General computer sweep clean up junk files

ladybug895 · April 14, 2014

cleaning my computer.... Janet Brasher

flashh4 · April 15, 2014

SKENTISH ....... you do not have permission to post into these logs so stay out of them !!

flashh4 · April 15, 2014

Posting this for Ladybug:

# AdwCleaner v3.023 - Report created 14/04/2014 at 18:52:15
# Updated 01/04/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - COMPUTER
# Running from : C:\Documents and Settings\Administrator\My Documents\Downloads\adwcleaner (1).exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : BackupStack
[x] Not Deleted : CltMngSvc
[#] Service Deleted : hlnfd
[#] Service Deleted : RadioRage_4jService
[#] Service Deleted : TelevisionFanaticService

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\apn
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Ask
Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Application Data\ParetoLogic
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Tarma Installer
Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\Wajam
Folder Deleted : C:\Program Files\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files\File Type Assistant
Folder Deleted : C:\Program Files\Free Offers from Freeze.com
Folder Deleted : C:\Program Files\FunWebProducts
Folder Deleted : C:\Program Files\iBryte
Folder Deleted : C:\Program Files\InboxAce_1gEI
Folder Deleted : C:\Program Files\MyPC Backup
Folder Deleted : C:\Program Files\Mysearchdial
Folder Deleted : C:\Program Files\MyWebSearch
Folder Deleted : C:\Program Files\Optimizer Pro
Folder Deleted : C:\Program Files\ParetoLogic
Folder Deleted : C:\Program Files\predm
Folder Deleted : C:\Program Files\puredefmusic
Folder Deleted : C:\Program Files\RadioRage_4j
Folder Deleted : C:\Program Files\SearchProtect
Folder Deleted : C:\Program Files\TelevisionFanatic
Folder Deleted : C:\Program Files\TelevisionFanaticEI
Folder Deleted : C:\Program Files\Wajam
Folder Deleted : C:\WINDOWS\system32\AI_RecycleBin
Folder Deleted : C:\Documents and Settings\NetworkService\Application Data\Mysearchdial
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\iBryte
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Mobogenie
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\PackageAware
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\SearchProtect
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\DriverCure
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\DSite
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\IminentToolbar
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\Mysearchdial
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\ParetoLogic
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\RadioRage_4j
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\Systweak
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\TelevisionFanatic
File Deleted : C:\END
File Deleted : C:\WINDOWS\system32\conduitEngine.tmp
File Deleted : C:\WINDOWS\system32\roboot.exe
File Deleted : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\opm5vmj3.default-1397016665796\searchplugins\conduit-search.xml
File Deleted : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\opm5vmj3.default-1397016665796\searchplugins\iminent.xml
File Deleted : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\ui7haunu.default-1397010084187\user.js
File Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\Iminent
Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.DynamicBarButton
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.DynamicBarButton.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.FeedManager
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.FeedManager.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.HTMLMenu
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.HTMLMenu.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.HTMLPanel
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.HTMLPanel.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.MultipleButton
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.MultipleButton.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.PseudoTransparentPlugin
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.PseudoTransparentPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.Radio
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.Radio.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.RadioSettings
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.RadioSettings.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ScriptButton
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ScriptButton.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.SettingsPlugin
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.SettingsPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.SkinLauncher
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.SkinLauncher.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.SkinLauncherSettings
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.SkinLauncherSettings.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ThirdPartyInstaller
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ThirdPartyInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ToolbarProtector
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ToolbarProtector.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.UrlAlertButton
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.UrlAlertButton.1
Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.XMLSessionPlugin
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKCU\Software\5ded68bb26eed43
Key Deleted : HKLM\SOFTWARE\5ded68bb26eed43
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2418376
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2559647
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [winupdater]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00A2B7C6-7487-4B99-9F6C-1FDF57FE130B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{04D2B915-19FF-41E9-994D-95DC898BEA43}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10273591-D084-4328-A7D0-49E051FCDE7B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11D4B723-18CA-48C6-BA13-965488F19A70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{434FA5E9-253E-4BD0-ADB6-7CE4CEA114CA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{53855564-CF81-410C-9C1C-321C7E067816}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{581C7D7D-F809-4E03-A631-74C069D5F04A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60B34F47-3FDD-46F8-AB6C-AAABEA55C3D6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6562E272-88E1-4DFF-8FF8-FE1A05323D36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{68122F44-3A4A-4EDB-B28F-0C0E07F89BD0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E7ABF2A-8C44-4562-895D-DBCA3CDDD1A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9638B7D6-11F5-4406-B387-327642A11FFB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4730EBE-43A6-443E-9776-36915D323AD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA41198F-C3C5-47D8-99E1-1AB199E81723}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D740AD89-BAF4-47D5-9B5E-343D30F07A7A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DFEB941C-8B58-4899-97C3-88FE394E1285}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E23760BE-23A3-4CEF-9304-66AF079F53DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E6AD866F-EA06-476A-8432-ED943683FAB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ECEF0D95-32FA-48D3-8A2D-D6453B5B7361}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F02C0832-C85C-4B93-8C6F-9DF20121A10D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F69FE1BE-09C3-460C-AC89-8CCD9D3DF1CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F706E19B-6C14-4272-BA98-2F16636A898D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{58E64AEE-516A-4DFC-AC38-31C50E8AF0F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A25AA6E2-1CDE-4D0F-A5D4-4898D7FB3C86}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A5C9CB1C-1C0A-45A2-81CC-1DD342D0A478}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A661D4DC-4BD8-48FC-964B-A24AB8157DE6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D7C0D2ED-A16B-4939-BCAF-D61205B6D4DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DB507187-9746-458C-97DA-C458131EEDE7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0978C5FA-83C0-4118-A54F-99DACCEECB8C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1ED65BE2-AE84-46CB-8EA6-1C2B86ADF768}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1FDAD7F1-B87C-4E79-9150-DE235FF80B3A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{395C94B1-59E6-4C65-8AF2-0F6763BC70A6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A50E810-71EB-43A8-A665-19ED8CCD1630}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4DD9EB5D-8657-4856-A804-535841B09D73}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{569A9014-22E3-4F11-A243-CA4E3D95ADED}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{597494DA-C59F-4EDF-B2D1-CE137E2DB9E4}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5E5E0B49-1A81-4ACC-BD6B-FF5F4EFEF01A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9E18E695-C9AF-4369-8CC3-93141C2928AF}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B872D222-3F52-4CD9-A4BE-9D69EE4F293D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D0E90465-CF35-480D-B520-E1E3BDE802F5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61E0EF7A-9BC0-45EA-9B2F-F3E9F02692BD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{04D2B915-19FF-41E9-994D-95DC898BEA43}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0696F815-A3A9-490A-BB14-9EC3350B1276}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{23B38049-323F-443D-9732-F454E5B15B72}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3462C343-BE19-4143-AF70-CEFB56F46FC6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3A421C8F-E238-4AEB-8874-B8B5F2CC4772}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{48909954-14FB-4971-A7B3-47E7AF10B38A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5848763C-2668-44CA-ADBE-2999A6EE2858}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5D79F641-C168-40DF-A32F-BACEA7509E75}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{60E91567-EF8A-4520-BCE2-83ABA5256799}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{61E0EF7A-9BC0-45EA-9B2F-F3E9F02692BD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CB41FC95-F1B3-4797-8BB6-1012FF62ABBA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E30A55B1-F1B7-43A4-B3F6-EC90CDC4FE60}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E30A55B9-F1B7-43A4-B3F6-EC90CDC4FE60}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FF365CDB-88FE-4FFA-A3F3-357855231DFA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5D79F641-C168-40DF-A32F-BACEA7509E75}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CB41FC95-F1B3-4797-8BB6-1012FF62ABBA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E30A55B1-F1B7-43A4-B3F6-EC90CDC4FE60}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E30A55B9-F1B7-43A4-B3F6-EC90CDC4FE60}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FF365CDB-88FE-4FFA-A3F3-357855231DFA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{04D2B915-19FF-41E9-994D-95DC898BEA43}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{434FA5E9-253E-4BD0-ADB6-7CE4CEA114CA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{581C7D7D-F809-4E03-A631-74C069D5F04A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{60B34F47-3FDD-46F8-AB6C-AAABEA55C3D6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{68122F44-3A4A-4EDB-B28F-0C0E07F89BD0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8867AC9B-4426-44A2-A693-C95850D3405C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9638B7D6-11F5-4406-B387-327642A11FFB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F02C0832-C85C-4B93-8C6F-9DF20121A10D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F706E19B-6C14-4272-BA98-2F16636A898D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16FE2505-F2A0-4782-B035-AF0E5188C02C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44DB423D-A0DB-4664-9477-CCDCEB7CD666}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{53855564-CF81-410C-9C1C-321C7E067816}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56965DCF-718F-4148-BECF-5A2B466F4556}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65BCD620-07DD-012F-819F-073CF1B8F7C6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A25AA6E2-1CDE-4D0F-A5D4-4898D7FB3C86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5C9CB1C-1C0A-45A2-81CC-1DD342D0A478}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A661D4DC-4BD8-48FC-964B-A24AB8157DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5731AB1-8566-4441-AEFB-9AFB2EEA63D9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E30A55B8-F1B7-43A4-B3F6-EC90CDC4FE60}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E30A55BA-F1B7-43A4-B3F6-EC90CDC4FE60}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E30A55BF-F1B7-43A4-B3F6-EC90CDC4FE60}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{09971CEE-01B8-42BC-9D91-456B1FAAD6BE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{882CA552-FBDF-4774-B8C8-A1C9475833E8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{91607FA7-3C2F-4F90-93E3-D5337A6B0AC2}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A5B9C0F5-5616-47CD-A95F-E43B488FACCF}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{09971CEE-01B8-42BC-9D91-456B1FAAD6BE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{882CA552-FBDF-4774-B8C8-A1C9475833E8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A5B9C0F5-5616-47CD-A95F-E43B488FACCF}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{78BA36C9-6036-482B-B48D-ECCA6F964B84}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C98D5B61-B0EA-4D48-9839-1079D352D880}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0696F815-A3A9-490A-BB14-9EC3350B1276}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{3C35AD63-AF1D-4E21-B484-B6651A8EFCF9}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List [C:\Program Files\BearShare Applications\BearShare\BearShare.exe]
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\Crossrider
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\FunWebProducts
Key Deleted : HKCU\Software\IminentToolbar
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\mysearchdial
Key Deleted : HKCU\Software\mysearchdial.com
Key Deleted : HKCU\Software\MyWebSearch
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\PriceGong
Key Deleted : HKCU\Software\puredefmusic
Key Deleted : HKCU\Software\RadioRage_4j
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\TelevisionFanatic
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\FocusInteractive
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\Fun Web Products
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\InstallCore
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\MyWebSearch
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\puredefmusic
Key Deleted : HKLM\Software\RadioRage_4j
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\Software\TelevisionFanatic
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\Wajam
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DSite
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DSite
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RewardsArcade
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mysearchdial
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\opm5vmj3.default-1397016665796\prefs.js ]

-\\ Google Chrome v34.0.1847.116

[ File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : search_url
Deleted : suggest_url
Deleted : keyword

*************************

AdwCleaner[R0].txt - [32562 octets] - [14/04/2014 18:50:16]
AdwCleaner[s0].txt - [32157 octets] - [14/04/2014 18:52:15]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [32218 octets] ##########

"""Have a Smiley Day""
~~~Janet~~~~~

flashh4 · April 15, 2014

Ladybug that was a lot, now continue with the next program for me !

Thanks

Chuck

flashh4 · April 15, 2014

Howdy and welcome to BestTechie !!!

My name is flashh4 (Chuck) and i will be assisting you with the cleaning of your computer.

Run these 1 at a time & post each log as you get it ! Work them as your time permits you to !!

If you don't understand something, please don't hesitate to ask for clarification before proceeding !!! You can PM me if you need to !!
Do Not Remove anything or run any tools/programs until advised to do so !

Perform all actions in the order given.

Please stay with us until we give you the "All Clean Speech"! Just because the problem has stopped it may still need some clean-up !

Please note that all instructions given are customized for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.

===================================

AdwCleaner

Please download adwcleaner by Xplode onto your desktop.
Double click on AdwCleaner.exe to run the tool again.
       Windows XP : Double click on the icon to run it.

       Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

    *Click on the Scan button.
    *AdwCleaner will begin to scan your computer like it did before.
    *After the scan has finished .......

    This time, click on the Clean button.

    *Press OK when asked to close all programs and follow the onscreen prompts.
    *Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    *After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
    *Copy and paste the contents of that logfile in your next reply.
    *A copy of that logfile will also be saved in the C:\AdwCleaner folder.

NEXT

    Please download Junkware Removal Tool and save to your desk top.

    Shut down your protection software now to avoid potential conflicts.

    * Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    * The tool will open and start scanning your system.
    * Please be patient as this can take a while to complete depending on your system's specifications.
    * On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    * Post the contents of JRT.txt into your next reply !

Re-Boot your computer now !!

NEXT

Full System Scan with Malwarebytes Antimalware

    Please download Malwarebytes Anti-Malware to your desktop.

    Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
    At the end, be sure a checkmark is placed next to the following:
        Launch Malwarebytes Anti-Malware
        A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
    Click Finish.

    Run Malwarebytes Antimalware
    On the Dashboard, click the 'Update Now >>' link if it does not ask you to Update !
    After the update completes, click the 'Scan Now >>' button.
    Or, on the Dashboard, click the Scan Now >> button.
    If an update is available, click the Update Now button.
    A Threat Scan will begin.
    When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    In most cases, a restart will be required.
    Wait for the prompt to restart the computer to appear, then click on Yes.

    After the restart once you are back at your desktop, open MBAM once more.
    Click on the History tab > Application Logs.
    Double click on the scan log which shows the Date and time of the scan just performed.
    Click 'Copy to Clipboard'
    Paste the contents of the clipboard into your reply.

Post next:
1. AdwCleaner Log
2. Junkware Removal Log
3. Malwarebytes log
Thanks
Chuck

When i removed those other guys post i removed my fix so this is as it should of been !! Just skip the AdwCleaner part !

ladybug895 · April 15, 2014

Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by Administrator on Mon 04/14/2014 at 22:16:01.53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

Successfully stopped: [service] cltmngsvc
Successfully deleted: [service] cltmngsvc

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C35AD63-AF1D-4E21-B484-B6651A8EFCF9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\fixcleaner
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sparktrust
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\fixcleaner
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sparktrust
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4623A8C4-150D-4983-8982-68C01E7D6541}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011501158}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011501158}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011221158}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501158}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501158}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CEFF4BCF-790F-4DE9-9D83-60CB7B9E9DF0}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\sparktrust"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Application Data\fixcleaner"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Application Data\sparktrust"
Successfully deleted: [Folder] "C:\Program Files\couponalert_2pei"
Successfully deleted: [Folder] "C:\Program Files\fixcleaner"
Successfully deleted: [Folder] "C:\Program Files\popularscreensavers_7iei"

~~~ FireFox

Successfully deleted: [File] C:\user.js

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 04/14/2014 at 22:31:38.50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

flashh4 · April 15, 2014

Looking better Ladybug, on to the next tool > MalwareBytes !!

Thanks

Chuck

flashh4 · April 15, 2014

Ladybug after ATT gets your internet connection fixed post the log from Malwarebytes first thing !

If your internet gets you on line try this tool:

You can try to reset TCP/IP if you have Internet connection issues.
Fix it for me
Note This Fix it solution does not work in Windows 8 or Windows 8.1. To reset the TCP/IP in Windows 8 or Windows 8.1, please go to "Let me fix it myself" section. To run the Fix it solution, You must be logged on to the computer as an administrator.
To fix this problem automatically, click the Fix this problem link. Then, click Run in the File Download dialog box, and follow the steps in this wizard.

http://go.microsoft.com/?linkid=9664547

===========================

Run these programs next & post their logs here please !

Download DDS and save it to your Desktop. >>> DDS

    Double click dds.scr to run the tool.
    If using Vista or Windows 7 you will be prompted by UAC, please allow the prompt.
    DDS will now scan your computer.
    When the scan is complete, DDS will open two (2) logs:
        DDS.txt
        Attach.txt
    If not saved these logs will be automatically deleted when closed, so save both to your Desktop.
    Please note it is important that you post BOTH logs in your topic.

Please note: DDS will ask you to attach the second log (Attach.txt), please ignore this notice and post the log instead.

Any problems downloading or running DDS.scr, try THIS alternate (DDS.com) version of DDS http://download.bleepingcomputer.com/sUBs/dds.com

NEXT

Download OldTimer to your desk top !
Links: http://oldtimer.geekstogo.com/OTL.com http://oldtimer.geekstogo.com/OTL.scr

If you already have a copy of OTL delete it and use this version. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).

* Double click OTL.exe to launch the program.
* Check the following.

o Scan all users.
o Standard Output. o Lop check.
o Purity check. oExtra Registry > Use SafeList

* Under Extra Registry section, select Use SafeList
* Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
* When finished it will produce two logs.

o OTL.txt (open on your desktop).
o Extras.txt (minimised in your taskbar) The Extras.txt file will only appear the very first time you run OTL.

* Please post me both logs. This may have to be broken into more than one post !

NEXT

Security Check

Please download and save SecurityCheck.exe to your Desktop from one of the links below.

Link >>> http://screen317.changelog.fr/SecurityCheck.exe

    * Double click SecurityCheck.exe and follow the onscreen instructions inside the black box.
    * A Notepad document should open automatically called checkup.txt
    * Please post the contents of that document in your next reply.

Post Next !

1. DDS logs (2 logs)

2. OTL Log

3. SecurityCheck Log

Thanks Chuck

Also i need the Malwarebytes log just so you don't forget !

ladybug895 · April 15, 2014

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 2/12/2011 5:06:24 AM
System Uptime: 4/14/2014 11:36:07 PM (18 hours ago)
.
Motherboard: Dell Inc. | | 0H8052
Processor: Intel® Pentium® 4 CPU 3.20GHz | Microprocessor | 3192/800mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 75 GiB total, 40.393 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1177: 2/10/2014 3:08:13 PM - System Checkpoint
RP1178: 2/11/2014 4:08:13 PM - System Checkpoint
RP1179: 2/12/2014 3:00:17 AM - Software Distribution Service 3.0
RP1180: 2/13/2014 1:02:48 PM - System Checkpoint
RP1181: 2/14/2014 2:02:43 PM - System Checkpoint
RP1182: 2/15/2014 3:02:43 PM - System Checkpoint
RP1183: 2/16/2014 3:05:03 PM - System Checkpoint
RP1184: 2/17/2014 4:04:58 PM - System Checkpoint
RP1185: 2/18/2014 5:04:58 PM - System Checkpoint
RP1186: 2/19/2014 5:32:58 PM - System Checkpoint
RP1187: 2/20/2014 4:04:36 PM - Installed Microsoft PowerPoint Viewer
RP1188: 2/21/2014 4:44:33 PM - Installed iTunes
RP1189: 2/22/2014 5:12:42 PM - System Checkpoint
RP1190: 2/23/2014 5:25:26 PM - System Checkpoint
RP1191: 2/24/2014 6:20:09 PM - System Checkpoint
RP1192: 2/25/2014 7:09:06 PM - System Checkpoint
RP1193: 2/26/2014 8:08:38 PM - System Checkpoint
RP1194: 2/27/2014 9:18:15 PM - System Checkpoint
RP1195: 2/28/2014 9:58:52 PM - System Checkpoint
RP1196: 3/1/2014 10:51:57 PM - System Checkpoint
RP1197: 3/2/2014 10:57:47 PM - System Checkpoint
RP1198: 3/4/2014 1:04:32 AM - System Checkpoint
RP1199: 3/5/2014 1:33:14 AM - System Checkpoint
RP1200: 3/6/2014 1:42:02 AM - System Checkpoint
RP1201: 3/7/2014 2:36:43 AM - System Checkpoint
RP1202: 3/8/2014 3:31:24 AM - System Checkpoint
RP1203: 3/9/2014 5:26:29 AM - System Checkpoint
RP1204: 3/10/2014 6:24:15 AM - System Checkpoint
RP1205: 3/11/2014 7:18:52 AM - System Checkpoint
RP1206: 3/12/2014 7:51:11 AM - System Checkpoint
RP1207: 3/12/2014 9:56:39 AM - Software Distribution Service 3.0
RP1208: 3/13/2014 10:08:32 AM - System Checkpoint
RP1209: 3/14/2014 11:09:05 AM - System Checkpoint
RP1210: 3/15/2014 11:57:33 AM - System Checkpoint
RP1211: 3/16/2014 12:51:57 PM - System Checkpoint
RP1212: 3/17/2014 1:46:28 PM - System Checkpoint
RP1213: 3/17/2014 2:42:21 PM - Configured SoundMAX
RP1214: 3/17/2014 2:42:53 PM - Installed SoundMAX
RP1215: 3/17/2014 9:01:40 PM - Software Distribution Service 3.0
RP1216: 3/18/2014 9:15:41 PM - System Checkpoint
RP1217: 3/19/2014 9:18:40 PM - System Checkpoint
RP1218: 3/20/2014 9:51:23 PM - System Checkpoint
RP1219: 3/21/2014 10:46:12 PM - System Checkpoint
RP1220: 3/22/2014 11:45:33 PM - System Checkpoint
RP1221: 3/24/2014 12:37:49 AM - System Checkpoint
RP1222: 3/25/2014 1:32:15 AM - System Checkpoint
RP1223: 3/26/2014 2:25:52 AM - System Checkpoint
RP1224: 3/27/2014 2:00:39 AM - Software Distribution Service 3.0
RP1225: 3/28/2014 2:18:38 AM - System Checkpoint
RP1226: 3/29/2014 3:13:11 AM - System Checkpoint
RP1227: 3/30/2014 3:15:25 AM - System Checkpoint
RP1228: 3/31/2014 4:04:03 AM - System Checkpoint
RP1229: 4/1/2014 4:58:34 AM - System Checkpoint
RP1230: 4/2/2014 5:50:53 AM - System Checkpoint
RP1231: 4/3/2014 6:46:18 AM - System Checkpoint
RP1232: 4/4/2014 7:41:52 AM - System Checkpoint
RP1233: 4/5/2014 9:06:08 AM - System Checkpoint
RP1234: 4/6/2014 9:50:03 AM - System Checkpoint
RP1235: 4/7/2014 10:44:35 AM - System Checkpoint
RP1236: 4/8/2014 10:30:51 AM - Software Distribution Service 3.0
RP1237: 4/8/2014 3:16:16 PM - Removed Microsoft Silverlight
RP1238: 4/8/2014 3:18:17 PM - Removed Windows Live Upload Tool
RP1239: 4/8/2014 3:18:41 PM - Removed Windows Live Sign-in Assistant
RP1240: 4/8/2014 3:24:20 PM - Configured SoundMAX
RP1241: 4/8/2014 3:24:51 PM - Installed SoundMAX
RP1242: 4/8/2014 4:51:54 PM - DriverUpdate Installing Drivers
RP1243: 4/8/2014 5:01:02 PM - Removed Broadcom Gigabit Integrated Controller
RP1244: 4/8/2014 5:01:45 PM - Installed Broadcom NetXtreme-I Netlink Driver and Management Installer.
RP1245: 4/8/2014 6:36:20 PM - DriverUpdate Installing Drivers
RP1246: 4/8/2014 7:02:13 PM - Removed DriverUpdate
RP1247: 4/8/2014 7:15:02 PM - Uniblue SpeedUpMyPC installation
RP1248: 4/9/2014 11:57:43 AM - avast! antivirus system restore point
RP1249: 4/9/2014 12:37:53 PM - avast! antivirus system restore point
RP1250: 4/9/2014 2:28:24 PM - Software Distribution Service 3.0
RP1251: 4/10/2014 3:12:58 PM - System Checkpoint
RP1252: 4/11/2014 3:23:02 PM - System Checkpoint
RP1253: 4/12/2014 4:18:39 PM - System Checkpoint
RP1254: 4/13/2014 5:14:18 PM - System Checkpoint
RP1255: 4/15/2014 12:09:24 AM - System Checkpoint
RP1256: 4/15/2014 2:06:20 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe Flash Player 12 ActiveX
avast! Internet Security
AVG 2014
Free Window Sweeper
Google Chrome
Google Update Helper
Malwarebytes Anti-Malware version 2.0.1.1004
Security Update for Windows Internet Explorer 8 (KB2936068)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2922229)
.
==== Event Viewer Messages From Past Week ========
.
4/9/2014 5:24:52 PM, error: Service Control Manager [7000] - The AVGIDSAgent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/9/2014 5:24:50 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the AVGIDSAgent service to connect.
4/9/2014 2:17:10 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: hlnfd
4/9/2014 12:57:06 PM, error: Service Control Manager [7034] - The TCP/IP NetBIOS Helper service terminated unexpectedly. It has done this 1 time(s).
4/9/2014 12:57:06 PM, error: Service Control Manager [7034] - The SSDP Discovery Service service terminated unexpectedly. It has done this 1 time(s).
4/9/2014 12:57:06 PM, error: Service Control Manager [7031] - The Remote Registry service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
4/9/2014 12:36:24 PM, error: Service Control Manager [7000] - The vsacqnnz service failed to start due to the following error: The system cannot find the file specified.
4/9/2014 12:15:55 PM, error: DCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {EBE666C3-F26C-4CF6-8ABA-3D5F5D2625E1} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission can be modified using the Component Services administrative tool.
4/9/2014 12:13:15 PM, error: Service Control Manager [7000] - The Update Laflurla service failed to start due to the following error: The system cannot find the file specified.
4/9/2014 12:12:14 PM, error: DCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {EBE666C3-F26C-4CF6-8ABA-3D5F5D2625E1} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool.
4/9/2014 11:45:54 AM, error: Service Control Manager [7000] - The axjbfvzv service failed to start due to the following error: The system cannot find the file specified.
4/9/2014 11:34:38 AM, error: Service Control Manager [7034] - The Search Protect by Conduit Service service terminated unexpectedly. It has done this 1 time(s).
4/9/2014 10:59:35 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Util Laflurla service.
4/9/2014 1:06:38 PM, error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/9/2014 1:06:37 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.
4/9/2014 1:06:16 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
4/8/2014 8:44:12 PM, error: Service Control Manager [7022] - The Wajam Internet Enhancer Service service hung on starting.
4/8/2014 7:24:10 PM, error: Service Control Manager [7000] - The NewPlayer Updater Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/8/2014 7:24:09 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the NewPlayer Updater Service service to connect.
4/8/2014 6:10:52 PM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.
4/8/2014 5:10:14 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the avgwd service.
4/8/2014 2:57:06 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
4/8/2014 2:57:06 PM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/8/2014 12:29:49 PM, error: Service Control Manager [7000] - The TelevisionFanaticService service failed to start due to the following error: The system cannot find the file specified.
4/8/2014 12:29:49 PM, error: Service Control Manager [7000] - The RadioRageService service failed to start due to the following error: The system cannot find the file specified.
4/8/2014 12:29:07 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
4/8/2014 10:38:25 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Computer Backup (MyPC Backup) service to connect.
4/8/2014 10:38:25 PM, error: Service Control Manager [7000] - The Computer Backup (MyPC Backup) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/15/2014 9:42:36 AM, error: Service Control Manager [7024] - The AVGIDSAgent service terminated with service-specific error 3758213661 (0xE001CA1D).
4/14/2014 8:09:00 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
4/14/2014 8:08:27 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the iPod Service service to connect.
4/14/2014 8:08:27 PM, error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/14/2014 8:07:51 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Pml Driver HPZ12 service to connect.
4/14/2014 8:07:51 PM, error: Service Control Manager [7000] - The Pml Driver HPZ12 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/14/2014 7:15:15 PM, error: Schedule [7901] - The At2.job command failed to start due to the following error: %%2147942403
4/14/2014 7:15:13 PM, error: Schedule [7901] - The At1.job command failed to start due to the following error: %%2147942403
4/14/2014 7:05:02 PM, error: Service Control Manager [7000] - The Wajam Internet Enhancer Service service failed to start due to the following error: The system cannot find the file specified.
4/14/2014 7:05:02 PM, error: Service Control Manager [7000] - The Search Protect by Conduit Service service failed to start due to the following error: The system cannot find the path specified.
4/14/2014 7:05:02 PM, error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/14/2014 7:05:01 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Apple Mobile Device service to connect.
4/14/2014 6:54:48 PM, error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
4/14/2014 6:54:48 PM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/14/2014 6:54:48 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Wajam Internet Enhancer Service service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Computer Backup (MyPC Backup) service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Broadcom Management Agent service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
4/14/2014 6:52:30 PM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/14/2014 6:52:30 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/14/2014 11:03:52 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.
4/14/2014 10:48:54 PM, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).
4/10/2014 8:09:27 AM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
4/10/2014 7:49:38 AM, error: Service Control Manager [7000] - The TelevisionFanaticService service failed to start due to the following error: The system cannot find the path specified.
.
==== End Of File ===========================

ladybug895 · April 15, 2014

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Administrator at 17:46:42 on 2014-04-15
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.59 [GMT -5:00]
.
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Flash Update\winclient32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.

uProxyServer = hxxp=127.0.0.1:1546;https=127.0.0.1:1546
uProxyOverride = <-loopback>
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
mWinlogon: Userinit = c:\windows\system32\userinit.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [zoUdechSLSwKJZdfXwMEoWYsVanyTgUGhEDeMdPUtUfZroLhGx] c:\documents and settings\administrator\local settings\application data\Crisis.exe
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb11.exe
mRun: [HPHUPD06] c:\program files\hp\{aac4fc36-8f89-4587-8dd3-ebc57c83374d}\hphupd06.exe
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [HPHmon06] c:\windows\system32\hphmon06.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [Windows Client Manager] c:\program files\flash update\winclient32.exe
mRun: [fst_us_27] <no file>
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-lsf?lic=TlVIRDQtWUg5UEUtTzNQNEUtUVJERUstR0RKWjctVk9YVUw"&"inst=NzctOTQyODc3MzcxLU4xKzEtVklQKzEtVFVHKzMtRkkrMS1GTDEwKzEtTFNEKzItRERUKzAtU1QxMEFQUCsxLUREMTArMS1TVDEyT0krMS1FVUxBKzEtU1QxMkFQUCsxLVNUMTJGQVBQKzE"&"prod=55"&"ver=2012.0.1834"&"mid=1d772f946f7a47d6a6ffd15b79a6277a-98068252906bc42bbade9493ef22ef469d53e47f
uExplorerRun: [Policies] c:\program files\java\java.exe
mExplorerRun: [Policies] c:\program files\java\java.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

TCP: NameServer = 192.168.1.254
TCP: Interfaces\{7D34DF27-1C96-4169-B78F-FBD4AAC65D36} : DHCPNameServer = 192.168.1.254
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Authentication Packages = msv1_0 nwprovau
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\34.0.1847.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {J1C03LFT-D10V-35H7-Y3US-D8D16X05341A} - c:\program files\java\java.exe Restart
IFEO: DatamngrCoordinator.exe - tasklist.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\opm5vmj3.default-1397016665796\

FF - plugin: c:\program files\google\update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_77.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
.
============= SERVICES / DRIVERS ===============
.
R? AVGIDSAgent;AVGIDSAgent
R? axjbfvzv;axjbfvzv
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? cpuz134;cpuz134
R? ssmirrdr;ssmirrdr
R? SWDUMon;SWDUMon
R? Update Laflurla;Update Laflurla
R? Wajam Internet Enhancer Service;Wajam Internet Enhancer Service
R? WinRM;Windows Remote Management (WS-Management)
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? aswKbd;aswKbd
S? aswMonFlt;aswMonFlt
S? aswNdis;avast! Firewall NDIS Filter Service
S? aswNdis2;avast! Firewall NDIS Driver
S? aswRvrt;avast! Revert
S? aswSnx;aswSnx
S? aswSP;aswSP
S? aswVmm;avast! VM Monitor
S? avast! Antivirus;avast! Antivirus
S? avast! Firewall;avast! Firewall
S? Avgdiskx;AVG Disk Driver
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSHX;AVGIDSHX
S? AVGIDSShim;AVGIDSShim
S? Avgldx86;AVG AVI Loader Driver
S? Avglogx;AVG Logging Driver
S? Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx86;AVG Anti-Rootkit Driver
S? Avgtdix;AVG TDI Driver
S? avgwd;AVG WatchDog
S? BrcmMgmtAgent;Broadcom Management Agent
S? tStLibG;tStLibG
.
=============== Created Last 30 ================
.
2014-04-15 03:49:20   107736   ----a-w-   c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-15 03:46:06   50648   ----a-w-   c:\windows\system32\drivers\mbamchameleon.sys
2014-04-15 03:46:05   23256   ----a-w-   c:\windows\system32\drivers\mbam.sys
2014-04-15 03:46:03   --------   d-----w-   c:\program files\Malwarebytes Anti-Malware
2014-04-15 03:46:03   --------   d-----w-   c:\documents and settings\all users\application data\Malwarebytes
2014-04-15 03:15:10   --------   d-----w-   c:\windows\ERUNT
2014-04-14 23:49:40   --------   d-----w-   C:\AdwCleaner
2014-04-10 12:22:13   --------   d-----w-   c:\program files\Free Window Sweeper
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\mozilla firefox\plugins\npqtplugin5.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\mozilla firefox\plugins\npqtplugin4.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\mozilla firefox\plugins\npqtplugin3.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\mozilla firefox\plugins\npqtplugin2.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\mozilla firefox\plugins\npqtplugin.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin5.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin4.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin3.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin2.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin.dll
2014-04-10 04:23:50   9652096   ----a-w-   C:\TRANSLATE
2014-04-10 03:23:52   --------   d-----w-   c:\program files\002
2014-04-10 03:12:19   --------   d-----w-   c:\windows\system\Newrestore Folder
2014-04-09 17:59:02   --------   d-----w-   c:\documents and settings\administrator\application data\AVAST Software
2014-04-09 17:47:36   776976   ----a-w-   c:\windows\system32\drivers\aswSnx.sys
2014-04-09 17:47:36   180760   ----a-w-   c:\windows\system32\drivers\aswVmm.sys
2014-04-09 17:47:35   67824   ----a-w-   c:\windows\system32\drivers\aswMonFlt.sys
2014-04-09 17:47:35   49944   ----a-w-   c:\windows\system32\drivers\aswRvrt.sys
2014-04-09 17:47:33   26136   ----a-w-   c:\windows\system32\drivers\aswKbd.sys
2014-04-09 17:47:33   252208   ----a-w-   c:\windows\system32\drivers\aswNdis2.sys
2014-04-09 17:47:02   43152   ----a-w-   c:\windows\avastSS.scr
2014-04-09 17:44:56   12112   ----a-w-   c:\windows\system32\drivers\aswNdis.sys
2014-04-09 16:57:44   --------   d-----w-   c:\program files\AVAST Software
2014-04-09 16:45:36   --------   d-----w-   c:\documents and settings\all users\application data\AVAST Software
2014-04-09 16:39:13   295080   ----a-w-   c:\windows\system32\SecureAssist.dll
2014-04-09 16:33:29   --------   d-----w-   C:\temp
2014-04-09 16:14:33   --------   d-----w-   c:\program files\003
2014-04-09 05:32:52   55224   ----a-w-   c:\windows\system32\drivers\tStLibG.sys
2014-04-09 04:03:21   --------   d-----w-   c:\program files\Flash Update
2014-04-09 03:59:35   --------   d-----w-   c:\program files\Laflurla
2014-04-09 01:22:43   --------   d-----w-   c:\program files\BlockAndSurf Corp
2014-04-09 01:20:14   --------   d-----w-   c:\program files\Convert Files for Free
2014-04-09 01:14:15   --------   d-----w-   c:\documents and settings\administrator\.android
2014-04-09 01:14:04   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\cache
2014-04-09 01:05:01   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\com
2014-04-08 22:44:11   --------   d-----w-   c:\documents and settings\administrator\application data\supportdotcom
2014-04-08 22:42:10   --------   d-----w-   c:\program files\common files\supportdotcom
2014-04-08 22:08:52   53248   ----a-w-   c:\windows\system32\CSVer.dll
2014-04-08 22:08:07   --------   d-----w-   C:\Intel
2014-04-08 22:03:25   89600   ----a-w-   c:\windows\system32\Baspxp32.dll
2014-04-08 22:00:01   --------   d-----w-   c:\windows\Dell
2014-04-08 21:57:59   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\Downloaded Installations
2014-04-08 21:33:40   13464   ----a-w-   c:\windows\system32\drivers\SWDUMon.sys
2014-04-08 21:33:10   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\SlimWare Utilities Inc
2014-04-08 18:52:47   --------   d-----w-   C:\Inetpub
2014-03-26 22:21:55   13312   -c----w-   c:\windows\system32\dllcache\xp_eos.exe
2014-03-26 22:21:55   13312   ------w-   c:\windows\system32\xp_eos.exe
2014-03-21 16:46:46   152848   ----a-w-   c:\windows\system32\comdlg32.ocx
2014-03-21 16:46:46   1081616   ----a-w-   c:\windows\system32\mscomctl.ocx
2014-03-17 19:53:31   --------   d-----w-   c:\documents and settings\all users\application data\Auslogics
2014-03-17 19:48:43   --------   d-----w-   c:\program files\Auslogics
2014-03-17 19:07:05   --------   d-----w-   c:\documents and settings\all users\application data\CDB
.
==================== Find3M ====================
.
2014-04-09 19:32:57   692616   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2014-04-09 19:32:54   71048   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2014-04-02 02:07:04   199448   ----a-w-   c:\windows\system32\drivers\avgidsdriverx.sys
2014-03-31 21:11:58   211224   ----a-w-   c:\windows\system32\drivers\avgtdix.sys
2014-03-28 03:15:18   193304   ----a-w-   c:\windows\system32\drivers\avgldx86.sys
2014-03-28 03:14:40   123160   ----a-w-   c:\windows\system32\drivers\avgdiskx.sys
2014-03-28 03:04:22   150296   ----a-w-   c:\windows\system32\drivers\avgidshx.sys
2014-03-28 03:04:02   238872   ----a-w-   c:\windows\system32\drivers\avglogx.sys
2014-03-28 03:03:22   28440   ----a-w-   c:\windows\system32\drivers\avgrkx86.sys
2014-03-28 03:03:20   22296   ----a-w-   c:\windows\system32\drivers\avgidsshimx.sys
2014-03-06 17:59:23   920064   ----a-w-   c:\windows\system32\wininet.dll
2014-03-06 17:59:22   43520   ----a-w-   c:\windows\system32\licmgr10.dll
2014-03-06 17:59:22   18944   ----a-w-   c:\windows\system32\corpol.dll
2014-03-06 17:59:22   1469440   ------w-   c:\windows\system32\inetcpl.cpl
2014-03-06 00:46:54   385024   ----a-w-   c:\windows\system32\html.iec
2014-02-07 02:01:37   1879040   ----a-w-   c:\windows\system32\win32k.sys
2014-02-05 08:55:04   562688   ----a-w-   c:\windows\system32\qedit.dll
.
============= FINISH: 17:49:21.54 ===============

ladybug895 · April 15, 2014

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Administrator at 17:46:42 on 2014-04-15
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.59 [GMT -5:00]
.
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Flash Update\winclient32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.

uProxyServer = hxxp=127.0.0.1:1546;https=127.0.0.1:1546
uProxyOverride = <-loopback>
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
mWinlogon: Userinit = c:\windows\system32\userinit.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [zoUdechSLSwKJZdfXwMEoWYsVanyTgUGhEDeMdPUtUfZroLhGx] c:\documents and settings\administrator\local settings\application data\Crisis.exe
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb11.exe
mRun: [HPHUPD06] c:\program files\hp\{aac4fc36-8f89-4587-8dd3-ebc57c83374d}\hphupd06.exe
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [HPHmon06] c:\windows\system32\hphmon06.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [Windows Client Manager] c:\program files\flash update\winclient32.exe
mRun: [fst_us_27] <no file>
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-lsf?lic=TlVIRDQtWUg5UEUtTzNQNEUtUVJERUstR0RKWjctVk9YVUw"&"inst=NzctOTQyODc3MzcxLU4xKzEtVklQKzEtVFVHKzMtRkkrMS1GTDEwKzEtTFNEKzItRERUKzAtU1QxMEFQUCsxLUREMTArMS1TVDEyT0krMS1FVUxBKzEtU1QxMkFQUCsxLVNUMTJGQVBQKzE"&"prod=55"&"ver=2012.0.1834"&"mid=1d772f946f7a47d6a6ffd15b79a6277a-98068252906bc42bbade9493ef22ef469d53e47f
uExplorerRun: [Policies] c:\program files\java\java.exe
mExplorerRun: [Policies] c:\program files\java\java.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

TCP: NameServer = 192.168.1.254
TCP: Interfaces\{7D34DF27-1C96-4169-B78F-FBD4AAC65D36} : DHCPNameServer = 192.168.1.254
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Authentication Packages = msv1_0 nwprovau
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\34.0.1847.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {J1C03LFT-D10V-35H7-Y3US-D8D16X05341A} - c:\program files\java\java.exe Restart
IFEO: DatamngrCoordinator.exe - tasklist.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\opm5vmj3.default-1397016665796\

FF - plugin: c:\program files\google\update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_77.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
.
============= SERVICES / DRIVERS ===============
.
R? AVGIDSAgent;AVGIDSAgent
R? axjbfvzv;axjbfvzv
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? cpuz134;cpuz134
R? ssmirrdr;ssmirrdr
R? SWDUMon;SWDUMon
R? Update Laflurla;Update Laflurla
R? Wajam Internet Enhancer Service;Wajam Internet Enhancer Service
R? WinRM;Windows Remote Management (WS-Management)
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? aswKbd;aswKbd
S? aswMonFlt;aswMonFlt
S? aswNdis;avast! Firewall NDIS Filter Service
S? aswNdis2;avast! Firewall NDIS Driver
S? aswRvrt;avast! Revert
S? aswSnx;aswSnx
S? aswSP;aswSP
S? aswVmm;avast! VM Monitor
S? avast! Antivirus;avast! Antivirus
S? avast! Firewall;avast! Firewall
S? Avgdiskx;AVG Disk Driver
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSHX;AVGIDSHX
S? AVGIDSShim;AVGIDSShim
S? Avgldx86;AVG AVI Loader Driver
S? Avglogx;AVG Logging Driver
S? Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx86;AVG Anti-Rootkit Driver
S? Avgtdix;AVG TDI Driver
S? avgwd;AVG WatchDog
S? BrcmMgmtAgent;Broadcom Management Agent
S? tStLibG;tStLibG
.
=============== Created Last 30 ================
.
2014-04-15 03:49:20   107736   ----a-w-   c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-15 03:46:06   50648   ----a-w-   c:\windows\system32\drivers\mbamchameleon.sys
2014-04-15 03:46:05   23256   ----a-w-   c:\windows\system32\drivers\mbam.sys
2014-04-15 03:46:03   --------   d-----w-   c:\program files\Malwarebytes Anti-Malware
2014-04-15 03:46:03   --------   d-----w-   c:\documents and settings\all users\application data\Malwarebytes
2014-04-15 03:15:10   --------   d-----w-   c:\windows\ERUNT
2014-04-14 23:49:40   --------   d-----w-   C:\AdwCleaner
2014-04-10 12:22:13   --------   d-----w-   c:\program files\Free Window Sweeper
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\mozilla firefox\plugins\npqtplugin5.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\mozilla firefox\plugins\npqtplugin4.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\mozilla firefox\plugins\npqtplugin3.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\mozilla firefox\plugins\npqtplugin2.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\mozilla firefox\plugins\npqtplugin.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin5.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin4.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin3.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin2.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin.dll
2014-04-10 04:23:50   9652096   ----a-w-   C:\TRANSLATE
2014-04-10 03:23:52   --------   d-----w-   c:\program files\002
2014-04-10 03:12:19   --------   d-----w-   c:\windows\system\Newrestore Folder
2014-04-09 17:59:02   --------   d-----w-   c:\documents and settings\administrator\application data\AVAST Software
2014-04-09 17:47:36   776976   ----a-w-   c:\windows\system32\drivers\aswSnx.sys
2014-04-09 17:47:36   180760   ----a-w-   c:\windows\system32\drivers\aswVmm.sys
2014-04-09 17:47:35   67824   ----a-w-   c:\windows\system32\drivers\aswMonFlt.sys
2014-04-09 17:47:35   49944   ----a-w-   c:\windows\system32\drivers\aswRvrt.sys
2014-04-09 17:47:33   26136   ----a-w-   c:\windows\system32\drivers\aswKbd.sys
2014-04-09 17:47:33   252208   ----a-w-   c:\windows\system32\drivers\aswNdis2.sys
2014-04-09 17:47:02   43152   ----a-w-   c:\windows\avastSS.scr
2014-04-09 17:44:56   12112   ----a-w-   c:\windows\system32\drivers\aswNdis.sys
2014-04-09 16:57:44   --------   d-----w-   c:\program files\AVAST Software
2014-04-09 16:45:36   --------   d-----w-   c:\documents and settings\all users\application data\AVAST Software
2014-04-09 16:39:13   295080   ----a-w-   c:\windows\system32\SecureAssist.dll
2014-04-09 16:33:29   --------   d-----w-   C:\temp
2014-04-09 16:14:33   --------   d-----w-   c:\program files\003
2014-04-09 05:32:52   55224   ----a-w-   c:\windows\system32\drivers\tStLibG.sys
2014-04-09 04:03:21   --------   d-----w-   c:\program files\Flash Update
2014-04-09 03:59:35   --------   d-----w-   c:\program files\Laflurla
2014-04-09 01:22:43   --------   d-----w-   c:\program files\BlockAndSurf Corp
2014-04-09 01:20:14   --------   d-----w-   c:\program files\Convert Files for Free
2014-04-09 01:14:15   --------   d-----w-   c:\documents and settings\administrator\.android
2014-04-09 01:14:04   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\cache
2014-04-09 01:05:01   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\com
2014-04-08 22:44:11   --------   d-----w-   c:\documents and settings\administrator\application data\supportdotcom
2014-04-08 22:42:10   --------   d-----w-   c:\program files\common files\supportdotcom
2014-04-08 22:08:52   53248   ----a-w-   c:\windows\system32\CSVer.dll
2014-04-08 22:08:07   --------   d-----w-   C:\Intel
2014-04-08 22:03:25   89600   ----a-w-   c:\windows\system32\Baspxp32.dll
2014-04-08 22:00:01   --------   d-----w-   c:\windows\Dell
2014-04-08 21:57:59   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\Downloaded Installations
2014-04-08 21:33:40   13464   ----a-w-   c:\windows\system32\drivers\SWDUMon.sys
2014-04-08 21:33:10   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\SlimWare Utilities Inc
2014-04-08 18:52:47   --------   d-----w-   C:\Inetpub
2014-03-26 22:21:55   13312   -c----w-   c:\windows\system32\dllcache\xp_eos.exe
2014-03-26 22:21:55   13312   ------w-   c:\windows\system32\xp_eos.exe
2014-03-21 16:46:46   152848   ----a-w-   c:\windows\system32\comdlg32.ocx
2014-03-21 16:46:46   1081616   ----a-w-   c:\windows\system32\mscomctl.ocx
2014-03-17 19:53:31   --------   d-----w-   c:\documents and settings\all users\application data\Auslogics
2014-03-17 19:48:43   --------   d-----w-   c:\program files\Auslogics
2014-03-17 19:07:05   --------   d-----w-   c:\documents and settings\all users\application data\CDB
.
==================== Find3M ====================
.
2014-04-09 19:32:57   692616   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2014-04-09 19:32:54   71048   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2014-04-02 02:07:04   199448   ----a-w-   c:\windows\system32\drivers\avgidsdriverx.sys
2014-03-31 21:11:58   211224   ----a-w-   c:\windows\system32\drivers\avgtdix.sys
2014-03-28 03:15:18   193304   ----a-w-   c:\windows\system32\drivers\avgldx86.sys
2014-03-28 03:14:40   123160   ----a-w-   c:\windows\system32\drivers\avgdiskx.sys
2014-03-28 03:04:22   150296   ----a-w-   c:\windows\system32\drivers\avgidshx.sys
2014-03-28 03:04:02   238872   ----a-w-   c:\windows\system32\drivers\avglogx.sys
2014-03-28 03:03:22   28440   ----a-w-   c:\windows\system32\drivers\avgrkx86.sys
2014-03-28 03:03:20   22296   ----a-w-   c:\windows\system32\drivers\avgidsshimx.sys
2014-03-06 17:59:23   920064   ----a-w-   c:\windows\system32\wininet.dll
2014-03-06 17:59:22   43520   ----a-w-   c:\windows\system32\licmgr10.dll
2014-03-06 17:59:22   18944   ----a-w-   c:\windows\system32\corpol.dll
2014-03-06 17:59:22   1469440   ------w-   c:\windows\system32\inetcpl.cpl
2014-03-06 00:46:54   385024   ----a-w-   c:\windows\system32\html.iec
2014-02-07 02:01:37   1879040   ----a-w-   c:\windows\system32\win32k.sys
2014-02-05 08:55:04   562688   ----a-w-   c:\windows\system32\qedit.dll
.
============= FINISH: 17:49:21.54 ===============

ladybug895 · April 15, 2014

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Administrator at 17:46:42 on 2014-04-15
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.59 [GMT -5:00]
.
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Flash Update\winclient32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.

uProxyServer = hxxp=127.0.0.1:1546;https=127.0.0.1:1546
uProxyOverride = <-loopback>
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
mWinlogon: Userinit = c:\windows\system32\userinit.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe,c:\windows\system32\windupdt\winupdate.exe
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [zoUdechSLSwKJZdfXwMEoWYsVanyTgUGhEDeMdPUtUfZroLhGx] c:\documents and settings\administrator\local settings\application data\Crisis.exe
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb11.exe
mRun: [HPHUPD06] c:\program files\hp\{aac4fc36-8f89-4587-8dd3-ebc57c83374d}\hphupd06.exe
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [HPHmon06] c:\windows\system32\hphmon06.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [Windows Client Manager] c:\program files\flash update\winclient32.exe
mRun: [fst_us_27] <no file>
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-lsf?lic=TlVIRDQtWUg5UEUtTzNQNEUtUVJERUstR0RKWjctVk9YVUw"&"inst=NzctOTQyODc3MzcxLU4xKzEtVklQKzEtVFVHKzMtRkkrMS1GTDEwKzEtTFNEKzItRERUKzAtU1QxMEFQUCsxLUREMTArMS1TVDEyT0krMS1FVUxBKzEtU1QxMkFQUCsxLVNUMTJGQVBQKzE"&"prod=55"&"ver=2012.0.1834"&"mid=1d772f946f7a47d6a6ffd15b79a6277a-98068252906bc42bbade9493ef22ef469d53e47f
uExplorerRun: [Policies] c:\program files\java\java.exe
mExplorerRun: [Policies] c:\program files\java\java.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

TCP: NameServer = 192.168.1.254
TCP: Interfaces\{7D34DF27-1C96-4169-B78F-FBD4AAC65D36} : DHCPNameServer = 192.168.1.254
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Authentication Packages = msv1_0 nwprovau
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\34.0.1847.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {J1C03LFT-D10V-35H7-Y3US-D8D16X05341A} - c:\program files\java\java.exe Restart
IFEO: DatamngrCoordinator.exe - tasklist.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\opm5vmj3.default-1397016665796\

FF - plugin: c:\program files\google\update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_77.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
.
============= SERVICES / DRIVERS ===============
.
R? AVGIDSAgent;AVGIDSAgent
R? axjbfvzv;axjbfvzv
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? cpuz134;cpuz134
R? ssmirrdr;ssmirrdr
R? SWDUMon;SWDUMon
R? Update Laflurla;Update Laflurla
R? Wajam Internet Enhancer Service;Wajam Internet Enhancer Service
R? WinRM;Windows Remote Management (WS-Management)
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? aswKbd;aswKbd
S? aswMonFlt;aswMonFlt
S? aswNdis;avast! Firewall NDIS Filter Service
S? aswNdis2;avast! Firewall NDIS Driver
S? aswRvrt;avast! Revert
S? aswSnx;aswSnx
S? aswSP;aswSP
S? aswVmm;avast! VM Monitor
S? avast! Antivirus;avast! Antivirus
S? avast! Firewall;avast! Firewall
S? Avgdiskx;AVG Disk Driver
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSHX;AVGIDSHX
S? AVGIDSShim;AVGIDSShim
S? Avgldx86;AVG AVI Loader Driver
S? Avglogx;AVG Logging Driver
S? Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx86;AVG Anti-Rootkit Driver
S? Avgtdix;AVG TDI Driver
S? avgwd;AVG WatchDog
S? BrcmMgmtAgent;Broadcom Management Agent
S? tStLibG;tStLibG
.
=============== Created Last 30 ================
.
2014-04-15 03:49:20   107736   ----a-w-   c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-15 03:46:06   50648   ----a-w-   c:\windows\system32\drivers\mbamchameleon.sys
2014-04-15 03:46:05   23256   ----a-w-   c:\windows\system32\drivers\mbam.sys
2014-04-15 03:46:03   --------   d-----w-   c:\program files\Malwarebytes Anti-Malware
2014-04-15 03:46:03   --------   d-----w-   c:\documents and settings\all users\application data\Malwarebytes
2014-04-15 03:15:10   --------   d-----w-   c:\windows\ERUNT
2014-04-14 23:49:40   --------   d-----w-   C:\AdwCleaner
2014-04-10 12:22:13   --------   d-----w-   c:\program files\Free Window Sweeper
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\mozilla firefox\plugins\npqtplugin5.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\mozilla firefox\plugins\npqtplugin4.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\mozilla firefox\plugins\npqtplugin3.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\mozilla firefox\plugins\npqtplugin2.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\mozilla firefox\plugins\npqtplugin.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin5.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin4.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin3.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin2.dll
2014-04-10 05:33:14   159744   ----a-w-   c:\program files\internet explorer\plugins\npqtplugin.dll
2014-04-10 04:23:50   9652096   ----a-w-   C:\TRANSLATE
2014-04-10 03:23:52   --------   d-----w-   c:\program files\002
2014-04-10 03:12:19   --------   d-----w-   c:\windows\system\Newrestore Folder
2014-04-09 17:59:02   --------   d-----w-   c:\documents and settings\administrator\application data\AVAST Software
2014-04-09 17:47:36   776976   ----a-w-   c:\windows\system32\drivers\aswSnx.sys
2014-04-09 17:47:36   180760   ----a-w-   c:\windows\system32\drivers\aswVmm.sys
2014-04-09 17:47:35   67824   ----a-w-   c:\windows\system32\drivers\aswMonFlt.sys
2014-04-09 17:47:35   49944   ----a-w-   c:\windows\system32\drivers\aswRvrt.sys
2014-04-09 17:47:33   26136   ----a-w-   c:\windows\system32\drivers\aswKbd.sys
2014-04-09 17:47:33   252208   ----a-w-   c:\windows\system32\drivers\aswNdis2.sys
2014-04-09 17:47:02   43152   ----a-w-   c:\windows\avastSS.scr
2014-04-09 17:44:56   12112   ----a-w-   c:\windows\system32\drivers\aswNdis.sys
2014-04-09 16:57:44   --------   d-----w-   c:\program files\AVAST Software
2014-04-09 16:45:36   --------   d-----w-   c:\documents and settings\all users\application data\AVAST Software
2014-04-09 16:39:13   295080   ----a-w-   c:\windows\system32\SecureAssist.dll
2014-04-09 16:33:29   --------   d-----w-   C:\temp
2014-04-09 16:14:33   --------   d-----w-   c:\program files\003
2014-04-09 05:32:52   55224   ----a-w-   c:\windows\system32\drivers\tStLibG.sys
2014-04-09 04:03:21   --------   d-----w-   c:\program files\Flash Update
2014-04-09 03:59:35   --------   d-----w-   c:\program files\Laflurla
2014-04-09 01:22:43   --------   d-----w-   c:\program files\BlockAndSurf Corp
2014-04-09 01:20:14   --------   d-----w-   c:\program files\Convert Files for Free
2014-04-09 01:14:15   --------   d-----w-   c:\documents and settings\administrator\.android
2014-04-09 01:14:04   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\cache
2014-04-09 01:05:01   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\com
2014-04-08 22:44:11   --------   d-----w-   c:\documents and settings\administrator\application data\supportdotcom
2014-04-08 22:42:10   --------   d-----w-   c:\program files\common files\supportdotcom
2014-04-08 22:08:52   53248   ----a-w-   c:\windows\system32\CSVer.dll
2014-04-08 22:08:07   --------   d-----w-   C:\Intel
2014-04-08 22:03:25   89600   ----a-w-   c:\windows\system32\Baspxp32.dll
2014-04-08 22:00:01   --------   d-----w-   c:\windows\Dell
2014-04-08 21:57:59   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\Downloaded Installations
2014-04-08 21:33:40   13464   ----a-w-   c:\windows\system32\drivers\SWDUMon.sys
2014-04-08 21:33:10   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\SlimWare Utilities Inc
2014-04-08 18:52:47   --------   d-----w-   C:\Inetpub
2014-03-26 22:21:55   13312   -c----w-   c:\windows\system32\dllcache\xp_eos.exe
2014-03-26 22:21:55   13312   ------w-   c:\windows\system32\xp_eos.exe
2014-03-21 16:46:46   152848   ----a-w-   c:\windows\system32\comdlg32.ocx
2014-03-21 16:46:46   1081616   ----a-w-   c:\windows\system32\mscomctl.ocx
2014-03-17 19:53:31   --------   d-----w-   c:\documents and settings\all users\application data\Auslogics
2014-03-17 19:48:43   --------   d-----w-   c:\program files\Auslogics
2014-03-17 19:07:05   --------   d-----w-   c:\documents and settings\all users\application data\CDB
.
==================== Find3M ====================
.
2014-04-09 19:32:57   692616   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2014-04-09 19:32:54   71048   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2014-04-02 02:07:04   199448   ----a-w-   c:\windows\system32\drivers\avgidsdriverx.sys
2014-03-31 21:11:58   211224   ----a-w-   c:\windows\system32\drivers\avgtdix.sys
2014-03-28 03:15:18   193304   ----a-w-   c:\windows\system32\drivers\avgldx86.sys
2014-03-28 03:14:40   123160   ----a-w-   c:\windows\system32\drivers\avgdiskx.sys
2014-03-28 03:04:22   150296   ----a-w-   c:\windows\system32\drivers\avgidshx.sys
2014-03-28 03:04:02   238872   ----a-w-   c:\windows\system32\drivers\avglogx.sys
2014-03-28 03:03:22   28440   ----a-w-   c:\windows\system32\drivers\avgrkx86.sys
2014-03-28 03:03:20   22296   ----a-w-   c:\windows\system32\drivers\avgidsshimx.sys
2014-03-06 17:59:23   920064   ----a-w-   c:\windows\system32\wininet.dll
2014-03-06 17:59:22   43520   ----a-w-   c:\windows\system32\licmgr10.dll
2014-03-06 17:59:22   18944   ----a-w-   c:\windows\system32\corpol.dll
2014-03-06 17:59:22   1469440   ------w-   c:\windows\system32\inetcpl.cpl
2014-03-06 00:46:54   385024   ----a-w-   c:\windows\system32\html.iec
2014-02-07 02:01:37   1879040   ----a-w-   c:\windows\system32\win32k.sys
2014-02-05 08:55:04   562688   ----a-w-   c:\windows\system32\qedit.dll
.
============= FINISH: 17:49:21.54 ===============

ladybug895 · April 15, 2014

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 2/12/2011 5:06:24 AM
System Uptime: 4/14/2014 11:36:07 PM (18 hours ago)
.
Motherboard: Dell Inc. | | 0H8052
Processor: Intel® Pentium® 4 CPU 3.20GHz | Microprocessor | 3192/800mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 75 GiB total, 40.393 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1177: 2/10/2014 3:08:13 PM - System Checkpoint
RP1178: 2/11/2014 4:08:13 PM - System Checkpoint
RP1179: 2/12/2014 3:00:17 AM - Software Distribution Service 3.0
RP1180: 2/13/2014 1:02:48 PM - System Checkpoint
RP1181: 2/14/2014 2:02:43 PM - System Checkpoint
RP1182: 2/15/2014 3:02:43 PM - System Checkpoint
RP1183: 2/16/2014 3:05:03 PM - System Checkpoint
RP1184: 2/17/2014 4:04:58 PM - System Checkpoint
RP1185: 2/18/2014 5:04:58 PM - System Checkpoint
RP1186: 2/19/2014 5:32:58 PM - System Checkpoint
RP1187: 2/20/2014 4:04:36 PM - Installed Microsoft PowerPoint Viewer
RP1188: 2/21/2014 4:44:33 PM - Installed iTunes
RP1189: 2/22/2014 5:12:42 PM - System Checkpoint
RP1190: 2/23/2014 5:25:26 PM - System Checkpoint
RP1191: 2/24/2014 6:20:09 PM - System Checkpoint
RP1192: 2/25/2014 7:09:06 PM - System Checkpoint
RP1193: 2/26/2014 8:08:38 PM - System Checkpoint
RP1194: 2/27/2014 9:18:15 PM - System Checkpoint
RP1195: 2/28/2014 9:58:52 PM - System Checkpoint
RP1196: 3/1/2014 10:51:57 PM - System Checkpoint
RP1197: 3/2/2014 10:57:47 PM - System Checkpoint
RP1198: 3/4/2014 1:04:32 AM - System Checkpoint
RP1199: 3/5/2014 1:33:14 AM - System Checkpoint
RP1200: 3/6/2014 1:42:02 AM - System Checkpoint
RP1201: 3/7/2014 2:36:43 AM - System Checkpoint
RP1202: 3/8/2014 3:31:24 AM - System Checkpoint
RP1203: 3/9/2014 5:26:29 AM - System Checkpoint
RP1204: 3/10/2014 6:24:15 AM - System Checkpoint
RP1205: 3/11/2014 7:18:52 AM - System Checkpoint
RP1206: 3/12/2014 7:51:11 AM - System Checkpoint
RP1207: 3/12/2014 9:56:39 AM - Software Distribution Service 3.0
RP1208: 3/13/2014 10:08:32 AM - System Checkpoint
RP1209: 3/14/2014 11:09:05 AM - System Checkpoint
RP1210: 3/15/2014 11:57:33 AM - System Checkpoint
RP1211: 3/16/2014 12:51:57 PM - System Checkpoint
RP1212: 3/17/2014 1:46:28 PM - System Checkpoint
RP1213: 3/17/2014 2:42:21 PM - Configured SoundMAX
RP1214: 3/17/2014 2:42:53 PM - Installed SoundMAX
RP1215: 3/17/2014 9:01:40 PM - Software Distribution Service 3.0
RP1216: 3/18/2014 9:15:41 PM - System Checkpoint
RP1217: 3/19/2014 9:18:40 PM - System Checkpoint
RP1218: 3/20/2014 9:51:23 PM - System Checkpoint
RP1219: 3/21/2014 10:46:12 PM - System Checkpoint
RP1220: 3/22/2014 11:45:33 PM - System Checkpoint
RP1221: 3/24/2014 12:37:49 AM - System Checkpoint
RP1222: 3/25/2014 1:32:15 AM - System Checkpoint
RP1223: 3/26/2014 2:25:52 AM - System Checkpoint
RP1224: 3/27/2014 2:00:39 AM - Software Distribution Service 3.0
RP1225: 3/28/2014 2:18:38 AM - System Checkpoint
RP1226: 3/29/2014 3:13:11 AM - System Checkpoint
RP1227: 3/30/2014 3:15:25 AM - System Checkpoint
RP1228: 3/31/2014 4:04:03 AM - System Checkpoint
RP1229: 4/1/2014 4:58:34 AM - System Checkpoint
RP1230: 4/2/2014 5:50:53 AM - System Checkpoint
RP1231: 4/3/2014 6:46:18 AM - System Checkpoint
RP1232: 4/4/2014 7:41:52 AM - System Checkpoint
RP1233: 4/5/2014 9:06:08 AM - System Checkpoint
RP1234: 4/6/2014 9:50:03 AM - System Checkpoint
RP1235: 4/7/2014 10:44:35 AM - System Checkpoint
RP1236: 4/8/2014 10:30:51 AM - Software Distribution Service 3.0
RP1237: 4/8/2014 3:16:16 PM - Removed Microsoft Silverlight
RP1238: 4/8/2014 3:18:17 PM - Removed Windows Live Upload Tool
RP1239: 4/8/2014 3:18:41 PM - Removed Windows Live Sign-in Assistant
RP1240: 4/8/2014 3:24:20 PM - Configured SoundMAX
RP1241: 4/8/2014 3:24:51 PM - Installed SoundMAX
RP1242: 4/8/2014 4:51:54 PM - DriverUpdate Installing Drivers
RP1243: 4/8/2014 5:01:02 PM - Removed Broadcom Gigabit Integrated Controller
RP1244: 4/8/2014 5:01:45 PM - Installed Broadcom NetXtreme-I Netlink Driver and Management Installer.
RP1245: 4/8/2014 6:36:20 PM - DriverUpdate Installing Drivers
RP1246: 4/8/2014 7:02:13 PM - Removed DriverUpdate
RP1247: 4/8/2014 7:15:02 PM - Uniblue SpeedUpMyPC installation
RP1248: 4/9/2014 11:57:43 AM - avast! antivirus system restore point
RP1249: 4/9/2014 12:37:53 PM - avast! antivirus system restore point
RP1250: 4/9/2014 2:28:24 PM - Software Distribution Service 3.0
RP1251: 4/10/2014 3:12:58 PM - System Checkpoint
RP1252: 4/11/2014 3:23:02 PM - System Checkpoint
RP1253: 4/12/2014 4:18:39 PM - System Checkpoint
RP1254: 4/13/2014 5:14:18 PM - System Checkpoint
RP1255: 4/15/2014 12:09:24 AM - System Checkpoint
RP1256: 4/15/2014 2:06:20 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe Flash Player 12 ActiveX
avast! Internet Security
AVG 2014
Free Window Sweeper
Google Chrome
Google Update Helper
Malwarebytes Anti-Malware version 2.0.1.1004
Security Update for Windows Internet Explorer 8 (KB2936068)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2922229)
.
==== Event Viewer Messages From Past Week ========
.
4/9/2014 5:24:52 PM, error: Service Control Manager [7000] - The AVGIDSAgent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/9/2014 5:24:50 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the AVGIDSAgent service to connect.
4/9/2014 2:17:10 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: hlnfd
4/9/2014 12:57:06 PM, error: Service Control Manager [7034] - The TCP/IP NetBIOS Helper service terminated unexpectedly. It has done this 1 time(s).
4/9/2014 12:57:06 PM, error: Service Control Manager [7034] - The SSDP Discovery Service service terminated unexpectedly. It has done this 1 time(s).
4/9/2014 12:57:06 PM, error: Service Control Manager [7031] - The Remote Registry service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
4/9/2014 12:36:24 PM, error: Service Control Manager [7000] - The vsacqnnz service failed to start due to the following error: The system cannot find the file specified.
4/9/2014 12:15:55 PM, error: DCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {EBE666C3-F26C-4CF6-8ABA-3D5F5D2625E1} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission can be modified using the Component Services administrative tool.
4/9/2014 12:13:15 PM, error: Service Control Manager [7000] - The Update Laflurla service failed to start due to the following error: The system cannot find the file specified.
4/9/2014 12:12:14 PM, error: DCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {EBE666C3-F26C-4CF6-8ABA-3D5F5D2625E1} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool.
4/9/2014 11:45:54 AM, error: Service Control Manager [7000] - The axjbfvzv service failed to start due to the following error: The system cannot find the file specified.
4/9/2014 11:34:38 AM, error: Service Control Manager [7034] - The Search Protect by Conduit Service service terminated unexpectedly. It has done this 1 time(s).
4/9/2014 10:59:35 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Util Laflurla service.
4/9/2014 1:06:38 PM, error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/9/2014 1:06:37 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.
4/9/2014 1:06:16 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
4/8/2014 8:44:12 PM, error: Service Control Manager [7022] - The Wajam Internet Enhancer Service service hung on starting.
4/8/2014 7:24:10 PM, error: Service Control Manager [7000] - The NewPlayer Updater Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/8/2014 7:24:09 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the NewPlayer Updater Service service to connect.
4/8/2014 6:10:52 PM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.
4/8/2014 5:10:14 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the avgwd service.
4/8/2014 2:57:06 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
4/8/2014 2:57:06 PM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/8/2014 12:29:49 PM, error: Service Control Manager [7000] - The TelevisionFanaticService service failed to start due to the following error: The system cannot find the file specified.
4/8/2014 12:29:49 PM, error: Service Control Manager [7000] - The RadioRageService service failed to start due to the following error: The system cannot find the file specified.
4/8/2014 12:29:07 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
4/8/2014 10:38:25 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Computer Backup (MyPC Backup) service to connect.
4/8/2014 10:38:25 PM, error: Service Control Manager [7000] - The Computer Backup (MyPC Backup) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/15/2014 9:42:36 AM, error: Service Control Manager [7024] - The AVGIDSAgent service terminated with service-specific error 3758213661 (0xE001CA1D).
4/14/2014 8:09:00 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
4/14/2014 8:08:27 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the iPod Service service to connect.
4/14/2014 8:08:27 PM, error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/14/2014 8:07:51 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Pml Driver HPZ12 service to connect.
4/14/2014 8:07:51 PM, error: Service Control Manager [7000] - The Pml Driver HPZ12 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/14/2014 7:15:15 PM, error: Schedule [7901] - The At2.job command failed to start due to the following error: %%2147942403
4/14/2014 7:15:13 PM, error: Schedule [7901] - The At1.job command failed to start due to the following error: %%2147942403
4/14/2014 7:05:02 PM, error: Service Control Manager [7000] - The Wajam Internet Enhancer Service service failed to start due to the following error: The system cannot find the file specified.
4/14/2014 7:05:02 PM, error: Service Control Manager [7000] - The Search Protect by Conduit Service service failed to start due to the following error: The system cannot find the path specified.
4/14/2014 7:05:02 PM, error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/14/2014 7:05:01 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Apple Mobile Device service to connect.
4/14/2014 6:54:48 PM, error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
4/14/2014 6:54:48 PM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/14/2014 6:54:48 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Wajam Internet Enhancer Service service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Computer Backup (MyPC Backup) service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Broadcom Management Agent service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
4/14/2014 6:52:30 PM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/14/2014 6:52:30 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/14/2014 11:03:52 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.
4/14/2014 10:48:54 PM, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).
4/10/2014 8:09:27 AM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
4/10/2014 7:49:38 AM, error: Service Control Manager [7000] - The TelevisionFanaticService service failed to start due to the following error: The system cannot find the path specified.
.
==== End Of File ===========================

ladybug895 · April 15, 2014

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 2/12/2011 5:06:24 AM
System Uptime: 4/14/2014 11:36:07 PM (18 hours ago)
.
Motherboard: Dell Inc. | | 0H8052
Processor: Intel® Pentium® 4 CPU 3.20GHz | Microprocessor | 3192/800mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 75 GiB total, 40.393 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1177: 2/10/2014 3:08:13 PM - System Checkpoint
RP1178: 2/11/2014 4:08:13 PM - System Checkpoint
RP1179: 2/12/2014 3:00:17 AM - Software Distribution Service 3.0
RP1180: 2/13/2014 1:02:48 PM - System Checkpoint
RP1181: 2/14/2014 2:02:43 PM - System Checkpoint
RP1182: 2/15/2014 3:02:43 PM - System Checkpoint
RP1183: 2/16/2014 3:05:03 PM - System Checkpoint
RP1184: 2/17/2014 4:04:58 PM - System Checkpoint
RP1185: 2/18/2014 5:04:58 PM - System Checkpoint
RP1186: 2/19/2014 5:32:58 PM - System Checkpoint
RP1187: 2/20/2014 4:04:36 PM - Installed Microsoft PowerPoint Viewer
RP1188: 2/21/2014 4:44:33 PM - Installed iTunes
RP1189: 2/22/2014 5:12:42 PM - System Checkpoint
RP1190: 2/23/2014 5:25:26 PM - System Checkpoint
RP1191: 2/24/2014 6:20:09 PM - System Checkpoint
RP1192: 2/25/2014 7:09:06 PM - System Checkpoint
RP1193: 2/26/2014 8:08:38 PM - System Checkpoint
RP1194: 2/27/2014 9:18:15 PM - System Checkpoint
RP1195: 2/28/2014 9:58:52 PM - System Checkpoint
RP1196: 3/1/2014 10:51:57 PM - System Checkpoint
RP1197: 3/2/2014 10:57:47 PM - System Checkpoint
RP1198: 3/4/2014 1:04:32 AM - System Checkpoint
RP1199: 3/5/2014 1:33:14 AM - System Checkpoint
RP1200: 3/6/2014 1:42:02 AM - System Checkpoint
RP1201: 3/7/2014 2:36:43 AM - System Checkpoint
RP1202: 3/8/2014 3:31:24 AM - System Checkpoint
RP1203: 3/9/2014 5:26:29 AM - System Checkpoint
RP1204: 3/10/2014 6:24:15 AM - System Checkpoint
RP1205: 3/11/2014 7:18:52 AM - System Checkpoint
RP1206: 3/12/2014 7:51:11 AM - System Checkpoint
RP1207: 3/12/2014 9:56:39 AM - Software Distribution Service 3.0
RP1208: 3/13/2014 10:08:32 AM - System Checkpoint
RP1209: 3/14/2014 11:09:05 AM - System Checkpoint
RP1210: 3/15/2014 11:57:33 AM - System Checkpoint
RP1211: 3/16/2014 12:51:57 PM - System Checkpoint
RP1212: 3/17/2014 1:46:28 PM - System Checkpoint
RP1213: 3/17/2014 2:42:21 PM - Configured SoundMAX
RP1214: 3/17/2014 2:42:53 PM - Installed SoundMAX
RP1215: 3/17/2014 9:01:40 PM - Software Distribution Service 3.0
RP1216: 3/18/2014 9:15:41 PM - System Checkpoint
RP1217: 3/19/2014 9:18:40 PM - System Checkpoint
RP1218: 3/20/2014 9:51:23 PM - System Checkpoint
RP1219: 3/21/2014 10:46:12 PM - System Checkpoint
RP1220: 3/22/2014 11:45:33 PM - System Checkpoint
RP1221: 3/24/2014 12:37:49 AM - System Checkpoint
RP1222: 3/25/2014 1:32:15 AM - System Checkpoint
RP1223: 3/26/2014 2:25:52 AM - System Checkpoint
RP1224: 3/27/2014 2:00:39 AM - Software Distribution Service 3.0
RP1225: 3/28/2014 2:18:38 AM - System Checkpoint
RP1226: 3/29/2014 3:13:11 AM - System Checkpoint
RP1227: 3/30/2014 3:15:25 AM - System Checkpoint
RP1228: 3/31/2014 4:04:03 AM - System Checkpoint
RP1229: 4/1/2014 4:58:34 AM - System Checkpoint
RP1230: 4/2/2014 5:50:53 AM - System Checkpoint
RP1231: 4/3/2014 6:46:18 AM - System Checkpoint
RP1232: 4/4/2014 7:41:52 AM - System Checkpoint
RP1233: 4/5/2014 9:06:08 AM - System Checkpoint
RP1234: 4/6/2014 9:50:03 AM - System Checkpoint
RP1235: 4/7/2014 10:44:35 AM - System Checkpoint
RP1236: 4/8/2014 10:30:51 AM - Software Distribution Service 3.0
RP1237: 4/8/2014 3:16:16 PM - Removed Microsoft Silverlight
RP1238: 4/8/2014 3:18:17 PM - Removed Windows Live Upload Tool
RP1239: 4/8/2014 3:18:41 PM - Removed Windows Live Sign-in Assistant
RP1240: 4/8/2014 3:24:20 PM - Configured SoundMAX
RP1241: 4/8/2014 3:24:51 PM - Installed SoundMAX
RP1242: 4/8/2014 4:51:54 PM - DriverUpdate Installing Drivers
RP1243: 4/8/2014 5:01:02 PM - Removed Broadcom Gigabit Integrated Controller
RP1244: 4/8/2014 5:01:45 PM - Installed Broadcom NetXtreme-I Netlink Driver and Management Installer.
RP1245: 4/8/2014 6:36:20 PM - DriverUpdate Installing Drivers
RP1246: 4/8/2014 7:02:13 PM - Removed DriverUpdate
RP1247: 4/8/2014 7:15:02 PM - Uniblue SpeedUpMyPC installation
RP1248: 4/9/2014 11:57:43 AM - avast! antivirus system restore point
RP1249: 4/9/2014 12:37:53 PM - avast! antivirus system restore point
RP1250: 4/9/2014 2:28:24 PM - Software Distribution Service 3.0
RP1251: 4/10/2014 3:12:58 PM - System Checkpoint
RP1252: 4/11/2014 3:23:02 PM - System Checkpoint
RP1253: 4/12/2014 4:18:39 PM - System Checkpoint
RP1254: 4/13/2014 5:14:18 PM - System Checkpoint
RP1255: 4/15/2014 12:09:24 AM - System Checkpoint
RP1256: 4/15/2014 2:06:20 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe Flash Player 12 ActiveX
avast! Internet Security
AVG 2014
Free Window Sweeper
Google Chrome
Google Update Helper
Malwarebytes Anti-Malware version 2.0.1.1004
Security Update for Windows Internet Explorer 8 (KB2936068)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2922229)
.
==== Event Viewer Messages From Past Week ========
.
4/9/2014 5:24:52 PM, error: Service Control Manager [7000] - The AVGIDSAgent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/9/2014 5:24:50 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the AVGIDSAgent service to connect.
4/9/2014 2:17:10 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: hlnfd
4/9/2014 12:57:06 PM, error: Service Control Manager [7034] - The TCP/IP NetBIOS Helper service terminated unexpectedly. It has done this 1 time(s).
4/9/2014 12:57:06 PM, error: Service Control Manager [7034] - The SSDP Discovery Service service terminated unexpectedly. It has done this 1 time(s).
4/9/2014 12:57:06 PM, error: Service Control Manager [7031] - The Remote Registry service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
4/9/2014 12:36:24 PM, error: Service Control Manager [7000] - The vsacqnnz service failed to start due to the following error: The system cannot find the file specified.
4/9/2014 12:15:55 PM, error: DCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {EBE666C3-F26C-4CF6-8ABA-3D5F5D2625E1} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission can be modified using the Component Services administrative tool.
4/9/2014 12:13:15 PM, error: Service Control Manager [7000] - The Update Laflurla service failed to start due to the following error: The system cannot find the file specified.
4/9/2014 12:12:14 PM, error: DCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {EBE666C3-F26C-4CF6-8ABA-3D5F5D2625E1} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool.
4/9/2014 11:45:54 AM, error: Service Control Manager [7000] - The axjbfvzv service failed to start due to the following error: The system cannot find the file specified.
4/9/2014 11:34:38 AM, error: Service Control Manager [7034] - The Search Protect by Conduit Service service terminated unexpectedly. It has done this 1 time(s).
4/9/2014 10:59:35 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Util Laflurla service.
4/9/2014 1:06:38 PM, error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/9/2014 1:06:37 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.
4/9/2014 1:06:16 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
4/8/2014 8:44:12 PM, error: Service Control Manager [7022] - The Wajam Internet Enhancer Service service hung on starting.
4/8/2014 7:24:10 PM, error: Service Control Manager [7000] - The NewPlayer Updater Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/8/2014 7:24:09 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the NewPlayer Updater Service service to connect.
4/8/2014 6:10:52 PM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.
4/8/2014 5:10:14 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the avgwd service.
4/8/2014 2:57:06 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
4/8/2014 2:57:06 PM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/8/2014 12:29:49 PM, error: Service Control Manager [7000] - The TelevisionFanaticService service failed to start due to the following error: The system cannot find the file specified.
4/8/2014 12:29:49 PM, error: Service Control Manager [7000] - The RadioRageService service failed to start due to the following error: The system cannot find the file specified.
4/8/2014 12:29:07 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
4/8/2014 10:38:25 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Computer Backup (MyPC Backup) service to connect.
4/8/2014 10:38:25 PM, error: Service Control Manager [7000] - The Computer Backup (MyPC Backup) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/15/2014 9:42:36 AM, error: Service Control Manager [7024] - The AVGIDSAgent service terminated with service-specific error 3758213661 (0xE001CA1D).
4/14/2014 8:09:00 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
4/14/2014 8:08:27 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the iPod Service service to connect.
4/14/2014 8:08:27 PM, error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/14/2014 8:07:51 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Pml Driver HPZ12 service to connect.
4/14/2014 8:07:51 PM, error: Service Control Manager [7000] - The Pml Driver HPZ12 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/14/2014 7:15:15 PM, error: Schedule [7901] - The At2.job command failed to start due to the following error: %%2147942403
4/14/2014 7:15:13 PM, error: Schedule [7901] - The At1.job command failed to start due to the following error: %%2147942403
4/14/2014 7:05:02 PM, error: Service Control Manager [7000] - The Wajam Internet Enhancer Service service failed to start due to the following error: The system cannot find the file specified.
4/14/2014 7:05:02 PM, error: Service Control Manager [7000] - The Search Protect by Conduit Service service failed to start due to the following error: The system cannot find the path specified.
4/14/2014 7:05:02 PM, error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/14/2014 7:05:01 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Apple Mobile Device service to connect.
4/14/2014 6:54:48 PM, error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
4/14/2014 6:54:48 PM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/14/2014 6:54:48 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Wajam Internet Enhancer Service service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Computer Backup (MyPC Backup) service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Broadcom Management Agent service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7034] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).
4/14/2014 6:52:30 PM, error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
4/14/2014 6:52:30 PM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/14/2014 6:52:30 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/14/2014 11:03:52 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.
4/14/2014 10:48:54 PM, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).
4/10/2014 8:09:27 AM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
4/10/2014 7:49:38 AM, error: Service Control Manager [7000] - The TelevisionFanaticService service failed to start due to the following error: The system cannot find the path specified.
.
==== End Of File ===========================

ladybug895 · April 15, 2014

did i post them both it showed on the desk top that it was there i think i did

flashh4 · April 16, 2014

While i am waiting on the OTL log ! AVAST, AVG ........... your log shows 2 Antivirus installed, you only need 1 !! If you have 2 they will conflict with each other so we need to remove 1 of them, i suggest removing AVG if it is installed.
Click Start, click Control Panel, and then click Add or Remove Programs. Click AVG & then click Uninstall ! If it is there !!!!
Free Window Sweeper <<< this needs uninstalled also if present !!

Thanks

Chuck

ladybug895 · April 16, 2014

OTL Extras logfile created on: 4/15/2014 6:16:38 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

502.07 Mb Total Physical Memory | 22.96 Mb Available Physical Memory | 4.57% Memory free
1.20 Gb Paging File | 0.27 Gb Available in Paging File | 22.54% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 40.39 Gb Free Space | 54.20% Space Free | Partition Type: NTFS

Computer Name: COMPUTER | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files\File Type Assistant\tsassist.exe" "%1"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
"1886:TCP" = 1886:TCP:*:Enabled:Genieo

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Documents and Settings\Administrator\Application Data\Spotify\spotify.exe" = C:\Documents and Settings\Administrator\Application Data\Spotify\spotify.exe:*:Enabled:Spotify
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Disabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\AVG\AVG2014\avgmfapx.exe" = C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Avast" = avast! Internet Security
"Google Chrome" = Google Chrome
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.1.1004

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 4/14/2014 8:51:59 PM | Computer Name = COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application wordpad.exe, version 5.1.2600.6010, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/14/2014 9:18:43 PM | Computer Name = COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 28.0.0.5186, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/14/2014 9:28:12 PM | Computer Name = COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application msimn.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/14/2014 9:28:32 PM | Computer Name = COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 28.0.0.5186, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/14/2014 9:28:32 PM | Computer Name = COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 28.0.0.5186, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/14/2014 11:10:52 PM | Computer Name = COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application explorer.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/15/2014 2:48:49 AM | Computer Name = COMPUTER | Source = Windows Search Service | ID = 3100
Description = Unable to initialize the filter host process. Terminating. Details:
   This
operation returned because the timeout period expired.   (0x800705b4)

Error - 4/15/2014 1:15:23 PM | Computer Name = COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application mbam-setup-2.0.1.1004(2).tmp, version 51.52.0.0,
hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/15/2014 1:15:36 PM | Computer Name = COMPUTER | Source = Application Hang | ID = 1001
Description = Fault bucket 191912498.

Error - 4/15/2014 8:29:30 PM | Computer Name = COMPUTER | Source = MsiInstaller | ID = 10005
Description = SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error
27054. CA_Error27054: SetupAction(0xC0070642): Installation failed.

