Solved bad image errors prevents me from printing

August 7, 2014 at 16:21:47
Specs: Windows XP, 2gb
I keep getting a "bad image" message up. Usually it disappears after I click "OK", and I can continue. Now, however, it's preventing me from printing any documents.
Can I get rid of this ?

See More: bad image errors prevents me from printing

Report •

✔ Best Answer
August 12, 2014 at 19:34:36
Forgot these. IObitUninstaller should find them.

AVG 2012 (Version: 12.0.1901 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.1913 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2176 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2178 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2197 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2221 - AVG Technologies) Hidden

If not, try your CCleaner registry cleaner.
http://i.imgur.com/SqKUAws.gif




#1
August 7, 2014 at 17:44:36
I will need to take you through 5 - 10 steps.

Run both of these, in this order.

Step 1: Run AdwCleaner
http://www.softpedia.com/get/Antivi...
http://www.softpedia.com/progScreen...
How to download from Softpedia
http://i.imgur.com/BWELEfV.gif
http://i.imgur.com/4luY3rU.gif
http://www.raymond.cc/blog/adwclean...
http://www.bleepingcomputer.com/dow...
Author's site
http://general-changelog-team.fr/en...
Tutorial
http://general-changelog-team.fr/en...
Please download AdwCleaner by Xplode onto your Desktop. If your default download location is not the Desktop, drag it out of it's location onto the Desktop.
Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click on Clean.
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please Copy & Paste the contents of that logfile with your next answer.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

Step 2: Run Junkware Removal Tool
http://www.softpedia.com/get/Securi...
http://www.softpedia.com/progScreen...
How to download from Softpedia
http://i.imgur.com/qO92huz.gif
http://i.imgur.com/qzTUYkX.gif
http://www.bleepingcomputer.com/dow...
http://thisisudax.blogspot.com.au/2...
Download Junkware Removal Tool onto your Desktop. If your default download location is not the Desktop, drag it out of it's location onto the Desktop.
Warning! Once the scan is complete JRT will shut down your browser with NO warning.
Shut down your protection software now to avoid potential conflicts.
Temporarily disable your antivirus and any antispyware real time protection before performing a scan.
Click this link to see a list of security programs that should be disabled and how to disable them.
http://www.bleepingcomputer.com/for...
http://www.techsupportforum.com/for...
Run the tool by double-clicking it. If you are using Windows Vista or Windows 7/8, right-click JRT and select Run as Administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved onto your Desktop and will automatically open.
Copy and Paste the contents of the JRT.txt log please.


Report •

#2
August 12, 2014 at 15:54:53
Thanks, Johnw. I've run those programs, and I have three reports. I'll send one at a time here. Meanwhile, the "bad image" boxes have ceased popping up.

The first:
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by user on 08/08/2014 at 13:32:47.29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\drivergenius"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08/08/2014 at 13:42:10.79
End of JRT log


Report •

#3
August 12, 2014 at 15:57:48
Here's a adwcleaner report:
# AdwCleaner v3.303 - Report created 08/08/2014 at 13:11:57
# Updated 06/08/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : user - LAPTOP
# Running from : C:\Documents and Settings\user\Desktop\adwcleaner_3.303.exe
# Option : Scan

***** [ Services ] *****

Service Found : F06DEFF2-5B9C-490D-910F-35D3A9119622

***** [ Files / Folders ] *****

File Found : C:\Program Files\Mozilla Firefox\browser\nsprotector.js
Folder Found : C:\Documents and Settings\All Users\Application Data\eSafe
Folder Found : C:\Documents and Settings\All Users\Application Data\NCH Software
Folder Found : C:\Documents and Settings\All Users\Application Data\ParetoLogic
Folder Found : C:\Documents and Settings\All Users\Application Data\SafetyNut
Folder Found : C:\Documents and Settings\All Users\Application Data\wincert
Folder Found : C:\Documents and Settings\user\Application Data\ExpressFiles
Folder Found : C:\Documents and Settings\user\Application Data\ParetoLogic
Folder Found : C:\Documents and Settings\user\Application Data\somotomoviestoolbar1
Folder Found : C:\Documents and Settings\user\Local Settings\Application Data\PackageAware
Folder Found : C:\Documents and Settings\user\Local Settings\Application Data\somotomoviestoolbar1
Folder Found : C:\Program Files\Movies Toolbar
Folder Found : C:\Program Files\NCH Software

***** [ Scheduled Tasks ] *****

Task Found : Driver Support-RTMRules
Task Found : Driver Support-RTMScan
Task Found : Driver Support-RTMUpdater
Task Found : Express FilesUpdate

***** [ Shortcuts ] *****

Shortcut Found : C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( hxxp://www.dosearches.com/?utm_source=b&utm_medium=s32&utm_campaign=eXQ&utm_content=sc&from=s32&uid=WDCXWD1600BEVS-08VAT2_WD-WX70A59M0783M0783&ts=1382359663 )
Shortcut Found : C:\Documents and Settings\user\Start Menu\Programs\AppsHat\Uninstall.lnk ( _?=C:\Documents and Settings\user\Local Settings\Application Data\WebPlayer\AppsHat )

***** [ Registry ] *****

Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\chrome.exe\shell\open\command [(Default)] - "C:\Program Files\Google\Chrome\Application\chrome.exe" hxxp://www.dosearches.com/?utm_source=b&utm_medium=s32&utm_campaign=eXQ&utm_content=sc&from=s32&uid=WDCXWD1600BEVS-08VAT2_WD-WX70A59M0783M0783&ts=1382359663
Key Found : HKCU\Software\ExpressFiles
Key Found : HKCU\Software\Imesh
Key Found : HKCU\Software\InstalledThirdPartyPrograms
Key Found : HKCU\Software\MGShareware
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AppsHat Mobile Apps
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0696F815-A3A9-490A-BB14-9EC3350B1276}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5D79F641-C168-40DF-A32F-BACEA7509E75}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C98D5B61-B0EA-4D48-9839-1079D352D880}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CB41FC95-F1B3-4797-8BB6-1012FF62ABBA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D77AA852-DEF3-43CB-A3F5-BD679DE72F32}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0696F815-A3A9-490A-BB14-9EC3350B1276}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5D79F641-C168-40DF-A32F-BACEA7509E75}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C98D5B61-B0EA-4D48-9839-1079D352D880}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CB41FC95-F1B3-4797-8BB6-1012FF62ABBA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D77AA852-DEF3-43CB-A3F5-BD679DE72F32}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AppsHat Mobile Apps
Key Found : HKCU\Software\ParetoLogic
Key Found : HKCU\Software\SafetyNut
Key Found : HKCU\Software\somotomoviestoolbar1
Key Found : HKCU\Software\Webplayer
Key Found : HKCU\Software\WEDLMNGR
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\SOFTWARE\Classes\AppID\{756C097C-6BDB-45DE-A8F1-83E01AB86BA4}
Key Found : HKLM\SOFTWARE\Classes\AppID\Launcher.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\dosearchessoftware
Key Found : HKLM\Software\eSafeSecControl
Key Found : HKLM\Software\ExpressFiles
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\Software\InstalledThirdPartyPrograms
Key Found : HKLM\Software\MGShareware
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\somotomoviestoolbar1FF
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WsysControl
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Found : HKLM\Software\Minibar
Key Found : HKLM\Software\ParetoLogic
Key Found : HKLM\Software\SafetyNut
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Value Found : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Found : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Value Found : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x86]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List [C:\Program Files\BearShare Applications\BearShare\BearShare.exe]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List [C:\Program Files\iMesh Applications\iMesh\iMesh.exe]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\BearShare Applications\BearShare\BearShare.exe]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\ExpressFiles\expressdl.exe]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\ExpressFiles\ExpressFiles.exe]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\iMesh Applications\iMesh\iMesh.exe]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Movies Toolbar\SafetyNut\SRToolBar\IE\dtUser.exe]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://search.dosearches.com/web/?utm_source=b&utm_medium=s32&utm_campaign=eXQ&utm_content=ds&from=s32&uid=WDCXWD1600BEVS-08VAT2_WD-WX70A59M0783M0783&ts=1382359663&type=default&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch] - hxxp://search.dosearches.com/web/?utm_source=b&utm_medium=s32&utm_campaign=eXQ&utm_content=ds&from=s32&uid=WDCXWD1600BEVS-08VAT2_WD-WX70A59M0783M0783&ts=1382359663&type=default&q={searchTerms}

-\\ Google Chrome v30.0.1599.69

*************************

AdwCleaner[R0].txt - [12669 octets] - [08/08/2014 13:11:57]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [12730 octets] ##########


Report •

Related Solutions

#4
August 12, 2014 at 15:59:14
Here's the other adwcleaner report:
# AdwCleaner v3.303 - Report created 08/08/2014 at 13:13:07
# Updated 06/08/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : user - LAPTOP
# Running from : C:\Documents and Settings\user\Desktop\adwcleaner_3.303.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A9119622

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\eSafe
Folder Deleted : C:\Documents and Settings\All Users\Application Data\NCH Software
Folder Deleted : C:\Documents and Settings\All Users\Application Data\ParetoLogic
Folder Deleted : C:\Documents and Settings\All Users\Application Data\SafetyNut
Folder Deleted : C:\Documents and Settings\All Users\Application Data\wincert
Folder Deleted : C:\Program Files\Movies Toolbar
Folder Deleted : C:\Program Files\NCH Software
Folder Deleted : C:\Documents and Settings\user\Local Settings\Application Data\PackageAware
Folder Deleted : C:\Documents and Settings\user\Local Settings\Application Data\somotomoviestoolbar1
Folder Deleted : C:\Documents and Settings\user\Application Data\ExpressFiles
Folder Deleted : C:\Documents and Settings\user\Application Data\ParetoLogic
Folder Deleted : C:\Documents and Settings\user\Application Data\somotomoviestoolbar1
File Deleted : C:\Program Files\Mozilla Firefox\browser\nsprotector.js

***** [ Scheduled Tasks ] *****

Task Deleted : Driver Support-RTMRules
Task Deleted : Driver Support-RTMScan
Task Deleted : Driver Support-RTMUpdater
Task Deleted : Express FilesUpdate

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Documents and Settings\user\Start Menu\Programs\AppsHat\Uninstall.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Launcher.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{756C097C-6BDB-45DE-A8F1-83E01AB86BA4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0696F815-A3A9-490A-BB14-9EC3350B1276}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5D79F641-C168-40DF-A32F-BACEA7509E75}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C98D5B61-B0EA-4D48-9839-1079D352D880}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CB41FC95-F1B3-4797-8BB6-1012FF62ABBA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D77AA852-DEF3-43CB-A3F5-BD679DE72F32}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0696F815-A3A9-490A-BB14-9EC3350B1276}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5D79F641-C168-40DF-A32F-BACEA7509E75}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C98D5B61-B0EA-4D48-9839-1079D352D880}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CB41FC95-F1B3-4797-8BB6-1012FF62ABBA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D77AA852-DEF3-43CB-A3F5-BD679DE72F32}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\chrome.exe\shell\open\command
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List [C:\Program Files\iMesh Applications\iMesh\iMesh.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List [C:\Program Files\BearShare Applications\BearShare\BearShare.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\iMesh Applications\iMesh\iMesh.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\ExpressFiles\expressdl.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\ExpressFiles\ExpressFiles.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\BearShare Applications\BearShare\BearShare.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Movies Toolbar\SafetyNut\SRToolBar\IE\dtUser.exe]
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKCU\Software\Imesh
Key Deleted : HKCU\Software\InstalledThirdPartyPrograms
Key Deleted : HKCU\Software\MGShareware
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\SafetyNut
Key Deleted : HKCU\Software\somotomoviestoolbar1
Key Deleted : HKCU\Software\Webplayer
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\dosearchessoftware
Key Deleted : HKLM\Software\eSafeSecControl
Key Deleted : HKLM\Software\ExpressFiles
Key Deleted : HKLM\Software\InstalledThirdPartyPrograms
Key Deleted : HKLM\Software\MGShareware
Key Deleted : HKLM\Software\Minibar
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\SafetyNut
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AppsHat Mobile Apps
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AppsHat Mobile Apps
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\somotomoviestoolbar1FF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WsysControl
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]

-\\ Google Chrome v30.0.1599.69

*************************

AdwCleaner[R0].txt - [12811 octets] - [08/08/2014 13:11:57]
AdwCleaner[S0].txt - [11504 octets] - [08/08/2014 13:13:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11565 octets] ##########


Report •

#5
August 12, 2014 at 16:05:21
Whew, you were really messed up.

Update & Run Malwarebytes' Anti-Malware ( MBAM ) Free Version. Use Quick scan ( now called Threat Scan )
Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box to Scan for rootkits.
http://i.imgur.com/dZgt1g2.gif
Copy and Paste the contents of the log, in your reply please.
http://i.imgur.com/U9IqcVj.gif
http://i.imgur.com/zHMG6J9.gif
Or,
http://i.imgur.com/eLcvyZD.gif
Malwarebytes' Anti-Malware
http://www.softpedia.com/get/Antivi...
http://www.softpedia.com/progScreen...
http://www.malwarebytes.org/free/
Make sure you uncheck > Enable free trial < at the END of the install.
http://i.imgur.com/tUFCbYz.gif
Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box to Scan for rootkits.
If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
If your MBAM log indicates "No action taken". That's usually a result of NOT clicking the Apply Actions button after the scan. In most cases, a restart will be required.
http://i.imgur.com/U9IqcVj.gif
http://i.imgur.com/zHMG6J9.gif
Or,
http://i.imgur.com/eLcvyZD.gif
Quick Scan versus Full Scan
http://forums.malwarebytes.org/inde...


Report •

#6
August 12, 2014 at 17:19:54
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 13/08/2014
Scan Time: 11:53:28
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.12.12
Rootkit Database: v2014.08.04.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: user

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 277863
Time Elapsed: 12 min, 40 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 7
PUP.Optional.DefaultTab.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7F6AFBF1-E065-4627-A2FD-810366367D01}, Quarantined, [3860ccf6d1aae551da49c1aeac56f709],
PUP.Optional.DefaultTab.A, HKU\S-1-5-21-1645522239-1177238915-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7F6AFBF1-E065-4627-A2FD-810366367D01}, Quarantined, [3860ccf6d1aae551da49c1aeac56f709],
PUP.Optional.DiVapton.A, HKU\S-1-5-21-1645522239-1177238915-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3BF42771-1B8A-4910-B3DC-EB330E40020A}, Quarantined, [cccc388ab0cb191d5ff6148fbf43d52b],
PUP.Optional.DiVapton.A, HKU\S-1-5-21-1645522239-1177238915-1417001333-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3BF42771-1B8A-4910-B3DC-EB330E40020A}, Quarantined, [cccc388ab0cb191d5ff6148fbf43d52b],
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363}, Quarantined, [7d1be2e02b5039fdae4835390002e61a],
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77}, Quarantined, [b0e89d25d4a7e5516b8c521c18ea55ab],
PUP.Optional.DefaultTab.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DefaultTab, Quarantined, [2d6b91312358c67020053ccfad56ed13],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 7
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\Dialogs, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\Dialogs\lib, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\Dialogs\spbd, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\Dialogs\spbd\images, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\Dialogs\spsd, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\Dialogs\spsd\images, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],

Files: 22
PUP.Soft32Downloader, C:\outlook express setup.exe, Quarantined, [46523e843b40b284a0919a7a8879f808],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\nsprotector.js, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\abstraction.js, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\application.js, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\popupTransparent.xul, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\Dialogs\dialogsApi.js, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\Dialogs\lib\jquery.min.js, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\Dialogs\lib\json2.js, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\Dialogs\spbd\bubble.css, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\Dialogs\spbd\bubble.js, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\Dialogs\spbd\main.html, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\Dialogs\spbd\images\information.png, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\Dialogs\spbd\images\x-default-LTR.png, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\Dialogs\spbd\images\x-default-RTL.png, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\Dialogs\spbd\images\x-mouseover-LTR.png, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\Dialogs\spbd\images\x-mouseover-RTL.png, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\Dialogs\spsd\main.html, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\Dialogs\spsd\SearchProtector.css, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\Dialogs\spsd\settings.js, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\Dialogs\spsd\images\ok-button.png, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\Dialogs\spsd\images\separation-line.png, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],
PUP.Optional.SearchProtect.A, C:\WINDOWS\system32\config\systemprofile\Application Data\SearchProtect\ffprotect\Dialogs\spsd\images\warning.png, Quarantined, [b2e65f638cefb284ab978895c73d3ac6],

Physical Sectors: 0
(No malicious items detected)


(end)


Report •

#7
August 12, 2014 at 17:21:15
Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 13/08/2014 11:47:13, SYSTEM, LAPTOP, Manual, Rootkit Database, 2014.2.20.1, 2014.8.4.1,
Update, 13/08/2014 11:48:25, SYSTEM, LAPTOP, Manual, Malware Database, 2014.3.4.9, 2014.8.12.12,

(end)


Report •

#8
August 12, 2014 at 17:24:08
Thanks Graeme,

Please download Farbar Recovery Scan Tool and save it onto your Desktop. If your default download location is not the Desktop, drag it out of it's location onto the Desktop.
http://www.bleepingcomputer.com/dow...
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please Copy and Paste the contents into your reply.
The first time the tool is run, it makes also another log (Addition.txt).
The logs are large, upload them using this, or upload to a site of your choosing. No account needed. Give us the links please.
http://www.zippyshare.com/


Report •

#9
August 12, 2014 at 17:47:42
FRST.txt as follows:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:13-08-2014
Ran by user (administrator) on LAPTOP on 13-08-2014 12:41:33
Running from C:\Documents and Settings\user\Desktop
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/dow...
Download link for 64-Bit Version: http://www.bleepingcomputer.com/dow...
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topi...

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(PalickSoft) C:\Program Files\PalickSoft\HDD Temperature\HDDTSvc.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
() C:\Program Files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcServiceHost.exe
(Lenovo) C:\Program Files\Lenovo\PMDriver\PMSveH.exe
(Sierra Wireless, Inc.) C:\Program Files\Sprint\Sprint SmartView\SwiCardDetect.exe
(Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\mqtgsvc.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
(Conexant) C:\Program Files\CONEXANT\SmartAudio\SmAudio.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Lenovo) C:\PROGRA~1\Lenovo\PMDriver\PMHandler.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(Primax Electronics Ltd.) C:\WINDOWS\system32\ico.exe
() C:\WINDOWS\system32\FSRremoS.EXE
(Alcatel-Lucent) C:\Program Files\tcnz\pcTrayApp.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Sprint) C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(ali) C:\USBStorage\USBDetector.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(PC Drivers Headquarters) C:\Program Files\Driver Support\Driver Support\DriverSupport.exe
(PalickSoft) C:\Program Files\PalickSoft\HDD Temperature\HDDTemperature.exe
(SmithMicro Inc.) C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoInternetIcon] 1
HKU\.DEFAULT\...\Run: [DWQueuedReporting] => c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [520424 2013-03-06] (Microsoft Corporation)
HKU\S-1-5-21-1645522239-1177238915-1417001333-1003\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-1645522239-1177238915-1417001333-1003\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-1645522239-1177238915-1417001333-1003\...\Run: [Driver Support] => C:\Program Files\Driver Support\Driver Support\DriverSupport.exe [4785504 2014-05-07] (PC Drivers Headquarters)
HKU\S-1-5-21-1645522239-1177238915-1417001333-1003\...\MountPoints2: {40ea7d75-7c6a-11e1-a1fd-002100e74ed5} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1645522239-1177238915-1417001333-1003\...\MountPoints2: {62fd34a8-7152-11e1-a1d0-002100e74ed5} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1645522239-1177238915-1417001333-1003\...\MountPoints2: {817833cf-7169-11e1-a1d6-002100e74ed5} - E:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1645522239-1177238915-1417001333-1003\...\MountPoints2: {898c6683-7170-11e1-a1d7-002100e74ed5} - E:\setup_vmb_lite.exe /checkApplicationPresence
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Documents and Settings\user\Start Menu\Programs\Startup\HDD temperature.lnk
ShortcutTarget: HDD temperature.lnk -> C:\Program Files\PalickSoft\HDD Temperature\HDDTemperature.exe (PalickSoft)
BootExecute:

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://qtinstall.apple.com/qtactive...
DPF: {2DAD3559-2923-4935-AD49-B673D2539944} http://support.lenovo.com/Resources...
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.3.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @Motive.com/NpMotive,version=1.0 -> C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF Plugin: @Motive.com/npMotiveRequest,version=1.0 -> C:\Program Files\Common Files\Motive\npMotiveRequest.dll (Alcatel-Lucent)
FF Plugin: @pages.tvunetworks.com/WebPlayer -> C:\Program Files\TVUPlayer\npTVUAx.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Documents and Settings\user\Local Settings\Application Data\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-02-01]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR RestoreOnStartup: "hxxp://www.inspire.net.nz/"
CHR DefaultSearchKeyword: google.co.nz
CHR Extension: (Docs) - C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-20]
CHR Extension: (Google Drive) - C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-08]
CHR Extension: (YouTube) - C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-08]
CHR Extension: (Google Search) - C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-08]
CHR Extension: (Motive Extension) - C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\edmgmpmklgfbohogafcfobonnkogchec [2014-01-08]
CHR Extension: (Skype Click to Call) - C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-08-08]
CHR Extension: (Gmail) - C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-08]
CHR HKLM\...\Chrome\Extension: [edmgmpmklgfbohogafcfobonnkogchec] - C:\Program Files\Common Files\Motive\extensions\MotiveRequest.crx [2013-10-23]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 EapSgnSvc; C:\Program Files\Common Files\Wlan SDK\EapSgnSvc.exe [156560 2011-07-06] (Smith Micro Software, Inc.)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [57520 2013-10-23] (Bitdefender)
R2 HDDTService; C:\Program Files\PalickSoft\HDD Temperature\HDDTSvc.exe [384512 2004-11-24] (PalickSoft) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)
R2 MSMQ; C:\WINDOWS\system32\mqsvc.exe [4608 2008-04-14] (Microsoft Corporation)
R2 MSMQTriggers; C:\WINDOWS\system32\mqtgsvc.exe [117248 2008-04-14] (Microsoft Corporation)
R2 NvtlService; C:\Program Files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe [92504 2011-02-07] ()
R2 pcCMService; C:\Program Files\Common Files\Motive\pcCMService.exe [369152 2013-07-26] (Alcatel-Lucent) [File not signed]
R2 pcServiceHost; C:\Program Files\Common Files\Motive\pcServiceHost.exe [342528 2013-07-26] (Alcatel-Lucent) [File not signed]
R2 PMSveH; C:\Program Files\Lenovo\PMDriver\PMSveH.exe [57344 2006-05-24] (Lenovo) [File not signed]
R3 SprintRcAppSvc; C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe [120424 2012-05-30] (SmithMicro Inc.)
R2 SwiCardDetectSvc; C:\Program Files\Sprint\Sprint SmartView\SwiCardDetect.exe [226672 2010-09-22] (Sierra Wireless, Inc.)
R2 VmbService; C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [9216 2011-08-10] (Vodafone) [File not signed]
S2 HitmanPro37CrusaderBoot; No ImagePath

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [633344 2013-04-17] (BitDefender)
R3 avchv; C:\WINDOWS\System32\DRIVERS\avchv.sys [242504 2012-11-02] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [486536 2013-04-17] (BitDefender)
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [1286144 2008-02-20] (Broadcom Corporation)
R1 bdftdif; C:\Program Files\Bitdefender\Antivirus Free Edition\bdftdif.sys [148600 2013-04-17] (Bitdefender SRL)
R1 bdselfpr; C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys [135472 2013-07-16] (BitDefender LLC)
R0 BsStor; C:\WINDOWS\System32\DRIVERS\bsstor.sys [8320 2002-02-27] (B.H.A Co.,Ltd.) [File not signed]
R2 BsUDF; C:\WINDOWS\system32\Drivers\BsUDF.sys [314496 2002-02-27] (ahead software) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 CnxtHdAudService; C:\WINDOWS\System32\drivers\CHDAU32.sys [737792 2008-04-21] (Conexant Systems Inc.)
S3 FTDIBUS; C:\WINDOWS\System32\drivers\ftdibus.sys [18101 2002-01-07] (FTDI Ltd.) [File not signed]
S3 FTSER2K; C:\WINDOWS\System32\drivers\ftser2k.sys [49040 2002-01-07] (FTDI Ltd.) [File not signed]
S3 giveio; C:\WINDOWS\system32\giveio.sys [5248 1996-04-04] () [File not signed]
R1 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [164952 2013-04-22] (BitDefender LLC)
R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [210560 2008-03-25] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [985472 2008-03-25] (Conexant Systems, Inc.)
S3 massfilter; C:\WINDOWS\System32\DRIVERS\massfilter.sys [9216 2011-08-09] (MBB Incorporated)
R3 MQAC; C:\WINDOWS\system32\drivers\mqac.sys [92544 2008-04-14] (Microsoft Corporation)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2013-07-26] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2013-07-26] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 Nmea; C:\WINDOWS\System32\DRIVERS\pctnullport.sys [38680 2010-10-19] (PCTEL Inc.)
S3 PCASp50; C:\WINDOWS\System32\Drivers\PCASp50.sys [27072 2011-02-07] (Printing Communications Assoc., Inc. (PCAUSA))
S3 pelmouse; C:\WINDOWS\System32\DRIVERS\pelmouse.sys [17251 2002-06-28] (Primax Electronics Ltd.)
S3 pelusblf; C:\WINDOWS\System32\DRIVERS\pelusblf.sys [8704 2002-07-16] (Primax Electronics Ltd.)
R1 PMHler; C:\WINDOWS\System32\drivers\PMHler.sys [10240 2006-05-24] (Lenovo )
S3 SMSIWLAN5; C:\Program Files\Sprint\Sprint SmartView\SMSIWLAN5.SYS [32408 2011-03-01] (Smith Micro Inc.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [355744 2013-05-28] (BitDefender S.R.L.)
S1 UimBus; C:\WINDOWS\System32\DRIVERS\UimBus.sys [81232 2012-12-21] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\WINDOWS\System32\Drivers\Uim_IM.sys [452816 2012-12-21] (Paragon)
R3 vodafone_K3805-z_dc_enum; C:\WINDOWS\System32\DRIVERS\vodafone_K3805-z_dc_enum.sys [80000 2010-09-01] (Vodafone)
S3 vodafone_zte_cdc_acm; C:\WINDOWS\System32\DRIVERS\vodafone_zte_cdc_acm.sys [67968 2011-05-20] (Vodafone)
S3 vodafone_zte_cdc_ecm; C:\WINDOWS\System32\DRIVERS\vodafone_zte_cdc_ecm.sys [32768 2011-05-20] (Vodafone)
S3 vodafone_zte_cpo; C:\WINDOWS\System32\DRIVERS\vodafone_zte_cpo.sys [9984 2011-05-20] (Vodafone)
S3 vodafone_zte_ecm_enum; C:\WINDOWS\System32\DRIVERS\vodafone_zte_ecm_enum.sys [47488 2011-05-20] (Vodafone)
S3 vodafone_zte_ecm_enum_filter; C:\WINDOWS\System32\DRIVERS\vodafone_zte_ecm_enum_filter.sys [47488 2011-05-20] (Vodafone)
S3 btaudio; No ImagePath
S3 BTDriver; No ImagePath
S3 BTWDNDIS; No ImagePath
S3 btwhid; No ImagePath
S0 cerc6; No ImagePath
S4 IntelIde; No ImagePath
S3 JMCR; system32\DRIVERS\jmcr.sys [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
U3 TrueSight; No ImagePath
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-13 12:41 - 2014-08-13 12:42 - 00017435 _____ () C:\Documents and Settings\user\Desktop\FRST.txt
2014-08-13 12:41 - 2014-08-13 12:41 - 00000000 ____D () C:\FRST
2014-08-13 12:40 - 2014-08-13 12:40 - 01092096 _____ (Farbar) C:\Documents and Settings\user\Desktop\FRST.exe
2014-08-13 11:45 - 2014-08-13 12:12 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-13 11:45 - 2014-08-13 11:45 - 00000793 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-13 11:45 - 2014-08-13 11:45 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-13 11:45 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-13 11:45 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-08-13 11:43 - 2014-08-13 11:43 - 17292760 _____ (Malwarebytes Corporation ) C:\Documents and Settings\user\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-12 17:09 - 2014-08-12 17:10 - 00000779 _____ () C:\WINDOWS\setupact.log
2014-08-12 17:09 - 2014-08-12 17:09 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-12 12:48 - 2014-08-12 12:48 - 00001807 _____ () C:\WINDOWS\WET7Cable.log
2014-08-12 12:46 - 2014-08-13 12:10 - 00008415 _____ () C:\WINDOWS\setupapi.log
2014-08-12 12:35 - 2014-08-12 12:35 - 00000710 _____ () C:\Documents and Settings\user\Desktop\Disk Check.lnk
2014-08-12 12:35 - 2014-08-12 12:35 - 00000000 ____D () C:\Program Files\Disk Check
2014-08-12 12:35 - 2014-08-12 12:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Disk Check
2014-08-12 12:34 - 2014-08-12 12:34 - 01451504 _____ (Puran Software ) C:\Documents and Settings\user\Desktop\DiskCheckSetup.exe
2014-08-12 12:14 - 2014-08-12 12:44 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache
2014-08-12 12:14 - 2014-08-12 12:14 - 00000000 ____D () C:\Program Files\Seagate
2014-08-12 12:11 - 2014-08-12 12:12 - 26771088 _____ () C:\Documents and Settings\user\Desktop\SeaToolsforWindowsSetup.exe
2014-08-11 13:42 - 2014-08-12 17:20 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-08-11 13:42 - 2010-11-21 00:40 - 00383786 __RSH () C:\bootmgr
2014-08-11 13:33 - 2014-08-12 17:21 - 00001908 _____ () C:\WINDOWS\diagwrn.xml
2014-08-11 13:33 - 2014-08-12 17:21 - 00001908 _____ () C:\WINDOWS\diagerr.xml
2014-08-11 12:07 - 2014-08-11 12:07 - 00002560 _____ () C:\Documents and Settings\user\Desktop\Windows 7 USB DVD Download Tool.lnk
2014-08-11 12:07 - 2014-08-11 12:07 - 00000000 ____D () C:\Documents and Settings\user\Start Menu\Programs\Windows 7 USB DVD Download Tool
2014-08-11 12:06 - 2014-08-11 12:06 - 02721168 _____ (Microsoft Corporation) C:\Documents and Settings\user\Desktop\Windows7-USB-DVD-tool.exe
2014-08-10 18:03 - 2014-08-10 18:03 - 00001687 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Windows Easy Transfer for Windows 7.lnk
2014-08-10 18:02 - 2014-08-10 18:03 - 00000000 ____D () C:\Program Files\Windows Easy Transfer 7
2014-08-10 18:02 - 2014-08-10 18:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallWET7Cable$
2014-08-10 18:01 - 2014-08-10 18:01 - 07609104 _____ (Microsoft Corporation) C:\Documents and Settings\user\Desktop\wet7xp_x86.exe
2014-08-10 17:34 - 2014-08-10 17:37 - 2564476928 _____ () C:\Documents and Settings\user\Desktop\X17-59183.iso
2014-08-10 15:38 - 2014-08-10 15:38 - 00104978 _____ () C:\Documents and Settings\user\Desktop\Win7 Upgrade Advisor report.mht
2014-08-09 16:57 - 2014-08-09 16:57 - 00000988 _____ () C:\UFantasy.ini
2014-08-09 16:55 - 2014-08-09 16:55 - 00000000 ____D () C:\USBStorage
2014-08-09 16:55 - 2014-08-09 16:55 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\USB Storage
2014-08-09 16:55 - 2003-04-03 18:57 - 00005183 _____ (USB Compliance) C:\WINDOWS\system32\Drivers\usbu2a.sys
2014-08-09 16:31 - 2014-08-09 16:31 - 00000000 ____D () C:\Program Files\Common Files\Intel Corporation
2014-08-09 16:30 - 2014-08-09 16:30 - 00000000 ____D () C:\Documents and Settings\user\Application Data\Intel Corporation
2014-08-09 16:25 - 2014-08-09 16:25 - 00000000 ____D () C:\EPSON
2014-08-09 16:21 - 2014-08-09 16:21 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Intel
2014-08-09 16:19 - 2014-08-09 16:19 - 00000000 ____D () C:\Program Files\Broadcom
2014-08-08 13:42 - 2014-08-08 13:42 - 00000829 _____ () C:\Documents and Settings\user\Desktop\JRT.txt
2014-08-08 13:31 - 2014-08-08 13:31 - 01016261 _____ (Thisisu) C:\Documents and Settings\user\Desktop\JRT.exe
2014-08-08 13:16 - 2014-08-08 21:55 - 00000476 _____ () C:\WINDOWS\Tasks\Driver Support-RTMUpdater.job
2014-08-08 13:16 - 2014-08-08 13:16 - 00000478 _____ () C:\WINDOWS\Tasks\Driver Support-RTMScan.job
2014-08-08 13:16 - 2014-08-08 13:16 - 00000466 _____ () C:\WINDOWS\Tasks\Driver Support-RTMRules.job
2014-08-08 13:11 - 2014-08-08 13:13 - 00000000 ____D () C:\AdwCleaner
2014-08-08 13:09 - 2014-08-08 13:09 - 01475072 _____ () C:\Documents and Settings\user\Desktop\adwcleaner_3.303.exe
2014-08-08 12:23 - 2002-08-30 09:15 - 00036172 _____ () C:\WINDOWS\system32\ms99.cat
2014-08-08 12:23 - 2002-08-26 10:28 - 01514332 _____ () C:\WINDOWS\system32\ms98.cab
2014-08-08 12:23 - 2002-07-15 19:47 - 00004553 _____ () C:\WINDOWS\system32\Setup2k.ini
2014-08-08 12:23 - 2002-04-22 17:46 - 00000253 _____ () C:\WINDOWS\system32\presetup.ini
2014-08-08 12:22 - 2014-08-08 12:22 - 00000000 ____D () C:\IBMTOOLS
2014-08-08 12:22 - 2002-04-12 13:49 - 00029329 _____ (Primax Electronics Ltd.) C:\WINDOWS\system32\Drivers\PELPS2M.SYS
2014-08-08 12:22 - 2001-10-04 17:34 - 00019456 _____ (Primax Electronics Ltd.) C:\WINDOWS\system32\PMMO32R1.DLL
2014-08-08 12:10 - 2014-08-08 12:10 - 00000000 ____D () C:\WINDOWS\_ISTMP3.DIR
2014-08-08 12:10 - 2014-08-08 12:10 - 00000000 ____D () C:\WINDOWS\_ISTMP1.DIR
2014-08-08 12:10 - 2014-08-08 12:10 - 00000000 ____D () C:\_ISTMP1.DIR
2014-08-08 12:01 - 2014-08-08 12:01 - 00000000 ____D () C:\Documents and Settings\user\Application Data\Sprint
2014-08-08 12:01 - 2005-03-15 11:11 - 00017920 _____ (Sierra Wireless America, Inc.) C:\WINDOWS\system32\apintfnt.dll
2014-08-08 12:00 - 2014-08-08 12:00 - 00000000 ____D () C:\Documents and Settings\user\Application Data\Sierra Wireless
2014-08-08 11:58 - 2014-08-08 12:01 - 00000000 ____D () C:\Program Files\Sierra Wireless
2014-08-08 11:58 - 2014-08-08 11:58 - 00250254 _____ () C:\drivers.log
2014-08-08 11:58 - 2014-08-08 11:58 - 00001765 _____ () C:\Documents and Settings\All Users\Desktop\Sprint SmartView.lnk
2014-08-08 11:58 - 2014-08-08 11:58 - 00000000 ____D () C:\Program Files\Sprint
2014-08-08 11:58 - 2014-08-08 11:58 - 00000000 ____D () C:\Program Files\Novatel Wireless
2014-08-08 11:58 - 2014-08-08 11:58 - 00000000 ____D () C:\Program Files\Common Files\Wlan SDK
2014-08-08 11:58 - 2014-08-08 11:58 - 00000000 ____D () C:\Program Files\Common Files\PctelEapPeer Authentication
2014-08-08 11:58 - 2014-08-08 11:58 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Sprint
2014-08-08 11:58 - 2014-08-08 11:58 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Sprint
2014-08-08 11:27 - 2014-08-08 11:28 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\UAB
2014-08-08 11:27 - 2014-08-08 11:27 - 00002042 _____ () C:\Documents and Settings\All Users\Desktop\Driver Support.lnk
2014-08-08 11:27 - 2014-08-08 11:27 - 00000000 ____D () C:\Documents and Settings\user\Local Settings\Application Data\PC_Drivers_Headquarters
2014-08-08 11:27 - 2014-08-08 11:27 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Driver Support
2014-08-08 11:27 - 2014-08-08 11:27 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Driver Support
2014-08-08 11:26 - 2014-08-08 11:26 - 00000000 ____D () C:\Program Files\Driver Support
2014-08-08 11:24 - 2014-08-08 11:24 - 02001368 _____ (Driver Support) C:\Documents and Settings\user\Desktop\DriverSupport.exe
2014-08-05 20:09 - 2014-08-13 12:11 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-07-30 15:41 - 2014-07-30 15:41 - 00000000 ____D () C:\WINDOWS\Performance
2014-07-30 15:40 - 2014-07-30 15:40 - 00001906 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Windows 7 Upgrade Advisor.lnk
2014-07-30 15:40 - 2014-07-30 15:40 - 00001900 _____ () C:\Documents and Settings\All Users\Desktop\Windows 7 Upgrade Advisor.lnk
2014-07-30 15:40 - 2014-07-30 15:40 - 00000000 ____D () C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2014-07-30 15:40 - 2014-07-30 15:40 - 00000000 ____D () C:\Documents and Settings\user\Local Settings\Application Data\Microsoft Corporation
2014-07-16 10:28 - 2014-07-16 10:28 - 00000000 ____D () C:\Program Files\Common Files\Skype

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-13 12:42 - 2014-08-13 12:41 - 00017435 _____ () C:\Documents and Settings\user\Desktop\FRST.txt
2014-08-13 12:42 - 2011-11-23 13:28 - 00000000 ____D () C:\Documents and Settings\user\Local Settings\Temp
2014-08-13 12:41 - 2014-08-13 12:41 - 00000000 ____D () C:\FRST
2014-08-13 12:40 - 2014-08-13 12:40 - 01092096 _____ (Farbar) C:\Documents and Settings\user\Desktop\FRST.exe
2014-08-13 12:13 - 2013-12-04 17:29 - 00000000 ____D () C:\Documents and Settings\user\My Documents\Outlook Files
2014-08-13 12:12 - 2014-08-13 11:45 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-13 12:12 - 2011-11-23 13:19 - 01267167 ____C () C:\WINDOWS\WindowsUpdate.log
2014-08-13 12:11 - 2014-08-05 20:09 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-08-13 12:10 - 2014-08-12 12:46 - 00008415 _____ () C:\WINDOWS\setupapi.log
2014-08-13 12:10 - 2008-04-14 19:00 - 00013684 ____C () C:\WINDOWS\system32\wpa.dbl
2014-08-13 12:09 - 2014-05-14 12:18 - 00000330 _____ () C:\WINDOWS\Tasks\AutoKMS.job
2014-08-13 12:09 - 2014-03-28 20:27 - 00000220 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-08-13 12:09 - 2013-10-22 00:48 - 00000350 ____C () C:\WINDOWS\Tasks\SmartPCFix Task.job
2014-08-13 12:09 - 2011-11-24 01:13 - 00000300 ____C () C:\WINDOWS\wiadebug.log
2014-08-13 12:09 - 2011-11-24 01:13 - 00000049 ____C () C:\WINDOWS\wiaservc.log
2014-08-13 12:09 - 2011-11-23 13:25 - 00000006 ___HC () C:\WINDOWS\Tasks\SA.DAT
2014-08-13 12:08 - 2013-10-23 00:29 - 00131072 _____ () C:\WINDOWS\system32\config\OAlerts.evt
2014-08-13 12:08 - 2013-08-20 23:42 - 00590590 ____C () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1645522239-1177238915-1417001333-1003-0.dat
2014-08-13 12:08 - 2013-08-20 23:42 - 00310310 ____C () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-08-13 12:08 - 2011-11-24 01:05 - 00000000 ____D () C:\WINDOWS\security
2014-08-13 12:08 - 2011-11-23 13:25 - 00032606 _____ () C:\WINDOWS\SchedLgU.Txt
2014-08-13 11:45 - 2014-08-13 11:45 - 00000793 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-13 11:45 - 2014-08-13 11:45 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-13 11:45 - 2013-10-16 09:01 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-08-13 11:43 - 2014-08-13 11:43 - 17292760 _____ (Malwarebytes Corporation ) C:\Documents and Settings\user\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-13 09:48 - 2011-11-23 13:28 - 00000278 __SHC () C:\Documents and Settings\user\ntuser.ini
2014-08-12 17:21 - 2014-08-11 13:33 - 00001908 _____ () C:\WINDOWS\diagwrn.xml
2014-08-12 17:21 - 2014-08-11 13:33 - 00001908 _____ () C:\WINDOWS\diagerr.xml
2014-08-12 17:20 - 2014-08-11 13:42 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-08-12 17:10 - 2014-08-12 17:09 - 00000779 _____ () C:\WINDOWS\setupact.log
2014-08-12 17:09 - 2014-08-12 17:09 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-12 16:37 - 2012-01-24 20:09 - 00002483 _____ () C:\Documents and Settings\user\Desktop\Hard Disk Drive Temperature monitor.lnk
2014-08-12 12:48 - 2014-08-12 12:48 - 00001807 _____ () C:\WINDOWS\WET7Cable.log
2014-08-12 12:44 - 2014-08-12 12:14 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache
2014-08-12 12:35 - 2014-08-12 12:35 - 00000710 _____ () C:\Documents and Settings\user\Desktop\Disk Check.lnk
2014-08-12 12:35 - 2014-08-12 12:35 - 00000000 ____D () C:\Program Files\Disk Check
2014-08-12 12:35 - 2014-08-12 12:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Disk Check
2014-08-12 12:34 - 2014-08-12 12:34 - 01451504 _____ (Puran Software ) C:\Documents and Settings\user\Desktop\DiskCheckSetup.exe
2014-08-12 12:14 - 2014-08-12 12:14 - 00000000 ____D () C:\Program Files\Seagate
2014-08-12 12:12 - 2014-08-12 12:11 - 26771088 _____ () C:\Documents and Settings\user\Desktop\SeaToolsforWindowsSetup.exe
2014-08-12 10:45 - 2012-01-26 11:50 - 00000000 ____D () C:\Documents and Settings\user\My Documents\Leo
2014-08-11 12:07 - 2014-08-11 12:07 - 00002560 _____ () C:\Documents and Settings\user\Desktop\Windows 7 USB DVD Download Tool.lnk
2014-08-11 12:07 - 2014-08-11 12:07 - 00000000 ____D () C:\Documents and Settings\user\Start Menu\Programs\Windows 7 USB DVD Download Tool
2014-08-11 12:06 - 2014-08-11 12:06 - 02721168 _____ (Microsoft Corporation) C:\Documents and Settings\user\Desktop\Windows7-USB-DVD-tool.exe
2014-08-10 18:05 - 2011-11-23 13:17 - 00000000 ____D () C:\WINDOWS\Registration
2014-08-10 18:03 - 2014-08-10 18:03 - 00001687 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Windows Easy Transfer for Windows 7.lnk
2014-08-10 18:03 - 2014-08-10 18:02 - 00000000 ____D () C:\Program Files\Windows Easy Transfer 7
2014-08-10 18:02 - 2014-08-10 18:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallWET7Cable$
2014-08-10 18:01 - 2014-08-10 18:01 - 07609104 _____ (Microsoft Corporation) C:\Documents and Settings\user\Desktop\wet7xp_x86.exe
2014-08-10 17:37 - 2014-08-10 17:34 - 2564476928 _____ () C:\Documents and Settings\user\Desktop\X17-59183.iso
2014-08-10 15:38 - 2014-08-10 15:38 - 00104978 _____ () C:\Documents and Settings\user\Desktop\Win7 Upgrade Advisor report.mht
2014-08-10 09:32 - 2011-11-24 01:12 - 00621084 ____C () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-09 19:16 - 2012-01-24 19:34 - 00000000 ____D () C:\Documents and Settings\user\Application Data\Skype
2014-08-09 17:42 - 2014-04-09 16:16 - 00002265 _____ () C:\Documents and Settings\All Users\Desktop\Skype.lnk
2014-08-09 16:57 - 2014-08-09 16:57 - 00000988 _____ () C:\UFantasy.ini
2014-08-09 16:55 - 2014-08-09 16:55 - 00000000 ____D () C:\USBStorage
2014-08-09 16:55 - 2014-08-09 16:55 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\USB Storage
2014-08-09 16:31 - 2014-08-09 16:31 - 00000000 ____D () C:\Program Files\Common Files\Intel Corporation
2014-08-09 16:30 - 2014-08-09 16:30 - 00000000 ____D () C:\Documents and Settings\user\Application Data\Intel Corporation
2014-08-09 16:25 - 2014-08-09 16:25 - 00000000 ____D () C:\EPSON
2014-08-09 16:25 - 2012-10-01 10:28 - 00000665 ____C () C:\Documents and Settings\All Users\Desktop\EPSON Scan.lnk
2014-08-09 16:21 - 2014-08-09 16:21 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Intel
2014-08-09 16:21 - 2011-11-23 18:40 - 00000000 ____D () C:\Program Files\Intel
2014-08-09 16:21 - 2011-11-23 18:28 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2014-08-09 16:20 - 2011-11-23 18:43 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-08-09 16:19 - 2014-08-09 16:19 - 00000000 ____D () C:\Program Files\Broadcom
2014-08-08 21:55 - 2014-08-08 13:16 - 00000476 _____ () C:\WINDOWS\Tasks\Driver Support-RTMUpdater.job
2014-08-08 15:50 - 2012-01-26 11:59 - 00000000 ____D () C:\Documents and Settings\user\My Documents\Racing, Betting
2014-08-08 15:00 - 2014-03-28 20:27 - 00000214 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-08-08 13:42 - 2014-08-08 13:42 - 00000829 _____ () C:\Documents and Settings\user\Desktop\JRT.txt
2014-08-08 13:31 - 2014-08-08 13:31 - 01016261 _____ (Thisisu) C:\Documents and Settings\user\Desktop\JRT.exe
2014-08-08 13:16 - 2014-08-08 13:16 - 00000478 _____ () C:\WINDOWS\Tasks\Driver Support-RTMScan.job
2014-08-08 13:16 - 2014-08-08 13:16 - 00000466 _____ () C:\WINDOWS\Tasks\Driver Support-RTMRules.job
2014-08-08 13:13 - 2014-08-08 13:11 - 00000000 ____D () C:\AdwCleaner
2014-08-08 13:13 - 2013-10-18 09:30 - 00000000 ____D () C:\Documents and Settings\user\Start Menu\Programs\AppsHat
2014-08-08 13:13 - 2013-07-08 11:13 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
2014-08-08 13:09 - 2014-08-08 13:09 - 01475072 _____ () C:\Documents and Settings\user\Desktop\adwcleaner_3.303.exe
2014-08-08 12:22 - 2014-08-08 12:22 - 00000000 ____D () C:\IBMTOOLS
2014-08-08 12:22 - 2011-11-24 01:05 - 00000000 ____D () C:\WINDOWS\Help
2014-08-08 12:18 - 2012-02-15 15:16 - 00000000 ____D () C:\Documents and Settings\user\Application Data\Winamp
2014-08-08 12:10 - 2014-08-08 12:10 - 00000000 ____D () C:\WINDOWS\_ISTMP3.DIR
2014-08-08 12:10 - 2014-08-08 12:10 - 00000000 ____D () C:\WINDOWS\_ISTMP1.DIR
2014-08-08 12:10 - 2014-08-08 12:10 - 00000000 ____D () C:\_ISTMP1.DIR
2014-08-08 12:01 - 2014-08-08 12:01 - 00000000 ____D () C:\Documents and Settings\user\Application Data\Sprint
2014-08-08 12:01 - 2014-08-08 11:58 - 00000000 ____D () C:\Program Files\Sierra Wireless
2014-08-08 12:00 - 2014-08-08 12:00 - 00000000 ____D () C:\Documents and Settings\user\Application Data\Sierra Wireless
2014-08-08 11:58 - 2014-08-08 11:58 - 00250254 _____ () C:\drivers.log
2014-08-08 11:58 - 2014-08-08 11:58 - 00001765 _____ () C:\Documents and Settings\All Users\Desktop\Sprint SmartView.lnk
2014-08-08 11:58 - 2014-08-08 11:58 - 00000000 ____D () C:\Program Files\Sprint
2014-08-08 11:58 - 2014-08-08 11:58 - 00000000 ____D () C:\Program Files\Novatel Wireless
2014-08-08 11:58 - 2014-08-08 11:58 - 00000000 ____D () C:\Program Files\Common Files\Wlan SDK
2014-08-08 11:58 - 2014-08-08 11:58 - 00000000 ____D () C:\Program Files\Common Files\PctelEapPeer Authentication
2014-08-08 11:58 - 2014-08-08 11:58 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Sprint
2014-08-08 11:58 - 2014-08-08 11:58 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Sprint
2014-08-08 11:58 - 2011-11-24 01:12 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-08 11:45 - 2012-02-20 12:09 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\EPSON
2014-08-08 11:45 - 2012-02-20 12:08 - 00000000 ____D () C:\Program Files\epson
2014-08-08 11:28 - 2014-08-08 11:27 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\UAB
2014-08-08 11:27 - 2014-08-08 11:27 - 00002042 _____ () C:\Documents and Settings\All Users\Desktop\Driver Support.lnk
2014-08-08 11:27 - 2014-08-08 11:27 - 00000000 ____D () C:\Documents and Settings\user\Local Settings\Application Data\PC_Drivers_Headquarters
2014-08-08 11:27 - 2014-08-08 11:27 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Driver Support
2014-08-08 11:27 - 2014-08-08 11:27 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Driver Support
2014-08-08 11:26 - 2014-08-08 11:26 - 00000000 ____D () C:\Program Files\Driver Support
2014-08-08 11:24 - 2014-08-08 11:24 - 02001368 _____ (Driver Support) C:\Documents and Settings\user\Desktop\DriverSupport.exe
2014-08-06 18:43 - 2011-11-23 13:28 - 00000000 ____D () C:\Documents and Settings\user\Start Menu\Programs\Accessories
2014-08-06 17:31 - 2013-10-16 11:49 - 00000000 __SHD () C:\WINDOWS\CSC
2014-08-04 17:36 - 2014-05-16 09:51 - 00699056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-08-04 17:36 - 2014-05-16 09:51 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-07-30 15:41 - 2014-07-30 15:41 - 00000000 ____D () C:\WINDOWS\Performance
2014-07-30 15:40 - 2014-07-30 15:40 - 00001906 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Windows 7 Upgrade Advisor.lnk
2014-07-30 15:40 - 2014-07-30 15:40 - 00001900 _____ () C:\Documents and Settings\All Users\Desktop\Windows 7 Upgrade Advisor.lnk
2014-07-30 15:40 - 2014-07-30 15:40 - 00000000 ____D () C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2014-07-30 15:40 - 2014-07-30 15:40 - 00000000 ____D () C:\Documents and Settings\user\Local Settings\Application Data\Microsoft Corporation
2014-07-29 23:56 - 2013-01-18 13:03 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 21:34 - 2012-01-26 12:00 - 00000000 ____D () C:\Documents and Settings\user\My Documents\Benneydale
2014-07-24 10:27 - 2013-01-18 13:03 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
2014-07-21 17:29 - 2014-03-23 22:12 - 00000000 ____D () C:\Documents and Settings\user\My Documents\TSB Bank
2014-07-19 08:52 - 2012-01-26 11:59 - 00000000 ____D () C:\Documents and Settings\user\My Documents\WinWord
2014-07-18 10:29 - 2012-03-28 18:22 - 00000000 ____D () C:\Documents and Settings\user\My Documents\Sky TV
2014-07-16 20:07 - 2012-01-26 11:59 - 00000000 ____D () C:\Documents and Settings\user\My Documents\Pro-Life
2014-07-16 10:28 - 2014-07-16 10:28 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-07-16 10:28 - 2012-01-24 19:34 - 00000000 ___RD () C:\Program Files\Skype
2014-07-16 10:28 - 2012-01-24 19:34 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Skype
2014-07-15 12:18 - 2012-01-26 12:00 - 00000000 ____D () C:\Documents and Settings\user\My Documents\A.M.P

