Possible virus

Jerry56 · #1 August 24th, 2014, 06:50 PM

I am using windows xp and my cd writer will not write ,it will play cd I know its not a problem with the cd writer because I took out the cd Rom and put it in another computer and it work o.k
Now I am trying to run SFC /SCANNOW to see if that would correct the problem but scf /scannow will not run , when I tried from the "RUN box i only get a black screen with white writing flash real fast and disappear I then tried running it from the command prompt , C:\Documents and Settings \Owner>Sfc /Scannow and I got the following message.
"Windows file protection could not initiate a scan of protected system files.

The specific error code is 0x000004dd ( The operation requested was not performed because the user has not logged on to the network.
The specified service does not exist. "
Could you take a look to see if there are any virus.?

**Jintan** · #2 August 25th, 2014, 11:40 PM

Hello Jerry56,

You do know that Windows XP is no longer supported by Microsoft?

To make sure you have an accurate view of files there, make sure you can View Hidden Files. Also uncheck "Hide Extensions for Known File Types"

To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs. Here are some antivirus disable tips if needed.

-------

Download RogueKiller from here to your desktop.

Close all open programs
Remember to right click -> run as administrator, and click the downloaded file.
Wen RogueKiller finises it's opening scan, press the Scan button..
A RKreport.txt will be created in the same location as the RogueKiller file.
If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe, and try again.

Please post the contents of the RKreport.txt.

--------

Click here and download OldTimer's OTL to your desktop, then click that to open the scan display. At the top click "Scan All Users", then click "Run Scan". Make no other changes at this time.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are also saved in the same location as OTL.exe. Post the contents of those back here please.

Jerry56 · #3 August 26th, 2014, 07:45 PM

RogueKiller V9.2.8.0 [Jul 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Owner [Admin rights]
Mode : Scan -- Date : 08/26/2014 14:07:43

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 8 ¤¤¤
[PUM.StartMenu] HKEY_USERS\S-1-5-21-1957994488-57989841-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced | Start_ShowRecentDocs : 2 -> FOUND
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND
[PUM.HomePage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir...=ie&ar=msnhome -> FOUND
[PUM.HomePage] HKEY_USERS\S-1-5-21-1957994488-57989841-725345543-1003\Software\Microsoft\Internet Explorer\Main | Start Page : http://msn.com/ -> FOUND
[PUM.HomePage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir...=ie&ar=msnhome -> FOUND
[PUM.SearchPage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir...ie&ar=iesearch -> FOUND
[PUM.SearchPage] HKEY_USERS\S-1-5-21-1957994488-57989841-725345543-1003\Software\Microsoft\Internet Explorer\Main | Search Page : https://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} -> FOUND
[PUM.SearchPage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir...ie&ar=iesearch -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 1 ¤¤¤
[C:\WINDOWS\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 0 (Driver: NOT LOADED [0x5]) ¤¤¤

¤¤¤ Web browsers : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] 7phejwsx.default-1375651423468 : user_pref("browser.startup.homepage", "http://www.excite.com/"); -> FOUND

¤¤¤ MBR Check : ¤¤¤

The oldtimer's files both were blank , When the scan was finish there was a message saying something like could not find some folder and it you want to create a new one and I click yes and note pad open but it was blank.

**Jintan** · #4 August 26th, 2014, 11:05 PM

Download RSIT (random's system information tool) from here to your desktop. Then click on the RSIT.exe to open the RSIT display, and click the Continue button.

If RSIT downloads/installs HijackThis be sure to agree to the install of that.

Once the scan completes a textbox will open - copy/paste those contents here for review please. The log can also be found at C:\rsit\log.txt.

RSIT will also create a second log, info.txt, which will be minimized to your taskbar. Post that here as well please (it will also be stored at C:\rsit\info.txt).

You can break logs into parts and use separate posts here when replying and posting the log files, if needed.

Jerry56 · #5 August 27th, 2014, 10:34 PM

Logfile of random's system information tool 1.10 (written by random/random)
Run by Owner at 2014-08-27 17:30:10
Microsoft Windows XP Professional Service Pack 3
System drive C: has 43 GB (57%) free of 76 GB
Total RAM: 1150 MB (58% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpda teService.exe
C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}
C:\WINDOWS\tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job - C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {A6D52E4F-569B-4756-B3D8-DF217313DA85}
C:\WINDOWS\tasks\GlaryInitialize 4.job - C:\Program Files\Glary Utilities 4\Initialize.exe
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\ReclaimerUpdateFiles_Owner.job - C:\Documents and Settings\Owner\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.60\ag ent\rnupgagent.exe /UpdateFiles
C:\WINDOWS\tasks\ReclaimerUpdateXML_Owner.job - C:\Documents and Settings\Owner\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.60\ag ent\rnupgagent.exe /UpdateXML
C:\WINDOWS\tasks\RNUpgradeHelperLogonPrompt_Owner. job - C:\Documents and Settings\Owner\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.60\ag ent\rnupgagent.exe /prompt os_boot

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7phejwsx.default-1375651423468

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.excite.com/"
prefs.js - "keyword.URL" - "https://search.yahoo.com/yhs/search"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\ v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"avg@toolbar"=C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar\FireFoxExt\18.1.0.443
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe. com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.179 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_ 14_0_0_179.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple. com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple. com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.co m/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.0\\npsitesafety.dl l

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin .com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@micros oft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Win dows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.c om/nppl3260;version=6.0.11.1879]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.c om/nprjplug;version=1.0.2.1939]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.c om/nprpjplug;version=6.0.12.872]
"Description"=6.0.12.872
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.c om/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videol an.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videol an.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videol an.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videol an.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np32dsw.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
ShockwavePlugin.class

C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7phejwsx.default-1375651423468\extensions\
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7phejwsx.default-1375651423468\searchplugins\
yahoo-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-11 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-03-25 1225944]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-14 4085896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run]
"GarminExpressTrayApp"=C:\Program Files\Garmin\Express Tray\ExpressTray.exe [2014-05-08 122200]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-07-31 43816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_14_ 0_0_145_Plugin.exe -update plugin []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2005-06-22 126976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe [2005-06-22 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2014-08-01 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedClean]
C:\Program Files\PC Speed Clean\PCSpeedClean.exe true []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PhotoShow Deluxe Media Manager]
C:\PROGRA~1\Nero\data\xtras\mssysmgr.exe [2004-11-11 212992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2014-01-17 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
C:\Program Files\Analog Devices\Core\smax4pnp.exe [2004-10-14 1404928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2014-06-05 5626136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2012-11-02 180269]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Updater]
C:\Documents and Settings\All Users\Application Data\Updater\Updater.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2014-06-18 2557976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~4\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Start GeekBuddy.lnk]
C:\PROGRA~1\Comodo\GEEKBU~1\launcher.exe unit_manager.exe []

C:\Documents and Settings\Owner\Start Menu\Programs\Startup
wkcalrem.LNK - C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2013-05-07 115440]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32 \sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe"="C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe:127.0.0.1/255.255.255.255:Enabled:GeekBuddy RSP"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*

isabled:Real Player"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32 \sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=L3CODECA.ACM
"wave"=serwvdrv.dll
"wave1"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======List of files/folders created in the last 1 month======

2014-08-27 17:30:17 ----D---- C:\Program Files\trend micro
2014-08-27 17:30:10 ----D---- C:\rsit
2014-08-26 14:02:21 ----D---- C:\Documents and Settings\All Users\Application Data\RogueKiller
2014-08-23 12:47:35 ----A---- C:\WINDOWS\setuplog.txt
2014-08-22 17:05:36 ----D---- C:\Program Files\iPod
2014-08-22 17:04:39 ----D---- C:\Program Files\iTunes
2014-08-22 17:04:39 ----D---- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-07-29 18:02:29 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2014-08-27 17:30:17 ----D---- C:\Program Files
2014-08-27 17:30:14 ----D---- C:\WINDOWS\system32\CatRoot2
2014-08-27 17:23:10 ----D---- C:\WINDOWS\temp
2014-08-26 14:52:59 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-08-26 14:30:10 ----D---- C:\WINDOWS\Prefetch
2014-08-26 14:02:07 ----A---- C:\WINDOWS\win.ini
2014-08-23 12:47:35 ----D---- C:\WINDOWS
2014-08-22 18:21:44 ----D---- C:\WINDOWS\Help
2014-08-22 17:23:39 ----RASH---- C:\boot.ini
2014-08-22 17:23:39 ----A---- C:\WINDOWS\system.ini
2014-08-22 17:22:45 ----SHD---- C:\WINDOWS\Installer
2014-08-22 17:13:00 ----D---- C:\WINDOWS\system32
2014-08-22 17:05:31 ----D---- C:\Program Files\Common Files\Apple
2014-08-21 12:34:44 ----A---- C:\WINDOWS\cdplayer.ini
2014-08-15 14:31:14 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-08-14 16:09:45 ----D---- C:\WINDOWS\system32\MRT
2014-08-14 16:06:06 ----D---- C:\WINDOWS\Debug
2014-08-14 16:05:50 ----A---- C:\WINDOWS\system32\MRT.exe
2014-08-14 15:50:18 ----D---- C:\Program Files\CCleaner
2014-08-14 13:54:00 ----A---- C:\MSMONEY.BAK
2014-08-14 13:37:28 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-07-28 17:41:34 ----D---- C:\WINDOWS\system32\drivers

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-07-11 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-07-11 192352]
R0 BootDefragDriver;BootDefragDriver; C:\WINDOWS\System32\drivers\BootDefragDriver.sys [2014-03-17 14784]
R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2014-04-16 104920]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2014-07-11 55112]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-07-11 779536]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-07-11 414520]
R1 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2014-07-11 57800]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2014-04-16 607448]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2014-04-16 29912]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-07-11 24184]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-07-11 67824]
R2 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2013-08-25 13120]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2003-06-30 43136]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-06-22 807998]
R3 IntelC51;IntelC51; C:\WINDOWS\system32\DRIVERS\IntelC51.sys [2005-05-06 1339776]
R3 IntelC52;IntelC52; C:\WINDOWS\system32\DRIVERS\IntelC52.sys [2006-03-01 618880]
R3 IntelC53;IntelC53; C:\WINDOWS\system32\DRIVERS\IntelC53.sys [2005-05-06 47360]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mohfilt;mohfilt; C:\WINDOWS\system32\DRIVERS\mohfilt.sys [2005-05-06 36880]
R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-09-17 732928]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-01-27 260352]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S0 cercsr6;cercsr6; C:\WINDOWS\system32\drivers\cercsr6.sys [2005-03-22 39904]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 massfilter_hs;HS HandSet Mass Storage Filter Driver; \??\C:\WINDOWS\system32\drivers\massfilter_hs.sys []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2013-02-11 12928]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-08 32384]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-02 14976]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2013-10-10 120088]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-11 50344]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 390504]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2014-04-16 5306504]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2014-05-21 2135232]
R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.e xe [2014-05-08 441176]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\ WPFFontCache_v0400.exe [2013-07-20 754856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpda teService.exe [2014-08-15 262320]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspn et_state.exe [2008-07-25 34312]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2014-03-25 1663192]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\Presen tationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-08-01 553288]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-29 119408]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Jerry56 · #6 August 27th, 2014, 10:36 PM

info.txt logfile of random's system information tool 1.10 2014-08-27 17:30:27

======MBR======

0x33C08ED0BC007CFB5007501FFCBE1B7CBF1B065057B9E501 F3A4CBBDBE07B104386E007C09751383C510E2F4CD188BF583 C610497419382C74F6A0B507B4078BF0AC3C0074FCBB0700B4 0ECD10EBF2884E10E84600732AFE4610807E040B740B807E04 0C7405A0B60775D2804602068346080683560A00E821007305 A0B607EBBC813EFE7D55AA740B807E100074C8A0B707EBA98B FC1E578BF5CBBF05008A5600B408CD1372238AC1243F988ADE 8AFC43F7E38BD186D6B106D2EE42F7E239560A772372053946 08731CB80102BB007C8B4E028B5600CD1373514F744E32E48A 5600CD13EBE48A560060BBAA55B441CD13723681FB55AA7530 F6C101742B61606A006A00FF760AFF76086A0068007C6A016A 10B4428BF4CD136161730E4F740B32E48A5600CD13EBD661F9 C3496E76616C696420706172746974696F6E207461626C6500 4572726F72206C6F6164696E67206F7065726174696E672073 797374656D004D697373696E67206F7065726174696E672073 797374656D0000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 000000000000000000000000002C44630C87012F0000800001 04070FFFFF04FB0000ECF14E09000000000000000000000000 00000000000000000000000000000000000000000000000000 000000000000000000000055AA

======Uninstall list======

-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNNMP.exe /UNINSTALL
-->D:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 14 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_14 _0_0_176_ActiveX.exe -maintain activex
Adobe Flash Player 14 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_14 _0_0_179_Plugin.exe -maintain plugin
Adobe Reader XI (11.0.07)-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AB0000000001}
ANT Drivers Installer x86-->MsiExec.exe /I{E6736642-CC5F-476B-9F34-86D51A636BF1}
Apple Application Support-->MsiExec.exe /I{78002155-F025-4070-85B3-7C0453561701}
Apple Mobile Device Support-->MsiExec.exe /I{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel /instop:uninstall
Bonjour-->MsiExec.exe /X{79155F2B-9895-49D7-8612-D92580E0DE5B}
Broadcom 440x 10/100 Integrated Controller-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\I Driver.exe /M{52504CE6-E909-4113-B232-4AFEC6543A61} /l1033
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
Comodo Dragon-->"C:\Program Files\Comodo\Dragon\uninstall.exe"
COMODO Internet Security-->MsiExec.exe /I{E62381A7-B1C1-4121-8262-84D38C77786C}
Elevated Installer-->MsiExec.exe /I{F485B256-F33F-4E65-96E4-F1D56980F87A}
ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
Garmin Communicator Plugin-->MsiExec.exe /X{71DBFBF2-F7EB-4268-8485-9471D83C4E66}
Garmin Express Tray-->MsiExec.exe /X{754CE395-B6B6-464C-A06C-4BBED7E720D3}
Garmin Express-->"C:\Documents and Settings\All Users\Application Data\Package Cache\{42623675-83b0-4647-aa33-f319b732be6f}\GarminExpressInstaller.exe" /uninstall
Garmin Express-->MsiExec.exe /I{D821519F-1D30-45DD-A17C-C4D85B4DD161}
Glary Utilities 4.8-->C:\Program Files\Glary Utilities 4\uninst.exe
Handset USB Driver-->"C:\Program Files\Handset_USB_Driver\unins000.exe"
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spunin st.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spunin st.exe"
Hotfix for Windows XP (KB2756822)-->"C:\WINDOWS\$NtUninstallKB2756822$\spuninst\spuni nst.exe"
Hotfix for Windows XP (KB2779562)-->"C:\WINDOWS\$NtUninstallKB2779562$\spuninst\spuni nst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spunin st.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spunin st.exe"
Intel(R) 537EP V9x DF PCI Modem-->rundll32 IntelCci.dll,iSMUninstallation "Intel(R) 537EP V9x DF PCI Modem"
Intel(R) Extreme Graphics Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
iTunes-->MsiExec.exe /I{86D04316-F49A-4AF2-B3F1-A1E943886CE7}
K-Lite Codec Pack 10.5.5 Full-->"C:\Program Files\K-Lite Codec Pack\unins001.exe"
Mahjong Quest-->"C:\Program Files\GameTop.com\Mahjong Quest\unins000.exe"
Malwarebytes Anti-Malware version 2.0.2.1012-->"C:\Program Files\Malwarebytes Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microso ft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Set upCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\sp uninst.exe"
Microsoft Encarta Encyclopedia Standard 2005-->MsiExec.exe /I{05410044-64A6-4248-A026-9745C1E9E159}
Microsoft Money 2005-->c:\program files\microsoft money 2005\MNYCoreFiles\Setup\uninst.exe /s:120
Microsoft Picture It! Premium 10-->"C:\Program Files\Common Files\Microsoft Shared\Picture It!\RmvSuite.exe" ADDREMOVE=1 SKU=PREM
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Word 2002-->MsiExec.exe /I{911B0409-6000-11D3-8CFE-0050048383C9}
Microsoft Works 2005 Setup Launcher-->C:\Program Files\Microsoft Works Suite 2005\Setup\Launcher.exe /ARP E:\
Microsoft Works Suite Add-in for Microsoft Word-->MsiExec.exe /I{CB54ABA8-D67F-47AD-A76C-2631BADA9FE5}
Microsoft Works-->MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
Mozilla Firefox 31.0 (x86 en-US)-->"C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
NaturalReaderFree-->MsiExec.exe /I{C5E7BF75-007E-44AD-8962-627ED44CB63B}
Nero PhotoShow Express-->"C:\Program Files\Nero\data\Xtras\Uninstall.exe"
Nero Suite-->C:\Program Files\Common Files\Nero\Uninstall\Setupx.exe /uninstall ExtraUninstallID=""
QuickTime 7-->MsiExec.exe /I{111EE7DF-FC45-40C7-98A7-753AC46B12FB}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {94EFE014-E577-310B-B2D5-6973A21D8A90} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {939AF4BC-EC42-38D1-AE82-91D4A7ED8911} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8433C01-319F-3370-850E-87C35496299A} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {48B0C142-A0F4-3263-90E1-1984CBB8DD18} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Set upCache\Client\setup.exe /uninstallpatch {67A5F99B-5EBA-3812-8D2E-BC251490DD3F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Set upCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Set upCache\Client\setup.exe /uninstallpatch {86BB5A25-8CC3-33CE-A393-CF28901682B2} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Set upCache\Client\setup.exe /uninstallpatch {C4D978AA-2668-3404-96DE-96E2AFC62FD7} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Set upCache\Client\setup.exe /uninstallpatch {CD6D9B8A-BBC4-3FA7-B24D-D74CE90630CF} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Set upCache\Client\setup.exe /uninstallpatch {ECBEE23D-AB7E-3DAA-B66B-CD52003198F1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Set upCache\Client\setup.exe /uninstallpatch {788818B1-B191-3217-A210-7ACFDE19CE4A} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Set upCache\Client\setup.exe /uninstallpatch {B7C20E16-9A3A-3F05-A6B5-E15AA09200E0} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Set upCache\Client\setup.exe /uninstallpatch {CF581973-77E0-3093-A1AC-A03130DE990F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Set upCache\Client\setup.exe /uninstallpatch {80774950-A707-386B-9C9B-D052D20BD54B} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Set upCache\Client\setup.exe /uninstallpatch {576C07F8-777C-3981-B8BF-063A6B57254E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Set upCache\Client\setup.exe /uninstallpatch {90EA7C4E-7F03-31FD-BE27-B1A9B4AE56BD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Set upCache\Client\setup.exe /uninstallpatch {1E88AFAE-CEF7-3540-8FF6-6D00877B2767} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Set upCache\Client\setup.exe /uninstallpatch {8BA4E34D-95C5-3907-87E4-62FBB31A2190} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Set upCache\Client\setup.exe /uninstallpatch {21AEAFE4-6F0E-3169-A09C-9FB37C77E555} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Set upCache\Client\setup.exe /uninstallpatch {A6DE5FA9-FB19-3045-92FD-85B22CB16EB8} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Set upCache\Client\setup.exe /uninstallpatch {229E3EA4-C2A3-3031-86A5-9BC8396F945B} /parameterfolder Client
Security Update for Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuni nst.exe"
Security Update for Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2618444)-->"C:\WINDOWS\ie8updates\KB2618444-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2744842)-->"C:\WINDOWS\ie8updates\KB2744842-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2761465)-->"C:\WINDOWS\ie8updates\KB2761465-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2792100)-->"C:\WINDOWS\ie8updates\KB2792100-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2797052)-->"C:\WINDOWS\ie8updates\KB2797052-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2799329)-->"C:\WINDOWS\ie8updates\KB2799329-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2809289)-->"C:\WINDOWS\ie8updates\KB2809289-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2817183)-->"C:\WINDOWS\ie8updates\KB2817183-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2829530)-->"C:\WINDOWS\ie8updates\KB2829530-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2838727)-->"C:\WINDOWS\ie8updates\KB2838727-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2846071)-->"C:\WINDOWS\ie8updates\KB2846071-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2847204)-->"C:\WINDOWS\ie8updates\KB2847204-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2862772)-->"C:\WINDOWS\ie8updates\KB2862772-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2870699)-->"C:\WINDOWS\ie8updates\KB2870699-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2879017)-->"C:\WINDOWS\ie8updates\KB2879017-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2888505)-->"C:\WINDOWS\ie8updates\KB2888505-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2898785)-->"C:\WINDOWS\ie8updates\KB2898785-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2909210)-->"C:\WINDOWS\ie8updates\KB2909210-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2909921)-->"C:\WINDOWS\ie8updates\KB2909921-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2925418)-->"C:\WINDOWS\ie8updates\KB2925418-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2936068)-->"C:\WINDOWS\ie8updates\KB2936068-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB2964358)-->"C:\WINDOWS\ie8updates\KB2964358-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\s puninst.exe"
Security Update for Windows Media Player (KB2834904)-->"C:\WINDOWS\$NtUninstallKB2834904_WM11$\spuninst\ spuninst.exe"
Security Update for Windows Media Player (KB2834904-v2)-->"C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\sp uninst.exe"
Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\sp uninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\sp uninst.exe"
Security Update for Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\sp uninst.exe"
Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\sp uninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\s puninst.exe"
Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2510581)-->"C:\WINDOWS\$NtUninstallKB2510581$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2544521)-->"C:\WINDOWS\$NtUninstallKB2544521$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2584146)-->"C:\WINDOWS\$NtUninstallKB2584146$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2585542)-->"C:\WINDOWS\$NtUninstallKB2585542$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2598479)-->"C:\WINDOWS\$NtUninstallKB2598479$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2603381)-->"C:\WINDOWS\$NtUninstallKB2603381$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2618451)-->"C:\WINDOWS\$NtUninstallKB2618451$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2619339)-->"C:\WINDOWS\$NtUninstallKB2619339$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2620712)-->"C:\WINDOWS\$NtUninstallKB2620712$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2624667)-->"C:\WINDOWS\$NtUninstallKB2624667$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2631813)-->"C:\WINDOWS\$NtUninstallKB2631813$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2646524)-->"C:\WINDOWS\$NtUninstallKB2646524$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2653956)-->"C:\WINDOWS\$NtUninstallKB2653956$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2655992)-->"C:\WINDOWS\$NtUninstallKB2655992$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2659262)-->"C:\WINDOWS\$NtUninstallKB2659262$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2661637)-->"C:\WINDOWS\$NtUninstallKB2661637$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2676562)-->"C:\WINDOWS\$NtUninstallKB2676562$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2686509)-->"C:\WINDOWS\$NtUninstallKB2686509$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2691442)-->"C:\WINDOWS\$NtUninstallKB2691442$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2698365)-->"C:\WINDOWS\$NtUninstallKB2698365$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2705219-v2)-->"C:\WINDOWS\$NtUninstallKB2705219-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2712808)-->"C:\WINDOWS\$NtUninstallKB2712808$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2719985)-->"C:\WINDOWS\$NtUninstallKB2719985$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2723135-v2)-->"C:\WINDOWS\$NtUninstallKB2723135-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2724197)-->"C:\WINDOWS\$NtUninstallKB2724197$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2727528)-->"C:\WINDOWS\$NtUninstallKB2727528$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2731847-v2)-->"C:\WINDOWS\$NtUninstallKB2731847-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2744842)-->"C:\WINDOWS\$NtUninstallKB2744842$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2753842)-->"C:\WINDOWS\$NtUninstallKB2753842$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2753842-v2)-->"C:\WINDOWS\$NtUninstallKB2753842-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2757638)-->"C:\WINDOWS\$NtUninstallKB2757638$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2758857)-->"C:\WINDOWS\$NtUninstallKB2758857$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2761226)-->"C:\WINDOWS\$NtUninstallKB2761226$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2770660)-->"C:\WINDOWS\$NtUninstallKB2770660$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2778344)-->"C:\WINDOWS\$NtUninstallKB2778344$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2779030)-->"C:\WINDOWS\$NtUninstallKB2779030$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2780091)-->"C:\WINDOWS\$NtUninstallKB2780091$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2799494)-->"C:\WINDOWS\$NtUninstallKB2799494$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2802968)-->"C:\WINDOWS\$NtUninstallKB2802968$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2807986)-->"C:\WINDOWS\$NtUninstallKB2807986$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2808735)-->"C:\WINDOWS\$NtUninstallKB2808735$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2813170)-->"C:\WINDOWS\$NtUninstallKB2813170$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2813345)-->"C:\WINDOWS\$NtUninstallKB2813345$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2820197)-->"C:\WINDOWS\$NtUninstallKB2820197$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2820917)-->"C:\WINDOWS\$NtUninstallKB2820917$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2829361)-->"C:\WINDOWS\$NtUninstallKB2829361$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2834886)-->"C:\WINDOWS\$NtUninstallKB2834886$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2839229)-->"C:\WINDOWS\$NtUninstallKB2839229$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2845187)-->"C:\WINDOWS\$NtUninstallKB2845187$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2847311)-->"C:\WINDOWS\$NtUninstallKB2847311$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2849470)-->"C:\WINDOWS\$NtUninstallKB2849470$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2850851)-->"C:\WINDOWS\$NtUninstallKB2850851$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2850869)-->"C:\WINDOWS\$NtUninstallKB2850869$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2859537)-->"C:\WINDOWS\$NtUninstallKB2859537$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2862152)-->"C:\WINDOWS\$NtUninstallKB2862152$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2862330)-->"C:\WINDOWS\$NtUninstallKB2862330$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2862335)-->"C:\WINDOWS\$NtUninstallKB2862335$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2864063)-->"C:\WINDOWS\$NtUninstallKB2864063$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2868626)-->"C:\WINDOWS\$NtUninstallKB2868626$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2876217)-->"C:\WINDOWS\$NtUninstallKB2876217$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2876315)-->"C:\WINDOWS\$NtUninstallKB2876315$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2876331)-->"C:\WINDOWS\$NtUninstallKB2876331$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2883150)-->"C:\WINDOWS\$NtUninstallKB2883150$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2892075)-->"C:\WINDOWS\$NtUninstallKB2892075$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2893294)-->"C:\WINDOWS\$NtUninstallKB2893294$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2893984)-->"C:\WINDOWS\$NtUninstallKB2893984$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2898715)-->"C:\WINDOWS\$NtUninstallKB2898715$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2900986)-->"C:\WINDOWS\$NtUninstallKB2900986$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2914368)-->"C:\WINDOWS\$NtUninstallKB2914368$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2916036)-->"C:\WINDOWS\$NtUninstallKB2916036$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2922229)-->"C:\WINDOWS\$NtUninstallKB2922229$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2929961)-->"C:\WINDOWS\$NtUninstallKB2929961$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB2930275)-->"C:\WINDOWS\$NtUninstallKB2930275$\spuninst\spuni nst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spunin st.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spunin st.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spunin st.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spunin st.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spunin st.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spunin st.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spunin st.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spunin st.exe"
Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spunin st.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spunin st.exe"
Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spunin st.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spunin st.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spunin st.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spunin st.exe"
Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spunin st.exe"
Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spunin st.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spunin st.exe"
Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spunin st.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spunin st.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spunin st.exe"
Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spunin st.exe"
Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spunin st.exe"
Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spunin st.exe"
Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spunin st.exe"
Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spunin st.exe"
Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spunin st.exe"
Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spunin st.exe"
Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spunin st.exe"
Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spunin st.exe"
Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spunin st.exe"
Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spunin st.exe"
Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spunin st.exe"
Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spunin st.exe"
Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spunin st.exe"
Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spunin st.exe"
Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spunin st.exe"
Security Update for Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spunin st.exe"
Security Update for Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spunin st.exe"
Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spunin st.exe"
Security Update for Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spunin st.exe"
Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spunin st.exe"
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EX E C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\ 00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\SETUP.exe" -l0x9 -removeonly
SUPERAntiSpyware-->"C:\Program Files\SUPERAntiSpyware\Uninstall.exe"
Update 4.0.3 for Microsoft .NET Framework 4 Client Profile (KB2600211)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Set upCache\Client\setup.exe /uninstallpatch {584BF5D8-C333-35E0-A180-F9AFF53D8E7E} /parameterfolder Client
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Windows Internet Explorer 8 (KB2598845)-->"C:\WINDOWS\ie8updates\KB2598845-IE8\spuninst\spuninst.exe"
Update for Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuni nst.exe"
Update for Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuni nst.exe"
Update for Windows XP (KB2661254-v2)-->"C:\WINDOWS\$NtUninstallKB2661254-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB2736233)-->"C:\WINDOWS\$NtUninstallKB2736233$\spuninst\spuni nst.exe"
Update for Windows XP (KB2749655)-->"C:\WINDOWS\$NtUninstallKB2749655$\spuninst\spuni nst.exe"
Update for Windows XP (KB2863058)-->"C:\WINDOWS\$NtUninstallKB2863058$\spuninst\spuni nst.exe"
Update for Windows XP (KB2904266)-->"C:\WINDOWS\$NtUninstallKB2904266$\spuninst\spuni nst.exe"
Update for Windows XP (KB2934207)-->"C:\WINDOWS\$NtUninstallKB2934207$\spuninst\spuni nst.exe"
Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spunin st.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spunin st.exe"
Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spunin st.exe"
Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spunin st.exe"
Update for Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spunin st.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spunin st.exe"
Updater-->C:\Documents and Settings\All Users\Application Data\Updater\Uninstall.exe /ic=U2
VLC media player-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)-->rundll32.exe C:\PROGRA~1\DIFX\3BF3CCEE2F621170\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINDOWS\system32\DRVSTORE\ANT_LibUsb_D5AC2645CB 1432D3C447DC07C8CC56D9691EF2FB\ANT_LibUsb.inf
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1)-->rundll32.exe C:\PROGRA~1\DIFX\3BF3CCEE2F621170\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINDOWS\system32\DRVSTORE\USB_ANT_Si_C7D61CB527 E8C76A393CA688CDF2DAF84B2D4B28\USB_ANT_SiUSBXp_3_1 .inf
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuni nst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst. exe"
Windows PowerShell(TM) 1.0-->"C:\WINDOWS\$NtUninstallKB926139-v2$\spuninst\spuninst.exe"
Yahtzee 1.1.6-->D:\Yahtzee\unins000.exe

======Security center information======

AV: avast! Antivirus (disabled)
FW: COMODO Firewall

======System event log======

Computer Name: JERRY-5C081AE98
Event Code: 8003
Message: The master browser has received a server announcement from the computer GEORGE
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{752C096E-8683-4753-86.
The master browser is stopping or an election is being forced.

Record Number: 35780
Source Name: MRxSmb
Time Written: 20140614133819.000000-240
Event Type: error
User:

Computer Name: JERRY-5C081AE98
Event Code: 8021
Message: The browser was unable to retrieve a list of servers from the browser master \\GEORGE on the network \Device\NetBT_Tcpip_{752C096E-8683-4753-864E-6D3AB4A27D96}.
The data is the error code.

Record Number: 35774
Source Name: BROWSER
Time Written: 20140614122003.000000-240
Event Type: warning
User:

Computer Name: JERRY-5C081AE98
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 35763
Source Name: Tcpip
Time Written: 20140614105706.000000-240
Event Type: warning
User:

Computer Name: JERRY-5C081AE98
Event Code: 7000
Message: The HTTP SSL service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Record Number: 35759
Source Name: Service Control Manager
Time Written: 20140614105635.000000-240
Event Type: error
User:

Computer Name: JERRY-5C081AE98
Event Code: 7009
Message: Timeout (30000 milliseconds) waiting for the HTTP SSL service to connect.

Record Number: 35758
Source Name: Service Control Manager
Time Written: 20140614105635.000000-240
Event Type: error
User:

=====Application event log=====

Computer Name: JERRY-5C081AE98
Event Code: 100
Message: Task Scheduling Error: m->NextScheduledSPRetry 5919515

Record Number: 116188
Source Name: Bonjour Service
Time Written: 20140713032656.000000-240
Event Type: error
User:

Computer Name: JERRY-5C081AE98
Event Code: 100
Message: Task Scheduling Error: m->NextScheduledEvent 5919515

Record Number: 116187
Source Name: Bonjour Service
Time Written: 20140713032656.000000-240
Event Type: error
User:

Computer Name: JERRY-5C081AE98
Event Code: 100
Message: Task Scheduling Error: Continuously busy for more than a second

Record Number: 116186
Source Name: Bonjour Service
Time Written: 20140713032656.000000-240
Event Type: error
User:

Computer Name: JERRY-5C081AE98
Event Code: 100
Message: Task Scheduling Error: m->NextScheduledSPRetry 5903250

Record Number: 116185
Source Name: Bonjour Service
Time Written: 20140713032639.000000-240
Event Type: error
User:

Computer Name: JERRY-5C081AE98
Event Code: 100
Message: Task Scheduling Error: m->NextScheduledEvent 5903250

Record Number: 116184
Source Name: Bonjour Service
Time Written: 20140713032639.000000-240
Event Type: error
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemR oot%\system32\wbem;C:\Program Files\QuickTime\QTSystem;C:\WINDOWS\system32\Windo wsPowerShell\v1.0;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;. WSF;.WSH;.PSC1
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"asl.log"=Destination=file

-----------------EOF-----------------

**Jintan** · #7 August 27th, 2014, 11:53 PM

Looks like security over-kill there.

Comodo started out distributing an adware/spyware toolbar, through the usual trickery means. Then bought a firewall company, and ventured into that field (firewalls can monitor network access, and so allowing Comodo access to user's network access activities). Then ventured into more security programs, but all seem to be intended to allow Comodo to monitor and redirect a user's actions on the Internet. You can guess - I am not a big fan of Comodo.

But on your system, you have two antivirus programs installed, which can cause each to attack and damage the other, and also damage the system (even when disabled). You will need to remove them, to make things right.

Go to Start - Control Panel - Programs - Programs and Features/Uninstall, then click on each of the following programs, if they show there, and click "Uninstall/Change".

avast! Free Antivirus
Comodo Dragon
COMODO Internet Security

Decline the reboot after each uninstall. Then I suggest you consider uninstalling these:

Glary Utilities 4.8 - Well known "fixit" program, but since it does unneeded "repairs" to the Registry, it is really just something that can cause damage to your system.
SUPERAntiSpyware - Not just an on-demand scanner, so loads services and functions each bootup, slowing that down.

-----------

Reboot, and post back an OTL log please (should work this time). We will return security programs once things are checked.

Jerry56 · #8 August 28th, 2014, 10:22 PM

OTL logfile created on: 8/28/2014 5:15:33 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.12 Gb Total Physical Memory | 0.75 Gb Available Physical Memory | 66.55% Memory free
2.69 Gb Paging File | 2.44 Gb Available in Paging File | 90.49% Paging File free
Paging file location(s): c:\pagefile.sys 1728 3456 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.47 Gb Total Space | 42.10 Gb Free Space | 56.54% Space Free | Partition Type: NTFS
Drive D: | 6.00 Gb Total Space | 1.61 Gb Free Space | 26.83% Space Free | Partition Type: NTFS

Computer Name: JERRY-5C081AE98 | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/08/26 13:47:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\desktop\OTL.exe
PRC - [2014/05/08 08:09:10 | 000,122,200 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files\Garmin\Express Tray\ExpressTray.exe
PRC - [2014/05/08 08:08:48 | 000,441,176 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.e xe
PRC - [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2014/02/12 17:52:28 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Sys tem.ServiceProce#\2e3fdae8546832614633495638bef8d0 \System.ServiceProcess.ni.dll
MOD - [2014/02/12 17:52:26 | 000,373,760 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Sys tem.ServiceModel#\2f6bb2f27e73e55ccd0159c0fc5f08c4 \System.ServiceModel.Routing.ni.dll
MOD - [2014/02/12 17:52:21 | 001,153,536 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Sys tem.ServiceModel#\09987e88bfe8b9e1fd338c9cbd743675 \System.ServiceModel.Discovery.ni.dll
MOD - [2014/02/12 17:52:15 | 000,084,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Sys tem.ServiceModel#\7c827a34a2a8958bf2e185dcb9ae52e4 \System.ServiceModel.Channels.ni.dll
MOD - [2014/02/12 17:52:13 | 001,548,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Sys tem.ServiceModel#\cb2d43fc6263770ad977f001a6b69726 \System.ServiceModel.Activities.ni.dll
MOD - [2014/02/12 17:52:06 | 018,150,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Sys tem.ServiceModel\1f236d1b65b6f9d77c3d2c63bb347130\ System.ServiceModel.ni.dll
MOD - [2014/02/12 17:51:17 | 001,218,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Sys tem.Management\7612d2ecdf9c6beedc264e9390e97b0f\Sy stem.Management.ni.dll
MOD - [2014/02/12 17:51:09 | 001,079,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Sys tem.IdentityModel\1ea05c6575298512abd69038ad724ad1 \System.IdentityModel.ni.dll
MOD - [2014/02/12 17:47:56 | 000,649,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Sys tem.Transactions\fc7255cccb69c45a808b3d7e6abf55c5\ System.Transactions.ni.dll
MOD - [2014/02/12 17:47:54 | 001,031,168 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Sys tem.Runtime.Dura#\4db577ac7d6b041ca538dda903bc9c7f \System.Runtime.DurableInstancing.ni.dll
MOD - [2014/02/12 17:47:52 | 000,143,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMD iagnostics\e4448b85161eee80928b795515738388\SMDiag nostics.ni.dll
MOD - [2014/02/12 17:47:50 | 002,658,304 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Sys tem.Runtime.Seri#\0e06620ca298f1287cc5698d1a019296 \System.Runtime.Serialization.ni.dll
MOD - [2014/02/12 17:47:45 | 000,393,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Sys tem.Xml.Linq\05be173cbacba4b7604a67a267acdfe4\Syst em.Xml.Linq.ni.dll
MOD - [2014/02/12 17:47:43 | 001,801,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Sys tem.Xaml\d116eda30a35c490e59221b0ebac6fcd\System.X aml.ni.dll
MOD - [2014/02/12 16:19:54 | 006,866,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Sys tem.Data\acfa2ad70ad0f2908e02e858c846ac08\System.D ata.ni.dll
MOD - [2014/02/12 16:19:38 | 018,003,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pre sentationFramewo#\1ab71206b530480fee0800c9fa3976cd \PresentationFramework.ni.dll
MOD - [2014/02/12 16:19:08 | 011,451,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pre sentationCore\9b103aec14e7cfb4b6eab9579a95bf1c\Pre sentationCore.ni.dll
MOD - [2014/02/12 16:17:52 | 000,751,616 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Sys tem.Security\e0579383d49e212d5bf5a87c3dad50e7\Syst em.Security.ni.dll
MOD - [2014/02/12 16:17:40 | 005,628,928 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Sys tem.Xml\850fa7110c7423c324762c1ad3130219\System.Xm l.ni.dll
MOD - [2014/02/12 16:17:31 | 001,014,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Sys tem.Configuration\991c4e11f571a4074b9c4a5841222338 \System.Configuration.ni.dll
MOD - [2014/02/12 16:17:22 | 007,053,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Sys tem.Core\a4b5a1a06d2d7f77258943c8c228a5e0\System.C ore.ni.dll
MOD - [2014/02/12 16:17:05 | 000,755,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Pre sentationFramewo#\67939f4c3d18712bacf74bfc8c75ab40 \PresentationFramework.Luna.ni.dll
MOD - [2014/02/12 16:16:57 | 013,199,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Sys tem.Windows.Forms\9de255a0aa42b52f01848ced6d315972 \System.Windows.Forms.ni.dll
MOD - [2014/02/12 16:16:40 | 001,667,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Sys tem.Drawing\243ff1822abc8282cb8fee37538170b4\Syste m.Drawing.ni.dll
MOD - [2014/02/12 16:16:33 | 003,858,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Win dowsBase\9bf311f8fa0c15e25b3ffb86007663fe\WindowsB ase.ni.dll
MOD - [2014/02/12 16:16:25 | 009,099,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Sys tem\4c906eb82e6f56aea01b2a7291fab7ea\System.ni.dll
MOD - [2014/02/12 16:16:13 | 014,416,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\msc orlib\4e62d1d9b7dd2c2d14915abb73c22d50\mscorlib.ni .dll
MOD - [2014/02/06 01:52:52 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/02/06 01:52:32 | 001,044,808 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2014/08/15 14:31:14 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpda teService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/07/29 18:03:04 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/05/08 08:08:48 | 000,441,176 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Running] -- C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.e xe -- (Garmin Core Update Service)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2014/03/17 02:07:38 | 000,014,784 | ---- | M] (Glarysoft Ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\BootDefragDriver.sys -- (BootDefragDriver)
DRV - [2013/08/25 11:30:48 | 000,013,120 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2012/06/08 15:28:58 | 000,017,672 | ---- | M] (HandSet Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter_hs.sys -- (massfilter_hs)
DRV - [2006/03/01 21:30:54 | 000,618,880 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2005/05/06 15:42:26 | 001,339,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2005/05/06 15:40:50 | 000,047,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2005/05/06 15:40:20 | 000,036,880 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2004/09/17 10:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2003/06/30 19:11:52 | 000,043,136 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com?fr=hp-avast&type=avastbcl
IE - HKLM\..\SearchScopes,DefaultScope = {9CB96984-43C3-4D44-90EF-01466EFCF7BB}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{65778DC3-66AA-44B4-BDE3-2981E42F095C}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language }:{referrer:source?}&ie={inputEncoding}&oe={output Encoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = https://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-1957994488-57989841-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.com?fr=hp-avast&type=avastbcl
IE - HKU\S-1-5-21-1957994488-57989841-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
IE - HKU\S-1-5-21-1957994488-57989841-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
IE - HKU\S-1-5-21-1957994488-57989841-725345543-1003\..\SearchScopes,DefaultScope = {65778DC3-66AA-44B4-BDE3-2981E42F095C}
IE - HKU\S-1-5-21-1957994488-57989841-725345543-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1957994488-57989841-725345543-1003\..\SearchScopes\{56FE04EC-039B-4297-8DE7-51895EB62715}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=app0103&cd=2Xzuy EtN2Y1L1QzutDtDtD0DyDyCtC0Dzz0CtB0Czz0F0D0CtN0D0Tz u0SyByBtCtN1L2XzutDtFtDtFtDtFtDtN1L1CzutDzytDtC0B& cr=2086268025&ir=
IE - HKU\S-1-5-21-1957994488-57989841-725345543-1003\..\SearchScopes\{65778DC3-66AA-44B4-BDE3-2981E42F095C}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language }:{referrer:source?}&ie={inputEncoding}&oe={output Encoding}&sourceid=ie7&rlz=1I7NDKB_enUS521
IE - HKU\S-1-5-21-1957994488-57989841-725345543-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1957994488-57989841-725345543-1003\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
IE - HKU\S-1-5-21-1957994488-57989841-725345543-1003\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://mysearch.avg.com/search?cid={F6DCBD97-0292-467D-BED7-F4C97AA5CB36}&mid=de05903e28bc47d2bb85d14410f965df-b15046657efc90f55b4fed305ed6534618fcf65f&lang=en&d s=cg011&coid=avgtbdiscg&cmpid=&pr=sa&d=2014-06-18 01:02:40&v=18.1.0.443&pid=safeguard&sg=&sap=dsp&q= {searchTerms}
IE - HKU\S-1-5-21-1957994488-57989841-725345543-1003\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = https://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
IE - HKU\S-1-5-21-1957994488-57989841-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1957994488-57989841-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Yahoo! (Avast)"
FF - prefs.js..browser.search.defaultthis.engineName: "Yahoo! (Avast)"
FF - prefs.js..browser.search.defaulturl: "https://search.yahoo.com/yhs/search"
FF - prefs.js..browser.search.order.1: "Yahoo! (Avast)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.excite.com/"
FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.2.0.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - prefs.js..keyword.URL: "https://search.yahoo.com/yhs/search"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_ 179.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.0\\npsitesafety.dl l File not found
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.1879: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.1939: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.872: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar\FireFoxExt\18.1.0.443
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/07/29 18:02:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/07/29 18:02:42 | 000,000,000 | ---D | M]

[2012/11/01 13:43:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2014/07/28 18:14:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7phejwsx.default-1375651423468\extensions
[2014/05/29 09:01:16 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7phejwsx.default-1375651423468\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2014/06/18 12:09:30 | 000,009,419 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7phejwsx.default-1375651423468\searchplugins\yahoo-avast.xml
[2014/07/29 18:02:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/07/29 18:03:08 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2013/05/14 17:39:57 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKU\S-1-5-21-1957994488-57989841-725345543-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1957994488-57989841-725345543-1003\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKU\S-1-5-21-1957994488-57989841-725345543-1003..\Run: [GarminExpressTrayApp] C:\Program Files\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVer sion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVer sion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1957994488-57989841-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1957994488-57989841-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1957994488-57989841-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveAutoRun = 67108863
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downlo...eckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/w...?1351866458203 (WUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{752C096E-8683-4753-864E-6D3AB4A27D96}: NameServer = 156.154.70.22,156.154.71.22
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll (AVG Secure Search)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/11/01 12:52:57 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/08/28 16:48:16 | 003,942,104 | ---- | C] (COMODO) -- C:\Documents and Settings\All Users\Application Data\cis5C.exe
[2014/08/28 16:48:03 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/08/27 17:30:17 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/08/27 17:30:10 | 000,000,000 | ---D | C] -- C:\rsit
[2014/08/26 14:02:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RogueKiller
[2014/08/26 13:46:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2014/08/22 17:13:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2014/08/22 17:05:36 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/08/22 17:04:39 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/08/22 17:04:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2014/08/22 16:01:55 | 006,762,112 | ---- | C] (ParetoLogic, Inc.) -- C:\Documents and Settings\Owner\Desktop\RegCureProSetup.exe
[2014/08/14 15:50:50 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2014/07/29 18:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/08/28 17:18:20 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/08/28 17:13:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/08/28 16:48:16 | 000,000,488 | ---- | M] () -- C:\WINDOWS\tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}.job
[2014/08/27 17:28:24 | 001,107,968 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\RSIT.exe
[2014/08/27 17:19:27 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/08/26 14:02:05 | 000,030,100 | ---- | M] () -- C:\WINDOWS\BUSINESS.CRD
[2014/08/26 13:47:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2014/08/26 13:46:02 | 004,851,288 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\RogueKiller.exe
[2014/08/23 12:15:00 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateXML_Owner.job
[2014/08/22 17:23:39 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2014/08/22 17:13:09 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2014/08/22 16:02:04 | 006,762,112 | ---- | M] (ParetoLogic, Inc.) -- C:\Documents and Settings\Owner\Desktop\RegCureProSetup.exe
[2014/08/21 17:46:43 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014/08/21 13:51:42 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Owner\sfc
[2014/08/21 12:35:23 | 000,046,298 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\wklnhst.dat
[2014/08/21 12:34:44 | 000,000,235 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2014/08/17 11:15:00 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateFiles_Owner.job
[2014/08/15 14:51:03 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2014/08/15 14:31:14 | 000,699,568 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014/08/15 14:31:13 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014/08/14 15:50:27 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2014/08/14 13:54:00 | 001,642,496 | ---- | M] () -- C:\MSMONEY.BAK
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/08/28 16:48:16 | 000,000,488 | ---- | C] () -- C:\WINDOWS\tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}.job
[2014/08/27 17:28:22 | 001,107,968 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\RSIT.exe
[2014/08/26 13:45:25 | 004,851,288 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\RogueKiller.exe
[2014/08/22 17:13:09 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2014/08/21 13:51:42 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\sfc
[2014/06/18 01:02:42 | 000,000,000 | ---- | C] () -- C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
[2014/06/17 21:00:09 | 000,001,742 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2014/02/09 19:45:07 | 000,000,235 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2014/02/09 12:40:42 | 000,013,120 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2013/04/06 14:52:23 | 000,584,584 | ---- | C] () -- C:\WINDOWS\adb.exe
[2013/01/12 12:58:59 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/12/27 10:15:55 | 000,009,728 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/12/21 10:01:02 | 000,000,081 | ---- | C] () -- C:\Documents and Settings\Owner\default.pls
[2012/12/12 09:12:45 | 001,511,641 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1957994488-57989841-725345543-1003-0.dat
[2012/12/12 09:12:42 | 000,208,146 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/12/01 21:08:37 | 000,042,472 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2012/11/18 15:18:26 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2012/11/03 15:17:58 | 000,046,298 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\wklnhst.dat
[2012/11/03 14:06:18 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2012/11/02 22:19:37 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/11/02 17:25:11 | 000,218,200 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012/11/01 16:13:28 | 000,000,992 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012/11/01 12:56:01 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/11/01 12:46:13 | 000,022,720 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/11/01 07:36:20 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/11/01 07:32:10 | 000,218,448 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

========== ZeroAccess Check ==========

[2012/11/29 18:38:19 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc8 7-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012/08/30 16:29:36 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA 9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CD B-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 06:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

When I restart the computer its now say " new hardware found " also its say its having problem installing the hardware.
I don't know which hardware it is.

**Jintan** · #9 August 28th, 2014, 11:34 PM

Did you uninstall Glary Utilities?

Right click My Computer, left click Manage, left click Device Manager.

When the Device Manager display opens click View - Show hidden devices.

Then in the list below that click the plus symbol (+) next to the following to expand that list:

Non-Plug and Play Drivers

In that list, does anything resemble any of the following programs? If you think, maybe, be sure to post back here the name of the device.

avast! Free Antivirus
Comodo Dragon
COMODO Internet Security
Glary Utilities 4.8
SUPERAntiSpyware

Jerry56 · #10 August 29th, 2014, 07:36 PM

Yes I did delete glary utilities.

I didn't see any of the above but when I click unknown devise that have the yellow question mark, it says " root/Legacy_Saskutil\0000

**Jintan** · #11 August 29th, 2014, 10:59 PM

SUPERAntiSpyware - right click that device, and Uninstall it, and the problem will go away.

And if "BootDefragDriver" does not show there, do the following:

Go to Start Search, type cmd.exe in the Start Search box. Cmd.exe will appear at the top of the Menu. Rightclick on it and choose "Run as administrator". At the prompt copy/paste the following, pressing Enter after each:

sc delete BootDefragDriver

You should get a Success confirmation. Then just type exit and press Enter to close the command prompt screen.

-----------

Please download AdwCleaner by Xplode onto your desktop.

Double click on AdwCleaner.exe to run the tool.
Click on J'accepte.
Click on Search.
Click on Report.
A logfile will automatically open.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[R1].txt as well.

Jerry56 · #12 August 30th, 2014, 12:20 AM

# AdwCleaner v3.308 - Report created 29/08/2014 at 19:16:55
# Updated 20/08/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Owner - JERRY-5C081AE98
# Running from : C:\Documents and Settings\Owner\desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Program Files\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
Folder Found : C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar
Folder Found : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
Folder Found : C:\Documents and Settings\All Users\Application Data\Updater
Folder Found : C:\Documents and Settings\Owner\Application Data\AVG SafeGuard toolbar
Folder Found : C:\Documents and Settings\Owner\Application Data\DesktopIconForAmazon
Folder Found : C:\Documents and Settings\Owner\Local Settings\Application Data\AVG SafeGuard toolbar
Folder Found : C:\Program Files\AVG SafeGuard toolbar
Folder Found : C:\Program Files\Common Files\AVG Secure Search
Folder Found : C:\Program Files\FindRight

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\AVG SafeGuard toolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\OCS
Key Found : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi .1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7phejwsx.default-1375651423468\prefs.js ]

Line Found : user_pref("extensions.irmysearch.aflt", "app0103");
Line Found : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutDtDtD0DyDyCtC0Dzz0CtB0Czz0F0D0Ct N0D0Tzu0SyByBtCtN1L2XzutDtFtDtFtDtFtDtN1L1CzutDzyt DtC0B");
Line Found : user_pref("extensions.irmysearch.cr", "2086268025");
Line Found : user_pref("extensions.irmysearch.instlRef", "");

*************************

AdwCleaner[R0].txt - [1140 octets] - [19/01/2014 14:15:53]
AdwCleaner[R1].txt - [1000 octets] - [04/02/2014 16:49:37]
AdwCleaner[R2].txt - [5482 octets] - [29/08/2014 19:12:20]
AdwCleaner[R3].txt - [5282 octets] - [29/08/2014 19:16:55]
AdwCleaner[S0].txt - [1217 octets] - [19/01/2014 14:18:22]
AdwCleaner[S1].txt - [1061 octets] - [04/02/2014 16:50:45]

########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [5462 octets] ##########

Jerry56 · #13 August 31st, 2014, 06:16 PM

What do I do next.?

**Jintan** · #14 August 31st, 2014, 11:27 PM

Next is I actually reply to my open requests. Sorry for the time lag. I was on a date with a young Bridgette Bardot (okay, well, I wish I was anyway).

Be sure to continue to temporarily disable any protective software when running the scan tools we use here.

Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Clean.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

Open AdwCleaner, and click the Uninstall button to have it remove itself.

----------

Then run and post a new OTL log, as well as an update on any issues we still need to address please.

Jerry56 · #15 September 1st, 2014, 07:02 PM

# AdwCleaner v3.308 - Report created 01/09/2014 at 13:50:50
# Updated 20/08/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Owner - JERRY-5C081AE98
# Running from : C:\Documents and Settings\Owner\desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar
Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Updater
Folder Deleted : C:\Program Files\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files\FindRight
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\AVG SafeGuard toolbar
Folder Deleted : C:\Documents and Settings\Owner\Application Data\AVG SafeGuard toolbar
Folder Deleted : C:\Documents and Settings\Owner\Application Data\DesktopIconForAmazon
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi .1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\OCS
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG SafeGuard toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7phejwsx.default-1375651423468\prefs.js ]

Line Deleted : user_pref("extensions.irmysearch.aflt", "app0103");
Line Deleted : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutDtDtD0DyDyCtC0Dzz0CtB0Czz0F0D0Ct N0D0Tzu0SyByBtCtN1L2XzutDtFtDtFtDtFtDtN1L1CzutDzyt DtC0B");
Line Deleted : user_pref("extensions.irmysearch.cr", "2086268025");
Line Deleted : user_pref("extensions.irmysearch.instlRef", "");

*************************

AdwCleaner[R0].txt - [1140 octets] - [19/01/2014 14:15:53]
AdwCleaner[R1].txt - [1000 octets] - [04/02/2014 16:49:37]
AdwCleaner[R2].txt - [5482 octets] - [29/08/2014 19:12:20]
AdwCleaner[R3].txt - [5542 octets] - [29/08/2014 19:16:55]
AdwCleaner[R4].txt - [5602 octets] - [01/09/2014 13:49:22]
AdwCleaner[S0].txt - [1217 octets] - [19/01/2014 14:18:22]
AdwCleaner[S1].txt - [1061 octets] - [04/02/2014 16:50:45]
AdwCleaner[S2].txt - [5631 octets] - [01/09/2014 13:50:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [5691 octets] ##########

Similar Topics
Topic	Topic Starter	Forum	Replies	Last Post
Win32myd virus, how to check any trace of virus, urgent	stars_l	Malware Removal	1	November 19th, 2011 06:48 PM
Virus preventing anti virus software working	quicklee99	Malware Removal	5	October 23rd, 2009 01:40 PM
Virus made desktop dissappear and blocking anti virus	ducttape	Malware Removal	26	October 20th, 2009 12:25 AM
Removal of Winfixer 2006, Win Anti Virus Pro & Black Worm Virus	flyladiebugs	Malware Removal	28	April 21st, 2006 02:06 AM
Virus Hoax: Microsoft Debugger Registrar for Java (Jdbgmgr.exe) Is Not a Virus	squirekat	Malware Removal	3	March 19th, 2003 04:25 AM