[ System Events ]
Error - 4/15/2014 4:15:00 PM | Computer Name = COMPUTER | Source = Schedule | ID = 7901
Description = The At1.job command failed to start due to the following error:   %%2147942403

Error - 4/15/2014 4:15:00 PM | Computer Name = COMPUTER | Source = Schedule | ID = 7901
Description = The At2.job command failed to start due to the following error:   %%2147942403

Error - 4/15/2014 5:15:00 PM | Computer Name = COMPUTER | Source = Schedule | ID = 7901
Description = The At1.job command failed to start due to the following error:   %%2147942403

Error - 4/15/2014 5:15:00 PM | Computer Name = COMPUTER | Source = Schedule | ID = 7901
Description = The At2.job command failed to start due to the following error:   %%2147942403

Error - 4/15/2014 6:15:00 PM | Computer Name = COMPUTER | Source = Schedule | ID = 7901
Description = The At1.job command failed to start due to the following error:   %%2147942403

Error - 4/15/2014 6:15:00 PM | Computer Name = COMPUTER | Source = Schedule | ID = 7901
Description = The At2.job command failed to start due to the following error:   %%2147942403

Error - 4/15/2014 7:15:00 PM | Computer Name = COMPUTER | Source = Schedule | ID = 7901
Description = The At1.job command failed to start due to the following error:   %%2147942403

Error - 4/15/2014 7:15:00 PM | Computer Name = COMPUTER | Source = Schedule | ID = 7901
Description = The At2.job command failed to start due to the following error:   %%2147942403

Error - 4/15/2014 8:15:27 PM | Computer Name = COMPUTER | Source = Schedule | ID = 7901
Description = The At1.job command failed to start due to the following error:   %%2147942403

Error - 4/15/2014 8:15:28 PM | Computer Name = COMPUTER | Source = Schedule | ID = 7901
Description = The At2.job command failed to start due to the following error:   %%2147942403

< End of report >

ladybug895 · April 16, 2014

OTL logfile created on: 4/15/2014 6:16:38 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

502.07 Mb Total Physical Memory | 22.96 Mb Available Physical Memory | 4.57% Memory free
1.20 Gb Paging File | 0.27 Gb Available in Paging File | 22.54% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 40.39 Gb Free Space | 54.20% Space Free | Partition Type: NTFS

Computer Name: COMPUTER | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/04/15 18:14:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\Downloads\OTL.com
PRC - [2014/04/09 12:46:35 | 003,854,640 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/04/09 12:46:32 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/04/09 12:44:55 | 000,109,048 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2014/04/06 21:21:36 | 005,180,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe
PRC - [2014/03/27 22:10:20 | 000,291,912 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe
PRC - [2014/03/18 20:05:34 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014/03/18 14:30:20 | 000,639,488 | ---- | M] () -- C:\Program Files\Flash Update\winclient32.exe
PRC - [2012/08/02 18:30:44 | 000,154,624 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/01/07 00:09:25 | 000,397,312 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzstc11.exe
PRC - [2006/01/07 00:09:25 | 000,172,032 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
PRC - [2004/03/18 17:55:48 | 000,065,536 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe

========== Modules (No Company Name) ==========

MOD - [2014/04/15 14:34:35 | 002,212,352 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14041501\algo.dll
MOD - [2014/04/09 12:47:01 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/03/18 20:05:08 | 003,642,480 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014/03/18 14:30:20 | 000,639,488 | ---- | M] () -- C:\Program Files\Flash Update\winclient32.exe
MOD - [2014/03/14 22:25:44 | 000,236,544 | ---- | M] () -- C:\Program Files\Flash Update\sqlite3.dll
MOD - [2014/03/12 10:14:11 | 016,276,872 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll
MOD - [2014/01/20 14:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/01/20 14:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe -- (Wajam Internet Enhancer Service)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Laflurla\updateLaflurla.exe -- (Update Laflurla)
SRV - [2014/04/09 14:33:24 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/04/09 12:46:32 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/04/09 12:44:55 | 000,109,048 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2014/04/01 21:20:52 | 003,655,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014/03/27 22:10:20 | 000,291,912 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2014/03/18 20:05:15 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/02 18:30:44 | 000,154,624 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe -- (BrcmMgmtAgent)
SRV - [2004/03/18 17:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [File_System | On_Demand | Stopped] -- -- (axjbfvzv)
DRV - [2014/04/09 12:47:09 | 000,776,976 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/04/09 12:47:09 | 000,180,760 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/04/09 12:47:09 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014/04/09 12:47:08 | 000,411,552 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2014/04/09 12:47:08 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/04/09 12:47:08 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2014/04/09 12:47:08 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/04/09 12:46:18 | 000,026,136 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2014/04/09 12:44:57 | 000,252,208 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2014/04/09 12:44:56 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\aswNdis.sys -- (aswNdis)
DRV - [2014/04/09 00:32:53 | 000,055,224 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tStLibG.sys -- (tStLibG)
DRV - [2014/04/08 18:27:56 | 000,013,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2014/04/01 21:07:04 | 000,199,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2014/03/31 16:11:58 | 000,211,224 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2014/03/31 16:11:50 | 000,108,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2014/03/27 22:15:18 | 000,193,304 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2014/03/27 22:14:40 | 000,123,160 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2014/03/27 22:04:22 | 000,150,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2014/03/27 22:04:02 | 000,238,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2014/03/27 22:03:22 | 000,028,440 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2014/03/27 22:03:20 | 000,022,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012/09/18 14:08:36 | 000,010,520 | ---- | M] (Broadcom Corporation) [Kernel | Auto | Running] -- C:\Program Files\Broadcom\MgmtAgent\BASFND.sys -- (BASFND)
DRV - [2012/05/24 12:44:28 | 000,239,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2011/06/15 10:30:56 | 000,090,624 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\baspxp32.sys -- (Blfp)
DRV - [2011/03/15 00:11:10 | 000,010,112 | ---- | M] (support.com, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssmirrdr.sys -- (ssmirrdr)
DRV - [2008/04/13 13:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2004/09/17 10:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2001/08/23 07:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001/08/23 07:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = http://us.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.yhs4.search.yahoo.com/?hspart=avast&hsimp=yhs-001&type={partner_id}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_enUS420
IE - HKCU\..\SearchScopes\{6C59297E-BFFE-4E6A-0BF5-4187155432D8}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z127&form=ZGAIDF&install_date=20111223&iesrc={referrer:source}
IE - HKCU\..\SearchScopes\{899B35FF-D18B-8FBB-580A-E99390A9E0B2}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z129&form=ZGAIDF&install_date=20111102&iesrc={referrer:source}
IE - HKCU\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = http://us.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
IE - HKCU\..\SearchScopes\{AE34B30D-97A8-46D4-92EC-1419F24DCE09}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=chr-ydwnld
IE - HKCU\..\SearchScopes\{CE3A3FD1-0A27-07DC-3FED-9D0FBEBC1CD0}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z131&form=ZGAIDF&install_date=20111102&iesrc={referrer:source}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:1546;https=127.0.0.1:1546

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://hsrd.yahoo.com/_ylt=A2KLthbWOkhT6wEBwSObvZx4/RV=1/RE=1398452182/RH=aHNyZC55YWhvby5jb20-/RO=2/RU=aHR0cHM6Ly93d3cueWFob28uY29tLw--/RS=%5EADARIfA9_N3l9EYgsG1F7TxFbFRyoQ-"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@TelevisionFanatic.com/Plugin: C:\Program Files\TelevisionFanatic\bar\2.bin\NP64Stub.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/04/09 12:47:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/03/18 20:01:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/04/10 00:33:14 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{828c786a-e911-4821-aabd-a58eff0dcf02}: C:\Program Files\BlockAndSurf Corp\158.xpi

[2011/09/21 18:49:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2014/04/09 11:53:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\opm5vmj3.default-1397016665796\extensions
[2014/04/09 22:29:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014/03/18 20:01:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2014/03/18 20:01:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/03/18 20:06:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/04/09 12:47:26 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

========== Chrome ==========

CHR - default_search_provider: Conduit Search (Enabled)
CHR - default_search_provider: search_url = http://search.conduit.com/Results.aspx?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=MF0E8115B-F69F-48B1-8369-38C556336852&SearchSource=58&CUI=&UM=5&UP=SP0A3A7739-0903-460C-9CF6-ADA3F08004CD&q={searchTerms}&SSPV=
CHR - default_search_provider: suggest_url = http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms},
CHR - homepage: http://www.google.com
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.93_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2001/08/23 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {06C7AD57-B655-418D-9AB8-9526A6D2E052} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [fst_us_27] File not found
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe (HP)
O4 - HKLM..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Windows Client Manager] C:\Program Files\Flash Update\winclient32.exe ()
O4 - HKCU..\Run: [zoUdechSLSwKJZdfXwMEoWYsVanyTgUGhEDeMdPUtUfZroLhGx] C:\Documents and Settings\Administrator\Local Settings\Application Data\Crisis.exe File not found
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\Program Files\java\java.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\Program Files\java\java.exe
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1297539326578 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1302905791640 (MUWebControl Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D34DF27-1C96-4169-B78F-FBD4AAC65D36}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\DatamngrCoordinator.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/02/12 06:04:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{205015d4-3962-11e0-8544-00123f42ce89}\Shell\AutoRun\command - "" = E:\Info.exe folder.htt 480 480
O33 - MountPoints2\{de4153cb-36a8-11e0-853c-ee59ed5f6acd}\Shell\AutoRun\command - "" = E:\Crisis.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/04/15 17:46:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2014/04/15 02:11:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2014/04/14 22:49:20 | 000,107,736 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/04/14 22:46:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/04/14 22:46:06 | 000,050,648 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2014/04/14 22:46:05 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2014/04/14 22:46:03 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/04/14 22:46:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2014/04/14 22:15:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/04/14 18:49:40 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/04/10 00:38:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Downloads
[2014/04/09 23:23:50 | 009,652,096 | ---- | C] (ReimageÂ®) -- C:\TRANSLATE
[2014/04/09 22:23:52 | 000,000,000 | ---D | C] -- C:\Program Files\002
[2014/04/09 22:12:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System\Newrestore Folder
[2014/04/09 12:59:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\AVAST Software
[2014/04/09 12:57:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avast
[2014/04/09 12:55:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2014/04/09 12:47:36 | 000,776,976 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2014/04/09 12:47:36 | 000,411,552 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2014/04/09 12:47:36 | 000,057,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014/04/09 12:47:35 | 000,067,824 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2014/04/09 12:47:35 | 000,054,832 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2014/04/09 12:47:33 | 000,252,208 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
[2014/04/09 12:47:33 | 000,026,136 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
[2014/04/09 12:47:28 | 000,271,264 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2014/04/09 12:47:02 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/04/09 12:44:56 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswNdis.sys
[2014/04/09 11:57:44 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/04/09 11:45:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2014/04/09 11:39:13 | 000,295,080 | ---- | C] (SecureAssist) -- C:\WINDOWS\System32\SecureAssist.dll
[2014/04/09 11:33:29 | 000,000,000 | ---D | C] -- C:\temp
[2014/04/09 11:14:33 | 000,000,000 | ---D | C] -- C:\Program Files\003
[2014/04/09 00:32:52 | 000,055,224 | ---- | C] (StdLib) -- C:\WINDOWS\System32\drivers\tStLibG.sys
[2014/04/08 23:03:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Flash Update
[2014/04/08 23:03:21 | 000,000,000 | ---D | C] -- C:\Program Files\Flash Update
[2014/04/08 22:59:35 | 000,000,000 | ---D | C] -- C:\Program Files\Laflurla
[2014/04/08 22:52:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Administrative Tools
[2014/04/08 22:36:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup
[2014/04/08 21:28:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
[2014/04/08 21:21:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Old Firefox Data
[2014/04/08 20:22:43 | 000,000,000 | ---D | C] -- C:\Program Files\BlockAndSurf Corp
[2014/04/08 20:20:14 | 000,000,000 | ---D | C] -- C:\Program Files\Convert Files for Free
[2014/04/08 20:14:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.android
[2014/04/08 20:14:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\cache
[2014/04/08 20:05:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\com
[2014/04/08 17:44:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\supportdotcom
[2014/04/08 17:42:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\supportdotcom
[2014/04/08 17:08:52 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\System32\CSVer.dll
[2014/04/08 17:08:51 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2014/04/08 17:08:07 | 000,000,000 | ---D | C] -- C:\Intel
[2014/04/08 17:03:25 | 000,089,600 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\Baspxp32.dll
[2014/04/08 17:00:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Dell
[2014/04/08 16:57:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Downloaded Installations
[2014/04/08 16:33:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\SlimWare Utilities Inc
[2014/04/08 16:30:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Downloaded Installers
[2014/04/08 13:52:47 | 000,000,000 | ---D | C] -- C:\Inetpub
[2014/03/31 08:28:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2014/03/26 17:21:55 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xp_eos.exe
[2014/03/26 17:21:55 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xp_eos.exe
[2014/03/21 11:46:46 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscomctl.ocx
[2014/03/21 11:46:46 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comdlg32.ocx
[2014/03/18 20:01:04 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/03/17 14:53:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Auslogics
[2014/03/17 14:48:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics
[2014/03/17 14:48:43 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics
[2014/03/17 14:07:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CDB
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/04/15 19:44:22 | 000,000,378 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014/04/15 19:29:06 | 000,000,332 | ---- | M] () -- C:\WINDOWS\tasks\HP Usg Daily FY04.job
[2014/04/15 19:15:28 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2014/04/15 19:15:09 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2014/04/15 19:02:17 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/15 18:53:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/04/15 16:37:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2014/04/15 13:01:02 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/04/15 12:34:52 | 000,107,736 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/04/15 11:56:42 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/04/15 11:56:08 | 000,000,238 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/04/15 11:56:06 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\BlockAndSurf Update.job
[2014/04/15 11:56:05 | 000,000,400 | ---- | M] () -- C:\WINDOWS\tasks\BlockAndSurf_wd.job
[2014/04/14 23:41:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/04/14 22:50:08 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/14 21:47:11 | 000,114,688 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ChromeHitoryDB
[2014/04/10 03:00:13 | 000,000,712 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2014/04/09 23:28:26 | 000,000,163 | ---- | M] () -- C:\WINDOWS\Reimage.ini
[2014/04/09 23:24:30 | 009,652,096 | ---- | M] (ReimageÂ®) -- C:\TRANSLATE
[2014/04/09 14:54:35 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2014/04/09 14:32:57 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014/04/09 14:32:54 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014/04/09 14:13:19 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/04/09 12:57:25 | 000,001,799 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! SafeZone.lnk
[2014/04/09 12:57:25 | 000,001,739 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Internet Security.lnk
[2014/04/09 12:55:16 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2014/04/09 12:47:09 | 000,776,976 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2014/04/09 12:47:09 | 000,180,760 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014/04/09 12:47:09 | 000,057,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014/04/09 12:47:08 | 000,411,552 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2014/04/09 12:47:08 | 000,067,824 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2014/04/09 12:47:08 | 000,054,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2014/04/09 12:47:08 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/04/09 12:47:02 | 000,271,264 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2014/04/09 12:47:02 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/04/09 12:46:18 | 000,026,136 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
[2014/04/09 12:44:57 | 000,252,208 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
[2014/04/09 12:44:56 | 000,012,112 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswNdis.sys
[2014/04/09 00:32:53 | 000,055,224 | ---- | M] (StdLib) -- C:\WINDOWS\System32\drivers\tStLibG.sys
[2014/04/08 21:37:47 | 000,502,712 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/04/08 21:37:47 | 000,087,178 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/04/08 21:28:54 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/08 20:49:03 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2014/04/08 20:22:53 | 000,000,464 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2014/04/08 20:16:49 | 000,000,041 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\WB.CFG
[2014/04/08 19:24:44 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Sync Folder.lnk
[2014/04/08 18:27:56 | 000,013,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys
[2014/04/08 15:03:52 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/04/03 09:51:06 | 000,050,648 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2014/04/03 09:50:56 | 000,023,256 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2014/03/21 11:46:46 | 001,081,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mscomctl.ocx
[2014/03/21 11:46:46 | 000,152,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\comdlg32.ocx
[2014/03/17 20:58:17 | 000,001,746 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2014/03/17 14:48:53 | 000,000,822 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Auslogics DiskDefrag.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/04/14 22:47:09 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/11 00:15:17 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At2.job
[2014/04/09 20:15:11 | 000,000,092 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\WB.CFG
[2014/04/09 13:10:15 | 000,114,688 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ChromeHitoryDB
[2014/04/09 12:57:25 | 000,001,799 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! SafeZone.lnk
[2014/04/09 12:57:25 | 000,001,739 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Internet Security.lnk
[2014/04/09 12:55:39 | 000,000,378 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014/04/09 12:55:16 | 000,001,831 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/04/09 12:55:15 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2014/04/09 12:49:50 | 000,000,900 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/09 12:49:48 | 000,000,896 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/04/09 12:47:36 | 000,180,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014/04/09 12:47:35 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/04/08 21:28:55 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Outlook Express.lnk
[2014/04/08 21:28:53 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/08 21:28:53 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk
[2014/04/08 20:34:47 | 000,173,134 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2014/04/08 20:22:52 | 000,000,396 | ---- | C] () -- C:\WINDOWS\tasks\BlockAndSurf Update.job
[2014/04/08 20:22:51 | 000,000,464 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2014/04/08 20:22:50 | 000,000,400 | ---- | C] () -- C:\WINDOWS\tasks\BlockAndSurf_wd.job
[2014/04/08 20:16:49 | 000,000,041 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\WB.CFG
[2014/04/08 20:15:26 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2014/04/08 19:24:42 | 000,001,632 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Sync Folder.lnk
[2014/04/08 16:33:40 | 000,013,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys
[2014/04/08 12:31:07 | 000,000,238 | ---- | C] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/04/08 12:31:05 | 000,000,232 | ---- | C] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/03/17 20:58:17 | 000,001,746 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2014/03/17 14:48:53 | 000,000,822 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Auslogics DiskDefrag.lnk
[2014/03/17 14:03:50 | 000,000,163 | ---- | C] () -- C:\WINDOWS\Reimage.ini
[2013/02/05 00:07:03 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/16 16:52:21 | 000,027,520 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\dt.dat
[2012/07/20 20:37:37 | 000,058,880 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\erdkrfnn
[2012/07/20 20:35:31 | 000,058,880 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\brmvloip
[2012/07/19 15:23:09 | 000,058,880 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\mobuaffu
[2012/07/19 15:17:19 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\SharedSettings.ccs
[2011/12/23 12:25:53 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2011/06/09 10:39:54 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Javaw.exe
[2005/04/16 02:00:43 | 000,000,311 | -H-- | C] () -- C:\Documents and Settings\Administrator\Application Data\Administratorlog.dat

========== ZeroAccess Check ==========

[2011/02/12 14:20:38 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

< End of report >

ladybug895 · April 16, 2014

Results of screen317's Security Check version 0.99.81
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 12.0.0.77
Google Chrome 34.0.1847.116
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast afwServ.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 3%
````````````````````End of Log``````````````````````

ladybug895 · April 16, 2014

Malwarebytes Anti-Malware
www.malwarebytes.org

Update, 4/14/2014 10:50:00 PM, SYSTEM, COMPUTER, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1,
Update, 4/14/2014 10:50:24 PM, SYSTEM, COMPUTER, Manual, Malware Database, 2014.3.4.9, 2014.4.15.2,
Protection, 4/14/2014 10:52:10 PM, SYSTEM, COMPUTER, Protection, Malware Protection, Starting,
Protection, 4/14/2014 10:52:15 PM, SYSTEM, COMPUTER, Protection, Malware Protection, Started,
Protection, 4/14/2014 10:52:16 PM, SYSTEM, COMPUTER, Protection, Malicious Website Protection, Starting,
Protection, 4/14/2014 10:52:47 PM, SYSTEM, COMPUTER, Protection, Malicious Website Protection, Started,
Protection, 4/14/2014 11:32:38 PM, SYSTEM, COMPUTER, Protection, Malware Protection, Starting,
Protection, 4/14/2014 11:33:00 PM, SYSTEM, COMPUTER, Protection, Malware Protection, Started,
Protection, 4/14/2014 11:33:09 PM, SYSTEM, COMPUTER, Protection, Malicious Website Protection, Starting,
Protection, 4/14/2014 11:33:25 PM, SYSTEM, COMPUTER, Protection, Malicious Website Protection, Started,
Protection, 4/14/2014 11:43:31 PM, SYSTEM, COMPUTER, Protection, Malware Protection, Starting,
Protection, 4/14/2014 11:43:32 PM, SYSTEM, COMPUTER, Protection, Malware Protection, Started,
Protection, 4/14/2014 11:43:32 PM, SYSTEM, COMPUTER, Protection, Malicious Website Protection, Starting,
Protection, 4/14/2014 11:44:17 PM, SYSTEM, COMPUTER, Protection, Malicious Website Protection, Started,

(end)

flashh4 · April 16, 2014

Hi Ladybug, ok lets fix this stuff !

We need to Run an OTL fix !!
Warning This fix is only relevant for this system and no other, using on another computer may cause problems.

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

* Double-click OTL.exe to start the program.
* Copy and Paste the following code into the . text box of the OTL tool/program ! Start with and include the colon plus :OTL

:OTLSRV - File not found [Auto | Stopped] -- C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe -- (Wajam Internet Enhancer Service)SRV - File not found [Auto | Stopped] -- C:\Program Files\Laflurla\updateLaflurla.exe -- (Update Laflurla)DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mbr.sys -- (mbr)DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134)DRV - File not found [Kernel | System | Stopped] --  -- (Changer)DRV - File not found [File_System | On_Demand | Stopped] --  -- (axjbfvzv)IE - HKLM\..\SearchScopes,DefaultScope =IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRCIE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7IE - HKLM\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = http://us.yhs4.searc...p=yhs-001&type={partner_id}&p={searchTerms}IE - HKCU\..\SearchScopes,DefaultScope =IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_enUS420IE - HKCU\..\SearchScopes\{6C59297E-BFFE-4E6A-0BF5-4187155432D8}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z127&form=ZGAIDF&install_date=20111223&iesrc={referrer:source}IE - HKCU\..\SearchScopes\{899B35FF-D18B-8FBB-580A-E99390A9E0B2}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z129&form=ZGAIDF&install_date=20111102&iesrc={referrer:source}IE - HKCU\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = http://us.yhs4.searc...p=yhs-001&type={partner_id}&p={searchTerms}IE - HKCU\..\SearchScopes\{AE34B30D-97A8-46D4-92EC-1419F24DCE09}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=chr-ydwnldIE - HKCU\..\SearchScopes\{CE3A3FD1-0A27-07DC-3FED-9D0FBEBC1CD0}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z131&form=ZGAIDF&install_date=20111102&iesrc={referrer:source}FF - user.js - File not foundFF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found[2011/09/21 18:49:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions[2014/04/09 11:53:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\opm5vmj3.default-1397016665796\extensions[2014/04/09 22:29:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions[2014/03/18 20:01:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensionsO2 - BHO: (Javaâ„¢ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not foundO3 - HKLM\..\Toolbar: (no name) - {06C7AD57-B655-418D-9AB8-9526A6D2E052} - No CLSID value found.O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.O4 - HKLM..\Run: [fst_us_27]  File not foundO4 - HKCU..\Run: [zoUdechSLSwKJZdfXwMEoWYsVanyTgUGhEDeMdPUtUfZroLhGx] C:\Documents and Settings\Administrator\Local Settings\Application Data\Crisis.exe File not foundO18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not foundO20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) -  File not foundO20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) -  File not foundO20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) -  File not foundO20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) -  File not foundO20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) -  File not foundO20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) -  File not foundO20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) -  File not foundO20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) -  File not foundO20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) -  File not foundO20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) -  File not foundO20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) -  File not foundO20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) -  File not foundO20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) -  File not foundO20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) -  File not foundO20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) -  File not foundO20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) -  File not foundO20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) -  File not foundO20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Windupdt\winupdate.exe) -  File not found[2014/04/15 19:15:28 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At2.job[2014/04/15 19:15:09 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At1.jobipconfig  /flushdns /c:Commands[emptyjava][emptyflash][EMPTYTEMP][RESETHOSTS][CREATERESTOREPOINT][Reboot]

# Then click the Run Fix button at the top.
# Click
# Please post the contents of the fix log file back here if you are prompted to open the file. It can also be found at C:\_OTL\Moved Files as MMDDYYY_HHMMSS.log where MMDDYYY is date format and HHMMSS is time format.
Remember to enable your real time protection.

flashh4 · April 16, 2014

It will look like this !!

ladybug895 · April 16, 2014

All processes killed
========== OTL ==========
Service Wajam Internet Enhancer Service stopped successfully!
Service Wajam Internet Enhancer Service deleted successfully!
File C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe not found.
Service Update Laflurla stopped successfully!
Service Update Laflurla deleted successfully!
File C:\Program Files\Laflurla\updateLaflurla.exe not found.
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Error: No service named mbr was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mbr deleted successfully.
File C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mbr.sys not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service cpuz134 stopped successfully!
Service cpuz134 deleted successfully!
File C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys not found.
Service Changer stopped successfully!
Service Changer deleted successfully!
Service axjbfvzv stopped successfully!
Service axjbfvzv deleted successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6C59297E-BFFE-4E6A-0BF5-4187155432D8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C59297E-BFFE-4E6A-0BF5-4187155432D8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{899B35FF-D18B-8FBB-580A-E99390A9E0B2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{899B35FF-D18B-8FBB-580A-E99390A9E0B2}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AE34B30D-97A8-46D4-92EC-1419F24DCE09}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE34B30D-97A8-46D4-92EC-1419F24DCE09}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CE3A3FD1-0A27-07DC-3FED-9D0FBEBC1CD0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CE3A3FD1-0A27-07DC-3FED-9D0FBEBC1CD0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions folder moved successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\opm5vmj3.default-1397016665796\extensions folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions folder moved successfully.
C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files\Mozilla Firefox\browser\extensions folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{06C7AD57-B655-418D-9AB8-9526A6D2E052} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06C7AD57-B655-418D-9AB8-9526A6D2E052}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\fst_us_27 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\zoUdechSLSwKJZdfXwMEoWYsVanyTgUGhEDeMdPUtUfZroLhGx deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}\ deleted successfully.
File {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\Windupdt\winupdate.exe deleted successfully.
C:\WINDOWS\tasks\At2.job moved successfully.
C:\WINDOWS\tasks\At1.job moved successfully.
========== COMMANDS ==========

[EMPTYJAVA]

User: Administrator
->Java cache emptied: 114598 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

Total Java Files Cleaned = 0.00 mb

[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 2930220 bytes

User: All Users

User: Default User
->Flash cache emptied: 57472 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 3.00 mb

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 12090543 bytes
->Temporary Internet Files folder emptied: 11227200 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 21792606 bytes
->Google Chrome cache emptied: 40154642 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 19924318 bytes
->FireFox cache emptied: 6257282 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 361447092 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2162283 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 205353304 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 634709292 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 199431436 bytes

Total Files Cleaned = 1,445.00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 04152014_212729

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\_avast_\Webshlock.txt not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

flashh4 · April 16, 2014

Ladybug that looks clean ! lets clean things up !!

Clean up with OTL

    Right-click OTL.exe and select " Run as administrator " to run it.
    This will remove all the tools we used to clean your pc.
    Close all other programs apart from OTL as this step will require a reboot
    On the OTL main screen, press the CleanUp! button
    Say Yes to the prompt and then allow the program to reboot your computer.

You can now delete any tools we used if they remain on your Desktop.

Then i will give you my "All Clean Speech " !!

Thanks

Chuck

flashh4 · April 16, 2014

Ladybug your CLEAN & DONE !!!!

Congratulation you are clean !!!

Any of the logs that you created for use in the forums or remaining tools that have not yet been removed can be deleted so they aren't cluttering up your desktop.

This is my standard "All Clean Speech." You may have some already installed, these are just recommendations !

Here are some tips to reduce the potential for spyware infection in the future:

Make your Internet Explorer more secure - This can be done by following these simple instructions:

*From within Internet Explorer click on the Tools menu and then click on Options.
*Click once on the Security tab
*Click once on the Internet icon so it becomes highlighted.
*Click once on the Custom Level button.
*Change the Download signed ActiveX controls to Prompt
*Change the Download unsigned ActiveX controls to Disable
*Change the Initialize and script ActiveX controls not marked as safe to Disable
*Change the Installation of desktop items to Prompt
*Change the Launching programs and files in an IFRAME to Prompt
*Change the Navigate sub-frames across different domains to Prompt
*When all these settings have been made, click on the OK button.
*If it prompts you as to whether or not you want to save the settings, press the Yes button.
*Next press the Apply button and then the OK to exit the Internet Properties page.

==========================

Make your Mozilla Firefox more secure - This can be done by adding these add-ons:

NoScript
AdBlockPlus

=============================

Use and update an anti-virus software - I can not overemphasize the need for you to use and update your anti-virus application on a regular basis. With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection.

=============================

Free Anti-Virus

Avast Free Antivirus
Avira Free Antivirus 2013
PC Tools AntiVirus Free
Ad-Aware Free Antivirus

========================

Free Firewall
Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can lower your risk greatly. A tutorial on firewalls can be found here.

Online Armor Free
Agnitum Outpost Firewall Free
Comodo Firewall

=======================

Make sure you keep your Windows OS current. Windows XP users can visit Windows updatedefault.asp regularly to download and install any critical updates and service packs. Windows Vista/7 users can open the Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane) to update these systems. Without these you are leaving the back door open.

=======================

Consider a custom hosts file such as MVPS HOSTS. This custom hosts file effectively blocks a wide range of unwanted ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers. For information on how to download and install, please read this tutorial by WinHelp2002
Note: Be sure to follow the instructions to disable the DNS Client service before installing a custom hosts file.

==========================

WOT(Web of Trust) As "Googling" is such an integral part of internet life, this free browser add on warns you about risky websites that try to scam visitors, deliver malware or send spam. It is especially helpful when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites. WOT has an add-on available for Firefox, Internet Explorer as well as Google Chrome.

==========================

I also recommend that you read the following:
How to prevent malware by miekiemoes

==========================

To insure better safety, these are a must have:
Rule #1 ........ Good Antivirus
Rule #2 ........ Good Firewall
Rule #3 ........ Good Router is Great ! (optional but best)

Happy surfing and Stay Clean
Chuck

General computer sweep clean up junk files

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites