Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Cannot Update Windows,Can't get Bitdefender to Scan and slow

Started by WilliamP , Jun 11 2015 07:29 PM

  • Please log in to reply

#1
WilliamP
Posted 11 June 2015 - 07:29 PM

WilliamP

    Member

  • Member
  • PipPipPip
  • 185 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-06-2015
Ran by jwb (administrator) on POOHBEAR on 11-06-2015 21:16:28
Running from C:\Documents and Settings\jwb\My Documents\Downloads
Loaded Profiles: jwb (Available Profiles: jwb & jbb & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTSVCCDA.EXE
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Lavasoft Limited) C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
(Microsoft Corporation) C:\WINDOWS\system32\MsPMSPSv.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Intel Corporation) C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
(Creative Technology Ltd) C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
(Musicmatch, Inc.) C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
(Musicmatch Inc.) C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\realplay.exe
(Sonic Solutions) C:\WINDOWS\system32\dla\tfswctrl.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
(Gteko Ltd.) C:\Program Files\DellSupport\DSAgnt.exe
(LG Electronics) C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWNotiAgent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IntelMeM] => C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe [221184 2003-09-03] (Intel Corporation)
HKLM\...\Run: [CTSysVol] => C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe [57344 2003-09-17] (Creative Technology Ltd)
HKLM\...\Run: [P17Helper] => Rundll32 P17.dll,P17Helper
HKLM\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM\...\Run: [DVDLauncher] => C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe [53248 2005-02-23] (CyberLink Corp.)
HKLM\...\Run: [MMTray] => C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe [131072 2004-09-14] (Musicmatch, Inc.)
HKLM\...\Run: [mmtask] => C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe [53248 2004-09-14] (Musicmatch Inc.)
HKLM\...\Run: [RealTray] => C:\Program Files\Real\RealPlayer\RealPlay.exe [26112 2005-07-07] (RealNetworks, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [98304 2005-07-07] (Apple Computer, Inc.)
HKLM\...\Run: [dla] => C:\WINDOWS\system32\dla\tfswctrl.exe [127035 2004-12-06] (Sonic Solutions)
HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2005-09-20] (Intel Corporation)
HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [114688 2005-09-20] (Intel Corporation)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2567272 2011-07-19] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenuEx] => C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1637496 2011-08-04] (CANON INC.)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-404423571-3999074106-883641503-1006\...\Run: [DellSupport] => C:\Program Files\DellSupport\DSAgnt.exe [460784 2007-03-15] (Gteko Ltd.)
HKU\S-1-5-21-404423571-3999074106-883641503-1006\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-13] (Microsoft Corporation)
HKU\S-1-5-21-404423571-3999074106-883641503-1006\...\Run: [BYR_AGENT] => C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWNotiAgent.exe [384496 2014-08-29] (LG Electronics)
HKU\S-1-5-21-404423571-3999074106-883641503-1006\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6369048 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-404423571-3999074106-883641503-1006\...\MountPoints2: {257aaa1c-1bc2-11e2-a855-0013202ff4c7} - F:\TL_Bootstrap.exe
HKU\S-1-5-21-404423571-3999074106-883641503-1006\...\MountPoints2: {329157b6-04ff-11e2-a815-0013202ff4c7} - F:\TL_Bootstrap.exe
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk [2005-07-07]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Documents and Settings\jbb\Start Menu\Programs\Startup\VZAccess Manager.lnk [2008-05-05]
ShortcutTarget: VZAccess Manager.lnk -> C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe (No File)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
HKU\S-1-5-21-404423571-3999074106-883641503-1006\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bfc.myway.com...de_srchlft.html
HKU\S-1-5-21-404423571-3999074106-883641503-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-404423571-3999074106-883641503-1006\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/...nlogo=CT3334472
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-404423571-3999074106-883641503-1006 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03] (Adobe Systems Incorporated)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO: DriveLetterAccess -> {5CA3D70E-1895-11CF-8E15-001234567890} -> C:\WINDOWS\system32\dla\tfswshx.dll [2004-12-06] (Sonic Solutions)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-11] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-11] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKU\S-1-5-21-404423571-3999074106-883641503-1006 -> No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} -  No File
Toolbar: HKU\S-1-5-21-404423571-3999074106-883641503-1006 -> No Name - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -  No File
Toolbar: HKU\S-1-5-21-404423571-3999074106-883641503-1006 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-404423571-3999074106-883641503-1006 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0018-0000-0045-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2004-09-16] (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Documents and Settings\jwb\Application Data\Mozilla\Firefox\Profiles\3uukhqgz.default
FF NewTab: hxxp://www.bing.com/?pc=COSP&ptag=D060515-AAFB95D287A&form=CONMHP&conlogo=CT3334472
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF Homepage: https://www.google.com/?gws_rd=ssl
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-09-22] (CANON INC.)
FF Plugin: @java.com/DTPlugin,version=10.11.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-01-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-11] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-10-17]

Chrome:
=======
StartMenuInternet: chrome.exe - C:\Documents and Settings\jbb\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com)
R2 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.EXE [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
S3 DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [76848 2007-03-07] ()
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [57520 2013-10-23] (Bitdefender)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [106248 2015-06-11] (SurfRight B.V.)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [140456 2011-09-06] ()
R2 LavasoftTcpService; C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe [2745344 2015-06-05] (Lavasoft Limited) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [319488 2010-05-24] (Alcatel-Lucent) [File not signed]
S3 NetSvc; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [143360 2003-12-17] (Intel® Corporation) [File not signed]
R2 WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [53520 2000-06-26] (Microsoft Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R2 ASCTRM; C:\WINDOWS\system32\Drivers\ASCTRM.sys [8552 2005-07-07] (Windows ® 2000 DDK provider) [File not signed]
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [633344 2013-04-17] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [486536 2013-04-17] (BitDefender)
R1 bdselfpr; C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys [135472 2013-07-16] (BitDefender LLC)
R0 drvmcdb; C:\WINDOWS\System32\drivers\drvmcdb.sys [87488 2004-12-01] (Sonic Solutions) [File not signed]
R2 drvnddm; C:\WINDOWS\System32\drivers\drvnddm.sys [40480 2004-11-23] (Sonic Solutions) [File not signed]
S3 DSproct; C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys [4736 2006-10-05] (Gteko Ltd.) [File not signed]
R1 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [164952 2013-04-22] (BitDefender LLC)
R3 IntelC51; C:\WINDOWS\System32\DRIVERS\IntelC51.sys [1233525 2004-03-06] (Intel Corporation)
R3 IntelC52; C:\WINDOWS\System32\DRIVERS\IntelC52.sys [647929 2004-03-06] (Intel Corporation)
R3 IntelC53; C:\WINDOWS\System32\DRIVERS\IntelC53.sys [61157 2004-06-16] (Intel Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
R3 mohfilt; C:\WINDOWS\System32\DRIVERS\mohfilt.sys [37048 2004-03-06] (Intel Corporation)
R3 P17; C:\WINDOWS\System32\drivers\P17.sys [840960 2004-06-09] (Creative Technology Ltd.)
R2 PfModNT; C:\WINDOWS\system32\drivers\PfModNT.sys [15840 2003-03-05] (Creative Technology Ltd.)
S3 PTDMBus; C:\WINDOWS\System32\DRIVERS\PTDMBus.sys [29952 2007-08-17] (DEVGURU Co,LTD.)
S3 PTDMMdm; C:\WINDOWS\System32\DRIVERS\PTDMMdm.sys [41856 2007-08-17] (DEVGURU Co,LTD.)
S3 PTDMVsp; C:\WINDOWS\System32\DRIVERS\PTDMVsp.sys [39936 2007-08-17] (DEVGURU Co,LTD.)
S3 PTDMWWAN; C:\WINDOWS\System32\DRIVERS\PTDMWWAN.sys [59520 2007-08-17] (DEVGURU Co,LTD.)
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20576 2005-01-26] (Sonic Solutions) [File not signed]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 sscdbhk5; C:\WINDOWS\System32\drivers\sscdbhk5.sys [5627 2004-07-14] (Sonic Solutions) [File not signed]
R1 ssrtln; C:\WINDOWS\System32\drivers\ssrtln.sys [23545 2004-07-14] (Sonic Solutions) [File not signed]
R2 tfsnboio; C:\WINDOWS\System32\dla\tfsnboio.sys [25883 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsncofs; C:\WINDOWS\System32\dla\tfsncofs.sys [34843 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsndrct; C:\WINDOWS\System32\dla\tfsndrct.sys [4123 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsndres; C:\WINDOWS\System32\dla\tfsndres.sys [2239 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnifs; C:\WINDOWS\System32\dla\tfsnifs.sys [86586 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnopio; C:\WINDOWS\System32\dla\tfsnopio.sys [15227 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnpool; C:\WINDOWS\System32\dla\tfsnpool.sys [6363 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnudf; C:\WINDOWS\System32\dla\tfsnudf.sys [98714 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnudfa; C:\WINDOWS\System32\dla\tfsnudfa.sys [100603 2004-12-06] (Sonic Solutions) [File not signed]
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [355744 2013-05-28] (BitDefender S.R.L.)
S3 usbbus; C:\WINDOWS\System32\DRIVERS\lgusbbus.sys [13056 2011-02-14] (LG Electronics Inc.)
S3 UsbDiag; C:\WINDOWS\System32\DRIVERS\lgusbdiag.sys [20864 2011-02-14] (LG Electronics Inc.)
S3 USBModem; C:\WINDOWS\System32\DRIVERS\lgusbmodem.sys [25216 2011-02-14] (LG Electronics Inc.)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [242504 2015-06-11] (BitDefender)
S3 bvrp_pci; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 wanatw; system32\DRIVERS\wanatw4.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-11 21:16 - 2015-06-11 21:16 - 00000000 ____D C:\FRST
2015-06-11 20:10 - 2015-06-11 20:10 - 00242504 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys
2015-06-11 19:54 - 2015-06-11 19:54 - 00182863 _____ C:\Documents and Settings\All Users\Application Data\1434066808.bdinstall.bin
2015-06-11 19:53 - 2015-06-11 19:53 - 00039625 _____ C:\Documents and Settings\All Users\Application Data\1434066792.bdinstall.bin
2015-06-11 19:53 - 2015-06-11 19:53 - 00037176 _____ C:\Documents and Settings\All Users\Application Data\1434066790.bdinstall.bin
2015-06-11 19:53 - 2015-06-11 19:53 - 00036593 _____ C:\Documents and Settings\All Users\Application Data\1434066806.bdinstall.bin
2015-06-11 19:53 - 2015-06-11 19:53 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus Free Edition
2015-06-11 19:53 - 2013-05-28 12:11 - 00355744 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2015-06-11 19:53 - 2013-04-22 13:20 - 00164952 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2015-06-11 19:52 - 2015-06-11 19:52 - 00013451 _____ C:\Documents and Settings\All Users\Application Data\1434066708.2440.bin
2015-06-11 19:51 - 2015-06-11 19:52 - 00038456 _____ C:\Documents and Settings\All Users\Application Data\1434066708.928.bin
2015-06-11 19:51 - 2015-06-11 19:52 - 00002953 _____ C:\Documents and Settings\All Users\Application Data\1434066708.2672.bin
2015-06-11 19:51 - 2015-06-11 19:52 - 00002850 _____ C:\Documents and Settings\All Users\Application Data\1434066708.2104.bin
2015-06-11 19:51 - 2015-06-11 19:52 - 00002842 _____ C:\WINDOWS\system32\lic2.xml19546
2015-06-11 19:51 - 2015-06-11 19:51 - 00037176 _____ C:\Documents and Settings\All Users\Application Data\1434066651.bdinstall.bin
2015-06-11 19:50 - 2015-06-11 19:50 - 00215429 _____ C:\Documents and Settings\All Users\Application Data\1434066362.bdinstall.bin
2015-06-11 19:49 - 2015-06-11 19:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$
2015-06-11 19:49 - 2015-06-11 19:49 - 00000000 ____H C:\WINDOWS\system32\Drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2015-06-11 19:49 - 2015-06-11 19:49 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-06-11 19:49 - 2013-04-17 14:59 - 00633344 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2015-06-11 19:49 - 2013-04-17 14:59 - 00486536 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2015-06-11 19:49 - 2009-07-14 23:27 - 01461992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2015-06-11 19:49 - 2008-11-07 18:55 - 00016928 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsgXP_2k3.dll
2015-06-11 19:47 - 2015-06-11 19:49 - 00032107 _____ C:\Report 2015-06-11 19.47.46.txt
2015-06-11 19:47 - 2015-06-11 19:47 - 00000000 ____D C:\Documents and Settings\jwb\Application Data\QuickScan
2015-06-11 19:46 - 2015-06-11 19:50 - 00000000 ____D C:\Program Files\Bitdefender
2015-06-11 19:24 - 2013-01-15 10:29 - 00859552 _____ (Oracle Corporation) C:\WINDOWS\system32\npDeployJava1.dll
2015-06-11 19:24 - 2013-01-15 10:29 - 00780192 _____ (Oracle Corporation) C:\WINDOWS\system32\deployJava1.dll
2015-06-11 19:22 - 2015-06-11 19:22 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2015-06-11 19:21 - 2015-06-11 19:24 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Oracle
2015-06-11 18:50 - 2015-06-11 18:50 - 00001610 _____ C:\Documents and Settings\All Users\Desktop\HitmanPro.lnk
2015-06-11 18:50 - 2015-06-11 18:50 - 00000000 ____D C:\Program Files\HitmanPro
2015-06-11 18:50 - 2015-06-11 18:50 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\HitmanPro
2015-06-11 18:49 - 2015-06-11 19:12 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\HitmanPro
2015-06-11 18:28 - 2015-06-11 18:28 - 00000000 ____D C:\RegBackup
2015-06-11 18:09 - 2015-06-11 18:13 - 00000000 ____D C:\AdwCleaner
2015-06-11 16:25 - 2008-04-13 14:36 - 00020352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbatt.sys
2015-06-11 16:25 - 2008-04-13 14:36 - 00020352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidbatt.sys
2015-06-11 16:25 - 2008-04-13 14:36 - 00014208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\battc.sys
2015-06-11 16:25 - 2008-04-13 14:36 - 00014208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\battc.sys
2015-06-11 16:25 - 2008-04-13 14:36 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\compbatt.sys
2015-06-11 16:25 - 2008-04-13 14:36 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\compbatt.sys
2015-06-10 19:20 - 2015-06-10 19:20 - 00001792 _____ C:\Documents and Settings\jbb\Desktop\Google  Chrome.lnk
2015-06-07 14:05 - 2015-06-07 14:05 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Application Data\speed browser
2015-06-05 20:30 - 2015-06-05 20:30 - 00001678 _____ C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-06-05 20:30 - 2015-06-05 20:30 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-06-05 20:30 - 2015-06-05 20:30 - 00000000 ____D C:\Documents and Settings\jwb\Application Data\SUPERAntiSpyware.com
2015-06-05 20:30 - 2015-06-05 20:30 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
2015-06-05 20:30 - 2015-06-05 20:30 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2015-06-05 19:45 - 2015-06-11 18:45 - 00000000 ____D C:\OETemp
2015-06-05 19:05 - 2015-06-05 19:05 - 00000000 ____D C:\Documents and Settings\jwb\Local Settings\Application Data\PCHealth
2015-06-05 18:44 - 2015-06-11 19:55 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Package Cache
2015-06-05 18:13 - 2015-06-11 20:46 - 00314496 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2015-06-05 17:15 - 2015-06-11 21:16 - 00001010 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserM_1_7_22_478699874-4155726479-3780505679-3006UA__34313535363139382d3437415a556c2a3223346c41.job
2015-06-05 17:14 - 2015-06-05 19:36 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Avira
2015-06-05 17:09 - 2015-06-05 17:09 - 00002464 _____ C:\WINDOWS\system32\LavasoftTcpServiceOff.ini
2015-06-05 17:09 - 2015-06-05 17:09 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\LavasoftTcpService
2015-06-05 17:09 - 2015-06-05 17:09 - 00000000 ____D C:\Documents and Settings\jwb\Local Settings\Application Data\Lavasoft
2015-06-05 17:09 - 2015-06-05 17:09 - 00000000 ____D C:\Documents and Settings\jwb\Application Data\Lavasoft
2015-06-05 17:08 - 2015-06-05 17:08 - 00341504 _____ (Lavasoft Limited) C:\WINDOWS\system32\LavasoftTcpService.dll
2015-06-05 17:08 - 2015-06-05 17:08 - 00000000 ____D C:\Program Files\Lavasoft
2015-06-05 17:08 - 2015-06-05 17:08 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Lavasoft
2015-06-05 16:52 - 2015-06-05 16:52 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2015-06-05 16:52 - 2015-06-05 16:52 - 00000000 ____D C:\Program Files\CCleaner
2015-06-05 16:52 - 2015-06-05 16:52 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
2015-06-05 15:45 - 2015-06-11 16:48 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-06-05 15:45 - 2015-06-05 15:45 - 00000777 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-05 15:45 - 2015-06-05 15:45 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-06-05 15:45 - 2015-06-05 15:45 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-05 15:45 - 2015-04-14 09:37 - 00120024 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-06-05 15:45 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-06-05 15:37 - 2015-06-11 19:55 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-06-05 15:37 - 2015-06-11 19:16 - 00000730 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-05 15:37 - 2015-06-11 19:16 - 00000724 _____ C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2015-06-05 15:37 - 2015-06-11 19:16 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-06-05 15:37 - 2015-06-05 15:37 - 00000000 ____D C:\Documents and Settings\jwb\Local Settings\Application Data\Mozilla
2015-06-05 15:37 - 2015-06-05 15:37 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Mozilla
2015-06-05 15:24 - 2015-06-05 15:30 - 00000075 _____ C:\Documents and Settings\jwb\LuResult.txt
2015-06-05 15:23 - 2015-06-05 15:24 - 00000075 _____ C:\WINDOWS\system32\LuResult.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-11 21:17 - 2005-08-15 06:35 - 00000000 ____D C:\Documents and Settings\jwb\Local Settings\Temp
2015-06-11 21:03 - 2005-08-15 06:35 - 00000000 ____D C:\Documents and Settings\jwb
2015-06-11 20:49 - 2004-08-10 14:02 - 02069339 ____N C:\WINDOWS\WindowsUpdate.log
2015-06-11 20:48 - 2012-01-20 09:40 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-404423571-3999074106-883641503-1007UA.job
2015-06-11 20:48 - 2004-08-10 13:59 - 00000159 ____N C:\WINDOWS\wiadebug.log
2015-06-11 20:48 - 2004-08-10 13:59 - 00000049 ____N C:\WINDOWS\wiaservc.log
2015-06-11 20:47 - 2004-08-10 14:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-11 20:46 - 2005-08-15 06:35 - 00000178 ___SH C:\Documents and Settings\jwb\ntuser.ini
2015-06-11 20:46 - 2004-08-10 14:08 - 00032620 ____N C:\WINDOWS\SchedLgU.Txt
2015-06-11 20:28 - 2013-01-15 10:37 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-11 19:24 - 2005-07-07 15:57 - 00000000 ____D C:\Program Files\Java
2015-06-11 19:23 - 2005-07-07 15:57 - 00000000 ____D C:\Program Files\Common Files\Java
2015-06-11 19:22 - 2013-01-15 10:31 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2015-06-11 19:22 - 2013-01-15 10:31 - 00096352 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2015-06-11 17:51 - 2009-12-19 10:55 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB971737_0$
2015-06-10 19:20 - 2014-05-15 14:53 - 00001774 _____ C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk
2015-06-10 19:20 - 2012-01-20 09:42 - 00000000 ____D C:\Documents and Settings\jbb\Start Menu\Programs\Google Chrome
2015-06-10 19:20 - 2005-08-15 06:35 - 00001650 _____ C:\Documents and Settings\jwb\Start Menu\Programs\Internet Explorer.lnk
2015-06-10 19:20 - 2005-07-25 06:57 - 00001650 _____ C:\Documents and Settings\jbb\Start Menu\Programs\Internet Explorer.lnk
2015-06-10 19:20 - 2005-07-25 06:55 - 00001774 _____ C:\Documents and Settings\Default User\Start Menu\Programs\Internet Explorer.lnk
2015-06-09 09:48 - 2012-01-20 09:40 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-404423571-3999074106-883641503-1007Core.job
2015-06-07 13:39 - 2004-08-10 13:51 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-06-05 21:29 - 2005-08-18 17:47 - 00000000 ____D C:\Documents and Settings\jwb\My Documents\Cyberlink
2015-06-05 21:10 - 2005-07-07 15:37 - 00000000 ____D C:\i386
2015-06-05 17:07 - 2011-09-14 16:49 - 00000000 ____D C:\Program Files\Google
2015-06-05 17:02 - 2010-04-21 16:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB977816$
2015-06-05 16:54 - 2008-05-09 19:13 - 00000000 ____D C:\WINDOWS\Minidump
2015-06-05 16:49 - 2011-09-14 16:49 - 00000000 ____D C:\Documents and Settings\jwb\Local Settings\Application Data\Google
2015-06-05 16:49 - 2011-09-14 16:49 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Google
2015-06-05 16:41 - 2012-03-31 09:04 - 00000000 ____D C:\Program Files\Bucksbee Loyalty Plugin - W3i
2015-06-05 16:40 - 2012-03-31 09:04 - 00000000 ____D C:\Program Files\EpicPlay
2015-06-05 15:45 - 2013-01-15 10:15 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2015-06-05 15:37 - 2012-03-31 09:05 - 00000000 ____D C:\Documents and Settings\jwb\Application Data\Mozilla
2015-06-05 15:31 - 2005-07-07 16:07 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-06-05 15:28 - 2005-07-07 16:07 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Symantec
2015-06-04 09:55 - 2012-12-09 18:06 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\CanonIJPLM
2015-06-04 09:43 - 2008-05-05 18:47 - 00002483 _____ C:\Documents and Settings\jwb\Desktop\Microsoft Word.lnk

==================== Files in the root of some directories =======

2014-12-12 16:34 - 2014-12-12 16:38 - 6000640 _____ () C:\Program Files\GUT35.tmp
2013-10-25 20:31 - 2013-10-25 20:38 - 50053120 _____ () C:\Program Files\GUTC.tmp
2009-02-24 20:01 - 2015-02-10 10:30 - 0007652 _____ () C:\Documents and Settings\jwb\Application Data\wklnhst.dat
2007-03-18 16:49 - 2015-01-09 19:05 - 0016384 _____ () C:\Documents and Settings\jwb\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-11-15 21:58 - 2011-11-15 21:58 - 0000000 ____C () C:\Documents and Settings\jwb\Local Settings\Application Data\{D75D2AD5-8385-4637-A40B-85DF9614FF3C}

Some files in TEMP:
====================
C:\Documents and Settings\jbb\Local Settings\Temp\jre-8u31-windows-au.exe
C:\Documents and Settings\jbb\Local Settings\Temp\symlcsv1.exe
C:\Documents and Settings\jbb\Local Settings\Temp\uninst.dll
C:\Documents and Settings\jwb\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\jwb\Local Settings\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of log ============================


  • 0

Advertisements

#2
WilliamP
Posted 12 June 2015 - 06:47 AM

WilliamP

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 185 posts
I am adding this info. It is a friends XP computer. I have no idea what happened to it. I have run MalwareBytes,Superantispyware,and tried to scan it with Bitdefender.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP