Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-06-2015
Ran by jwb (administrator) on POOHBEAR on 11-06-2015 21:16:28
Running from C:\Documents and Settings\jwb\My Documents\Downloads
Loaded Profiles: jwb (Available Profiles: jwb & jbb & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTSVCCDA.EXE
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Lavasoft Limited) C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
(Microsoft Corporation) C:\WINDOWS\system32\MsPMSPSv.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Intel Corporation) C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
(Creative Technology Ltd) C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
(Musicmatch, Inc.) C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
(Musicmatch Inc.) C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\realplay.exe
(Sonic Solutions) C:\WINDOWS\system32\dla\tfswctrl.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
(Gteko Ltd.) C:\Program Files\DellSupport\DSAgnt.exe
(LG Electronics) C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWNotiAgent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IntelMeM] => C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe [221184 2003-09-03] (Intel Corporation)
HKLM\...\Run: [CTSysVol] => C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe [57344 2003-09-17] (Creative Technology Ltd)
HKLM\...\Run: [P17Helper] => Rundll32 P17.dll,P17Helper
HKLM\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM\...\Run: [DVDLauncher] => C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe [53248 2005-02-23] (CyberLink Corp.)
HKLM\...\Run: [MMTray] => C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe [131072 2004-09-14] (Musicmatch, Inc.)
HKLM\...\Run: [mmtask] => C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe [53248 2004-09-14] (Musicmatch Inc.)
HKLM\...\Run: [RealTray] => C:\Program Files\Real\RealPlayer\RealPlay.exe [26112 2005-07-07] (RealNetworks, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [98304 2005-07-07] (Apple Computer, Inc.)
HKLM\...\Run: [dla] => C:\WINDOWS\system32\dla\tfswctrl.exe [127035 2004-12-06] (Sonic Solutions)
HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2005-09-20] (Intel Corporation)
HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [114688 2005-09-20] (Intel Corporation)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2567272 2011-07-19] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenuEx] => C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1637496 2011-08-04] (CANON INC.)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-404423571-3999074106-883641503-1006\...\Run: [DellSupport] => C:\Program Files\DellSupport\DSAgnt.exe [460784 2007-03-15] (Gteko Ltd.)
HKU\S-1-5-21-404423571-3999074106-883641503-1006\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-13] (Microsoft Corporation)
HKU\S-1-5-21-404423571-3999074106-883641503-1006\...\Run: [BYR_AGENT] => C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWNotiAgent.exe [384496 2014-08-29] (LG Electronics)
HKU\S-1-5-21-404423571-3999074106-883641503-1006\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6369048 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-404423571-3999074106-883641503-1006\...\MountPoints2: {257aaa1c-1bc2-11e2-a855-0013202ff4c7} - F:\TL_Bootstrap.exe
HKU\S-1-5-21-404423571-3999074106-883641503-1006\...\MountPoints2: {329157b6-04ff-11e2-a815-0013202ff4c7} - F:\TL_Bootstrap.exe
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk [2005-07-07]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Documents and Settings\jbb\Start Menu\Programs\Startup\VZAccess Manager.lnk [2008-05-05]
ShortcutTarget: VZAccess Manager.lnk -> C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe (No File)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
HKU\S-1-5-21-404423571-3999074106-883641503-1006\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bfc.myway.com...de_srchlft.html
HKU\S-1-5-21-404423571-3999074106-883641503-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-404423571-3999074106-883641503-1006\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/...nlogo=CT3334472
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-404423571-3999074106-883641503-1006 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03] (Adobe Systems Incorporated)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO: DriveLetterAccess -> {5CA3D70E-1895-11CF-8E15-001234567890} -> C:\WINDOWS\system32\dla\tfswshx.dll [2004-12-06] (Sonic Solutions)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-11] (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-11] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKU\S-1-5-21-404423571-3999074106-883641503-1006 -> No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
Toolbar: HKU\S-1-5-21-404423571-3999074106-883641503-1006 -> No Name - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
Toolbar: HKU\S-1-5-21-404423571-3999074106-883641503-1006 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-404423571-3999074106-883641503-1006 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0018-0000-0045-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2004-09-16] (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Documents and Settings\jwb\Application Data\Mozilla\Firefox\Profiles\3uukhqgz.default
FF NewTab: hxxp://www.bing.com/?pc=COSP&ptag=D060515-AAFB95D287A&form=CONMHP&conlogo=CT3334472
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF Homepage: https://www.google.com/?gws_rd=ssl
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-09-22] (CANON INC.)
FF Plugin: @java.com/DTPlugin,version=10.11.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-01-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-11] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-10-17]
Chrome:
=======
StartMenuInternet: chrome.exe - C:\Documents and Settings\jbb\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com)
R2 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.EXE [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
S3 DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [76848 2007-03-07] ()
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [57520 2013-10-23] (Bitdefender)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [106248 2015-06-11] (SurfRight B.V.)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [140456 2011-09-06] ()
R2 LavasoftTcpService; C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe [2745344 2015-06-05] (Lavasoft Limited) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [319488 2010-05-24] (Alcatel-Lucent) [File not signed]
S3 NetSvc; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [143360 2003-12-17] (Intel® Corporation) [File not signed]
R2 WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [53520 2000-06-26] (Microsoft Corporation) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R2 ASCTRM; C:\WINDOWS\system32\Drivers\ASCTRM.sys [8552 2005-07-07] (Windows ® 2000 DDK provider) [File not signed]
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [633344 2013-04-17] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [486536 2013-04-17] (BitDefender)
R1 bdselfpr; C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys [135472 2013-07-16] (BitDefender LLC)
R0 drvmcdb; C:\WINDOWS\System32\drivers\drvmcdb.sys [87488 2004-12-01] (Sonic Solutions) [File not signed]
R2 drvnddm; C:\WINDOWS\System32\drivers\drvnddm.sys [40480 2004-11-23] (Sonic Solutions) [File not signed]
S3 DSproct; C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys [4736 2006-10-05] (Gteko Ltd.) [File not signed]
R1 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [164952 2013-04-22] (BitDefender LLC)
R3 IntelC51; C:\WINDOWS\System32\DRIVERS\IntelC51.sys [1233525 2004-03-06] (Intel Corporation)
R3 IntelC52; C:\WINDOWS\System32\DRIVERS\IntelC52.sys [647929 2004-03-06] (Intel Corporation)
R3 IntelC53; C:\WINDOWS\System32\DRIVERS\IntelC53.sys [61157 2004-06-16] (Intel Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
R3 mohfilt; C:\WINDOWS\System32\DRIVERS\mohfilt.sys [37048 2004-03-06] (Intel Corporation)
R3 P17; C:\WINDOWS\System32\drivers\P17.sys [840960 2004-06-09] (Creative Technology Ltd.)
R2 PfModNT; C:\WINDOWS\system32\drivers\PfModNT.sys [15840 2003-03-05] (Creative Technology Ltd.)
S3 PTDMBus; C:\WINDOWS\System32\DRIVERS\PTDMBus.sys [29952 2007-08-17] (DEVGURU Co,LTD.)
S3 PTDMMdm; C:\WINDOWS\System32\DRIVERS\PTDMMdm.sys [41856 2007-08-17] (DEVGURU Co,LTD.)
S3 PTDMVsp; C:\WINDOWS\System32\DRIVERS\PTDMVsp.sys [39936 2007-08-17] (DEVGURU Co,LTD.)
S3 PTDMWWAN; C:\WINDOWS\System32\DRIVERS\PTDMWWAN.sys [59520 2007-08-17] (DEVGURU Co,LTD.)
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20576 2005-01-26] (Sonic Solutions) [File not signed]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 sscdbhk5; C:\WINDOWS\System32\drivers\sscdbhk5.sys [5627 2004-07-14] (Sonic Solutions) [File not signed]
R1 ssrtln; C:\WINDOWS\System32\drivers\ssrtln.sys [23545 2004-07-14] (Sonic Solutions) [File not signed]
R2 tfsnboio; C:\WINDOWS\System32\dla\tfsnboio.sys [25883 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsncofs; C:\WINDOWS\System32\dla\tfsncofs.sys [34843 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsndrct; C:\WINDOWS\System32\dla\tfsndrct.sys [4123 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsndres; C:\WINDOWS\System32\dla\tfsndres.sys [2239 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnifs; C:\WINDOWS\System32\dla\tfsnifs.sys [86586 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnopio; C:\WINDOWS\System32\dla\tfsnopio.sys [15227 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnpool; C:\WINDOWS\System32\dla\tfsnpool.sys [6363 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnudf; C:\WINDOWS\System32\dla\tfsnudf.sys [98714 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnudfa; C:\WINDOWS\System32\dla\tfsnudfa.sys [100603 2004-12-06] (Sonic Solutions) [File not signed]
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [355744 2013-05-28] (BitDefender S.R.L.)
S3 usbbus; C:\WINDOWS\System32\DRIVERS\lgusbbus.sys [13056 2011-02-14] (LG Electronics Inc.)
S3 UsbDiag; C:\WINDOWS\System32\DRIVERS\lgusbdiag.sys [20864 2011-02-14] (LG Electronics Inc.)
S3 USBModem; C:\WINDOWS\System32\DRIVERS\lgusbmodem.sys [25216 2011-02-14] (LG Electronics Inc.)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [242504 2015-06-11] (BitDefender)
S3 bvrp_pci; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 wanatw; system32\DRIVERS\wanatw4.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-11 21:16 - 2015-06-11 21:16 - 00000000 ____D C:\FRST
2015-06-11 20:10 - 2015-06-11 20:10 - 00242504 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys
2015-06-11 19:54 - 2015-06-11 19:54 - 00182863 _____ C:\Documents and Settings\All Users\Application Data\1434066808.bdinstall.bin
2015-06-11 19:53 - 2015-06-11 19:53 - 00039625 _____ C:\Documents and Settings\All Users\Application Data\1434066792.bdinstall.bin
2015-06-11 19:53 - 2015-06-11 19:53 - 00037176 _____ C:\Documents and Settings\All Users\Application Data\1434066790.bdinstall.bin
2015-06-11 19:53 - 2015-06-11 19:53 - 00036593 _____ C:\Documents and Settings\All Users\Application Data\1434066806.bdinstall.bin
2015-06-11 19:53 - 2015-06-11 19:53 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus Free Edition
2015-06-11 19:53 - 2013-05-28 12:11 - 00355744 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2015-06-11 19:53 - 2013-04-22 13:20 - 00164952 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2015-06-11 19:52 - 2015-06-11 19:52 - 00013451 _____ C:\Documents and Settings\All Users\Application Data\1434066708.2440.bin
2015-06-11 19:51 - 2015-06-11 19:52 - 00038456 _____ C:\Documents and Settings\All Users\Application Data\1434066708.928.bin
2015-06-11 19:51 - 2015-06-11 19:52 - 00002953 _____ C:\Documents and Settings\All Users\Application Data\1434066708.2672.bin
2015-06-11 19:51 - 2015-06-11 19:52 - 00002850 _____ C:\Documents and Settings\All Users\Application Data\1434066708.2104.bin
2015-06-11 19:51 - 2015-06-11 19:52 - 00002842 _____ C:\WINDOWS\system32\lic2.xml19546
2015-06-11 19:51 - 2015-06-11 19:51 - 00037176 _____ C:\Documents and Settings\All Users\Application Data\1434066651.bdinstall.bin
2015-06-11 19:50 - 2015-06-11 19:50 - 00215429 _____ C:\Documents and Settings\All Users\Application Data\1434066362.bdinstall.bin
2015-06-11 19:49 - 2015-06-11 19:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$
2015-06-11 19:49 - 2015-06-11 19:49 - 00000000 ____H C:\WINDOWS\system32\Drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2015-06-11 19:49 - 2015-06-11 19:49 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-06-11 19:49 - 2013-04-17 14:59 - 00633344 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2015-06-11 19:49 - 2013-04-17 14:59 - 00486536 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2015-06-11 19:49 - 2009-07-14 23:27 - 01461992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2015-06-11 19:49 - 2008-11-07 18:55 - 00016928 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsgXP_2k3.dll
2015-06-11 19:47 - 2015-06-11 19:49 - 00032107 _____ C:\Report 2015-06-11 19.47.46.txt
2015-06-11 19:47 - 2015-06-11 19:47 - 00000000 ____D C:\Documents and Settings\jwb\Application Data\QuickScan
2015-06-11 19:46 - 2015-06-11 19:50 - 00000000 ____D C:\Program Files\Bitdefender
2015-06-11 19:24 - 2013-01-15 10:29 - 00859552 _____ (Oracle Corporation) C:\WINDOWS\system32\npDeployJava1.dll
2015-06-11 19:24 - 2013-01-15 10:29 - 00780192 _____ (Oracle Corporation) C:\WINDOWS\system32\deployJava1.dll
2015-06-11 19:22 - 2015-06-11 19:22 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2015-06-11 19:21 - 2015-06-11 19:24 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Oracle
2015-06-11 18:50 - 2015-06-11 18:50 - 00001610 _____ C:\Documents and Settings\All Users\Desktop\HitmanPro.lnk
2015-06-11 18:50 - 2015-06-11 18:50 - 00000000 ____D C:\Program Files\HitmanPro
2015-06-11 18:50 - 2015-06-11 18:50 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\HitmanPro
2015-06-11 18:49 - 2015-06-11 19:12 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\HitmanPro
2015-06-11 18:28 - 2015-06-11 18:28 - 00000000 ____D C:\RegBackup
2015-06-11 18:09 - 2015-06-11 18:13 - 00000000 ____D C:\AdwCleaner
2015-06-11 16:25 - 2008-04-13 14:36 - 00020352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbatt.sys
2015-06-11 16:25 - 2008-04-13 14:36 - 00020352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidbatt.sys
2015-06-11 16:25 - 2008-04-13 14:36 - 00014208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\battc.sys
2015-06-11 16:25 - 2008-04-13 14:36 - 00014208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\battc.sys
2015-06-11 16:25 - 2008-04-13 14:36 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\compbatt.sys
2015-06-11 16:25 - 2008-04-13 14:36 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\compbatt.sys
2015-06-10 19:20 - 2015-06-10 19:20 - 00001792 _____ C:\Documents and Settings\jbb\Desktop\Google Chrome.lnk
2015-06-07 14:05 - 2015-06-07 14:05 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Application Data\speed browser
2015-06-05 20:30 - 2015-06-05 20:30 - 00001678 _____ C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-06-05 20:30 - 2015-06-05 20:30 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-06-05 20:30 - 2015-06-05 20:30 - 00000000 ____D C:\Documents and Settings\jwb\Application Data\SUPERAntiSpyware.com
2015-06-05 20:30 - 2015-06-05 20:30 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
2015-06-05 20:30 - 2015-06-05 20:30 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2015-06-05 19:45 - 2015-06-11 18:45 - 00000000 ____D C:\OETemp
2015-06-05 19:05 - 2015-06-05 19:05 - 00000000 ____D C:\Documents and Settings\jwb\Local Settings\Application Data\PCHealth
2015-06-05 18:44 - 2015-06-11 19:55 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Package Cache
2015-06-05 18:13 - 2015-06-11 20:46 - 00314496 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2015-06-05 17:15 - 2015-06-11 21:16 - 00001010 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserM_1_7_22_478699874-4155726479-3780505679-3006UA__34313535363139382d3437415a556c2a3223346c41.job
2015-06-05 17:14 - 2015-06-05 19:36 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Avira
2015-06-05 17:09 - 2015-06-05 17:09 - 00002464 _____ C:\WINDOWS\system32\LavasoftTcpServiceOff.ini
2015-06-05 17:09 - 2015-06-05 17:09 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\LavasoftTcpService
2015-06-05 17:09 - 2015-06-05 17:09 - 00000000 ____D C:\Documents and Settings\jwb\Local Settings\Application Data\Lavasoft
2015-06-05 17:09 - 2015-06-05 17:09 - 00000000 ____D C:\Documents and Settings\jwb\Application Data\Lavasoft
2015-06-05 17:08 - 2015-06-05 17:08 - 00341504 _____ (Lavasoft Limited) C:\WINDOWS\system32\LavasoftTcpService.dll
2015-06-05 17:08 - 2015-06-05 17:08 - 00000000 ____D C:\Program Files\Lavasoft
2015-06-05 17:08 - 2015-06-05 17:08 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Lavasoft
2015-06-05 16:52 - 2015-06-05 16:52 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2015-06-05 16:52 - 2015-06-05 16:52 - 00000000 ____D C:\Program Files\CCleaner
2015-06-05 16:52 - 2015-06-05 16:52 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
2015-06-05 15:45 - 2015-06-11 16:48 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-06-05 15:45 - 2015-06-05 15:45 - 00000777 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-05 15:45 - 2015-06-05 15:45 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-06-05 15:45 - 2015-06-05 15:45 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-05 15:45 - 2015-04-14 09:37 - 00120024 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-06-05 15:45 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-06-05 15:37 - 2015-06-11 19:55 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-06-05 15:37 - 2015-06-11 19:16 - 00000730 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-05 15:37 - 2015-06-11 19:16 - 00000724 _____ C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2015-06-05 15:37 - 2015-06-11 19:16 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-06-05 15:37 - 2015-06-05 15:37 - 00000000 ____D C:\Documents and Settings\jwb\Local Settings\Application Data\Mozilla
2015-06-05 15:37 - 2015-06-05 15:37 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Mozilla
2015-06-05 15:24 - 2015-06-05 15:30 - 00000075 _____ C:\Documents and Settings\jwb\LuResult.txt
2015-06-05 15:23 - 2015-06-05 15:24 - 00000075 _____ C:\WINDOWS\system32\LuResult.txt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-11 21:17 - 2005-08-15 06:35 - 00000000 ____D C:\Documents and Settings\jwb\Local Settings\Temp
2015-06-11 21:03 - 2005-08-15 06:35 - 00000000 ____D C:\Documents and Settings\jwb
2015-06-11 20:49 - 2004-08-10 14:02 - 02069339 ____N C:\WINDOWS\WindowsUpdate.log
2015-06-11 20:48 - 2012-01-20 09:40 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-404423571-3999074106-883641503-1007UA.job
2015-06-11 20:48 - 2004-08-10 13:59 - 00000159 ____N C:\WINDOWS\wiadebug.log
2015-06-11 20:48 - 2004-08-10 13:59 - 00000049 ____N C:\WINDOWS\wiaservc.log
2015-06-11 20:47 - 2004-08-10 14:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-11 20:46 - 2005-08-15 06:35 - 00000178 ___SH C:\Documents and Settings\jwb\ntuser.ini
2015-06-11 20:46 - 2004-08-10 14:08 - 00032620 ____N C:\WINDOWS\SchedLgU.Txt
2015-06-11 20:28 - 2013-01-15 10:37 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-11 19:24 - 2005-07-07 15:57 - 00000000 ____D C:\Program Files\Java
2015-06-11 19:23 - 2005-07-07 15:57 - 00000000 ____D C:\Program Files\Common Files\Java
2015-06-11 19:22 - 2013-01-15 10:31 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2015-06-11 19:22 - 2013-01-15 10:31 - 00096352 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2015-06-11 17:51 - 2009-12-19 10:55 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB971737_0$
2015-06-10 19:20 - 2014-05-15 14:53 - 00001774 _____ C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk
2015-06-10 19:20 - 2012-01-20 09:42 - 00000000 ____D C:\Documents and Settings\jbb\Start Menu\Programs\Google Chrome
2015-06-10 19:20 - 2005-08-15 06:35 - 00001650 _____ C:\Documents and Settings\jwb\Start Menu\Programs\Internet Explorer.lnk
2015-06-10 19:20 - 2005-07-25 06:57 - 00001650 _____ C:\Documents and Settings\jbb\Start Menu\Programs\Internet Explorer.lnk
2015-06-10 19:20 - 2005-07-25 06:55 - 00001774 _____ C:\Documents and Settings\Default User\Start Menu\Programs\Internet Explorer.lnk
2015-06-09 09:48 - 2012-01-20 09:40 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-404423571-3999074106-883641503-1007Core.job
2015-06-07 13:39 - 2004-08-10 13:51 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-06-05 21:29 - 2005-08-18 17:47 - 00000000 ____D C:\Documents and Settings\jwb\My Documents\Cyberlink
2015-06-05 21:10 - 2005-07-07 15:37 - 00000000 ____D C:\i386
2015-06-05 17:07 - 2011-09-14 16:49 - 00000000 ____D C:\Program Files\Google
2015-06-05 17:02 - 2010-04-21 16:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB977816$
2015-06-05 16:54 - 2008-05-09 19:13 - 00000000 ____D C:\WINDOWS\Minidump
2015-06-05 16:49 - 2011-09-14 16:49 - 00000000 ____D C:\Documents and Settings\jwb\Local Settings\Application Data\Google
2015-06-05 16:49 - 2011-09-14 16:49 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Google
2015-06-05 16:41 - 2012-03-31 09:04 - 00000000 ____D C:\Program Files\Bucksbee Loyalty Plugin - W3i
2015-06-05 16:40 - 2012-03-31 09:04 - 00000000 ____D C:\Program Files\EpicPlay
2015-06-05 15:45 - 2013-01-15 10:15 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2015-06-05 15:37 - 2012-03-31 09:05 - 00000000 ____D C:\Documents and Settings\jwb\Application Data\Mozilla
2015-06-05 15:31 - 2005-07-07 16:07 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-06-05 15:28 - 2005-07-07 16:07 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Symantec
2015-06-04 09:55 - 2012-12-09 18:06 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\CanonIJPLM
2015-06-04 09:43 - 2008-05-05 18:47 - 00002483 _____ C:\Documents and Settings\jwb\Desktop\Microsoft Word.lnk
==================== Files in the root of some directories =======
2014-12-12 16:34 - 2014-12-12 16:38 - 6000640 _____ () C:\Program Files\GUT35.tmp
2013-10-25 20:31 - 2013-10-25 20:38 - 50053120 _____ () C:\Program Files\GUTC.tmp
2009-02-24 20:01 - 2015-02-10 10:30 - 0007652 _____ () C:\Documents and Settings\jwb\Application Data\wklnhst.dat
2007-03-18 16:49 - 2015-01-09 19:05 - 0016384 _____ () C:\Documents and Settings\jwb\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-11-15 21:58 - 2011-11-15 21:58 - 0000000 ____C () C:\Documents and Settings\jwb\Local Settings\Application Data\{D75D2AD5-8385-4637-A40B-85DF9614FF3C}
Some files in TEMP:
====================
C:\Documents and Settings\jbb\Local Settings\Temp\jre-8u31-windows-au.exe
C:\Documents and Settings\jbb\Local Settings\Temp\symlcsv1.exe
C:\Documents and Settings\jbb\Local Settings\Temp\uninst.dll
C:\Documents and Settings\jwb\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\jwb\Local Settings\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of log ============================

Cannot Update Windows,Can't get Bitdefender to Scan and slow
Started by
WilliamP
, Jun 11 2015 07:29 PM
#1
Posted 11 June 2015 - 07:29 PM

#2
Posted 12 June 2015 - 06:47 AM

I am adding this info. It is a friends XP computer. I have no idea what happened to it. I have run MalwareBytes,Superantispyware,and tried to scan it with Bitdefender.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:






