ladybug895
-
Content Count
15 -
Joined
-
Last visited
Content Type
Profiles
Forums
Calendar
Posts posted by ladybug895
-
-
All processes killed
========== OTL ==========
Service Wajam Internet Enhancer Service stopped successfully!
Service Wajam Internet Enhancer Service deleted successfully!
File C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe not found.
Service Update Laflurla stopped successfully!
Service Update Laflurla deleted successfully!
File C:\Program Files\Laflurla\updateLaflurla.exe not found.
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Error: No service named mbr was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mbr deleted successfully.
File C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mbr.sys not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service cpuz134 stopped successfully!
Service cpuz134 deleted successfully!
File C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys not found.
Service Changer stopped successfully!
Service Changer deleted successfully!
Service axjbfvzv stopped successfully!
Service axjbfvzv deleted successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6C59297E-BFFE-4E6A-0BF5-4187155432D8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C59297E-BFFE-4E6A-0BF5-4187155432D8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{899B35FF-D18B-8FBB-580A-E99390A9E0B2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{899B35FF-D18B-8FBB-580A-E99390A9E0B2}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AE34B30D-97A8-46D4-92EC-1419F24DCE09}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE34B30D-97A8-46D4-92EC-1419F24DCE09}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CE3A3FD1-0A27-07DC-3FED-9D0FBEBC1CD0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CE3A3FD1-0A27-07DC-3FED-9D0FBEBC1CD0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions folder moved successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\opm5vmj3.default-1397016665796\extensions folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions folder moved successfully.
C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files\Mozilla Firefox\browser\extensions folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{06C7AD57-B655-418D-9AB8-9526A6D2E052} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06C7AD57-B655-418D-9AB8-9526A6D2E052}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\fst_us_27 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\zoUdechSLSwKJZdfXwMEoWYsVanyTgUGhEDeMdPUtUfZroLhGx deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}\ deleted successfully.
File {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
C:\WINDOWS\tasks\At2.job moved successfully.
C:\WINDOWS\tasks\At1.job moved successfully.
========== COMMANDS ==========
[EMPTYJAVA]
User: Administrator
->Java cache emptied: 114598 bytes
User: All Users
User: Default User
User: LocalService
User: NetworkService
Total Java Files Cleaned = 0.00 mb
[EMPTYFLASH]
User: Administrator
->Flash cache emptied: 2930220 bytes
User: All Users
User: Default User
->Flash cache emptied: 57472 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 3.00 mb
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 12090543 bytes
->Temporary Internet Files folder emptied: 11227200 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 21792606 bytes
->Google Chrome cache emptied: 40154642 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 19924318 bytes
->FireFox cache emptied: 6257282 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 361447092 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2162283 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 205353304 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 634709292 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 199431436 bytes
Total Files Cleaned = 1,445.00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.69.0 log created on 04152014_212729
Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\_avast_\Webshlock.txt not found!
PendingFileRenameOperations files...
Registry entries deleted on Reboot... -
Malwarebytes Anti-Malware
www.malwarebytes.org
Update, 4/14/2014 10:50:00 PM, SYSTEM, COMPUTER, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1,
Update, 4/14/2014 10:50:24 PM, SYSTEM, COMPUTER, Manual, Malware Database, 2014.3.4.9, 2014.4.15.2,
Protection, 4/14/2014 10:52:10 PM, SYSTEM, COMPUTER, Protection, Malware Protection, Starting,
Protection, 4/14/2014 10:52:15 PM, SYSTEM, COMPUTER, Protection, Malware Protection, Started,
Protection, 4/14/2014 10:52:16 PM, SYSTEM, COMPUTER, Protection, Malicious Website Protection, Starting,
Protection, 4/14/2014 10:52:47 PM, SYSTEM, COMPUTER, Protection, Malicious Website Protection, Started,
Protection, 4/14/2014 11:32:38 PM, SYSTEM, COMPUTER, Protection, Malware Protection, Starting,
Protection, 4/14/2014 11:33:00 PM, SYSTEM, COMPUTER, Protection, Malware Protection, Started,
Protection, 4/14/2014 11:33:09 PM, SYSTEM, COMPUTER, Protection, Malicious Website Protection, Starting,
Protection, 4/14/2014 11:33:25 PM, SYSTEM, COMPUTER, Protection, Malicious Website Protection, Started,
Protection, 4/14/2014 11:43:31 PM, SYSTEM, COMPUTER, Protection, Malware Protection, Starting,
Protection, 4/14/2014 11:43:32 PM, SYSTEM, COMPUTER, Protection, Malware Protection, Started,
Protection, 4/14/2014 11:43:32 PM, SYSTEM, COMPUTER, Protection, Malicious Website Protection, Starting,
Protection, 4/14/2014 11:44:17 PM, SYSTEM, COMPUTER, Protection, Malicious Website Protection, Started,
(end) -
Results of screen317's Security Check version 0.99.81
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 12.0.0.77
Google Chrome 34.0.1847.116
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast afwServ.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 3%
````````````````````End of Log``````````````````````
-
OTL logfile created on: 4/15/2014 6:16:38 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
502.07 Mb Total Physical Memory | 22.96 Mb Available Physical Memory | 4.57% Memory free
1.20 Gb Paging File | 0.27 Gb Available in Paging File | 22.54% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 40.39 Gb Free Space | 54.20% Space Free | Partition Type: NTFS
Computer Name: COMPUTER | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/04/15 18:14:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\Downloads\OTL.com
PRC - [2014/04/09 12:46:35 | 003,854,640 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/04/09 12:46:32 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/04/09 12:44:55 | 000,109,048 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2014/04/06 21:21:36 | 005,180,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe
PRC - [2014/03/27 22:10:20 | 000,291,912 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe
PRC - [2014/03/18 20:05:34 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014/03/18 14:30:20 | 000,639,488 | ---- | M] () -- C:\Program Files\Flash Update\winclient32.exe
PRC - [2012/08/02 18:30:44 | 000,154,624 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/01/07 00:09:25 | 000,397,312 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzstc11.exe
PRC - [2006/01/07 00:09:25 | 000,172,032 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
PRC - [2004/03/18 17:55:48 | 000,065,536 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
========== Modules (No Company Name) ==========
MOD - [2014/04/15 14:34:35 | 002,212,352 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14041501\algo.dll
MOD - [2014/04/09 12:47:01 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/03/18 20:05:08 | 003,642,480 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014/03/18 14:30:20 | 000,639,488 | ---- | M] () -- C:\Program Files\Flash Update\winclient32.exe
MOD - [2014/03/14 22:25:44 | 000,236,544 | ---- | M] () -- C:\Program Files\Flash Update\sqlite3.dll
MOD - [2014/03/12 10:14:11 | 016,276,872 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll
MOD - [2014/01/20 14:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/01/20 14:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe -- (Wajam Internet Enhancer Service)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Laflurla\updateLaflurla.exe -- (Update Laflurla)
SRV - [2014/04/09 14:33:24 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/04/09 12:46:32 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/04/09 12:44:55 | 000,109,048 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2014/04/01 21:20:52 | 003,655,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014/03/27 22:10:20 | 000,291,912 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2014/03/18 20:05:15 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/02 18:30:44 | 000,154,624 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe -- (BrcmMgmtAgent)
SRV - [2004/03/18 17:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [File_System | On_Demand | Stopped] -- -- (axjbfvzv)
DRV - [2014/04/09 12:47:09 | 000,776,976 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/04/09 12:47:09 | 000,180,760 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/04/09 12:47:09 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014/04/09 12:47:08 | 000,411,552 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2014/04/09 12:47:08 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/04/09 12:47:08 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2014/04/09 12:47:08 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/04/09 12:46:18 | 000,026,136 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2014/04/09 12:44:57 | 000,252,208 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2014/04/09 12:44:56 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\aswNdis.sys -- (aswNdis)
DRV - [2014/04/09 00:32:53 | 000,055,224 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tStLibG.sys -- (tStLibG)
DRV - [2014/04/08 18:27:56 | 000,013,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2014/04/01 21:07:04 | 000,199,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2014/03/31 16:11:58 | 000,211,224 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2014/03/31 16:11:50 | 000,108,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2014/03/27 22:15:18 | 000,193,304 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2014/03/27 22:14:40 | 000,123,160 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2014/03/27 22:04:22 | 000,150,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2014/03/27 22:04:02 | 000,238,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2014/03/27 22:03:22 | 000,028,440 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2014/03/27 22:03:20 | 000,022,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012/09/18 14:08:36 | 000,010,520 | ---- | M] (Broadcom Corporation) [Kernel | Auto | Running] -- C:\Program Files\Broadcom\MgmtAgent\BASFND.sys -- (BASFND)
DRV - [2012/05/24 12:44:28 | 000,239,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2011/06/15 10:30:56 | 000,090,624 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\baspxp32.sys -- (Blfp)
DRV - [2011/03/15 00:11:10 | 000,010,112 | ---- | M] (support.com, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssmirrdr.sys -- (ssmirrdr)
DRV - [2008/04/13 13:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2004/09/17 10:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2001/08/23 07:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001/08/23 07:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = http://us.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.yhs4.search.yahoo.com/?hspart=avast&hsimp=yhs-001&type={partner_id}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_enUS420
IE - HKCU\..\SearchScopes\{6C59297E-BFFE-4E6A-0BF5-4187155432D8}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z127&form=ZGAIDF&install_date=20111223&iesrc={referrer:source}
IE - HKCU\..\SearchScopes\{899B35FF-D18B-8FBB-580A-E99390A9E0B2}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z129&form=ZGAIDF&install_date=20111102&iesrc={referrer:source}
IE - HKCU\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = http://us.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
IE - HKCU\..\SearchScopes\{AE34B30D-97A8-46D4-92EC-1419F24DCE09}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=chr-ydwnld
IE - HKCU\..\SearchScopes\{CE3A3FD1-0A27-07DC-3FED-9D0FBEBC1CD0}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z131&form=ZGAIDF&install_date=20111102&iesrc={referrer:source}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:1546;https=127.0.0.1:1546
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://hsrd.yahoo.com/_ylt=A2KLthbWOkhT6wEBwSObvZx4/RV=1/RE=1398452182/RH=aHNyZC55YWhvby5jb20-/RO=2/RU=aHR0cHM6Ly93d3cueWFob28uY29tLw--/RS=%5EADARIfA9_N3l9EYgsG1F7TxFbFRyoQ-"
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@TelevisionFanatic.com/Plugin: C:\Program Files\TelevisionFanatic\bar\2.bin\NP64Stub.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/04/09 12:47:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/03/18 20:01:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/04/10 00:33:14 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{828c786a-e911-4821-aabd-a58eff0dcf02}: C:\Program Files\BlockAndSurf Corp\158.xpi
[2011/09/21 18:49:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2014/04/09 11:53:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\opm5vmj3.default-1397016665796\extensions
[2014/04/09 22:29:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014/03/18 20:01:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2014/03/18 20:01:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/03/18 20:06:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/04/09 12:47:26 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
========== Chrome ==========
CHR - default_search_provider: Conduit Search (Enabled)
CHR - default_search_provider: search_url = http://search.conduit.com/Results.aspx?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=MF0E8115B-F69F-48B1-8369-38C556336852&SearchSource=58&CUI=&UM=5&UP=SP0A3A7739-0903-460C-9CF6-ADA3F08004CD&q={searchTerms}&SSPV=
CHR - default_search_provider: suggest_url = http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms},
CHR - homepage: http://www.google.com
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.93_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2001/08/23 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {06C7AD57-B655-418D-9AB8-9526A6D2E052} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [fst_us_27] File not found
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe (HP)
O4 - HKLM..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Windows Client Manager] C:\Program Files\Flash Update\winclient32.exe ()
O4 - HKCU..\Run: [zoUdechSLSwKJZdfXwMEoWYsVanyTgUGhEDeMdPUtUfZroLhGx] C:\Documents and Settings\Administrator\Local Settings\Application Data\Crisis.exe File not found
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\Program Files\java\java.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\Program Files\java\java.exe
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1297539326578 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1302905791640 (MUWebControl Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D34DF27-1C96-4169-B78F-FBD4AAC65D36}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\DatamngrCoordinator.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/02/12 06:04:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{205015d4-3962-11e0-8544-00123f42ce89}\Shell\AutoRun\command - "" = E:\Info.exe folder.htt 480 480
O33 - MountPoints2\{de4153cb-36a8-11e0-853c-ee59ed5f6acd}\Shell\AutoRun\command - "" = E:\Crisis.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2014/04/15 17:46:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2014/04/15 02:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2014/04/14 22:49:20 | 000,107,736 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/04/14 22:46:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/04/14 22:46:06 | 000,050,648 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2014/04/14 22:46:05 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2014/04/14 22:46:03 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/04/14 22:46:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2014/04/14 22:15:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/04/14 18:49:40 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/04/10 00:38:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Downloads
[2014/04/09 23:23:50 | 009,652,096 | ---- | C] (Reimage®) -- C:\TRANSLATE
[2014/04/09 22:23:52 | 000,000,000 | ---D | C] -- C:\Program Files\002
[2014/04/09 22:12:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System\Newrestore Folder
[2014/04/09 12:59:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\AVAST Software
[2014/04/09 12:57:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avast
[2014/04/09 12:55:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2014/04/09 12:47:36 | 000,776,976 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2014/04/09 12:47:36 | 000,411,552 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2014/04/09 12:47:36 | 000,057,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014/04/09 12:47:35 | 000,067,824 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2014/04/09 12:47:35 | 000,054,832 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2014/04/09 12:47:33 | 000,252,208 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
[2014/04/09 12:47:33 | 000,026,136 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
[2014/04/09 12:47:28 | 000,271,264 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2014/04/09 12:47:02 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/04/09 12:44:56 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswNdis.sys
[2014/04/09 11:57:44 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/04/09 11:45:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2014/04/09 11:39:13 | 000,295,080 | ---- | C] (SecureAssist) -- C:\WINDOWS\System32\SecureAssist.dll
[2014/04/09 11:33:29 | 000,000,000 | ---D | C] -- C:\temp
[2014/04/09 11:14:33 | 000,000,000 | ---D | C] -- C:\Program Files\003
[2014/04/09 00:32:52 | 000,055,224 | ---- | C] (StdLib) -- C:\WINDOWS\System32\drivers\tStLibG.sys
[2014/04/08 23:03:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Flash Update
[2014/04/08 23:03:21 | 000,000,000 | ---D | C] -- C:\Program Files\Flash Update
[2014/04/08 22:59:35 | 000,000,000 | ---D | C] -- C:\Program Files\Laflurla
[2014/04/08 22:52:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Administrative Tools
[2014/04/08 22:36:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup
[2014/04/08 21:28:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
[2014/04/08 21:21:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Old Firefox Data
[2014/04/08 20:22:43 | 000,000,000 | ---D | C] -- C:\Program Files\BlockAndSurf Corp
[2014/04/08 20:20:14 | 000,000,000 | ---D | C] -- C:\Program Files\Convert Files for Free
[2014/04/08 20:14:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.android
[2014/04/08 20:14:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\cache
[2014/04/08 20:05:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\com
[2014/04/08 17:44:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\supportdotcom
[2014/04/08 17:42:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\supportdotcom
[2014/04/08 17:08:52 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\System32\CSVer.dll
[2014/04/08 17:08:51 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2014/04/08 17:08:07 | 000,000,000 | ---D | C] -- C:\Intel
[2014/04/08 17:03:25 | 000,089,600 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\Baspxp32.dll
[2014/04/08 17:00:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Dell
[2014/04/08 16:57:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Downloaded Installations
[2014/04/08 16:33:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\SlimWare Utilities Inc
[2014/04/08 16:30:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Downloaded Installers
[2014/04/08 13:52:47 | 000,000,000 | ---D | C] -- C:\Inetpub
[2014/03/31 08:28:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2014/03/26 17:21:55 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xp_eos.exe
[2014/03/26 17:21:55 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xp_eos.exe
[2014/03/21 11:46:46 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscomctl.ocx
[2014/03/21 11:46:46 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comdlg32.ocx
[2014/03/18 20:01:04 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/03/17 14:53:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Auslogics
[2014/03/17 14:48:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics
[2014/03/17 14:48:43 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics
[2014/03/17 14:07:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CDB
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/04/15 19:44:22 | 000,000,378 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014/04/15 19:29:06 | 000,000,332 | ---- | M] () -- C:\WINDOWS\tasks\HP Usg Daily FY04.job
[2014/04/15 19:15:28 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2014/04/15 19:15:09 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2014/04/15 19:02:17 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/15 18:53:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/04/15 16:37:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2014/04/15 13:01:02 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/04/15 12:34:52 | 000,107,736 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/04/15 11:56:42 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/04/15 11:56:08 | 000,000,238 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/04/15 11:56:06 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\BlockAndSurf Update.job
[2014/04/15 11:56:05 | 000,000,400 | ---- | M] () -- C:\WINDOWS\tasks\BlockAndSurf_wd.job
[2014/04/14 23:41:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/04/14 22:50:08 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/14 21:47:11 | 000,114,688 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ChromeHitoryDB
[2014/04/10 03:00:13 | 000,000,712 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2014/04/09 23:28:26 | 000,000,163 | ---- | M] () -- C:\WINDOWS\Reimage.ini
[2014/04/09 23:24:30 | 009,652,096 | ---- | M] (Reimage®) -- C:\TRANSLATE
[2014/04/09 14:54:35 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2014/04/09 14:32:57 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014/04/09 14:32:54 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014/04/09 14:13:19 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/04/09 12:57:25 | 000,001,799 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! SafeZone.lnk
[2014/04/09 12:57:25 | 000,001,739 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Internet Security.lnk
[2014/04/09 12:55:16 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2014/04/09 12:47:09 | 000,776,976 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2014/04/09 12:47:09 | 000,180,760 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014/04/09 12:47:09 | 000,057,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014/04/09 12:47:08 | 000,411,552 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2014/04/09 12:47:08 | 000,067,824 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2014/04/09 12:47:08 | 000,054,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2014/04/09 12:47:08 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/04/09 12:47:02 | 000,271,264 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2014/04/09 12:47:02 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/04/09 12:46:18 | 000,026,136 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
[2014/04/09 12:44:57 | 000,252,208 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
[2014/04/09 12:44:56 | 000,012,112 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswNdis.sys
[2014/04/09 00:32:53 | 000,055,224 | ---- | M] (StdLib) -- C:\WINDOWS\System32\drivers\tStLibG.sys
[2014/04/08 21:37:47 | 000,502,712 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/04/08 21:37:47 | 000,087,178 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/04/08 21:28:54 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/08 20:49:03 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2014/04/08 20:22:53 | 000,000,464 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2014/04/08 20:16:49 | 000,000,041 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\WB.CFG
[2014/04/08 19:24:44 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Sync Folder.lnk
[2014/04/08 18:27:56 | 000,013,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys
[2014/04/08 15:03:52 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/04/03 09:51:06 | 000,050,648 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2014/04/03 09:50:56 | 000,023,256 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2014/03/21 11:46:46 | 001,081,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mscomctl.ocx
[2014/03/21 11:46:46 | 000,152,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\comdlg32.ocx
[2014/03/17 20:58:17 | 000,001,746 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2014/03/17 14:48:53 | 000,000,822 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Auslogics DiskDefrag.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/04/14 22:47:09 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/11 00:15:17 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At2.job
[2014/04/09 20:15:11 | 000,000,092 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\WB.CFG
[2014/04/09 13:10:15 | 000,114,688 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ChromeHitoryDB
[2014/04/09 12:57:25 | 000,001,799 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! SafeZone.lnk
[2014/04/09 12:57:25 | 000,001,739 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Internet Security.lnk
[2014/04/09 12:55:39 | 000,000,378 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014/04/09 12:55:16 | 000,001,831 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/04/09 12:55:15 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2014/04/09 12:49:50 | 000,000,900 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/09 12:49:48 | 000,000,896 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/04/09 12:47:36 | 000,180,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014/04/09 12:47:35 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/04/08 21:28:55 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Outlook Express.lnk
[2014/04/08 21:28:53 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/08 21:28:53 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk
[2014/04/08 20:34:47 | 000,173,134 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2014/04/08 20:22:52 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\BlockAndSurf Update.job
[2014/04/08 20:22:51 | 000,000,464 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2014/04/08 20:22:50 | 000,000,400 | ---- | C] () -- C:\WINDOWS\tasks\BlockAndSurf_wd.job
[2014/04/08 20:16:49 | 000,000,041 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\WB.CFG
[2014/04/08 20:15:26 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2014/04/08 19:24:42 | 000,001,632 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Sync Folder.lnk
[2014/04/08 16:33:40 | 000,013,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys
[2014/04/08 12:31:07 | 000,000,238 | ---- | C] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/04/08 12:31:05 | 000,000,232 | ---- | C] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/03/17 20:58:17 | 000,001,746 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2014/03/17 14:48:53 | 000,000,822 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Auslogics DiskDefrag.lnk
[2014/03/17 14:03:50 | 000,000,163 | ---- | C] () -- C:\WINDOWS\Reimage.ini
[2013/02/05 00:07:03 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/16 16:52:21 | 000,027,520 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\dt.dat
[2012/07/20 20:37:37 | 000,058,880 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\erdkrfnn
[2012/07/20 20:35:31 | 000,058,880 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\brmvloip
[2012/07/19 15:23:09 | 000,058,880 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\mobuaffu
[2012/07/19 15:17:19 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\SharedSettings.ccs
[2011/12/23 12:25:53 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2011/06/09 10:39:54 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Javaw.exe
[2005/04/16 02:00:43 | 000,000,311 | -H-- | C] () -- C:\Documents and Settings\Administrator\Application Data\Administratorlog.dat
========== ZeroAccess Check ==========
[2011/02/12 14:20:38 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Alternate Data Streams ==========
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
< End of report > -
OTL Extras logfile created on: 4/15/2014 6:16:38 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
502.07 Mb Total Physical Memory | 22.96 Mb Available Physical Memory | 4.57% Memory free
1.20 Gb Paging File | 0.27 Gb Available in Paging File | 22.54% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 40.39 Gb Free Space | 54.20% Space Free | Partition Type: NTFS
Computer Name: COMPUTER | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files\File Type Assistant\tsassist.exe" "%1"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
"1886:TCP" = 1886:TCP:*:Enabled:Genieo
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Documents and Settings\Administrator\Application Data\Spotify\spotify.exe" = C:\Documents and Settings\Administrator\Application Data\Spotify\spotify.exe:*:Enabled:Spotify
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Disabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\AVG\AVG2014\avgmfapx.exe" = C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Avast" = avast! Internet Security
"Google Chrome" = Google Chrome
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.1.1004
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 4/14/2014 8:51:59 PM | Computer Name = COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application wordpad.exe, version 5.1.2600.6010, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/14/2014 9:18:43 PM | Computer Name = COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 28.0.0.5186, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/14/2014 9:28:12 PM | Computer Name = COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application msimn.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/14/2014 9:28:32 PM | Computer Name = COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 28.0.0.5186, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/14/2014 9:28:32 PM | Computer Name = COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 28.0.0.5186, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/14/2014 11:10:52 PM | Computer Name = COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application explorer.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/15/2014 2:48:49 AM | Computer Name = COMPUTER | Source = Windows Search Service | ID = 3100
Description = Unable to initialize the filter host process. Terminating. Details:
This
operation returned because the timeout period expired. (0x800705b4)
Error - 4/15/2014 1:15:23 PM | Computer Name = COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application mbam-setup-2.0.1.1004(2).tmp, version 51.52.0.0,
hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 4/15/2014 1:15:36 PM | Computer Name = COMPUTER | Source = Application Hang | ID = 1001
Description = Fault bucket 191912498.
Error - 4/15/2014 8:29:30 PM | Computer Name = COMPUTER | Source = MsiInstaller | ID = 10005
Description = SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error
27054. CA_Error27054: SetupAction(0xC0070642): Installation failed.
[ System Events ]
Error - 4/15/2014 4:15:00 PM | Computer Name = COMPUTER | Source = Schedule | ID = 7901
Description = The At1.job command failed to start due to the following error: %%2147942403
Error - 4/15/2014 4:15:00 PM | Computer Name = COMPUTER | Source = Schedule | ID = 7901
Description = The At2.job command failed to start due to the following error: %%2147942403
Error - 4/15/2014 5:15:00 PM | Computer Name = COMPUTER | Source = Schedule | ID = 7901
Description = The At1.job command failed to start due to the following error: %%2147942403
Error - 4/15/2014 5:15:00 PM | Computer Name = COMPUTER | Source = Schedule | ID = 7901
Description = The At2.job command failed to start due to the following error: %%2147942403
Error - 4/15/2014 6:15:00 PM | Computer Name = COMPUTER | Source = Schedule | ID = 7901
Description = The At1.job command failed to start due to the following error: %%2147942403
Error - 4/15/2014 6:15:00 PM | Computer Name = COMPUTER | Source = Schedule | ID = 7901
Description = The At2.job command failed to start due to the following error: %%2147942403
Error - 4/15/2014 7:15:00 PM | Computer Name = COMPUTER | Source = Schedule | ID = 7901
Description = The At1.job command failed to start due to the following error: %%2147942403
Error - 4/15/2014 7:15:00 PM | Computer Name = COMPUTER | Source = Schedule | ID = 7901
Description = The At2.job command failed to start due to the following error: %%2147942403
Error - 4/15/2014 8:15:27 PM | Computer Name = COMPUTER | Source = Schedule | ID = 7901
Description = The At1.job command failed to start due to the following error: %%2147942403
Error - 4/15/2014 8:15:28 PM | Computer Name = COMPUTER | Source = Schedule | ID = 7901
Description = The At2.job command failed to start due to the following error: %%2147942403
< End of report >
-
did i post them both it showed on the desk top that it was there i think i did
-
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 2/12/2011 5:06:24 AM
System Uptime: 4/14/2014 11:36:07 PM (18 hours ago)
.
Motherboard: Dell Inc. | | 0H8052
Processor: Intel® Pentium® 4 CPU 3.20GHz | Microprocessor | 3192/800mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 75 GiB total, 40.393 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1177: 2/10/2014 3:08:13 PM - System Checkpoint
RP1178: 2/11/2014 4:08:13 PM - System Checkpoint
RP1179: 2/12/2014 3:00:17 AM - Software Distribution Service 3.0
RP1180: 2/13/2014 1:02:48 PM - System Checkpoint
RP1181: 2/14/2014 2:02:43 PM - System Checkpoint
RP1182: 2/15/2014 3:02:43 PM - System Checkpoint
RP1183: 2/16/2014 3:05:03 PM - System Checkpoint
RP1184: 2/17/2014 4:04:58 PM - System Checkpoint
RP1185: 2/18/2014 5:04:58 PM - System Checkpoint
RP1186: 2/19/2014 5:32:58 PM - System Checkpoint
RP1187: 2/20/2014 4:04:36 PM - Installed Microsoft PowerPoint Viewer
RP1188: 2/21/2014 4:44:33 PM - Installed iTunes
RP1189: 2/22/2014 5:12:42 PM - System Checkpoint
RP1190: 2/23/2014 5:25:26 PM - System Checkpoint
RP1191: 2/24/2014 6:20:09 PM - System Checkpoint
RP1192: 2/25/2014 7:09:06 PM - System Checkpoint
RP1193: 2/26/2014 8:08:38 PM - System Checkpoint
RP1194: 2/27/2014 9:18:15 PM - System Checkpoint
RP1195: 2/28/2014 9:58:52 PM - System Checkpoint
RP1196: 3/1/2014 10:51:57 PM - System Checkpoint
RP1197: 3/2/2014 10:57:47 PM - System Checkpoint
RP1198: 3/4/2014 1:04:32 AM - System Checkpoint
RP1199: 3/5/2014 1:33:14 AM - System Checkpoint
RP1200: 3/6/2014 1:42:02 AM - System Checkpoint
RP1201: 3/7/2014 2:36:43 AM - System Checkpoint
RP1202: 3/8/2014 3:31:24 AM - System Checkpoint
RP1203: 3/9/2014 5:26:29 AM - System Checkpoint
RP1204: 3/10/2014 6:24:15 AM - System Checkpoint
RP1205: 3/11/2014 7:18:52 AM - System Checkpoint
RP1206: 3/12/2014 7:51:11 AM - System Checkpoint
RP1207: 3/12/2014 9:56:39 AM - Software Distribution Service 3.0
RP1208: 3/13/2014 10:08:32 AM - System Checkpoint
RP1209: 3/14/2014 11:09:05 AM - System Checkpoint
RP1210: 3/15/2014 11:57:33 AM - System Checkpoint
RP1211: 3/16/2014 12:51:57 PM - System Checkpoint
RP1212: 3/17/2014 1:46:28 PM - System Checkpoint
RP1213: 3/17/2014 2:42:21 PM - Configured SoundMAX
RP1214: 3/17/2014 2:42:53 PM - Installed SoundMAX
RP1215: 3/17/2014 9:01:40 PM - Software Distribution Service 3.0
RP1216: 3/18/2014 9:15:41 PM - System Checkpoint
RP1217: 3/19/2014 9:18:40 PM - System Checkpoint
RP1218: 3/20/2014 9:51:23 PM - System Checkpoint
RP1219: 3/21/2014 10:46:12 PM - System Checkpoint
RP1220: 3/22/2014 11:45:33 PM - System Checkpoint
RP1221: 3/24/2014 12:37:49 AM - System Checkpoint
RP1222: 3/25/2014 1:32:15 AM - System Checkpoint
RP1223: 3/26/2014 2:25:52 AM - System Checkpoint
RP1224: 3/27/2014 2:00:39 AM - Software Distribution Service 3.0
RP1225: 3/28/2014 2:18:38 AM - System Checkpoint
RP1226: 3/29/2014 3:13:11 AM - System Checkpoint
RP1227: 3/30/2014 3:15:25 AM - System Checkpoint
RP1228: 3/31/2014 4:04:03 AM - System Checkpoint
RP1229: 4/1/2014 4:58:34 AM - System Checkpoint
RP1230: 4/2/2014 5:50:53 AM - System Checkpoint
RP1231: 4/3/2014 6:46:18 AM - System Checkpoint
RP1232: 4/4/2014 7:41:52 AM - System Checkpoint
RP1233: 4/5/2014 9:06:08 AM - System Checkpoint
RP1234: 4/6/2014 9:50:03 AM - System Checkpoint
RP1235: 4/7/2014 10:44:35 AM - System Checkpoint
RP1236: 4/8/2014 10:30:51 AM - Software Distribution Service 3.0
RP1237: 4/8/2014 3:16:16 PM - Removed Microsoft Silverlight
RP1238: 4/8/2014 3:18:17 PM - Removed Windows Live Upload Tool
RP1239: 4/8/2014 3:18:41 PM - Removed Windows Live Sign-in Assistant
RP1240: 4/8/2014 3:24:20 PM - Configured SoundMAX
RP1241: 4/8/2014 3:24:51 PM - Installed SoundMAX
RP1242: 4/8/2014 4:51:54 PM - DriverUpdate Installing Drivers
RP1243: 4/8/2014 5:01:02 PM - Removed Broadcom Gigabit Integrated Controller
RP1244: 4/8/2014 5:01:45 PM - Installed Broadcom NetXtreme-I Netlink Driver and Management Installer.
RP1245: 4/8/2014 6:36:20 PM - DriverUpdate Installing Drivers
RP1246: 4/8/2014 7:02:13 PM - Removed DriverUpdate
RP1247: 4/8/2014 7:15:02 PM - Uniblue SpeedUpMyPC installation
RP1248: 4/9/2014 11:57:43 AM - avast! antivirus system restore point
RP1249: 4/9/2014 12:37:53 PM - avast! antivirus system restore point
RP1250: 4/9/2014 2:28:24 PM - Software Distribution Service 3.0
RP1251: 4/10/2014 3:12:58 PM - System Checkpoint
RP1252: 4/11/2014 3:23:02 PM - System Checkpoint
RP1253: 4/12/2014 4:18:39 PM - System Checkpoint
RP1254: 4/13/2014 5:14:18 PM - System Checkpoint
RP1255: 4/15/2014 12:09:24 AM - System Checkpoint
RP1256: 4/15/2014 2:06:20 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe Flash Player 12 ActiveX
avast! Internet Security
AVG 2014
Free Window Sweeper
Google Chrome
Google Update Helper
Malwarebytes Anti-Malware version 2.0.1.1004
Security Update for Windows Internet Explorer 8 (KB2936068)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2922229)
.
==== Event Viewer Messages From Past Week ========
.
4/9/2014 5:24:52 PM, error: Service Control Manager [7000] - The AVGIDSAgent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/9/2014 5:24:50 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the AVGIDSAgent service to connect.
4/9/2014 2:17:10 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: hlnfd
4/9/2014 12:57:06 PM, error: Service Control Manager [7034] - The TCP/IP NetBIOS Helper service terminated unexpectedly. It has done this 1 time(s).
4/9/2014 12:57:06 PM, error: Service Control Manager [7034] - The SSDP Discovery Service service terminated unexpectedly. It has done this 1 time(s).
4/9/2014 12:57:06 PM, error: Service Control Manager [7031] - The Remote Registry service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
4/9/2014 12:36:24 PM, error: Service Control Manager [7000] - The vsacqnnz service failed to start due to the following error: The system cannot find the file specified.
4/9/2014 12:15:55 PM, error: DCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {EBE666C3-F26C-4CF6-8ABA-3D5F5D2625E1} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission can be modified using the Component Services administrative tool.
4/9/2014 12:13:15 PM, error: Service Control Manager [7000] - The Update Laflurla service failed to start due to the following error: The system cannot find the file specified.
4/9/2014 12:12:14 PM, error: DCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {EBE666C3-F26C-4CF6-8ABA-3D5F5D2625E1} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool.
4/9/2014 11:45:54 AM, error: Service Control Manager [7000] - The axjbfvzv service failed to start due to the following error: The system cannot find the file specified.
4/9/2014 11:34:38 AM, error: Service Control Manager [7034] - The Search Protect by Conduit Service service terminated unexpectedly. It has done this 1 time(s).
4/9/2014 10:59:35 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Util Laflurla service.
4/9/2014 1:06:38 PM, error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/9/2014 1:06:37 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.
4/9/2014 1:06:16 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
4/8/2014 8:44:12 PM, error: Service Control Manager [7022] - The Wajam Internet Enhancer Service service hung on starting.
4/8/2014 7:24:10 PM, error: Service Control Manager [7000] - The NewPlayer Updater Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/8/2014 7:24:09 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the NewPlayer Updater Service service to connect.
4/8/2014 6:10:52 PM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.
4/8/2014 5:10:14 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the avgwd service.
4/8/2014 2:57:06 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
4/8/2014 2:57:06 PM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/8/2014 12:29:49 PM, error: Service Control Manager [7000] - The TelevisionFanaticService service failed to start due to the following error: The system cannot find the file specified.
4/8/2014 12:29:49 PM, error: Service Control Manager [7000] - The RadioRageService service failed to start due to the following error: The system cannot find the file specified.
4/8/2014 12:29:07 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
4/8/2014 10:38:25 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Computer Backup (MyPC Backup) service to connect.
4/8/2014 10:38:25 PM, error: Service Control Manager [7000] - The Computer Backup (MyPC Backup) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/15/2014 9:42:36 AM, error: Service Control Manager [7024] - The AVGIDSAgent service terminated with service-specific error 3758213661 (0xE001CA1D).
4/14/2014 8:09:00 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
4/14/2014 8:08:27 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the iPod Service service to connect.
4/14/2014 8:08:27 PM, error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/14/2014 8:07:51 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Pml Driver HPZ12 service to connect.
4/14/2014 8:07:51 PM, error: Service Control Manager [7000] - The Pml Driver HPZ12 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/14/2014 7:15:15 PM, error: Schedule [7901] - The At2.job command failed to start due to the following error: %%2147942403
4/14/2014 7:15:13 PM, error: Schedule [7901] - The At1.job command failed to start due to the following error: %%2147942403
4/14/2014 7:05:02 PM, error: Service Control Manager [7000] - The Wajam Internet Enhancer Service service failed to start due to the following error: The system cannot find the file specified.
4/14/2014 7:05:02 PM, error: Service Control Manager [7000] - The Search Protect by Conduit Service service failed to start due to the following error: The system cannot find the path specified.
4/14/2014 7:05:02 PM, error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/14/2014 7:05:01 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Apple Mobile Device service to connect.
4/14/2014 6:54:48 PM, error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
4/14/2014 6:54:48 PM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/14/2014 6:54:48 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Wajam Internet Enhancer Service service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Computer Backup (MyPC Backup) service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Broadcom Management Agent service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
4/14/2014 6:52:30 PM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/14/2014 6:52:30 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/14/2014 11:03:52 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.
4/14/2014 10:48:54 PM, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).
4/10/2014 8:09:27 AM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
4/10/2014 7:49:38 AM, error: Service Control Manager [7000] - The TelevisionFanaticService service failed to start due to the following error: The system cannot find the path specified.
.
==== End Of File =========================== -
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 2/12/2011 5:06:24 AM
System Uptime: 4/14/2014 11:36:07 PM (18 hours ago)
.
Motherboard: Dell Inc. | | 0H8052
Processor: Intel® Pentium® 4 CPU 3.20GHz | Microprocessor | 3192/800mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 75 GiB total, 40.393 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1177: 2/10/2014 3:08:13 PM - System Checkpoint
RP1178: 2/11/2014 4:08:13 PM - System Checkpoint
RP1179: 2/12/2014 3:00:17 AM - Software Distribution Service 3.0
RP1180: 2/13/2014 1:02:48 PM - System Checkpoint
RP1181: 2/14/2014 2:02:43 PM - System Checkpoint
RP1182: 2/15/2014 3:02:43 PM - System Checkpoint
RP1183: 2/16/2014 3:05:03 PM - System Checkpoint
RP1184: 2/17/2014 4:04:58 PM - System Checkpoint
RP1185: 2/18/2014 5:04:58 PM - System Checkpoint
RP1186: 2/19/2014 5:32:58 PM - System Checkpoint
RP1187: 2/20/2014 4:04:36 PM - Installed Microsoft PowerPoint Viewer
RP1188: 2/21/2014 4:44:33 PM - Installed iTunes
RP1189: 2/22/2014 5:12:42 PM - System Checkpoint
RP1190: 2/23/2014 5:25:26 PM - System Checkpoint
RP1191: 2/24/2014 6:20:09 PM - System Checkpoint
RP1192: 2/25/2014 7:09:06 PM - System Checkpoint
RP1193: 2/26/2014 8:08:38 PM - System Checkpoint
RP1194: 2/27/2014 9:18:15 PM - System Checkpoint
RP1195: 2/28/2014 9:58:52 PM - System Checkpoint
RP1196: 3/1/2014 10:51:57 PM - System Checkpoint
RP1197: 3/2/2014 10:57:47 PM - System Checkpoint
RP1198: 3/4/2014 1:04:32 AM - System Checkpoint
RP1199: 3/5/2014 1:33:14 AM - System Checkpoint
RP1200: 3/6/2014 1:42:02 AM - System Checkpoint
RP1201: 3/7/2014 2:36:43 AM - System Checkpoint
RP1202: 3/8/2014 3:31:24 AM - System Checkpoint
RP1203: 3/9/2014 5:26:29 AM - System Checkpoint
RP1204: 3/10/2014 6:24:15 AM - System Checkpoint
RP1205: 3/11/2014 7:18:52 AM - System Checkpoint
RP1206: 3/12/2014 7:51:11 AM - System Checkpoint
RP1207: 3/12/2014 9:56:39 AM - Software Distribution Service 3.0
RP1208: 3/13/2014 10:08:32 AM - System Checkpoint
RP1209: 3/14/2014 11:09:05 AM - System Checkpoint
RP1210: 3/15/2014 11:57:33 AM - System Checkpoint
RP1211: 3/16/2014 12:51:57 PM - System Checkpoint
RP1212: 3/17/2014 1:46:28 PM - System Checkpoint
RP1213: 3/17/2014 2:42:21 PM - Configured SoundMAX
RP1214: 3/17/2014 2:42:53 PM - Installed SoundMAX
RP1215: 3/17/2014 9:01:40 PM - Software Distribution Service 3.0
RP1216: 3/18/2014 9:15:41 PM - System Checkpoint
RP1217: 3/19/2014 9:18:40 PM - System Checkpoint
RP1218: 3/20/2014 9:51:23 PM - System Checkpoint
RP1219: 3/21/2014 10:46:12 PM - System Checkpoint
RP1220: 3/22/2014 11:45:33 PM - System Checkpoint
RP1221: 3/24/2014 12:37:49 AM - System Checkpoint
RP1222: 3/25/2014 1:32:15 AM - System Checkpoint
RP1223: 3/26/2014 2:25:52 AM - System Checkpoint
RP1224: 3/27/2014 2:00:39 AM - Software Distribution Service 3.0
RP1225: 3/28/2014 2:18:38 AM - System Checkpoint
RP1226: 3/29/2014 3:13:11 AM - System Checkpoint
RP1227: 3/30/2014 3:15:25 AM - System Checkpoint
RP1228: 3/31/2014 4:04:03 AM - System Checkpoint
RP1229: 4/1/2014 4:58:34 AM - System Checkpoint
RP1230: 4/2/2014 5:50:53 AM - System Checkpoint
RP1231: 4/3/2014 6:46:18 AM - System Checkpoint
RP1232: 4/4/2014 7:41:52 AM - System Checkpoint
RP1233: 4/5/2014 9:06:08 AM - System Checkpoint
RP1234: 4/6/2014 9:50:03 AM - System Checkpoint
RP1235: 4/7/2014 10:44:35 AM - System Checkpoint
RP1236: 4/8/2014 10:30:51 AM - Software Distribution Service 3.0
RP1237: 4/8/2014 3:16:16 PM - Removed Microsoft Silverlight
RP1238: 4/8/2014 3:18:17 PM - Removed Windows Live Upload Tool
RP1239: 4/8/2014 3:18:41 PM - Removed Windows Live Sign-in Assistant
RP1240: 4/8/2014 3:24:20 PM - Configured SoundMAX
RP1241: 4/8/2014 3:24:51 PM - Installed SoundMAX
RP1242: 4/8/2014 4:51:54 PM - DriverUpdate Installing Drivers
RP1243: 4/8/2014 5:01:02 PM - Removed Broadcom Gigabit Integrated Controller
RP1244: 4/8/2014 5:01:45 PM - Installed Broadcom NetXtreme-I Netlink Driver and Management Installer.
RP1245: 4/8/2014 6:36:20 PM - DriverUpdate Installing Drivers
RP1246: 4/8/2014 7:02:13 PM - Removed DriverUpdate
RP1247: 4/8/2014 7:15:02 PM - Uniblue SpeedUpMyPC installation
RP1248: 4/9/2014 11:57:43 AM - avast! antivirus system restore point
RP1249: 4/9/2014 12:37:53 PM - avast! antivirus system restore point
RP1250: 4/9/2014 2:28:24 PM - Software Distribution Service 3.0
RP1251: 4/10/2014 3:12:58 PM - System Checkpoint
RP1252: 4/11/2014 3:23:02 PM - System Checkpoint
RP1253: 4/12/2014 4:18:39 PM - System Checkpoint
RP1254: 4/13/2014 5:14:18 PM - System Checkpoint
RP1255: 4/15/2014 12:09:24 AM - System Checkpoint
RP1256: 4/15/2014 2:06:20 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe Flash Player 12 ActiveX
avast! Internet Security
AVG 2014
Free Window Sweeper
Google Chrome
Google Update Helper
Malwarebytes Anti-Malware version 2.0.1.1004
Security Update for Windows Internet Explorer 8 (KB2936068)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2922229)
.
==== Event Viewer Messages From Past Week ========
.
4/9/2014 5:24:52 PM, error: Service Control Manager [7000] - The AVGIDSAgent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/9/2014 5:24:50 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the AVGIDSAgent service to connect.
4/9/2014 2:17:10 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: hlnfd
4/9/2014 12:57:06 PM, error: Service Control Manager [7034] - The TCP/IP NetBIOS Helper service terminated unexpectedly. It has done this 1 time(s).
4/9/2014 12:57:06 PM, error: Service Control Manager [7034] - The SSDP Discovery Service service terminated unexpectedly. It has done this 1 time(s).
4/9/2014 12:57:06 PM, error: Service Control Manager [7031] - The Remote Registry service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
4/9/2014 12:36:24 PM, error: Service Control Manager [7000] - The vsacqnnz service failed to start due to the following error: The system cannot find the file specified.
4/9/2014 12:15:55 PM, error: DCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {EBE666C3-F26C-4CF6-8ABA-3D5F5D2625E1} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission can be modified using the Component Services administrative tool.
4/9/2014 12:13:15 PM, error: Service Control Manager [7000] - The Update Laflurla service failed to start due to the following error: The system cannot find the file specified.
4/9/2014 12:12:14 PM, error: DCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {EBE666C3-F26C-4CF6-8ABA-3D5F5D2625E1} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool.
4/9/2014 11:45:54 AM, error: Service Control Manager [7000] - The axjbfvzv service failed to start due to the following error: The system cannot find the file specified.
4/9/2014 11:34:38 AM, error: Service Control Manager [7034] - The Search Protect by Conduit Service service terminated unexpectedly. It has done this 1 time(s).
4/9/2014 10:59:35 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Util Laflurla service.
4/9/2014 1:06:38 PM, error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/9/2014 1:06:37 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.
4/9/2014 1:06:16 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
4/8/2014 8:44:12 PM, error: Service Control Manager [7022] - The Wajam Internet Enhancer Service service hung on starting.
4/8/2014 7:24:10 PM, error: Service Control Manager [7000] - The NewPlayer Updater Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/8/2014 7:24:09 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the NewPlayer Updater Service service to connect.
4/8/2014 6:10:52 PM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.
4/8/2014 5:10:14 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the avgwd service.
4/8/2014 2:57:06 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
4/8/2014 2:57:06 PM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/8/2014 12:29:49 PM, error: Service Control Manager [7000] - The TelevisionFanaticService service failed to start due to the following error: The system cannot find the file specified.
4/8/2014 12:29:49 PM, error: Service Control Manager [7000] - The RadioRageService service failed to start due to the following error: The system cannot find the file specified.
4/8/2014 12:29:07 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
4/8/2014 10:38:25 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Computer Backup (MyPC Backup) service to connect.
4/8/2014 10:38:25 PM, error: Service Control Manager [7000] - The Computer Backup (MyPC Backup) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/15/2014 9:42:36 AM, error: Service Control Manager [7024] - The AVGIDSAgent service terminated with service-specific error 3758213661 (0xE001CA1D).
4/14/2014 8:09:00 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
4/14/2014 8:08:27 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the iPod Service service to connect.
4/14/2014 8:08:27 PM, error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/14/2014 8:07:51 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Pml Driver HPZ12 service to connect.
4/14/2014 8:07:51 PM, error: Service Control Manager [7000] - The Pml Driver HPZ12 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/14/2014 7:15:15 PM, error: Schedule [7901] - The At2.job command failed to start due to the following error: %%2147942403
4/14/2014 7:15:13 PM, error: Schedule [7901] - The At1.job command failed to start due to the following error: %%2147942403
4/14/2014 7:05:02 PM, error: Service Control Manager [7000] - The Wajam Internet Enhancer Service service failed to start due to the following error: The system cannot find the file specified.
4/14/2014 7:05:02 PM, error: Service Control Manager [7000] - The Search Protect by Conduit Service service failed to start due to the following error: The system cannot find the path specified.
4/14/2014 7:05:02 PM, error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/14/2014 7:05:01 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Apple Mobile Device service to connect.
4/14/2014 6:54:48 PM, error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
4/14/2014 6:54:48 PM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/14/2014 6:54:48 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Wajam Internet Enhancer Service service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Computer Backup (MyPC Backup) service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Broadcom Management Agent service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
4/14/2014 6:52:30 PM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/14/2014 6:52:30 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/14/2014 11:03:52 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.
4/14/2014 10:48:54 PM, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).
4/10/2014 8:09:27 AM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
4/10/2014 7:49:38 AM, error: Service Control Manager [7000] - The TelevisionFanaticService service failed to start due to the following error: The system cannot find the path specified.
.
==== End Of File =========================== -
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Administrator at 17:46:42 on 2014-04-15
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.59 [GMT -5:00]
.
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Flash Update\winclient32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uProxyServer = hxxp=127.0.0.1:1546;https=127.0.0.1:1546
uProxyOverride = <-loopback>
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
mWinlogon: Userinit = c:\windows\system32\userinit.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [zoUdechSLSwKJZdfXwMEoWYsVanyTgUGhEDeMdPUtUfZroLhGx] c:\documents and settings\administrator\local settings\application data\Crisis.exe
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb11.exe
mRun: [HPHUPD06] c:\program files\hp\{aac4fc36-8f89-4587-8dd3-ebc57c83374d}\hphupd06.exe
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [HPHmon06] c:\windows\system32\hphmon06.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [Windows Client Manager] c:\program files\flash update\winclient32.exe
mRun: [fst_us_27] <no file>
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-lsf?lic=TlVIRDQtWUg5UEUtTzNQNEUtUVJERUstR0RKWjctVk9YVUw"&"inst=NzctOTQyODc3MzcxLU4xKzEtVklQKzEtVFVHKzMtRkkrMS1GTDEwKzEtTFNEKzItRERUKzAtU1QxMEFQUCsxLUREMTArMS1TVDEyT0krMS1FVUxBKzEtU1QxMkFQUCsxLVNUMTJGQVBQKzE"&"prod=55"&"ver=2012.0.1834"&"mid=1d772f946f7a47d6a6ffd15b79a6277a-98068252906bc42bbade9493ef22ef469d53e47f
uExplorerRun: [Policies] c:\program files\java\java.exe
mExplorerRun: [Policies] c:\program files\java\java.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{7D34DF27-1C96-4169-B78F-FBD4AAC65D36} : DHCPNameServer = 192.168.1.254
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Authentication Packages = msv1_0 nwprovau
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\34.0.1847.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {J1C03LFT-D10V-35H7-Y3US-D8D16X05341A} - c:\program files\java\java.exe Restart
IFEO: DatamngrCoordinator.exe - tasklist.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\opm5vmj3.default-1397016665796\
FF - plugin: c:\program files\google\update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_77.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
.
============= SERVICES / DRIVERS ===============
.
R? AVGIDSAgent;AVGIDSAgent
R? axjbfvzv;axjbfvzv
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? cpuz134;cpuz134
R? ssmirrdr;ssmirrdr
R? SWDUMon;SWDUMon
R? Update Laflurla;Update Laflurla
R? Wajam Internet Enhancer Service;Wajam Internet Enhancer Service
R? WinRM;Windows Remote Management (WS-Management)
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? aswKbd;aswKbd
S? aswMonFlt;aswMonFlt
S? aswNdis;avast! Firewall NDIS Filter Service
S? aswNdis2;avast! Firewall NDIS Driver
S? aswRvrt;avast! Revert
S? aswSnx;aswSnx
S? aswSP;aswSP
S? aswVmm;avast! VM Monitor
S? avast! Antivirus;avast! Antivirus
S? avast! Firewall;avast! Firewall
S? Avgdiskx;AVG Disk Driver
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSHX;AVGIDSHX
S? AVGIDSShim;AVGIDSShim
S? Avgldx86;AVG AVI Loader Driver
S? Avglogx;AVG Logging Driver
S? Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx86;AVG Anti-Rootkit Driver
S? Avgtdix;AVG TDI Driver
S? avgwd;AVG WatchDog
S? BrcmMgmtAgent;Broadcom Management Agent
S? tStLibG;tStLibG
.
=============== Created Last 30 ================
.
2014-04-15 03:49:20 107736 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-15 03:46:06 50648 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-04-15 03:46:05 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-04-15 03:46:03 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-04-15 03:46:03 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2014-04-15 03:15:10 -------- d-----w- c:\windows\ERUNT
2014-04-14 23:49:40 -------- d-----w- C:\AdwCleaner
2014-04-10 12:22:13 -------- d-----w- c:\program files\Free Window Sweeper
2014-04-10 05:33:14 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin5.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin4.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin3.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin2.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2014-04-10 04:23:50 9652096 ----a-w- C:\TRANSLATE
2014-04-10 03:23:52 -------- d-----w- c:\program files\002
2014-04-10 03:12:19 -------- d-----w- c:\windows\system\Newrestore Folder
2014-04-09 17:59:02 -------- d-----w- c:\documents and settings\administrator\application data\AVAST Software
2014-04-09 17:47:36 776976 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-04-09 17:47:36 180760 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-04-09 17:47:35 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-04-09 17:47:35 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-04-09 17:47:33 26136 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2014-04-09 17:47:33 252208 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2014-04-09 17:47:02 43152 ----a-w- c:\windows\avastSS.scr
2014-04-09 17:44:56 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2014-04-09 16:57:44 -------- d-----w- c:\program files\AVAST Software
2014-04-09 16:45:36 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software
2014-04-09 16:39:13 295080 ----a-w- c:\windows\system32\SecureAssist.dll
2014-04-09 16:33:29 -------- d-----w- C:\temp
2014-04-09 16:14:33 -------- d-----w- c:\program files\003
2014-04-09 05:32:52 55224 ----a-w- c:\windows\system32\drivers\tStLibG.sys
2014-04-09 04:03:21 -------- d-----w- c:\program files\Flash Update
2014-04-09 03:59:35 -------- d-----w- c:\program files\Laflurla
2014-04-09 01:22:43 -------- d-----w- c:\program files\BlockAndSurf Corp
2014-04-09 01:20:14 -------- d-----w- c:\program files\Convert Files for Free
2014-04-09 01:14:15 -------- d-----w- c:\documents and settings\administrator\.android
2014-04-09 01:14:04 -------- d-----w- c:\documents and settings\administrator\local settings\application data\cache
2014-04-09 01:05:01 -------- d-----w- c:\documents and settings\administrator\local settings\application data\com
2014-04-08 22:44:11 -------- d-----w- c:\documents and settings\administrator\application data\supportdotcom
2014-04-08 22:42:10 -------- d-----w- c:\program files\common files\supportdotcom
2014-04-08 22:08:52 53248 ----a-w- c:\windows\system32\CSVer.dll
2014-04-08 22:08:07 -------- d-----w- C:\Intel
2014-04-08 22:03:25 89600 ----a-w- c:\windows\system32\Baspxp32.dll
2014-04-08 22:00:01 -------- d-----w- c:\windows\Dell
2014-04-08 21:57:59 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Downloaded Installations
2014-04-08 21:33:40 13464 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2014-04-08 21:33:10 -------- d-----w- c:\documents and settings\administrator\local settings\application data\SlimWare Utilities Inc
2014-04-08 18:52:47 -------- d-----w- C:\Inetpub
2014-03-26 22:21:55 13312 -c----w- c:\windows\system32\dllcache\xp_eos.exe
2014-03-26 22:21:55 13312 ------w- c:\windows\system32\xp_eos.exe
2014-03-21 16:46:46 152848 ----a-w- c:\windows\system32\comdlg32.ocx
2014-03-21 16:46:46 1081616 ----a-w- c:\windows\system32\mscomctl.ocx
2014-03-17 19:53:31 -------- d-----w- c:\documents and settings\all users\application data\Auslogics
2014-03-17 19:48:43 -------- d-----w- c:\program files\Auslogics
2014-03-17 19:07:05 -------- d-----w- c:\documents and settings\all users\application data\CDB
.
==================== Find3M ====================
.
2014-04-09 19:32:57 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-04-09 19:32:54 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-04-02 02:07:04 199448 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2014-03-31 21:11:58 211224 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2014-03-28 03:15:18 193304 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2014-03-28 03:14:40 123160 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
2014-03-28 03:04:22 150296 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2014-03-28 03:04:02 238872 ----a-w- c:\windows\system32\drivers\avglogx.sys
2014-03-28 03:03:22 28440 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2014-03-28 03:03:20 22296 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2014-03-06 17:59:23 920064 ----a-w- c:\windows\system32\wininet.dll
2014-03-06 17:59:22 43520 ----a-w- c:\windows\system32\licmgr10.dll
2014-03-06 17:59:22 18944 ----a-w- c:\windows\system32\corpol.dll
2014-03-06 17:59:22 1469440 ------w- c:\windows\system32\inetcpl.cpl
2014-03-06 00:46:54 385024 ----a-w- c:\windows\system32\html.iec
2014-02-07 02:01:37 1879040 ----a-w- c:\windows\system32\win32k.sys
2014-02-05 08:55:04 562688 ----a-w- c:\windows\system32\qedit.dll
.
============= FINISH: 17:49:21.54 ===============
-
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Administrator at 17:46:42 on 2014-04-15
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.59 [GMT -5:00]
.
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Flash Update\winclient32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uProxyServer = hxxp=127.0.0.1:1546;https=127.0.0.1:1546
uProxyOverride = <-loopback>
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
mWinlogon: Userinit = c:\windows\system32\userinit.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [zoUdechSLSwKJZdfXwMEoWYsVanyTgUGhEDeMdPUtUfZroLhGx] c:\documents and settings\administrator\local settings\application data\Crisis.exe
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb11.exe
mRun: [HPHUPD06] c:\program files\hp\{aac4fc36-8f89-4587-8dd3-ebc57c83374d}\hphupd06.exe
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [HPHmon06] c:\windows\system32\hphmon06.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [Windows Client Manager] c:\program files\flash update\winclient32.exe
mRun: [fst_us_27] <no file>
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-lsf?lic=TlVIRDQtWUg5UEUtTzNQNEUtUVJERUstR0RKWjctVk9YVUw"&"inst=NzctOTQyODc3MzcxLU4xKzEtVklQKzEtVFVHKzMtRkkrMS1GTDEwKzEtTFNEKzItRERUKzAtU1QxMEFQUCsxLUREMTArMS1TVDEyT0krMS1FVUxBKzEtU1QxMkFQUCsxLVNUMTJGQVBQKzE"&"prod=55"&"ver=2012.0.1834"&"mid=1d772f946f7a47d6a6ffd15b79a6277a-98068252906bc42bbade9493ef22ef469d53e47f
uExplorerRun: [Policies] c:\program files\java\java.exe
mExplorerRun: [Policies] c:\program files\java\java.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{7D34DF27-1C96-4169-B78F-FBD4AAC65D36} : DHCPNameServer = 192.168.1.254
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Authentication Packages = msv1_0 nwprovau
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\34.0.1847.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {J1C03LFT-D10V-35H7-Y3US-D8D16X05341A} - c:\program files\java\java.exe Restart
IFEO: DatamngrCoordinator.exe - tasklist.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\opm5vmj3.default-1397016665796\
FF - plugin: c:\program files\google\update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_77.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
.
============= SERVICES / DRIVERS ===============
.
R? AVGIDSAgent;AVGIDSAgent
R? axjbfvzv;axjbfvzv
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? cpuz134;cpuz134
R? ssmirrdr;ssmirrdr
R? SWDUMon;SWDUMon
R? Update Laflurla;Update Laflurla
R? Wajam Internet Enhancer Service;Wajam Internet Enhancer Service
R? WinRM;Windows Remote Management (WS-Management)
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? aswKbd;aswKbd
S? aswMonFlt;aswMonFlt
S? aswNdis;avast! Firewall NDIS Filter Service
S? aswNdis2;avast! Firewall NDIS Driver
S? aswRvrt;avast! Revert
S? aswSnx;aswSnx
S? aswSP;aswSP
S? aswVmm;avast! VM Monitor
S? avast! Antivirus;avast! Antivirus
S? avast! Firewall;avast! Firewall
S? Avgdiskx;AVG Disk Driver
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSHX;AVGIDSHX
S? AVGIDSShim;AVGIDSShim
S? Avgldx86;AVG AVI Loader Driver
S? Avglogx;AVG Logging Driver
S? Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx86;AVG Anti-Rootkit Driver
S? Avgtdix;AVG TDI Driver
S? avgwd;AVG WatchDog
S? BrcmMgmtAgent;Broadcom Management Agent
S? tStLibG;tStLibG
.
=============== Created Last 30 ================
.
2014-04-15 03:49:20 107736 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-15 03:46:06 50648 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-04-15 03:46:05 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-04-15 03:46:03 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-04-15 03:46:03 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2014-04-15 03:15:10 -------- d-----w- c:\windows\ERUNT
2014-04-14 23:49:40 -------- d-----w- C:\AdwCleaner
2014-04-10 12:22:13 -------- d-----w- c:\program files\Free Window Sweeper
2014-04-10 05:33:14 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin5.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin4.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin3.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin2.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2014-04-10 04:23:50 9652096 ----a-w- C:\TRANSLATE
2014-04-10 03:23:52 -------- d-----w- c:\program files\002
2014-04-10 03:12:19 -------- d-----w- c:\windows\system\Newrestore Folder
2014-04-09 17:59:02 -------- d-----w- c:\documents and settings\administrator\application data\AVAST Software
2014-04-09 17:47:36 776976 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-04-09 17:47:36 180760 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-04-09 17:47:35 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-04-09 17:47:35 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-04-09 17:47:33 26136 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2014-04-09 17:47:33 252208 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2014-04-09 17:47:02 43152 ----a-w- c:\windows\avastSS.scr
2014-04-09 17:44:56 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2014-04-09 16:57:44 -------- d-----w- c:\program files\AVAST Software
2014-04-09 16:45:36 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software
2014-04-09 16:39:13 295080 ----a-w- c:\windows\system32\SecureAssist.dll
2014-04-09 16:33:29 -------- d-----w- C:\temp
2014-04-09 16:14:33 -------- d-----w- c:\program files\003
2014-04-09 05:32:52 55224 ----a-w- c:\windows\system32\drivers\tStLibG.sys
2014-04-09 04:03:21 -------- d-----w- c:\program files\Flash Update
2014-04-09 03:59:35 -------- d-----w- c:\program files\Laflurla
2014-04-09 01:22:43 -------- d-----w- c:\program files\BlockAndSurf Corp
2014-04-09 01:20:14 -------- d-----w- c:\program files\Convert Files for Free
2014-04-09 01:14:15 -------- d-----w- c:\documents and settings\administrator\.android
2014-04-09 01:14:04 -------- d-----w- c:\documents and settings\administrator\local settings\application data\cache
2014-04-09 01:05:01 -------- d-----w- c:\documents and settings\administrator\local settings\application data\com
2014-04-08 22:44:11 -------- d-----w- c:\documents and settings\administrator\application data\supportdotcom
2014-04-08 22:42:10 -------- d-----w- c:\program files\common files\supportdotcom
2014-04-08 22:08:52 53248 ----a-w- c:\windows\system32\CSVer.dll
2014-04-08 22:08:07 -------- d-----w- C:\Intel
2014-04-08 22:03:25 89600 ----a-w- c:\windows\system32\Baspxp32.dll
2014-04-08 22:00:01 -------- d-----w- c:\windows\Dell
2014-04-08 21:57:59 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Downloaded Installations
2014-04-08 21:33:40 13464 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2014-04-08 21:33:10 -------- d-----w- c:\documents and settings\administrator\local settings\application data\SlimWare Utilities Inc
2014-04-08 18:52:47 -------- d-----w- C:\Inetpub
2014-03-26 22:21:55 13312 -c----w- c:\windows\system32\dllcache\xp_eos.exe
2014-03-26 22:21:55 13312 ------w- c:\windows\system32\xp_eos.exe
2014-03-21 16:46:46 152848 ----a-w- c:\windows\system32\comdlg32.ocx
2014-03-21 16:46:46 1081616 ----a-w- c:\windows\system32\mscomctl.ocx
2014-03-17 19:53:31 -------- d-----w- c:\documents and settings\all users\application data\Auslogics
2014-03-17 19:48:43 -------- d-----w- c:\program files\Auslogics
2014-03-17 19:07:05 -------- d-----w- c:\documents and settings\all users\application data\CDB
.
==================== Find3M ====================
.
2014-04-09 19:32:57 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-04-09 19:32:54 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-04-02 02:07:04 199448 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2014-03-31 21:11:58 211224 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2014-03-28 03:15:18 193304 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2014-03-28 03:14:40 123160 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
2014-03-28 03:04:22 150296 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2014-03-28 03:04:02 238872 ----a-w- c:\windows\system32\drivers\avglogx.sys
2014-03-28 03:03:22 28440 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2014-03-28 03:03:20 22296 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2014-03-06 17:59:23 920064 ----a-w- c:\windows\system32\wininet.dll
2014-03-06 17:59:22 43520 ----a-w- c:\windows\system32\licmgr10.dll
2014-03-06 17:59:22 18944 ----a-w- c:\windows\system32\corpol.dll
2014-03-06 17:59:22 1469440 ------w- c:\windows\system32\inetcpl.cpl
2014-03-06 00:46:54 385024 ----a-w- c:\windows\system32\html.iec
2014-02-07 02:01:37 1879040 ----a-w- c:\windows\system32\win32k.sys
2014-02-05 08:55:04 562688 ----a-w- c:\windows\system32\qedit.dll
.
============= FINISH: 17:49:21.54 ===============
-
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Administrator at 17:46:42 on 2014-04-15
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.59 [GMT -5:00]
.
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Flash Update\winclient32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uProxyServer = hxxp=127.0.0.1:1546;https=127.0.0.1:1546
uProxyOverride = <-loopback>
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
mWinlogon: Userinit = c:\windows\system32\userinit.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [zoUdechSLSwKJZdfXwMEoWYsVanyTgUGhEDeMdPUtUfZroLhGx] c:\documents and settings\administrator\local settings\application data\Crisis.exe
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb11.exe
mRun: [HPHUPD06] c:\program files\hp\{aac4fc36-8f89-4587-8dd3-ebc57c83374d}\hphupd06.exe
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [HPHmon06] c:\windows\system32\hphmon06.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [Windows Client Manager] c:\program files\flash update\winclient32.exe
mRun: [fst_us_27] <no file>
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-lsf?lic=TlVIRDQtWUg5UEUtTzNQNEUtUVJERUstR0RKWjctVk9YVUw"&"inst=NzctOTQyODc3MzcxLU4xKzEtVklQKzEtVFVHKzMtRkkrMS1GTDEwKzEtTFNEKzItRERUKzAtU1QxMEFQUCsxLUREMTArMS1TVDEyT0krMS1FVUxBKzEtU1QxMkFQUCsxLVNUMTJGQVBQKzE"&"prod=55"&"ver=2012.0.1834"&"mid=1d772f946f7a47d6a6ffd15b79a6277a-98068252906bc42bbade9493ef22ef469d53e47f
uExplorerRun: [Policies] c:\program files\java\java.exe
mExplorerRun: [Policies] c:\program files\java\java.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{7D34DF27-1C96-4169-B78F-FBD4AAC65D36} : DHCPNameServer = 192.168.1.254
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Authentication Packages = msv1_0 nwprovau
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\34.0.1847.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {J1C03LFT-D10V-35H7-Y3US-D8D16X05341A} - c:\program files\java\java.exe Restart
IFEO: DatamngrCoordinator.exe - tasklist.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\opm5vmj3.default-1397016665796\
FF - plugin: c:\program files\google\update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_77.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
.
============= SERVICES / DRIVERS ===============
.
R? AVGIDSAgent;AVGIDSAgent
R? axjbfvzv;axjbfvzv
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? cpuz134;cpuz134
R? ssmirrdr;ssmirrdr
R? SWDUMon;SWDUMon
R? Update Laflurla;Update Laflurla
R? Wajam Internet Enhancer Service;Wajam Internet Enhancer Service
R? WinRM;Windows Remote Management (WS-Management)
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? aswKbd;aswKbd
S? aswMonFlt;aswMonFlt
S? aswNdis;avast! Firewall NDIS Filter Service
S? aswNdis2;avast! Firewall NDIS Driver
S? aswRvrt;avast! Revert
S? aswSnx;aswSnx
S? aswSP;aswSP
S? aswVmm;avast! VM Monitor
S? avast! Antivirus;avast! Antivirus
S? avast! Firewall;avast! Firewall
S? Avgdiskx;AVG Disk Driver
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSHX;AVGIDSHX
S? AVGIDSShim;AVGIDSShim
S? Avgldx86;AVG AVI Loader Driver
S? Avglogx;AVG Logging Driver
S? Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx86;AVG Anti-Rootkit Driver
S? Avgtdix;AVG TDI Driver
S? avgwd;AVG WatchDog
S? BrcmMgmtAgent;Broadcom Management Agent
S? tStLibG;tStLibG
.
=============== Created Last 30 ================
.
2014-04-15 03:49:20 107736 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-15 03:46:06 50648 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-04-15 03:46:05 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-04-15 03:46:03 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-04-15 03:46:03 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2014-04-15 03:15:10 -------- d-----w- c:\windows\ERUNT
2014-04-14 23:49:40 -------- d-----w- C:\AdwCleaner
2014-04-10 12:22:13 -------- d-----w- c:\program files\Free Window Sweeper
2014-04-10 05:33:14 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin5.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin4.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin3.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin2.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\mozilla firefox\plugins\npqtplugin.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2014-04-10 05:33:14 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2014-04-10 04:23:50 9652096 ----a-w- C:\TRANSLATE
2014-04-10 03:23:52 -------- d-----w- c:\program files\002
2014-04-10 03:12:19 -------- d-----w- c:\windows\system\Newrestore Folder
2014-04-09 17:59:02 -------- d-----w- c:\documents and settings\administrator\application data\AVAST Software
2014-04-09 17:47:36 776976 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-04-09 17:47:36 180760 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-04-09 17:47:35 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-04-09 17:47:35 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-04-09 17:47:33 26136 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2014-04-09 17:47:33 252208 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2014-04-09 17:47:02 43152 ----a-w- c:\windows\avastSS.scr
2014-04-09 17:44:56 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2014-04-09 16:57:44 -------- d-----w- c:\program files\AVAST Software
2014-04-09 16:45:36 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software
2014-04-09 16:39:13 295080 ----a-w- c:\windows\system32\SecureAssist.dll
2014-04-09 16:33:29 -------- d-----w- C:\temp
2014-04-09 16:14:33 -------- d-----w- c:\program files\003
2014-04-09 05:32:52 55224 ----a-w- c:\windows\system32\drivers\tStLibG.sys
2014-04-09 04:03:21 -------- d-----w- c:\program files\Flash Update
2014-04-09 03:59:35 -------- d-----w- c:\program files\Laflurla
2014-04-09 01:22:43 -------- d-----w- c:\program files\BlockAndSurf Corp
2014-04-09 01:20:14 -------- d-----w- c:\program files\Convert Files for Free
2014-04-09 01:14:15 -------- d-----w- c:\documents and settings\administrator\.android
2014-04-09 01:14:04 -------- d-----w- c:\documents and settings\administrator\local settings\application data\cache
2014-04-09 01:05:01 -------- d-----w- c:\documents and settings\administrator\local settings\application data\com
2014-04-08 22:44:11 -------- d-----w- c:\documents and settings\administrator\application data\supportdotcom
2014-04-08 22:42:10 -------- d-----w- c:\program files\common files\supportdotcom
2014-04-08 22:08:52 53248 ----a-w- c:\windows\system32\CSVer.dll
2014-04-08 22:08:07 -------- d-----w- C:\Intel
2014-04-08 22:03:25 89600 ----a-w- c:\windows\system32\Baspxp32.dll
2014-04-08 22:00:01 -------- d-----w- c:\windows\Dell
2014-04-08 21:57:59 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Downloaded Installations
2014-04-08 21:33:40 13464 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2014-04-08 21:33:10 -------- d-----w- c:\documents and settings\administrator\local settings\application data\SlimWare Utilities Inc
2014-04-08 18:52:47 -------- d-----w- C:\Inetpub
2014-03-26 22:21:55 13312 -c----w- c:\windows\system32\dllcache\xp_eos.exe
2014-03-26 22:21:55 13312 ------w- c:\windows\system32\xp_eos.exe
2014-03-21 16:46:46 152848 ----a-w- c:\windows\system32\comdlg32.ocx
2014-03-21 16:46:46 1081616 ----a-w- c:\windows\system32\mscomctl.ocx
2014-03-17 19:53:31 -------- d-----w- c:\documents and settings\all users\application data\Auslogics
2014-03-17 19:48:43 -------- d-----w- c:\program files\Auslogics
2014-03-17 19:07:05 -------- d-----w- c:\documents and settings\all users\application data\CDB
.
==================== Find3M ====================
.
2014-04-09 19:32:57 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-04-09 19:32:54 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-04-02 02:07:04 199448 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2014-03-31 21:11:58 211224 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2014-03-28 03:15:18 193304 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2014-03-28 03:14:40 123160 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
2014-03-28 03:04:22 150296 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2014-03-28 03:04:02 238872 ----a-w- c:\windows\system32\drivers\avglogx.sys
2014-03-28 03:03:22 28440 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2014-03-28 03:03:20 22296 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2014-03-06 17:59:23 920064 ----a-w- c:\windows\system32\wininet.dll
2014-03-06 17:59:22 43520 ----a-w- c:\windows\system32\licmgr10.dll
2014-03-06 17:59:22 18944 ----a-w- c:\windows\system32\corpol.dll
2014-03-06 17:59:22 1469440 ------w- c:\windows\system32\inetcpl.cpl
2014-03-06 00:46:54 385024 ----a-w- c:\windows\system32\html.iec
2014-02-07 02:01:37 1879040 ----a-w- c:\windows\system32\win32k.sys
2014-02-05 08:55:04 562688 ----a-w- c:\windows\system32\qedit.dll
.
============= FINISH: 17:49:21.54 ===============
-
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 2/12/2011 5:06:24 AM
System Uptime: 4/14/2014 11:36:07 PM (18 hours ago)
.
Motherboard: Dell Inc. | | 0H8052
Processor: Intel® Pentium® 4 CPU 3.20GHz | Microprocessor | 3192/800mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 75 GiB total, 40.393 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1177: 2/10/2014 3:08:13 PM - System Checkpoint
RP1178: 2/11/2014 4:08:13 PM - System Checkpoint
RP1179: 2/12/2014 3:00:17 AM - Software Distribution Service 3.0
RP1180: 2/13/2014 1:02:48 PM - System Checkpoint
RP1181: 2/14/2014 2:02:43 PM - System Checkpoint
RP1182: 2/15/2014 3:02:43 PM - System Checkpoint
RP1183: 2/16/2014 3:05:03 PM - System Checkpoint
RP1184: 2/17/2014 4:04:58 PM - System Checkpoint
RP1185: 2/18/2014 5:04:58 PM - System Checkpoint
RP1186: 2/19/2014 5:32:58 PM - System Checkpoint
RP1187: 2/20/2014 4:04:36 PM - Installed Microsoft PowerPoint Viewer
RP1188: 2/21/2014 4:44:33 PM - Installed iTunes
RP1189: 2/22/2014 5:12:42 PM - System Checkpoint
RP1190: 2/23/2014 5:25:26 PM - System Checkpoint
RP1191: 2/24/2014 6:20:09 PM - System Checkpoint
RP1192: 2/25/2014 7:09:06 PM - System Checkpoint
RP1193: 2/26/2014 8:08:38 PM - System Checkpoint
RP1194: 2/27/2014 9:18:15 PM - System Checkpoint
RP1195: 2/28/2014 9:58:52 PM - System Checkpoint
RP1196: 3/1/2014 10:51:57 PM - System Checkpoint
RP1197: 3/2/2014 10:57:47 PM - System Checkpoint
RP1198: 3/4/2014 1:04:32 AM - System Checkpoint
RP1199: 3/5/2014 1:33:14 AM - System Checkpoint
RP1200: 3/6/2014 1:42:02 AM - System Checkpoint
RP1201: 3/7/2014 2:36:43 AM - System Checkpoint
RP1202: 3/8/2014 3:31:24 AM - System Checkpoint
RP1203: 3/9/2014 5:26:29 AM - System Checkpoint
RP1204: 3/10/2014 6:24:15 AM - System Checkpoint
RP1205: 3/11/2014 7:18:52 AM - System Checkpoint
RP1206: 3/12/2014 7:51:11 AM - System Checkpoint
RP1207: 3/12/2014 9:56:39 AM - Software Distribution Service 3.0
RP1208: 3/13/2014 10:08:32 AM - System Checkpoint
RP1209: 3/14/2014 11:09:05 AM - System Checkpoint
RP1210: 3/15/2014 11:57:33 AM - System Checkpoint
RP1211: 3/16/2014 12:51:57 PM - System Checkpoint
RP1212: 3/17/2014 1:46:28 PM - System Checkpoint
RP1213: 3/17/2014 2:42:21 PM - Configured SoundMAX
RP1214: 3/17/2014 2:42:53 PM - Installed SoundMAX
RP1215: 3/17/2014 9:01:40 PM - Software Distribution Service 3.0
RP1216: 3/18/2014 9:15:41 PM - System Checkpoint
RP1217: 3/19/2014 9:18:40 PM - System Checkpoint
RP1218: 3/20/2014 9:51:23 PM - System Checkpoint
RP1219: 3/21/2014 10:46:12 PM - System Checkpoint
RP1220: 3/22/2014 11:45:33 PM - System Checkpoint
RP1221: 3/24/2014 12:37:49 AM - System Checkpoint
RP1222: 3/25/2014 1:32:15 AM - System Checkpoint
RP1223: 3/26/2014 2:25:52 AM - System Checkpoint
RP1224: 3/27/2014 2:00:39 AM - Software Distribution Service 3.0
RP1225: 3/28/2014 2:18:38 AM - System Checkpoint
RP1226: 3/29/2014 3:13:11 AM - System Checkpoint
RP1227: 3/30/2014 3:15:25 AM - System Checkpoint
RP1228: 3/31/2014 4:04:03 AM - System Checkpoint
RP1229: 4/1/2014 4:58:34 AM - System Checkpoint
RP1230: 4/2/2014 5:50:53 AM - System Checkpoint
RP1231: 4/3/2014 6:46:18 AM - System Checkpoint
RP1232: 4/4/2014 7:41:52 AM - System Checkpoint
RP1233: 4/5/2014 9:06:08 AM - System Checkpoint
RP1234: 4/6/2014 9:50:03 AM - System Checkpoint
RP1235: 4/7/2014 10:44:35 AM - System Checkpoint
RP1236: 4/8/2014 10:30:51 AM - Software Distribution Service 3.0
RP1237: 4/8/2014 3:16:16 PM - Removed Microsoft Silverlight
RP1238: 4/8/2014 3:18:17 PM - Removed Windows Live Upload Tool
RP1239: 4/8/2014 3:18:41 PM - Removed Windows Live Sign-in Assistant
RP1240: 4/8/2014 3:24:20 PM - Configured SoundMAX
RP1241: 4/8/2014 3:24:51 PM - Installed SoundMAX
RP1242: 4/8/2014 4:51:54 PM - DriverUpdate Installing Drivers
RP1243: 4/8/2014 5:01:02 PM - Removed Broadcom Gigabit Integrated Controller
RP1244: 4/8/2014 5:01:45 PM - Installed Broadcom NetXtreme-I Netlink Driver and Management Installer.
RP1245: 4/8/2014 6:36:20 PM - DriverUpdate Installing Drivers
RP1246: 4/8/2014 7:02:13 PM - Removed DriverUpdate
RP1247: 4/8/2014 7:15:02 PM - Uniblue SpeedUpMyPC installation
RP1248: 4/9/2014 11:57:43 AM - avast! antivirus system restore point
RP1249: 4/9/2014 12:37:53 PM - avast! antivirus system restore point
RP1250: 4/9/2014 2:28:24 PM - Software Distribution Service 3.0
RP1251: 4/10/2014 3:12:58 PM - System Checkpoint
RP1252: 4/11/2014 3:23:02 PM - System Checkpoint
RP1253: 4/12/2014 4:18:39 PM - System Checkpoint
RP1254: 4/13/2014 5:14:18 PM - System Checkpoint
RP1255: 4/15/2014 12:09:24 AM - System Checkpoint
RP1256: 4/15/2014 2:06:20 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe Flash Player 12 ActiveX
avast! Internet Security
AVG 2014
Free Window Sweeper
Google Chrome
Google Update Helper
Malwarebytes Anti-Malware version 2.0.1.1004
Security Update for Windows Internet Explorer 8 (KB2936068)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2922229)
.
==== Event Viewer Messages From Past Week ========
.
4/9/2014 5:24:52 PM, error: Service Control Manager [7000] - The AVGIDSAgent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/9/2014 5:24:50 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the AVGIDSAgent service to connect.
4/9/2014 2:17:10 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: hlnfd
4/9/2014 12:57:06 PM, error: Service Control Manager [7034] - The TCP/IP NetBIOS Helper service terminated unexpectedly. It has done this 1 time(s).
4/9/2014 12:57:06 PM, error: Service Control Manager [7034] - The SSDP Discovery Service service terminated unexpectedly. It has done this 1 time(s).
4/9/2014 12:57:06 PM, error: Service Control Manager [7031] - The Remote Registry service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
4/9/2014 12:36:24 PM, error: Service Control Manager [7000] - The vsacqnnz service failed to start due to the following error: The system cannot find the file specified.
4/9/2014 12:15:55 PM, error: DCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {EBE666C3-F26C-4CF6-8ABA-3D5F5D2625E1} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission can be modified using the Component Services administrative tool.
4/9/2014 12:13:15 PM, error: Service Control Manager [7000] - The Update Laflurla service failed to start due to the following error: The system cannot find the file specified.
4/9/2014 12:12:14 PM, error: DCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {EBE666C3-F26C-4CF6-8ABA-3D5F5D2625E1} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool.
4/9/2014 11:45:54 AM, error: Service Control Manager [7000] - The axjbfvzv service failed to start due to the following error: The system cannot find the file specified.
4/9/2014 11:34:38 AM, error: Service Control Manager [7034] - The Search Protect by Conduit Service service terminated unexpectedly. It has done this 1 time(s).
4/9/2014 10:59:35 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Util Laflurla service.
4/9/2014 1:06:38 PM, error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/9/2014 1:06:37 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.
4/9/2014 1:06:16 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
4/8/2014 8:44:12 PM, error: Service Control Manager [7022] - The Wajam Internet Enhancer Service service hung on starting.
4/8/2014 7:24:10 PM, error: Service Control Manager [7000] - The NewPlayer Updater Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/8/2014 7:24:09 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the NewPlayer Updater Service service to connect.
4/8/2014 6:10:52 PM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.
4/8/2014 5:10:14 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the avgwd service.
4/8/2014 2:57:06 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
4/8/2014 2:57:06 PM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/8/2014 12:29:49 PM, error: Service Control Manager [7000] - The TelevisionFanaticService service failed to start due to the following error: The system cannot find the file specified.
4/8/2014 12:29:49 PM, error: Service Control Manager [7000] - The RadioRageService service failed to start due to the following error: The system cannot find the file specified.
4/8/2014 12:29:07 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
4/8/2014 10:38:25 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Computer Backup (MyPC Backup) service to connect.
4/8/2014 10:38:25 PM, error: Service Control Manager [7000] - The Computer Backup (MyPC Backup) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/15/2014 9:42:36 AM, error: Service Control Manager [7024] - The AVGIDSAgent service terminated with service-specific error 3758213661 (0xE001CA1D).
4/14/2014 8:09:00 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
4/14/2014 8:08:27 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the iPod Service service to connect.
4/14/2014 8:08:27 PM, error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/14/2014 8:07:51 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Pml Driver HPZ12 service to connect.
4/14/2014 8:07:51 PM, error: Service Control Manager [7000] - The Pml Driver HPZ12 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/14/2014 7:15:15 PM, error: Schedule [7901] - The At2.job command failed to start due to the following error: %%2147942403
4/14/2014 7:15:13 PM, error: Schedule [7901] - The At1.job command failed to start due to the following error: %%2147942403
4/14/2014 7:05:02 PM, error: Service Control Manager [7000] - The Wajam Internet Enhancer Service service failed to start due to the following error: The system cannot find the file specified.
4/14/2014 7:05:02 PM, error: Service Control Manager [7000] - The Search Protect by Conduit Service service failed to start due to the following error: The system cannot find the path specified.
4/14/2014 7:05:02 PM, error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/14/2014 7:05:01 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Apple Mobile Device service to connect.
4/14/2014 6:54:48 PM, error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
4/14/2014 6:54:48 PM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/14/2014 6:54:48 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Wajam Internet Enhancer Service service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Computer Backup (MyPC Backup) service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Broadcom Management Agent service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
4/14/2014 6:52:30 PM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/14/2014 6:52:30 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/14/2014 11:03:52 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.
4/14/2014 10:48:54 PM, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).
4/10/2014 8:09:27 AM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
4/10/2014 7:49:38 AM, error: Service Control Manager [7000] - The TelevisionFanaticService service failed to start due to the following error: The system cannot find the path specified.
.
==== End Of File ===========================
-
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by Administrator on Mon 04/14/2014 at 22:16:01.53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
Successfully stopped: [service] cltmngsvc
Successfully deleted: [service] cltmngsvc
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C35AD63-AF1D-4E21-B484-B6651A8EFCF9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\fixcleaner
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sparktrust
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\fixcleaner
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sparktrust
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4623A8C4-150D-4983-8982-68C01E7D6541}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011501158}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011501158}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011221158}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501158}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501158}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CEFF4BCF-790F-4DE9-9D83-60CB7B9E9DF0}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\sparktrust"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Application Data\fixcleaner"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Application Data\sparktrust"
Successfully deleted: [Folder] "C:\Program Files\couponalert_2pei"
Successfully deleted: [Folder] "C:\Program Files\fixcleaner"
Successfully deleted: [Folder] "C:\Program Files\popularscreensavers_7iei"
~~~ FireFox
Successfully deleted: [File] C:\user.js
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 04/14/2014 at 22:31:38.50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -
cleaning my computer.... Janet Brasher
General computer sweep clean up junk files
in Malware Removal
Posted
thank you and God bless you for your patience with me and your help on this....Take care.. I've gained a new frirend.. stay in touch on facebook Janet