - 2014-06-06 12:48 - 16361136 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr => ""="Service"

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

==================== Faulty Device Manager Devices =============

Name: Video Controller (VGA Compatible)
Description: Video Controller (VGA Compatible)
Class Guid: {4D36E975-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Video Controller
Description: Video Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (06/12/2014 07:25:29 PM) (Source: Windows Search Service) (EventID: 3024) (User: )
Description: The update cannot be started because the content sources cannot be accessed. Fix the errors and try the update again.

Context: Application, SystemIndex Catalog

Error: (06/12/2014 06:54:52 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
   The content index cannot be read.   (0xc0041800)

Error: (06/12/2014 06:54:52 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
   The content index cannot be read.   (0xc0041800)

Error: (06/12/2014 06:54:52 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
   The content index cannot be read.   (0xc0041800)

Error: (06/12/2014 06:54:52 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.

Context: Windows Application, SystemIndex Catalog

Details:
   0xc0041801 (0xc0041801)

Error: (06/09/2014 11:37:57 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\USER\MY DOCUMENTS\DOWNLOADS\SPARKTRUST PC CLEANER PLUS\DEFINITIONS\STAGING\RTA82530> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
   A device attached to the system is not functioning.   (0x8007001f)

Error: (06/09/2014 10:50:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application set35.tmp, version 7.1.100.1248, faulting module , version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [set35.tmp!ws!]

Error: (06/08/2014 07:00:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application set1d.tmp, version 7.1.100.1248, faulting module , version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [set1d.tmp!ws!]

Error: (06/07/2014 10:29:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mbam.exe, version 1.0.0.532, faulting module msvcr100.dll, version 10.0.40219.325, fault address 0x0008d6fd.
Processing media-specific event for [mbam.exe!ws!]

Error: (06/07/2014 08:52:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application set26.tmp, version 7.1.100.1248, faulting module , version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [set26.tmp!ws!]

System errors:
=============
Error: (06/23/2014 05:49:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
%%2

Error: (06/23/2014 05:49:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMScheduler service failed to start due to the following error:
%%2

Error: (06/23/2014 05:49:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMProtector service failed to start due to the following error:
%%2

Error: (06/14/2014 08:44:55 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
%%2

Error: (06/14/2014 08:44:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMScheduler service failed to start due to the following error:
%%2

Error: (06/14/2014 08:44:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMProtector service failed to start due to the following error:
%%2

Error: (06/13/2014 04:42:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
%%2

Error: (06/13/2014 04:42:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMScheduler service failed to start due to the following error:
%%2

Error: (06/13/2014 04:42:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMProtector service failed to start due to the following error:
%%2

Error: (06/13/2014 03:25:38 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
%%2

Microsoft Office Sessions:
=========================
Error: (06/12/2014 07:25:29 PM) (Source: Windows Search Service) (EventID: 3024) (User: )
Description: Context: Application, SystemIndex Catalog

Error: (06/12/2014 06:54:52 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application

Details:
   The content index cannot be read.   (0xc0041800)

Error: (06/12/2014 06:54:52 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
   The content index cannot be read.   (0xc0041800)

Error: (06/12/2014 06:54:52 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
   The content index cannot be read.   (0xc0041800)
Search.TripoliIndexer

Error: (06/12/2014 06:54:52 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
   0xc0041801 (0xc0041801)

Error: (06/09/2014 11:37:57 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog

Details:
   A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\USER\MY DOCUMENTS\DOWNLOADS\SPARKTRUST PC CLEANER PLUS\DEFINITIONS\STAGING\RTA82530

Error: (06/09/2014 10:50:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: set35.tmp7.1.100.12480.0.0.000000000

Error: (06/08/2014 07:00:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: set1d.tmp7.1.100.12480.0.0.000000000

Error: (06/07/2014 10:29:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.532msvcr100.dll10.0.40219.3250008d6fd

Error: (06/07/2014 08:52:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: set26.tmp7.1.100.12480.0.0.000000000

==================== Memory info ===========================

Percentage of memory in use: 58%
Total physical RAM: 1023 MB
Available physical RAM: 424.35 MB
Total Pagefile: 2461.73 MB
Available Pagefile: 1756.55 MB
Total Virtual: 2047.88 MB
Available Virtual: 1938.55 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:55.87 GB) (Free:44.33 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive f: () (Fixed) (Total:37.26 GB) (Free:37.12 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 56 GB) (Disk ID: 9DC96E9E)
Partition 1: (Active) - (Size=56 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 37 GB) (Disk ID: 55054103)
Partition 1: (Active) - (Size=37 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#9
Naathim

Posted 23 June 2014 - 04:27 PM

GeekU Minion

Expert
4,568 posts

Great, this is addition.txt one

I will also need FRST.txt (should be in C:\Documents and Settings\User\My Documents\Downloads folder).

#10
itsmesunny

Posted 23 June 2014 - 04:29 PM

Member

Topic Starter
Member
305 posts

Should I continue with GMER?

I will wait to do GMER when you reply - OK?

Edited by itsmesunny, 23 June 2014 - 04:44 PM.

#11
itsmesunny

Posted 23 June 2014 - 04:30 PM

Member

Topic Starter
Member
305 posts

Great, this is addition.txt one

I will also need FRST.txt (should be in C:\Documents and Settings\User\My Documents\Downloads folder).

Edited by itsmesunny, 23 June 2014 - 04:42 PM.

#12
itsmesunny

Posted 23 June 2014 - 04:37 PM

Member

Topic Starter
Member
305 posts

Here it is:

Edited by itsmesunny, 23 June 2014 - 04:43 PM.

#13
Naathim

Posted 23 June 2014 - 04:44 PM

GeekU Minion

Expert
4,568 posts

It was once more the addition file.

I've asked you to download the tool directly to your desktop, while it was downloaded into another folder - that is why you can't find it now. Please, read my instructions with more attention

If you can't find it, please do the following:

Push both the Windows and R button - in the box, type Notepad and press Enter.

Copy (Ctrl+C) all of the text in the following box and paste (Ctrl+V) it into Notepad

@echo off
type "C:\Documents and Settings\User\My Documents\Downloads\FRST.txt" >> "%userprofile%\desktop\FRST.txt"

Go to File > Save As... and save it to your Desktop named fix.bat. Make sure you change the Save as type to All Files (*.*)
Locate fix.bat on your Desktop and double-click on it.

After that you should find a FRST.txt file on your desktop.
Post its content into your reply.

Also please proceed with GMER. It's also needed.

Regards,
Naat