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================


Report •

#10
August 12, 2014 at 17:48:56
Let me know if you want to go offline or to bed please.

I'm here.
http://www.timeanddate.com/worldclo...


Report •

#11
August 12, 2014 at 17:49:11
Addition.txt as follows:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:13-08-2014
Ran by user at 2014-08-13 12:42:40
Running from C:\Documents and Settings\user\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus Free Edition (Disabled - Up to date) {9488E0FA-F058-4673-850E-E755F112BABC}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.3 (HKLM\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.4.2.0 - Auslogics Labs Pty Ltd)
AVG 2012 (Version: 12.0.1901 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.1913 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2176 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2178 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2197 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2221 - AVG Technologies) Hidden
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender)
Broadcom Gigabit Integrated Controller (HKLM\...\{49F3D04B-B849-4C89-AB31-2366A004EA28}) (Version: 12.24.01 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
Citrix Online Launcher (HKLM\...\{B025BA0B-64A6-46DE-9D64-32965C83CCA9}) (Version: 1.0.179 - Citrix)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 3.49.4.50 - Conexant)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version: - Microsoft)
Disk Check 1.2 (HKLM\...\Disk Check_is1) (Version: - Puran Software)
Driver Support (HKLM\...\{597FB4A5-DD86-4316-A410-7E8074CC2CCE}) (Version: 8.1 - Driver Support)
EPSON Attach To Email (HKLM\...\InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON)
EPSON Attach To Email (Version: 1.01.0000 - SEIKO EPSON) Hidden
EPSON Copy Utility 3 (HKLM\...\{67EDD823-135A-4D59-87BD-950616D6E857}) (Version: 3.1.5.0 - )
Epson Easy Photo Print 2 (HKLM\...\{1FE8D36C-4441-4115-BCA3-9339ED003C36}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{8A17C27D-0325-400C-8AA9-DAA6B16CBD74}) (Version: 2.40.0009 - SEIKO EPSON CORPORATION)
EPSON Image Clip Palette (HKLM\...\{314F6D08-A8B7-11D8-8446-0050BA1D384D}) (Version: 1.02.00 - )
EPSON NX130 TX130 Series Printer Uninstall (HKLM\...\EPSON NX130 TX130 Series) (Version: - SEIKO EPSON Corporation)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - )
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON Scan Assistant (HKLM\...\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}) (Version: 1.02.00 - )
ESCX3700 User's Guide (HKLM\...\ESCX3700 User's Guide) (Version: - )
FTDI USB Serial Converter Drivers (HKLM\...\FTDICOMM) (Version: - )
FUJIFILM MyFinePix Studio 3.2 (HKLM\...\MyFinePix Studio_is1) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 30.0.1599.69 - Google Inc.)
Google Update Helper (Version: 1.3.21.165 - Google Inc.) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.73.00.50 - Conexant Systems)
HDD Temperature (HKLM\...\{6C8F4EAB-CC57-42C5-9BAD-B5605675D69D}) (Version: 1.4.206 - PalickSoft)
InCD (Ahead Software) (HKLM\...\InCD!UninstallKey) (Version: - )
InstallVC90Support (Version: 1.01.0000 - Novatel Wireless) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
iTunes (HKLM\...\{C197BC08-3D82-4651-8886-E68C21578A38}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
MAGIX Audio Cleaning Lab SE 15.0.0.0 (UK) (HKLM\...\MAGIX Audio Cleaning Lab SE UK) (Version: 15.0.0.0 - MAGIX AG)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Player Classic - Home Cinema v1.5.2.3456 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.5.2.3456 - MPC-HC Team) <==== ATTENTION
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft IEAK 6 (HKLM\...\IEAK6) (Version: - )
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 (Version: - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 (Version: - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office XP Media Content (HKLM\...\{90300409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2619.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Software Update for Web Folders (English) 14 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Mouse Suite (HKLM\...\MouseSuite98) (Version: - )
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyMorph (HKLM\...\InstallShield_{0BFCE729-2C99-4D94-944E-4B57878D3576}) (Version: 2.0 - National Library of Medicine)
MyMorph (Version: 2.0 - National Library of Medicine) Hidden
NavDesk 7.50 (HKLM\...\{AB756389-9A03-44f3-ABAF-3699C01B4868}-Navman-7.50) (Version: 7.50.0109.128 - Navman Technology NZ Limited)
Nero - Burning Rom (HKLM\...\{A4D7B764-4140-11D4-88EB-0050DA3579C0}) (Version: 5.5.7.8 - ahead software gmbh)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
PM Driver (HKLM\...\InstallShield_{62715632-A555-4D9E-9CEC-4F84EB55B07B}) (Version: 0.64.0.9 - Lenovo)
PM Driver (Version: 0.64.0.9 - Lenovo) Hidden
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version: - Microsoft) Hidden
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
Sprint SmartView (HKLM\...\{84E0D40C-ED8E-48B2-83D2-4C11AB246F4A}) (Version: 2.61.0038.0 - Sprint)
SSC Service Utility v4.30 (HKLM\...\SSC Service Utility_is1) (Version: - SSC Localization Group)
Swiff Player 1.7.2 (HKLM\...\Swiff Player_is1) (Version: 1.7.2 - GlobFX Technologies)
Telecom Broadband Assist (HKLM\...\tcnz) (Version: BCM 7.1 - Telecom New Zealand)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
Update for Windows XP (KB2264107) (HKLM\...\KB2264107) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2492386) (HKLM\...\KB2492386) (Version: 1 - Microsoft Corporation)
User's Guide EPSON NX130 TX130 Series (HKLM\...\EPSON NX130 TX130 Series Useg) (Version: - )
Vodafone Mobile Broadband Lite (HKLM\...\{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}) (Version: 10.2.304.33770 - Vodafone)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Easy Transfer for Windows 7 (HKLM\...\WET7Cable) (Version: - Microsoft Corporation)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Media Player 11 (Version: - Microsoft Corporation) Hidden
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
WinX DVD Ripper 5.5.3 (HKLM\...\WinX DVD Ripper_is1) (Version: - Digiarty Software, Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1645522239-1177238915-1417001333-1003_Classes\CLSID\{97090E2F-3062-4459-855B-014F0D3CDBB1}\InprocServer32 -> C:\Program Files\Windows Desktop Search\deskbar.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1645522239-1177238915-1417001333-1003_Classes\CLSID\{A07429B7-D8D1-D529-44C1-348432C4B3BC}\InprocServer32 -> C:\WINDOWS\system32\ole32.dll (Microsoft Corporation)

==================== Restore Points =========================

24-06-2014 00:14:16 System Checkpoint
25-06-2014 00:48:44 System Checkpoint
26-06-2014 00:59:45 System Checkpoint
27-06-2014 01:22:51 System Checkpoint
29-06-2014 02:01:29 System Checkpoint
30-06-2014 07:32:27 System Checkpoint
02-07-2014 02:48:01 System Checkpoint
03-07-2014 05:34:05 System Checkpoint
04-07-2014 23:03:25 Removed Google Earth.
04-07-2014 23:04:30 Removed JMicron JMB38X Flash Media Controller
06-07-2014 03:16:43 System Checkpoint
06-07-2014 23:19:13 Software Distribution Service 3.0
08-07-2014 07:36:45 System Checkpoint
10-07-2014 01:29:41 Software Distribution Service 3.0
11-07-2014 11:35:45 System Checkpoint
13-07-2014 09:06:35 System Checkpoint
15-07-2014 00:42:54 System Checkpoint
16-07-2014 01:41:31 System Checkpoint
17-07-2014 02:41:36 System Checkpoint
18-07-2014 07:54:36 System Checkpoint
20-07-2014 04:16:55 System Checkpoint
21-07-2014 06:19:52 System Checkpoint
22-07-2014 07:04:19 System Checkpoint
23-07-2014 08:13:41 System Checkpoint
23-07-2014 22:26:13 Software Distribution Service 3.0
25-07-2014 00:55:18 System Checkpoint
26-07-2014 04:50:00 System Checkpoint
27-07-2014 04:57:52 System Checkpoint
28-07-2014 05:40:11 System Checkpoint
29-07-2014 06:42:06 System Checkpoint
30-07-2014 03:40:10 Installed Windows 7 Upgrade Advisor
31-07-2014 04:01:59 System Checkpoint
01-08-2014 08:59:43 System Checkpoint
02-08-2014 21:03:29 System Checkpoint
03-08-2014 23:39:29 System Checkpoint
05-08-2014 04:36:28 System Checkpoint
06-08-2014 07:16:16 System Checkpoint
06-08-2014 10:06:59 Installed Windows XP KB932716-v2.
07-08-2014 10:50:25 System Checkpoint
07-08-2014 23:26:09 Installed Driver Support.
07-08-2014 23:45:12 Unsigned printer driver EPSON Stylus CX3700 Series installed.
07-08-2014 23:46:49 Unsigned printer driver EPSON Stylus CX3700 Series installed.
07-08-2014 23:47:45 Unsigned printer driver EPSON Stylus CX3700 Series installed.
07-08-2014 23:58:01 Installed Sprint SmartView.
09-08-2014 02:40:16 System Checkpoint
09-08-2014 04:19:02 Installed Broadcom Gigabit Integrated Controller.
10-08-2014 04:39:16 System Checkpoint
10-08-2014 06:02:54 Installed Windows Windows Easy Transfer for Windows 7.
11-08-2014 00:07:02 Installed Windows 7 USB/DVD Download Tool
12-08-2014 00:14:46 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2008-04-14 19:00 - 2013-10-16 11:53 - 00000741 ___AC C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\Driver Support-RTMRules.job => C:\Program Files\Driver Support\Driver Support\DriverSupport.exe
Task: C:\WINDOWS\Tasks\Driver Support-RTMScan.job => C:\Program Files\Driver Support\Driver Support\DriverSupport.exe
Task: C:\WINDOWS\Tasks\Driver Support-RTMUpdater.job => C:\Program Files\Driver Support\Driver Support\DriverSupport.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\SmartPCFix Task.job => C:\Program Files\SmartPCFix\SmartPCFix.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-04-16 17:55 - 2013-03-19 12:07 - 00508136 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2014-04-16 17:54 - 2013-09-03 14:29 - 00095088 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2008-01-28 10:15 - 2008-01-28 10:15 - 00073728 _____ () c:\Program Files\MyMorph\Mcmh.dll
2011-02-07 17:25 - 2011-02-07 17:25 - 00092504 _____ () C:\Program Files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
2014-08-09 16:21 - 2014-08-09 16:21 - 00172544 _____ () C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\IsdiInterop\237678d0c6805b8a52e12a88ebd771a6\IsdiInterop.ni.dll
2014-08-09 16:21 - 2011-05-20 10:05 - 00059904 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2009-03-31 22:28 - 2009-03-31 22:28 - 00024576 _____ () C:\Program Files\Lenovo\PMDriver\PMHlerIO.dll
2011-11-23 18:57 - 2008-06-16 16:47 - 00032768 ____N () C:\Program Files\Lenovo\PMDriver\PMEbLib.dll
2013-10-17 18:01 - 2003-11-06 14:51 - 00020480 _____ () C:\WINDOWS\system32\FSRremoS.EXE
2012-05-30 10:08 - 2012-05-30 10:08 - 00120424 _____ () C:\Program Files\Sprint\Sprint SmartView\RC_Pac.dll
2012-05-30 10:08 - 2012-05-30 10:08 - 00071272 _____ () C:\Program Files\Sprint\Sprint SmartView\RC_Eap.dll
2014-05-07 13:31 - 2014-05-07 13:31 - 00428424 _____ () C:\Program Files\Driver Support\Driver Support\Agent.Communication.XmlSerializers.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-14 14:46 - 2013-02-14 14:46 - 01044048 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B
AlternateDataStreams: C:\Documents and Settings\user\Desktop\adwcleaner_3.303.exe:BDU
AlternateDataStreams: C:\Documents and Settings\user\Desktop\DiskCheckSetup.exe:BDU
AlternateDataStreams: C:\Documents and Settings\user\Desktop\DriverSupport.exe:BDU
AlternateDataStreams: C:\Documents and Settings\user\Desktop\FRST.exe:BDU
AlternateDataStreams: C:\Documents and Settings\user\Desktop\JRT.exe:BDU
AlternateDataStreams: C:\Documents and Settings\user\Desktop\mbam-setup-2.0.2.1012.exe:BDU
AlternateDataStreams: C:\Documents and Settings\user\Desktop\SeaToolsforWindowsSetup.exe:BDU
AlternateDataStreams: C:\Documents and Settings\user\Desktop\wet7xp_x86.exe:BDU
AlternateDataStreams: C:\Documents and Settings\user\Desktop\Windows7-USB-DVD-tool.exe:BDU

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk => C:\WINDOWS\pss\Windows Search.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^user^Start Menu^Programs^Startup^HDD temperature.lnk => C:\WINDOWS\pss\HDD temperature.lnkStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AppsHat => C:\Documents and Settings\user\Local Settings\Application Data\WebPlayer\AppsHat\WebPlayer.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: EPSON NX130 TX130 Series => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJP.EXE /FU "C:\DOCUME~1\user\LOCALS~1\Temp\E_S2BB.tmp" /EF "HKCU"
MSCONFIG\startupreg: InCD => C:\Program Files\ahead\InCD\InCD.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QUAD Windows service => C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD RegistryCleaner.exe -h
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\qttask.exe" -atboottime
MSCONFIG\startupreg: tcnz_McciTrayApp => "C:\Program Files\tcnz\McciTrayApp.exe"

==================== Faulty Device Manager Devices =============

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : This device is not configured correctly. (Code1)
Resolution: You may be prompted to provide the path of the driver. Windows may have the driver built-in, or may still have the driver files installed from the last time that you set up the device. If you are asked for the driver and you do not have it, you can try to download the latest driver from the hardware vendor�s Web site.
In the device properties dialog box, click the "Driver" tab, and then click "Update Driver" to start the "Hardware Update Wizard". Follow the instructions to update the driver. If updating the driver does not work, see your hardware documentation for more information.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/13/2014 00:10:00 PM) (Source: VmbService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (08/13/2014 09:51:50 AM) (Source: VmbService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (08/12/2014 04:30:15 PM) (Source: VmbService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (08/12/2014 02:09:48 PM) (Source: VmbService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (08/12/2014 00:47:32 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\USER\RECENT\DESKTOP.INI> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/12/2014 00:45:53 PM) (Source: VmbService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (08/11/2014 09:28:18 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AutoKMS.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.COMException
Stack:
at ..(System.String, System.String, ., System.String)
at ...ctor()
at ..(.)
at ..()

Error: (08/11/2014 09:28:09 PM) (Source: .NET Runtime 4.0 Error Reporting) (EventID: 5000) (User: )
Description: EventType clr20r3, P1 autokms.exe, P2 1.0.0.0, P3 52aef33f, P4 system.management, P5 4.0.0.0, P6 4ba1e140, P7 24e, P8 10f, P9 clr20r30, P10 clr20r31.

Error: (08/11/2014 09:27:20 PM) (Source: VmbService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (08/09/2014 11:20:52 PM) (Source: VmbService) (EventID: 0) (User: )
Description: conflictManagerTypeValue


System errors:
=============
Error: (08/13/2014 00:09:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HitmanPro 3.7 Crusader (Boot) service failed to start due to the following error:
%%3

Error: (08/13/2014 09:51:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HitmanPro 3.7 Crusader (Boot) service failed to start due to the following error:
%%3

Error: (08/12/2014 04:30:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HitmanPro 3.7 Crusader (Boot) service failed to start due to the following error:
%%3

Error: (08/12/2014 02:09:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HitmanPro 3.7 Crusader (Boot) service failed to start due to the following error:
%%3

Error: (08/12/2014 00:45:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HitmanPro 3.7 Crusader (Boot) service failed to start due to the following error:
%%3

Error: (08/11/2014 09:27:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HitmanPro 3.7 Crusader (Boot) service failed to start due to the following error:
%%3

Error: (08/09/2014 11:20:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HitmanPro 3.7 Crusader (Boot) service failed to start due to the following error:
%%3

Error: (08/09/2014 04:58:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HitmanPro 3.7 Crusader (Boot) service failed to start due to the following error:
%%3

Error: (08/09/2014 04:30:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HitmanPro 3.7 Crusader (Boot) service failed to start due to the following error:
%%3

Error: (08/08/2014 10:01:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HitmanPro 3.7 Crusader (Boot) service failed to start due to the following error:
%%3


Microsoft Office Sessions:
=========================
Error: (08/13/2014 00:10:00 PM) (Source: VmbService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (08/13/2014 09:51:50 AM) (Source: VmbService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (08/12/2014 04:30:15 PM) (Source: VmbService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (08/12/2014 02:09:48 PM) (Source: VmbService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (08/12/2014 00:47:32 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\DOCUMENTS AND SETTINGS\USER\RECENT\DESKTOP.INI

Error: (08/12/2014 00:45:53 PM) (Source: VmbService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (08/11/2014 09:28:18 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AutoKMS.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.COMException
Stack:
at ..(System.String, System.String, ., System.String)
at ...ctor()
at ..(.)
at ..()

Error: (08/11/2014 09:28:09 PM) (Source: .NET Runtime 4.0 Error Reporting) (EventID: 5000) (User: )
Description: clr20r3autokms.exe1.0.0.052aef33fsystem.management4.0.0.04ba1e14024e10fpszqoadhx1u5zahbhohghldgiy4qixhxNIL

Error: (08/11/2014 09:27:20 PM) (Source: VmbService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (08/09/2014 11:20:52 PM) (Source: VmbService) (EventID: 0) (User: )
Description: conflictManagerTypeValue


==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU 900 @ 2.20GHz
Percentage of memory in use: 46%
Total physical RAM: 2008.5 MB
Available physical RAM: 1080.39 MB
Total Pagefile: 3328.14 MB
Available Pagefile: 2347.96 MB
Total Virtual: 2047.88 MB
Available Virtual: 1926.29 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.04 GB) (Free:103.11 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 59F63C2D)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End Of Log ============================


Report •

#12
August 12, 2014 at 18:06:46
Still going through the logs, in the meantime I'll get this report.

Download Security Check by screen317 from one of the following links and save it onto your Desktop. If your default download location is not the Desktop, drag it out of it's location onto the Desktop
http://screen317.spywareinfoforum.o...
http://screen317.changelog.fr/Secur...
Please restart the computer before running this security check..
* Double click SecurityCheck.exe. If you run Windows Vista or 7/8, right click and choose 'Run as Administrator'.
o If you are asked by Windows to run this program or not, please click 'Yes' or 'Run'.
o When you see a console window, press any key to continue scanning.
o Wait while it scans.
o If your firewall alerts you of Security Check, please press 'Allow' or similar.
* A Notepad document should open automatically after scan is completed. It will be called checkup.txt; Please Copy and Paste the contents into your reply.


Report •

#13
August 12, 2014 at 18:26:53
checkup.txt as follows:
Results of screen317's Security Check version 0.99.86
Windows XP Service Pack 3 x86
Internet Explorer 8
[b][u]``````````````Antivirus/Firewall Check:``````````````[/b][/u]
Windows Firewall Enabled!
Bitdefender Antivirus Free Edition
Antivirus up to date!
[b][u]`````````Anti-malware/Other Utilities Check:`````````[/b][/u]
CCleaner
Java 7 Update 51
[color=red][b]Java version out of Date![/b][/color]
Adobe Flash Player 11.1.102.62 [b][color=red]Flash Player out of Date![/color][/b]
Adobe Reader XI
Google Chrome 29.0.1547.76
Google Chrome 30.0.1599.69
[b][u]````````Process Check: objlist.exe by Laurent````````[/b][/u]
Bitdefender Antivirus Free Edition gzserv.exe
Bitdefender Antivirus Free Edition gziface.exe
[b][u]`````````````````System Health check`````````````````[/b][/u]
Total Fragmentation on Drive C:: 2%
[b][u]````````````````````End of Log``````````````````````[/b][/u]

Report •

#14
August 12, 2014 at 18:39:29
Start Farbar again.
Copy & Paste the text below ( starting Handler:), save it into Notepad on your Desktop & name it fixlist.txt
NOTE: It is important that Notepad is used. The fix will not work if Word or some other program is used.
NOTE: It is important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please Copy & Paste the contents into your reply.

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
FF Plugin: @pages.tvunetworks.com/WebPlayer -> C:\Program Files\TVUPlayer\npTVUAx.dll No File
FF - user.js - File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

message edited by Johnw


Report •

#15
August 12, 2014 at 18:56:17
Fixlog.txt as follows:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:13-08-2014
Ran by user at 2014-08-13 13:55:08 Run:1
Running from C:\Documents and Settings\user\Desktop\Laptop fix folder
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
FF Plugin: @pages.tvunetworks.com/WebPlayer -> C:\Program Files\TVUPlayer\npTVUAx.dll No File
FF - user.js - File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found


*****************

"HKCR\PROTOCOLS\Handler\linkscanner" => Key deleted successfully.
"HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}" => Key not found.
"HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer" => Key deleted successfully.
C:\Program Files\TVUPlayer\npTVUAx.dll not found.
FF - user.js - File not found => Error: No automatic fix found for this entry.
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found => Error: No automatic fix found for this entry.
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: File not found => Error: No automatic fix found for this entry.
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: File not found => Error: No automatic fix found for this entry.
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found => Error: No automatic fix found for this entry.

==== End of Fixlog ====


Report •

#16
August 12, 2014 at 19:10:59
Just these to do now & you should be Ok.

From your Security Check log.
Java 7 Update 51
[color=red][b]Java version out of Date![/b][/color]
Most people do not need Java, I would remove it. If you have a program installed that requires Java, it will squark & tell you. What I do in those sort of cases, is find another non Java program. Use this uninstaller.
Use IObit Uninstaller
http://www.softpedia.com/get/Tweak/...
http://www.freewarefiles.com/IObit-...
http://www.majorgeeks.com/files/det...
http://www.iobit.com/advanceduninst...
Do a Standard Uninstall & then the Powerful Scan to remove all the lurking bits.
http://i.imgur.com/olyCkcJ.gif
http://i.imgur.com/cKc5Chi.gif
http://i.imgur.com/HuWkaZo.gif

Adobe Flash Player 11.1.102.62 [b][color=red]Flash Player out of Date![/color][/b]
To improve your security, update this.

As you can see from your logs, you had a lot of stuff installed, that you did not know had been installed.
A lot of programs, now give you the choice to install toolbars & other during the install. Either uncheck these items during install, or use Custom install. No more click, click during an install, you have to read after each click.
I use Softpedia, down the bottom of the page, they make you aware what Ad-supported programs the author of the program has included.
Sample pages
http://www.softpedia.com/get/CD-DVD...
http://www.softpedia.com/get/Multim...
Users are advised to pay attention while installing this ad-supported application:
· Offers to change the homepage for web browsers installed in the system
· Offers to change the default search engine for web browsers installed in the system
· Offers to install StartNow Toolbar that the program does not require to fully function
SS ( screenshots ) of above
http://i.imgur.com/CSBplyA.gif
http://i.imgur.com/3eWWoXm.gif

message edited by Johnw


Report •

#17
August 12, 2014 at 19:34:36
✔ Best Answer
Forgot these. IObitUninstaller should find them.

AVG 2012 (Version: 12.0.1901 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.1913 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2176 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2178 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2197 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2221 - AVG Technologies) Hidden

If not, try your CCleaner registry cleaner.
http://i.imgur.com/SqKUAws.gif



Report •

#18
August 12, 2014 at 21:03:58
Thanks, Johnw. Fabulous help.

Report •

#19
August 12, 2014 at 21:35:41
YW Graeme, wasn't to hard to sort out.

Report •

Ask Question