Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected by PUP.Optional.V9.A. My internet explorer is freezing up on my pc


  • This topic is locked This topic is locked
23 replies to this topic

#1 jbandtbone

jbandtbone

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:56 PM

Posted 20 May 2014 - 04:41 AM

The pc has slowed down to a crawl. I've ran my malware bytes and removed some PUP infections, but it is still slow. Attached is the last log. The Internet explorer takes for ever to open and Goolge chrome won't open anymore. the message kept saying "google chrome has encountered a problem and has to close." I have since removed google chrome and tried to download again. But the same message appears. And I removed it from the pc.

 

mamba- log- 2014-05-19 (21-08-52)

 

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Database version: v2014.05.19.15

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

jbandt :: JBANDTBONE [administrator]

5/19/2014 9:08:52 PM

mbam-log-2014-05-19 (21-08-52).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 280165

Time elapsed: 23 minute(s), 35 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 4

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL (PUP.Optional.V9.A) -> Bad: (http://www.v9.com/?type=hp&ts=1399409750&from=irs&uid=WDCXWD7501AALS-00E3A0_WD-WCATR035532955329&i=psd&t=3421cfb63) Good: (http://www.google.com) -> Quarantined and repaired successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (PUP.Optional.V9.A) -> Bad: (http://search.v9.com/web/?type=ds&ts=1399409750&from=irs&uid=WDCXWD7501AALS-00E3A0_WD-WCATR035532955329&i=psd&t=3421cfb63&q={searchTerms}) Good: (http://www.google.com) -> Quarantined and repaired successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Search|SearchAssistant (PUP.Optional.V9.A) -> Bad: (http://search.v9.com/web/?type=ds&ts=1399409750&from=irs&uid=WDCXWD7501AALS-00E3A0_WD-WCATR035532955329&i=psd&t=3421cfb63&q={searchTerms}) Good: (http://www.google.com) -> Quarantined and repaired successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Search|CustomizeSearch (PUP.Optional.V9.A) -> Bad: (http://search.v9.com/web/?type=ds&ts=1399409750&from=irs&uid=WDCXWD7501AALS-00E3A0_WD-WCATR035532955329&i=psd&t=3421cfb63&q={searchTerms}) Good: (http://www.google.com) -> Quarantined and repaired successfully.

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

 

Here is the dds log

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.55.2

Run by jbandt at 5:07:17 on 2014-05-20

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3070.2378 [GMT -4:00]

.

AV: MYSecurityCenter Antivirus *Enabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}

FW: AVG Firewall *Disabled*

.

============== Running Processes ================

.

C:\Program Files\MYSecurityCenter\MYAntivirus\vsserv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\MYSecurityCenter\MYAntivirus\bdagent.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\WINDOWS\system32\CTsvcCDA.EXE

C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Common Files\Motive\pcCMService.exe

C:\Program Files\Secunia\PSI\sua.exe

C:\Program Files\MYSecurityCenter\MYAntivirus\updatesrv.exe

C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k rpcss

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\System32\svchost.exe -k eapsvcs

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\svchost.exe -k dot3svc

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://msn.com/

uSearch Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01

uDefault_Page_URL = hxxp://www.google.com

mStart Page = hxxp://www.google.com

mSearch Page = hxxp://search.v9.com/web/?type=ds&ts=1399409750&from=irs&uid=WDCXWD7501AALS-00E3A0_WD-WCATR035532955329&i=psd&t=3421cfb63&q={searchTerms}

mDefault_Page_URL = hxxp://www.google.com

mDefault_Search_URL = hxxp://www.google.com

uProxyOverride = localhost

mSearchAssistant = hxxp://www.google.com

mCustomizeSearch = hxxp://www.google.com

uURLSearchHooks: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - <orphaned>

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [DLCJCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCJtime.dll,_RunDLLEntry@16

mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [Bdagent] "c:\program files\mysecuritycenter\myantivirus\bdagent.exe"

dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t

dRunOnce: [RunNarrator] Narrator.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:323

uPolicies-Explorer: NoDriveAutoRun = dword:67108863

uPolicies-Explorer: NoDrives = dword:0

uPolicies-Explorer: NoResolveTrack = dword:1

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

mPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoResolveTrack = dword:1

mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

Trusted Zone: $talisma_url$

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

.

INFO: HKLM has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/bin/LogitechDeviceDetection32.cab

DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.dell.com/systemprofiler/SysPro.CAB

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab

DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/pcpitstop/PCPitStop.CAB

DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - hxxp://www.celartem.com/en/download/data/djvu_autoinstall/DjVuControl_en_US.cab

DPF: {15B782AF-55D8-11D1-B477-006097098764} - hxxp://download.macromedia.com/pub/shockwave/cabs/authorware/awswax70.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - hxxps://fdotnfuse.dot.state.fl.us/Citrix/ICAWEB/en/ica32/wficat.cab

DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab

DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} - hxxps://support.microsoft.com/OAS/ActiveX/odc.cab

DPF: {321FB770-1FBE-4BFE-BDC1-6F622D4FA499} - hxxps://pbells.broadjump.com/wizlet/iw60/static/controls/WebflowActiveXInstaller_4-0-0.cab

DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cab

DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} - hxxp://moneycentral.msn.com/cabs/pmupd806.exe

DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab

DPF: {46D8BEE7-0B27-4466-ABA2-A5F1E157971C} - hxxp://dvr.floridanexuspark.com/RemoteWeb.cab

DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab

DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,99/mcinsctl.cab

DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab

DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - hxxp://www.eset.eu/buxus/docs/OnlineScanner.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1373934070609

DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1348267800671

DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} - hxxp://doliver.earthcam.net/viewer/AMC.cab

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} - hxxp://www3.ca.com/securityadvisor/virusinfo/webscan.cab

DPF: {8A5BE387-D09A-4DFA-A56B-DCB89BD11468} - hxxps://lowes.2020.net/planner/Core/Player/2020PlayerAX_WEB_Win32.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab

DPF: {8D3314D6-5914-46C1-9F3D-9F14B6A305F1} - hxxp://www.mytpi.com/mytpi05/eval/ectuploader.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://www.crucial.com/controls/cpcScanner.cab

DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab

DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab

DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} - hxxp://hgtv1.view22.com/view22/app/view22rte.cab

DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://www.cvsphoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab

DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB

DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - hxxp://fdl.msn.com/zone/datafiles/heartbeat.cab

DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab

DPF: {E7D2588A-7FB5-47DC-8830-832605661009} - hxxps://livewc01.custhelp.com/7550-b415h-quickenmedical/rnl/java/RntX.cab

DPF: {EF0DBA6F-43CE-4B26-9808-2AB38FA0DB29} - hxxp://fdl.msn.com/public/investor/v13/ticker.cab

DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} - hxxp://by107fd.bay107.hotmail.msn.com/activex/HMAtchmt.ocx

DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} - hxxp://www.paslc.org/acgm/f2_acgm.cab

DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/optimize2/pcpitstop2.dll

TCP: NameServer = 192.168.1.254

TCP: Interfaces\{23473EEF-A2C0-490E-A49D-93A5EB42419F} : DHCPNameServer = 192.168.1.254

Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll

Handler: copernicagent - {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - c:\program files\copernic agent\CopernicAgentExt.dll

Handler: copernicagentcache - {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - c:\program files\copernic agent\CopernicAgentExt.dll

Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL

SEH: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - c:\program files\windows defender\MpShHook.dll

LSA: Authentication Packages = msv1_0 relog_ap

.

============= SERVICES / DRIVERS ===============

.

R0 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2014-5-9 640560]

R0 gzflt;gzflt;c:\windows\system32\drivers\gzflt.sys [2014-5-9 162976]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]

R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]

R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [2009-10-28 12184]

R2 pcCMService;pcCMService;c:\program files\common files\motive\pcCMService.exe [2012-7-11 361472]

R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2012-9-24 656480]

R2 UPDATESRV;MYSecurityCenter Desktop Update Service;c:\program files\mysecuritycenter\myantivirus\updatesrv.exe [2014-5-9 53592]

R2 WDBtnMgrSvc.exe;WD Drive Manager Service;c:\program files\western digital\wd drive manager\WDBtnMgrSvc.exe [2008-7-24 102400]

R3 avchv;avchv Function Driver;c:\windows\system32\drivers\avchv.sys [2014-5-9 242504]

R3 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2014-5-9 490144]

R3 NmPar;Unusable Parallel Port;c:\windows\system32\drivers\NmPar.sys [2008-7-31 80256]

R3 nmserial;PCI Serial Port;c:\windows\system32\drivers\NmSerial.sys [2008-7-31 70016]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]

S3 alcan5ln;Alcatel SpeedTouch™ USB ADSL RFC1483 Networking Driver (NDIS);c:\windows\system32\drivers\alcan5ln.sys [2006-3-16 36960]

S3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys [2014-5-9 66832]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-6-6 83168]

S3 libusb0;Jawbone LibUsb-Win32 - Kernel Driver 07/08/2013,1.2.6.1;c:\windows\system32\drivers\libusb0.sys [2013-6-22 42592]

S3 McTskshd.exe;McAfee Task Scheduler;c:\progra~1\mcafee.com\agent\mctskshd.exe --> c:\progra~1\mcafee.com\agent\mctskshd.exe [?]

S3 mcupdmgr.exe;McAfee SecurityCenter Update Manager;c:\progra~1\mcafee.com\agent\mcupdmgr.exe --> c:\progra~1\mcafee.com\agent\mcupdmgr.exe [?]

S3 NDMSHLP;Device Monitor Helper Driver;c:\program files\common files\hhd software\device monitor\NDMSHLP.sys [2005-5-24 7632]

S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2004-8-12 14336]

S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2011-12-16 15544]

S3 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2012-9-24 1328736]

S3 SerMon;Serial Monitor Filter Driver;c:\program files\hhd software\free serial port monitor\sermon.sys [2005-5-24 18432]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-6-6 181344]

S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-12 14336]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]

S4 McDetect.exe;McAfee WSC Integration;c:\program files\mcafee.com\agent\mcdetect.exe --> c:\program files\mcafee.com\agent\mcdetect.exe [?]

.

=============== File Associations ===============

.

FileExt: .txt: Applications\WORDPAD.EXE="c:\program files\windows nt\accessories\WORDPAD.EXE" "%1" [UserChoice]

.

=============== Created Last 30 ================

.

2014-05-20 08:49:31 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{10a8f222-243f-4625-9bfe-c2a41b58ea95}\mpengine.dll

2014-05-20 08:49:31 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{e05a51fb-18bb-4817-9e29-0d00583c3715}\mpengine.dll

2014-05-20 08:49:27 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{ac39d7f5-348c-4852-8093-bdae0b082265}\mpengine.dll

2014-05-20 08:49:27 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{60b1c603-c2d5-48eb-9abc-31c5822482cd}\mpengine.dll

2014-05-20 03:31:44 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{5a644ac3-6ee5-4a9f-8d89-e4bd9faaa1e1}\mpengine.dll

2014-05-20 03:31:44 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{fe794e18-b5d5-49ae-9f54-ce49c6f6636a}\mpengine.dll

2014-05-20 03:31:44 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{7ae6609e-3f94-4f61-92a2-fb061c79fc44}\mpengine.dll

2014-05-20 03:31:39 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{db8aa10c-4181-44ae-972f-43f0e32084af}\mpengine.dll

2014-05-20 03:03:24 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{fda1c785-721c-4e03-812b-5b147988d462}\mpengine.dll

2014-05-20 03:03:24 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{f4dbe741-0617-4fca-a185-5a189213e4a6}\mpengine.dll

2014-05-20 03:03:24 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{7374f359-86ae-4de3-884b-b7eb859de1e6}\mpengine.dll

2014-05-20 03:03:24 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{48098424-d1a8-4855-a0a8-4ac0ca12efb5}\mpengine.dll

2014-05-19 22:06:30 0 ----a-w- c:\program files\GUM6F.tmp

2014-05-19 21:35:43 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{2edbf58b-19c9-4b2d-a859-ace6dabc4dd7}\mpengine.dll

2014-05-19 21:35:43 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{09a4fc49-5abd-47cc-b372-25c71641a450}\mpengine.dll

2014-05-19 21:35:43 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{8dc3894a-85a5-4271-b39f-d5c66850be0d}\mpengine.dll

2014-05-19 21:35:43 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{52aceb56-f15b-4388-ae22-b690a65b6408}\mpengine.dll

2014-05-19 21:30:34 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{cc540099-2497-4406-ab68-20b26fadb364}\mpengine.dll

2014-05-19 21:30:33 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{2ca44123-5965-4916-8db8-4588c70eb5b9}\mpengine.dll

2014-05-19 21:30:33 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{61de1c61-22ae-4f37-ba36-2801a2f971ed}\mpengine.dll

2014-05-19 21:30:30 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{182c88b1-843f-4c2f-9967-118b53e115e2}\mpengine.dll

2014-05-19 21:28:42 -------- d-sh--w- C:\found.002

2014-05-19 21:09:05 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{7f606dcd-3210-4015-9e52-e4919e12b3a9}\mpengine.dll

2014-05-19 21:09:05 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{098b368f-6486-440e-b905-b4034abb851d}\mpengine.dll

2014-05-19 21:09:04 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{17a45c34-5e80-4168-80af-a35f3958f7ae}\mpengine.dll

2014-05-19 21:09:01 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{96ab411c-e7fe-44da-8a64-432564b27b75}\mpengine.dll

2014-05-19 20:50:43 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{3e38825a-3002-42b7-95b7-12dedbf5b383}\mpengine.dll

2014-05-19 20:50:43 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{77f281eb-1c65-4cbc-8151-ca919a6fef1c}\mpengine.dll

2014-05-19 20:50:42 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{1f8e7a9a-992e-4f2b-bea4-37e5565ae72a}\mpengine.dll

2014-05-19 20:50:41 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{6219d83d-c9c9-4fa4-b7c2-0e9c48dca3be}\mpengine.dll

2014-05-18 20:06:40 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{de1f6c08-b353-4828-9f29-073d241980b8}\mpengine.dll

2014-05-18 20:06:40 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{d15afc77-3bfb-4079-a309-6af6c848512b}\mpengine.dll

2014-05-18 20:06:39 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{74920599-0de9-4192-b55f-a8ad738f2c03}\mpengine.dll

2014-05-18 20:06:39 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{34dba976-11b7-4fd7-a2c4-df3ce2f868ac}\mpengine.dll

2014-05-18 20:02:11 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{8814ffc5-a219-4399-9b59-663f29fa631a}\mpengine.dll

2014-05-18 20:02:11 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{f9d605c1-6935-4063-b19b-b59d87801bde}\mpengine.dll

2014-05-18 20:02:11 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{a65d869f-2ed0-401d-8945-55c54efd849e}\mpengine.dll

2014-05-18 20:02:08 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{2bff2ac8-66b5-4ab9-bda1-df2b4af0f1fe}\mpengine.dll

2014-05-15 21:02:54 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{efd9da69-2c7c-40bc-9ba5-597062fa7afc}\mpengine.dll

2014-05-15 21:02:54 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{5418f021-8a08-4419-9e21-94ae95141802}\mpengine.dll

2014-05-15 21:02:54 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{b180d6fe-7303-4697-9603-c575866902d4}\mpengine.dll

2014-05-15 21:02:54 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{4d87916e-8bc4-41cf-8407-47c1ed49426c}\mpengine.dll

2014-05-15 20:59:08 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{e9e73970-4212-4eb7-828d-eb2098a9769c}\mpengine.dll

2014-05-15 20:59:08 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{763d8fe4-3618-4494-b993-149d5c8dd248}\mpengine.dll

2014-05-15 20:59:07 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{e678e043-d45b-4e97-836c-01cc84a2bd1e}\mpengine.dll

2014-05-15 20:59:06 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{788bfb2a-d12e-481e-aecd-a96d9c405574}\mpengine.dll

2014-05-14 13:56:01 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{b4832b8b-d7e9-4fcd-80b5-b4c5c281c2a2}\mpengine.dll

2014-05-14 13:56:00 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{ebd8d3c0-1401-4a42-bda9-f92d311262b1}\mpengine.dll

2014-05-14 13:56:00 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{cccd0052-8684-4770-8a10-395bccc73de0}\mpengine.dll

2014-05-14 13:56:00 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{2ce20e83-6ab4-43ff-a448-d5ef7967cb22}\mpengine.dll

2014-05-14 13:52:05 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{98a092a8-6050-4492-a492-bdfa796ff0ab}\mpengine.dll

2014-05-14 13:52:05 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{1e822d8a-cf22-4309-9e2e-06b313a6069d}\mpengine.dll

2014-05-14 13:52:04 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{12c2d496-40e9-4810-94de-72de9dbe15fc}\mpengine.dll

2014-05-14 13:52:02 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{2352734f-a0de-4d2b-b5a2-044570eba266}\mpengine.dll

2014-05-13 16:24:51 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{b4c6a704-179a-4020-a4c9-1c720c7b512d}\mpengine.dll

2014-05-13 16:24:51 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{736200d4-7a6f-4bfd-b325-878b3d7783d3}\mpengine.dll

2014-05-13 16:24:51 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{ee859946-854e-448b-ab38-c23d47971af7}\mpengine.dll

2014-05-13 16:24:51 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{60aa3cc6-b98c-4c7f-a6c1-8894354f2b77}\mpengine.dll

2014-05-13 10:43:15 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{1ef50e2d-e447-4e79-903f-a5c47022f04c}\mpengine.dll

2014-05-13 10:43:15 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{81158131-b4e0-4f27-8bd1-3e960902d20a}\mpengine.dll

2014-05-13 10:43:15 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{11d0f1b9-e432-463b-99c2-61ba9e15903c}\mpengine.dll

2014-05-13 10:43:12 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{d6cb85d3-546a-4f58-be6f-e10b3e6c9de4}\mpengine.dll

2014-05-12 22:44:37 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{4e7f842c-6a25-4686-85f6-b08035b0d82c}\mpengine.dll

2014-05-12 22:44:37 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{3d4405b4-a260-4661-bc8d-bcd23334f1ec}\mpengine.dll

2014-05-12 22:44:36 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{2660a66c-aeb0-42f2-9c15-236374cc0ccb}\mpengine.dll

2014-05-12 22:44:36 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{123eeac5-bced-4950-b6b1-63270186075b}\mpengine.dll

2014-05-12 22:40:37 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{f3f4cb65-4fb7-4701-be0a-975f62240808}\mpengine.dll

2014-05-12 22:40:37 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{9863ebba-a603-479f-a127-26bb3f2e961e}\mpengine.dll

2014-05-12 22:40:36 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{fb36d505-9ec7-4647-b72f-ce4a9ae19d85}\mpengine.dll

2014-05-12 22:40:35 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{114026fd-0b45-4481-bb33-c1954c1f372e}\mpengine.dll

2014-05-11 13:40:38 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{c173a288-fc06-47ad-b73c-afe40375a1c9}\mpengine.dll

2014-05-11 13:40:38 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{bb986505-8334-4a14-992f-d4ae4c0c1b99}\mpengine.dll

2014-05-11 13:40:37 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{d9961e44-e8f7-40ca-a313-eefef80e91ab}\mpengine.dll

2014-05-11 13:40:37 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{6a6202ee-df0b-406d-a2c7-464aac1c5395}\mpengine.dll

2014-05-10 20:15:52 -------- d-----w- c:\documents and settings\jbandt\application data\Dell

2014-05-10 20:15:46 -------- d-----w- c:\documents and settings\all users\application data\PCDr

2014-05-10 20:15:45 -------- d-----w- c:\program files\Dell Support Center

2014-05-10 20:15:13 -------- d-----w- c:\program files\My Dell

2014-05-10 20:13:17 -------- d-----w- c:\documents and settings\jbandt\application data\PCDr

2014-05-10 16:07:31 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{f3a0c127-ff90-4c1a-9a14-aa0b750b38f0}\mpengine.dll

2014-05-10 16:07:31 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{0127f55d-fa2a-4cb6-af0d-7bdc4204e9da}\mpengine.dll

2014-05-10 16:07:31 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{c0189408-05b0-406e-a163-58b50362734c}\mpengine.dll

2014-05-10 16:07:31 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{ab27e7c7-c43c-4898-b3cf-d43a714890c1}\mpengine.dll

2014-05-10 12:45:32 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{4df4fa1e-c705-4231-a537-e8f8fa9fd3f8}\mpengine.dll

2014-05-10 12:45:32 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{23789204-609b-48b1-b977-da4936bb8c87}\mpengine.dll

2014-05-10 12:45:29 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{ca1022f2-e97e-459b-bb71-f417601fbb24}\mpengine.dll

2014-05-10 12:45:28 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{a48fc3a5-b66e-46a3-b817-0f19811f8247}\mpengine.dll

2014-05-09 22:59:17 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{07a94f8d-886a-46b5-b107-ec9a39225b9d}\mpengine.dll

2014-05-09 22:59:16 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{937ab318-0edd-4542-9a9a-21c93a8b43df}\mpengine.dll

2014-05-09 22:59:16 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{40efa74c-048f-497b-8b99-e828b2cc01a1}\mpengine.dll

2014-05-09 22:59:16 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{0fa92075-77f1-4c8f-ba0b-0e0752044bf1}\mpengine.dll

2014-05-09 22:27:14 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{53472ee4-7857-401f-bfa6-3ef9d560a996}\mpengine.dll

2014-05-09 22:27:14 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{232abd4d-38e8-4dca-99a3-a7bc4a03a9ec}\mpengine.dll

2014-05-09 22:27:13 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{11c88851-4f84-41ff-9eb9-7c40b5aba519}\mpengine.dll

2014-05-09 22:27:13 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{64fdea70-1bb1-427c-a1d0-37fd58c3fd18}\mpengine.dll

2014-05-09 21:52:29 382141 ----a-w- c:\documents and settings\all users\application data\1399665448.bdinstall.bin

2014-05-09 21:26:59 72704 ----a-w- c:\windows\system32\drivers\bdvedisk.sys

2014-05-09 20:56:44 -------- d-----w- c:\documents and settings\all users\application data\Bitdefender

2014-05-09 20:56:41 -------- d-----w- c:\documents and settings\all users\application data\BDLogging

2014-05-09 20:56:24 66832 ----a-w- c:\windows\system32\drivers\bdsandbox.sys

2014-05-09 20:56:24 511328 ----a-w- c:\windows\capicom.dll

2014-05-09 20:56:24 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll

2014-05-09 20:55:56 640560 ----a-w- c:\windows\system32\drivers\avc3.sys

2014-05-09 20:55:56 490144 ----a-w- c:\windows\system32\drivers\avckf.sys

2014-05-09 20:55:56 242504 ----a-w- c:\windows\system32\drivers\avchv.sys

2014-05-09 20:55:17 -------- d-----w- c:\documents and settings\jbandt\application data\MYSecurityCenter

2014-05-09 20:55:12 -------- d-----w- c:\documents and settings\all users\application data\MYSecurityCenter

2014-05-09 20:54:02 -------- d-----w- c:\documents and settings\jbandt\application data\QuickScan

2014-05-09 20:53:56 162976 ----a-w- c:\windows\system32\drivers\gzflt.sys

2014-05-09 20:53:51 355744 ----a-w- c:\windows\system32\drivers\trufos.sys

2014-05-09 20:53:50 -------- d-----w- c:\program files\MYSecurityCenter

2014-05-09 19:57:22 -------- d-----w- c:\program files\common files\MYSecurityCenter

2014-05-09 19:15:27 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{8771ce0e-c217-40bc-a24b-21ad1ad8941b}\mpengine.dll

2014-05-09 19:15:27 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{5ea856a7-b7a4-469f-bd5a-cb5dd0eb64d6}\mpengine.dll

2014-05-09 19:15:26 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{3acaeb93-1401-4e48-9757-167686d2137c}\mpengine.dll

2014-05-09 19:15:26 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{4f90f29f-3ff6-41d5-93ee-5d5a4dcca89b}\mpengine.dll

2014-05-09 18:57:46 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{5c63cad7-c9af-432f-9275-60fbbb59915a}\mpengine.dll

2014-05-09 18:57:46 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{26418ca1-5a15-45e1-b7fb-0dcf4117e78f}\mpengine.dll

2014-05-09 18:57:46 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{ccab3e8e-ade8-4983-a0bb-26198d1a0532}\mpengine.dll

2014-05-09 18:57:46 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{4db9edd5-b139-4498-9926-c2de05eb2721}\mpengine.dll

2014-05-09 18:53:41 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{bae08335-0a7b-4fde-a68d-6bc5d24b11f4}\mpengine.dll

2014-05-09 18:53:41 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{e581b1bb-b9ed-4cd7-af33-21459e1d3efe}\mpengine.dll

2014-05-09 18:53:41 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{dbdd5603-0ee1-4bbc-8192-3f73cd1cc246}\mpengine.dll

2014-05-09 18:53:40 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{af16b862-8d77-484e-8766-b342c6e666c5}\mpengine.dll

2014-05-08 19:48:17 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{332f1602-1916-47c4-9c0a-1e11566bd138}\mpengine.dll

2014-05-08 19:48:17 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{1078087d-3d29-4cc0-a9ee-2ea77c8e9f4a}\mpengine.dll

2014-05-08 19:48:17 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{d57e882a-a501-45df-aa13-48863025030a}\mpengine.dll

2014-05-08 19:48:17 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{12e574d3-ff92-4e9f-b038-57b854d18fc7}\mpengine.dll

2014-05-08 19:45:18 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{82b1f18c-d5f9-4f65-8bfe-f213510442de}\mpengine.dll

2014-05-08 19:45:18 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{341f6541-f870-49eb-9628-187597bfe261}\mpengine.dll

2014-05-08 19:45:18 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{4b30afeb-fc5a-404e-96fb-fd65704e3292}\mpengine.dll

2014-05-08 19:45:18 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{35d14be6-b691-4366-b54a-e2f6582d9167}\mpengine.dll

2014-05-07 20:34:34 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{d5e1f4e8-7ccd-4f87-a8f0-298b93a9d0ad}\mpengine.dll

2014-05-07 20:34:34 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{10789ba5-1ea4-4d22-b183-5275230adf1d}\mpengine.dll

2014-05-07 20:34:34 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{920e9433-9270-458e-bec3-d0bb9bc2544d}\mpengine.dll

2014-05-07 20:34:34 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{22063e9d-751f-4fca-aabd-6287cdf1520e}\mpengine.dll

2014-05-07 20:29:56 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{36b2dc41-0d9b-4bd6-85c5-8853c703868f}\mpengine.dll

2014-05-07 20:29:56 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{0011b709-c325-4499-b26c-96ccc653a070}\mpengine.dll

2014-05-07 20:29:56 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{9a262cd7-d830-4a68-95a5-0113771a4d60}\mpengine.dll

2014-05-07 20:29:56 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{73e5dc83-c38f-4f7b-96b0-03402ef78352}\mpengine.dll

2014-05-06 22:00:23 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{608eae0a-e8ee-46d7-90b2-df7660cba3cf}\mpengine.dll

2014-05-06 22:00:23 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{b1645cfc-75b4-4e83-a642-f7168c8033a4}\mpengine.dll

2014-05-06 22:00:19 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{6027c62c-d059-4d1c-b9e9-2d232b0dfb43}\mpengine.dll

2014-05-06 22:00:18 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{fb4a836a-c051-4109-8f45-800889da7ab1}\mpengine.dll

2014-05-06 20:55:36 -------- d-----w- c:\documents and settings\jbandt\application data\GetPrivate

2014-05-06 20:55:23 -------- d-----w- c:\documents and settings\jbandt\application data\Wise

2014-05-06 20:15:06 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{5b73ef37-4054-40c9-87fa-9b53788c2a08}\mpengine.dll

2014-05-06 20:15:06 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{0253590f-7efa-40bb-a348-a24ffef80bf4}\mpengine.dll

2014-05-06 20:15:06 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{f06bdc59-d9fe-498a-82de-6f29c7356bc3}\mpengine.dll

2014-05-06 20:15:06 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{a647954f-10b6-4bfa-945b-c56687e4495d}\mpengine.dll

2014-05-06 20:11:13 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{b1a88df3-a843-4570-aa02-55dc2b4692b1}\mpengine.dll

2014-05-06 20:11:13 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{9b6b8a8d-1bc1-4f2d-b437-db7c8ec52cd2}\mpengine.dll

2014-05-06 20:11:13 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{fa632b57-572d-4a7e-b5b1-e2da5738fbc1}\mpengine.dll

2014-05-06 20:11:13 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{a805b534-369a-4027-8106-601c941e1817}\mpengine.dll

2014-05-05 20:05:41 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{a0aa6397-9cc7-40aa-ae56-deb535503511}\mpengine.dll

2014-05-05 20:05:41 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{65bcb034-e015-4a07-99e8-1bc526fe490d}\mpengine.dll

2014-05-05 20:05:41 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{c7f023ad-167e-4db9-988e-ee095a5ec56e}\mpengine.dll

2014-05-05 20:05:41 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{4e23ecb9-51fd-4953-b4d7-f41d5dd612cb}\mpengine.dll

2014-05-05 12:25:33 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{feb5cb18-14af-438e-b11d-599e3db2b3a1}\mpengine.dll

2014-05-05 12:25:33 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{442d57af-9d58-4ff4-8ae0-91341b4eccd6}\mpengine.dll

2014-05-05 12:25:33 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{d52b7971-b8e9-4dbe-9cef-912c8e6a790b}\mpengine.dll

2014-05-05 12:25:33 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{719ec12c-1ec1-4e79-b162-016a777af369}\mpengine.dll

2014-05-05 12:22:15 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{728b24e7-cecd-42f0-9db2-a77b63624a40}\mpengine.dll

2014-05-05 12:22:15 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{3a8fba02-f94e-4677-a5aa-c61c6efaf6d7}\mpengine.dll

2014-05-05 12:22:15 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{cfa22dc0-9df7-46fc-a7b0-6ded0730cbc7}\mpengine.dll

2014-05-05 12:22:15 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{826b8299-efef-4c05-b840-b045aa1ae1c1}\mpengine.dll

2014-05-04 13:25:00 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{175db759-f8bd-4013-b91e-366293bd6f77}\mpengine.dll

2014-05-04 13:25:00 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{7253ee29-fd52-496a-984d-b1be012a1f40}\mpengine.dll

2014-05-04 13:24:59 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{bdef97cb-6d36-4598-9ddf-31578e44ead9}\mpengine.dll

2014-05-04 13:24:59 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{145a6e68-7b6b-4d4e-b3e2-f45003887efa}\mpengine.dll

2014-05-04 13:22:24 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{a695144e-cc0b-4d95-830f-369f99bc0f1b}\mpengine.dll

2014-05-04 13:22:24 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{e926b3f2-e079-4375-a9fc-68de136a6190}\mpengine.dll

2014-05-04 13:22:16 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{e300beea-83e2-455f-99a7-5aff53d08451}\mpengine.dll

2014-05-04 13:22:15 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{fa364489-2b70-424e-8a7a-0c42fca4d86d}\mpengine.dll

2014-05-03 15:41:33 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{dd2b8cdf-f90e-4830-8843-76a4dacdccf9}\mpengine.dll

2014-05-03 15:41:33 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{f186366c-921d-4633-879d-be9b554d5aed}\mpengine.dll

2014-05-03 15:41:33 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{a91d19be-89d0-400c-8cfd-a105cab211e4}\mpengine.dll

2014-05-03 15:41:32 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{4c3b1f8d-19da-4e75-82b2-42eb65c0a26f}\mpengine.dll

2014-05-03 11:05:42 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{d9c970c3-83d7-4e52-8ee5-7dadbc87406d}\mpengine.dll

2014-05-03 11:05:42 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{45f2e601-918f-4950-9327-5671f1e0b48a}\mpengine.dll

2014-05-03 11:05:42 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{275c7def-337b-4e55-9eec-526753a2d09f}\mpengine.dll

2014-05-03 11:05:42 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{15921287-bdca-4d34-8126-abc7a587d504}\mpengine.dll

2014-05-02 21:46:20 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{21bd7287-c661-4c09-b820-d20cabf3db32}\mpengine.dll

2014-05-02 21:46:19 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{466c4e28-835b-4a6c-b4af-506a8d865c8c}\mpengine.dll

2014-05-02 21:46:19 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{30f33a98-5df6-4d1d-94f0-469c13f328a5}\mpengine.dll

2014-05-02 21:46:19 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{747f99ff-3fb3-410d-9c05-a25017ceb342}\mpengine.dll

2014-05-02 21:37:16 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{3008e853-46ea-4b9d-8184-64df8927b88a}\mpengine.dll

2014-05-02 21:37:16 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{e4d9874c-d2bd-4528-b2aa-b413edd757d2}\mpengine.dll

2014-05-02 21:37:14 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{7fc7ed1d-0c98-4a16-b0da-ff6fe9d6cf9c}\mpengine.dll

2014-05-02 21:37:14 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{dbe21cab-d4d6-44f1-85e3-7af959ffa3ce}\mpengine.dll

2014-05-02 21:17:46 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{7ef6c252-9475-4315-b6f0-dc6f992eb8a7}\mpengine.dll

2014-05-02 21:17:45 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{5a0b3865-1a8d-4e8b-9a3d-ecfc71cda16f}\mpengine.dll

2014-05-02 21:17:44 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{6d377793-ea51-4316-9ee3-6df04ad1cabc}\mpengine.dll

2014-05-02 21:17:44 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{9a86cb71-13b6-4beb-a35e-8e9eb812147c}\mpengine.dll

2014-05-01 20:43:22 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{6800da56-e8a9-405a-aeb5-1ab441d9e919}\mpengine.dll

2014-05-01 20:43:22 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{0f2b6222-1c2b-4510-b8b4-c4196f6eed24}\mpengine.dll

2014-05-01 20:43:22 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{7a538fca-8a0a-4a79-9a4b-c2e6d186c5e9}\mpengine.dll

2014-05-01 20:43:22 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{01c93e53-d4d9-4470-be9b-7aa8b8946099}\mpengine.dll

2014-05-01 20:41:18 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{65eb7282-6fde-451f-b14b-12b9b8783a47}\mpengine.dll

2014-05-01 20:41:18 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{ce46e8d3-3706-45ff-bf2d-0a681fcf6e41}\mpengine.dll

2014-05-01 20:41:18 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{1581e78b-361d-4f80-b68e-2a81676ca424}\mpengine.dll

2014-05-01 20:41:17 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{7bccd5ab-62e5-4739-9d54-f9f2504ba4fe}\mpengine.dll

2014-04-30 21:35:48 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{742f1d32-dde0-4ca6-b7f8-f7edea3e0a56}\mpengine.dll

2014-04-30 21:35:48 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{15c5faf6-2a25-48b6-bf85-8ed827d4a09b}\mpengine.dll

2014-04-30 21:35:48 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{cc171672-d387-4070-80bf-e419087f616a}\mpengine.dll

2014-04-30 21:35:48 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{c5372130-8f21-4b6a-924c-ea466b7113fa}\mpengine.dll

2014-04-30 21:31:57 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{f27a0212-f4f7-4734-bcdf-705177aa2a8b}\mpengine.dll

2014-04-30 21:31:57 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{c7c681cb-92c3-49dc-a72a-cd7669d719de}\mpengine.dll

2014-04-30 21:31:57 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{71a749ce-82c8-419b-846d-737cea27f478}\mpengine.dll

2014-04-30 21:31:48 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{968b0dee-7272-4d00-9a4b-a787d27e8901}\mpengine.dll

2014-04-30 13:23:56 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{f6f030ab-c046-4ff2-aa28-d6ac85174999}\mpengine.dll

2014-04-30 13:23:55 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{aea5871b-cb90-44d4-a04d-31385dcce63f}\mpengine.dll

2014-04-30 13:23:55 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{07481f25-658f-4285-8d7e-1ba01ca27b05}\mpengine.dll

2014-04-30 13:23:55 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{5b514e89-496f-4a09-9530-7500bedbfd04}\mpengine.dll

2014-04-29 22:13:52 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{ec03b8c9-7b32-4516-b04e-c8bdeda9f517}\mpengine.dll

2014-04-29 22:13:52 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{22e1309c-ef77-4848-a1d0-33dd9c183fb8}\mpengine.dll

2014-04-29 22:13:52 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{d5051430-6a09-4c71-9acc-a6e1258abf4f}\mpengine.dll

2014-04-29 22:13:52 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{17c44fcd-e519-4ae7-b463-cdf667640db8}\mpengine.dll

2014-04-29 20:59:13 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{2a37ba21-7d24-4369-ae2b-204e11ffdf52}\mpengine.dll

2014-04-29 20:59:13 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{0d064e7e-2a32-458e-9f64-301aed7e026f}\mpengine.dll

2014-04-29 20:59:12 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{633d7158-20be-4175-ba7a-78257e395a87}\mpengine.dll

2014-04-29 20:59:12 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{07e9863f-d9c7-40a6-9c6f-522644749364}\mpengine.dll

2014-04-29 20:49:36 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{7a2e2e58-2970-4fcb-a876-739d9223e61c}\mpengine.dll

2014-04-29 20:49:36 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{c4daaf21-804a-4398-b137-b7d24b3b4d22}\mpengine.dll

2014-04-29 20:49:36 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{538667ac-e188-45de-9d79-a8b30b9f65ce}\mpengine.dll

2014-04-29 20:49:35 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{e00954c5-c278-4598-a654-03f40765e985}\mpengine.dll

2014-04-28 20:32:42 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{8076a859-53ac-4199-8927-0b6c0641df86}\mpengine.dll

2014-04-28 20:32:42 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{baee1796-3e49-4ab1-92b6-3e728154bb42}\mpengine.dll

2014-04-28 20:32:41 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{3e103499-b6d6-4f67-a089-eee27082de72}\mpengine.dll

2014-04-28 20:32:41 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{f6adea0a-ef03-49d9-b19e-52fc09912fcf}\mpengine.dll

2014-04-28 20:28:15 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{f506da8b-1b7d-4256-8b9e-8e9751e4cf7f}\mpengine.dll

2014-04-28 20:28:15 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{822a779b-0fa7-431d-9c00-f42269d67294}\mpengine.dll

2014-04-28 20:28:15 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{e8362405-f18c-4746-8541-8dfd8d6a0d5f}\mpengine.dll

2014-04-28 20:28:15 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{1bd066cd-45ed-4845-9875-16abdb2476d1}\mpengine.dll

2014-04-27 13:00:40 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{99aa1e95-2e84-46a9-a398-bf820bfe39d2}\mpengine.dll

2014-04-27 13:00:40 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{2549d4f3-5b96-4a04-83f7-04567aabd1c2}\mpengine.dll

2014-04-27 13:00:40 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{e183a279-d5dd-47f6-8a85-916906a6c153}\mpengine.dll

2014-04-27 13:00:40 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{1c06d6a9-b9c0-465c-ae76-7c2e0f2c9f72}\mpengine.dll

2014-04-27 12:57:06 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{cc0b89f2-fac0-43fe-94ef-43db7e3c1661}\mpengine.dll

2014-04-27 12:57:06 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{e4d8feb7-a724-4365-bb04-f102255c4147}\mpengine.dll

2014-04-27 12:57:06 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{0919cd70-31d7-4166-aec5-ef84f1bd482b}\mpengine.dll

2014-04-27 12:57:02 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{dbfb1c92-2d3c-45e4-a1e9-e3af8c6db9c1}\mpengine.dll

2014-04-26 15:30:19 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{bcbb3876-ee54-48db-9152-a03490e8409f}\mpengine.dll

2014-04-26 15:30:18 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{ba84e835-d29d-4673-bd2a-729f10c85939}\mpengine.dll

2014-04-26 15:30:18 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{0b2f0040-5198-4d05-96fb-a877ba6b618b}\mpengine.dll

2014-04-26 15:30:18 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{3814c4f2-22ec-42b5-93b3-e0cb8a0ca61e}\mpengine.dll

2014-04-26 10:58:28 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{39d6a713-30e2-436d-9666-f52dba3d8afe}\mpengine.dll

2014-04-26 10:58:28 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{2cf0ba7f-6733-4794-9591-d8f321cd737a}\mpengine.dll

2014-04-26 10:58:28 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{78fb28ae-1675-4ba8-ae04-88c5b51644cd}\mpengine.dll

2014-04-26 10:58:28 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{2d10a31d-5016-4ec9-963b-973545126909}\mpengine.dll

2014-04-25 20:17:04 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{84190039-e62e-4b35-bec3-a59f964dca8b}\mpengine.dll

2014-04-25 20:17:04 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{af908cfc-c694-4e3c-b6ef-3f3b529d2eb9}\mpengine.dll

2014-04-25 20:17:03 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{39629534-37ce-4a35-9923-14b777f5166a}\mpengine.dll

2014-04-25 20:17:03 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{bb3e4859-2dd0-4f02-ade3-31c9ca2ab19d}\mpengine.dll

2014-04-25 20:10:14 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{73ae1608-1345-4bac-a525-2085ad06b635}\mpengine.dll

2014-04-25 20:10:14 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{044b972a-2b4e-4bd1-bcd4-d416a0526cb5}\mpengine.dll

2014-04-25 20:10:13 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{c6acdb40-a445-44b2-bb77-d69e6f6d5510}\mpengine.dll

2014-04-25 20:10:12 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{8aee9653-f1cc-43e3-9681-1987f64bb5dc}\mpengine.dll

2014-04-24 23:03:51 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{9c49610d-ba80-47d2-ad6d-85a769d716b3}\mpengine.dll

2014-04-24 23:03:49 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{a81c74dc-1679-43de-a6cd-cdf97c98b9d9}\mpengine.dll

2014-04-24 23:03:46 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{cb574203-b815-465a-9170-1df4fbde150a}\mpengine.dll

2014-04-24 23:03:46 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{f7598774-a209-43c5-bcb9-cd4f56bdf027}\mpengine.dll

2014-04-24 21:45:27 145408 ----a-w- c:\windows\system32\javacpl.cpl

2014-04-24 21:45:19 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2014-04-24 21:33:52 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{464b055e-0103-4126-ad02-71e92c578222}\mpengine.dll

2014-04-24 21:33:52 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{c3b44cde-f2e3-45ae-b700-bee47b2b5e32}\mpengine.dll

2014-04-24 21:33:51 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{57a3ba70-28d3-4007-a5e3-bc3b0d13f8b3}\mpengine.dll

2014-04-24 21:33:51 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{69a86878-7351-4f1a-8d13-16a876dd23b1}\mpengine.dll

2014-04-24 21:30:44 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{b5f1e4a1-0f18-47f1-a561-0f703014d0dc}\mpengine.dll

2014-04-24 21:30:44 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{152928b7-5fa4-4cef-9c68-353f8c912382}\mpengine.dll

2014-04-24 21:30:44 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{f019b15c-264c-4558-8456-cffcea0ea07e}\mpengine.dll

2014-04-24 21:30:44 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{5b4d06d9-7588-4b58-aeb6-955a9cabda2d}\mpengine.dll

2014-04-24 11:45:13 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{329217f8-9fe7-4b88-8eae-ed3258b1c491}\mpengine.dll

2014-04-24 11:45:13 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{323a57e3-17d9-441a-b717-b5e785211b01}\mpengine.dll

2014-04-24 11:45:13 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{e5736712-bc25-40df-9526-0f6e51c2eb2d}\mpengine.dll

2014-04-24 11:45:13 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{53f5031b-727e-4387-9782-7646e40741a5}\mpengine.dll

2014-04-24 01:04:42 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{ab5211b8-8198-4226-ab79-ff25b06a8223}\mpengine.dll

2014-04-24 01:04:42 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{2581b1e0-e323-4a6d-8998-692e56cf604a}\mpengine.dll

2014-04-24 01:04:41 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{36914321-f7d8-4b3b-9fde-5c2695ffad2f}\mpengine.dll

2014-04-24 01:04:41 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{de8e1a74-0f2b-45a7-820b-bd50228fb38e}\mpengine.dll

2014-04-23 20:01:58 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{12bb3102-733d-4f17-97e5-c08979da86da}\mpengine.dll

2014-04-23 20:01:58 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{9bf7ce3d-10b5-4206-8dbe-167d622ca88b}\mpengine.dll

2014-04-23 20:01:57 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{9a9aa9e1-e224-43c7-af15-59155677f049}\mpengine.dll

2014-04-23 20:01:57 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{2545ff19-d16b-4710-8d95-303ea7d68146}\mpengine.dll

2014-04-22 15:02:01 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{e889694d-0221-40ea-b126-55c39fb9cea3}\mpengine.dll

2014-04-22 15:02:01 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{58763731-8261-40de-92c0-262334eb29ed}\mpengine.dll

2014-04-22 15:02:00 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{b9b20e5a-9eaa-4683-8b5d-2db20d4f7a08}\mpengine.dll

2014-04-22 15:01:58 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{0678306c-723d-4bd6-b9c1-9d342dd07222}\mpengine.dll

2014-04-21 20:45:27 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{35fad0ee-c52b-441b-8fce-7945bba56a81}\mpengine.dll

2014-04-21 20:45:27 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{bd16f829-30e2-46f9-acda-8b2f4c2a8fab}\mpengine.dll

2014-04-21 20:45:23 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{532baea1-81d8-484d-9b47-d3454bc61280}\mpengine.dll

2014-04-21 20:45:20 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{c2f6b8aa-7ad7-48b4-9dcd-2ec52fd11414}\mpengine.dll

2014-04-21 19:08:35 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{de1c3eac-fdd1-4bbb-ac86-925c16f287b4}\mpengine.dll

2014-04-21 19:08:35 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{a4bc8906-e36b-4a76-91bb-f3a7cdae84f6}\mpengine.dll

2014-04-21 19:08:35 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{fefaeeba-ba04-4f0c-8ad9-b3b3d2e107ca}\mpengine.dll

2014-04-21 19:08:35 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{521332da-a134-4fd4-97e1-903dbf8aafe6}\mpengine.dll

2014-04-21 17:13:33 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{fee92f66-6a22-4007-83ca-9bf2d4928243}\mpengine.dll

2014-04-21 17:13:33 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{8d407245-5a1d-4ee8-b544-e804ceffabc2}\mpengine.dll

2014-04-21 17:13:32 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{be66ac94-b29f-46ca-b9e0-ed86099d4a6b}\mpengine.dll

2014-04-21 17:13:32 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{091e2b6c-8ba0-4512-9d31-b41b88579941}\mpengine.dll

2014-04-21 12:36:36 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{f5e696c1-cd50-4d19-bf17-c12e4eaf0466}\mpengine.dll

2014-04-21 12:36:36 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{2f340caf-0893-41ec-a6ef-33543b3df5d2}\mpengine.dll

2014-04-21 12:36:36 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{afac8e85-921f-4806-ac45-cdd91beb1f5b}\mpengine.dll

2014-04-21 12:36:36 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{a7df07af-3713-4488-9315-3de464cf74d7}\mpengine.dll

2014-04-21 12:32:25 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{88e57a1e-0258-4940-8ca2-fc5d61ab248c}\mpengine.dll

2014-04-21 12:32:25 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{3397ec6d-76de-42ab-a4b0-4c5921d9502e}\mpengine.dll

2014-04-21 12:32:25 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{e61675f6-045f-46ea-8664-a25a037ef8a4}\mpengine.dll

2014-04-21 12:32:25 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{a22f79c9-45e3-46fe-827e-f743309ccef3}\mpengine.dll

2014-04-20 23:24:00 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{cbc44a6b-4688-4ec7-be5f-e090bb5c9f16}\mpengine.dll

2014-04-20 23:24:00 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{57bb1321-0aec-4c27-891a-5f58bc031427}\mpengine.dll

2014-04-20 23:23:51 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{ed2d0b74-d7a4-4091-a46f-83f3a6a326c6}\mpengine.dll

2014-04-20 23:23:51 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{3f1a24ac-9266-4c04-aeeb-8f8b9d217de3}\mpengine.dll

2014-04-20 12:49:45 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{b95aa8d8-c7b7-4bc4-b6c1-ede08965f12c}\mpengine.dll

2014-04-20 12:49:45 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{4e430f22-7311-4689-94d8-2439b2def8c0}\mpengine.dll

2014-04-20 12:49:45 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{e93a7001-4a9e-413e-a546-7bdd5a794428}\mpengine.dll

2014-04-20 12:49:45 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{8800b6f7-79b2-4f29-9fbd-778737ca5ac3}\mpengine.dll

2014-04-20 11:44:31 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{3d38b8eb-a5b7-4554-838d-9566c31187cd}\mpengine.dll

2014-04-20 11:44:31 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{b32b9288-5ec0-4f2f-afa0-298e02722819}\mpengine.dll

2014-04-20 11:44:30 2321288 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{dd7b7b48-a19a-42d9-bb93-e7389fdcdd95}\mpengine.dll

2014-04-20 11:44:30 2321288 ------w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{f07b8f6f-6f39-48ac-b3db-299e4b6fdf8f}\mpengine.dll

.

==================== Find3M ====================

.

2014-04-29 20:53:16 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2014-04-29 20:53:16 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2014-03-31 13:35:10 231584 ------w- c:\windows\system32\MpSigStub.exe

2014-03-06 17:59:23 920064 ----a-w- c:\windows\system32\wininet.dll

2014-03-06 17:59:22 43520 ----a-w- c:\windows\system32\licmgr10.dll

2014-03-06 17:59:22 18944 ----a-w- c:\windows\system32\corpol.dll

2014-03-06 17:59:22 1469440 ------w- c:\windows\system32\inetcpl.cpl

2014-03-06 00:46:54 385024 ------w- c:\windows\system32\html.iec

2014-02-26 01:59:05 13312 ------w- c:\windows\system32\xp_eos.exe

.

============= FINISH: 5:09:19.82 ===============

 

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,759 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:56 PM

Posted 23 May 2014 - 09:03 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.

Let me know what problem persists.

#3 jbandtbone

jbandtbone
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:56 PM

Posted 23 May 2014 - 09:56 PM

This is the third time that I've tried to post the logs from all the scans you requested. Browser is still slow. I sent them at 5:30 EDT tonite but the browser must have timed out.
here is some of the logs. I'm goin to send two now and two in another post.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/23/2014
Scan Time: 1:27:19 PM
Logfile: mbam-log-2014-05-23.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.05.23.10
Rootkit Database: v2014.05.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: jbandt

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 294696
Time Elapsed: 2 hr, 25 min, 17 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Disabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 26
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\newtab, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\defaults, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\defaults\preferences, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\icons, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\css, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\resources, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\favorites, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\info, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\_locales, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\_locales\en-US, Quarantined, [e22d32223a4181b54532e794f40ec13f],

Files: 163
PUP.Optional.TornTV.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\torntv@torntv.com.xpi, Quarantined, [907fb99bdd9e003619a0117a12f0af51],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\searchplugins\Mysearchdial.xml, Quarantined, [4bc4e96b82f92313b208d9c14ab840c0],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\chrome.manifest, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\install.rdf, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\.DS_Store, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser\.background.jsm.swp, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser\background.jsm, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser\bg.js, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser\browser.js, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser\browser.xul, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\browser\timer.jsm, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_de.json, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_en-gb.json, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_en_us.json, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_fr.json, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_he.json, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_it.json, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_pt-br.json, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_ru.json, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\data\favorites_tr.json, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\crypto-js.js, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\jquery-2.0.2.min.js, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\jquery.autocomplete.min.js, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\jquery.balloon.min.js, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\jquery.fittext.js, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\jquery.Jcrop.min.js, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\jquery.simplecolorpicker.min.js, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\mustache.min.js, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\string.min.js, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\external\underscore-min.js, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\newtab\gallery.html, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\newtab\gallery.min.js, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\newtab\newtab.html, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\newtab\newtab.min.js, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\newtab\search.html, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\content\newtab\search.min.js, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\defaults\preferences\prefs-sys.js, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\defaults\preferences\prefs.js, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\foundation.min.css, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\indicator.gif, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\Jcrop.gif, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\jquery.autocomplete.css, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\jquery.Jcrop.min.css, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\jquery.simplecolorpicker.css, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\external\normalize.css, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\arrow-gallery-cat-selected.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\arrow.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\emptyArea.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\gallery.css, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\gallery_templates.html, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\icon-gallery-search.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\not_available_32.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\plus.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\Thumbs.db, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\gallery\X.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\icons\128.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\icons\16.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\icons\48.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\icons\Thumbs.db, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\css\buttons.css, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\css\footer.css, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\css\header.css, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\css\list.css, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\css\newtab.css, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\css\search.css, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\css\themes.css, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\ajax-loader-2.gif, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\ajax-loader-bar.gif, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\ajax-loader-medium.gif, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\ajax-loader-small.gif, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\ajax-loader.gif, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\arrow-footer.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\arrow-header.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\attachment.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\close.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\edit-button.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\icon-chrome.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\icon-edit.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\icon-layout.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\icon-plus.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\icon-theme.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\menu_v.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\provider.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\Thumbs.db, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\x-button.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\arab_tile.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\batthern_@2X.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\bo_play_pattern_@2X.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\dark_wood_@2X.jpg, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\diagonal_striped_brick.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\escheresque_ste_@2X.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\gold_scale.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\purty_wood_@2X.jpg, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\readme.txt, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\starring_@2X.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\tileable_wood_texture_@2X.jpg, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\weave_@2X.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\wild_oliva_@2X.jpg, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\images\patterns\woven.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\resources\list.html, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\newtab\resources\menu.html, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css\activetabs.css, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css\favorites.css, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css\layout.css, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css\modal-fav-add.css, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css\modal-fav-edit.css, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css\modal-fav-group.css, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css\recentlyclosed.css, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\css\theme.css, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome\bookmarks.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome\download.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome\downloads.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome\downloas.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome\extensions.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome\history.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome\settings.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\chrome\trash.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\favorites\empty.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\favorites\error.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\favorites\shadow.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\info\contactus.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\info\facebook.ico, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\info\rateus.png, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\images\info\twitter.ico, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources\activetabs.html, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources\favorites.html, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources\layout.html, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources\modal-fav-add.html, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources\modal-fav-edit.html, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources\modal-fav-group.html, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources\recentlyclosed.html, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\skin\plugins\resources\theme.html, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}\_locales\en-US\translations.dtd, Quarantined, [e22d32223a4181b54532e794f40ec13f],
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://start.mysearchdial.com/?f=1&a=irmsd1202&cd=2XzuyEtN2Y1L1QzutDtDtCtCtCtC0BtCyEtDyDtC0C0B0FyEtN0D0Tzu0SyBtCyDtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=587891966&ir=");), Replaced,[f51a8bc93447c96db91e7012cc386799]
PUP.Optional.MySearch.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.irmysearch.aflt", "irmsd1202");), Replaced,[6da27ed6f982fa3c4a4fb2d0798bc739]
PUP.Optional.MySearch.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.irmysearch.instlRef", "");), Replaced,[3dd2460e64176dc9f0a9a9d9ce36e818]
PUP.Optional.MySearch.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.irmysearch.cr", "587891966");), Replaced,[47c864f04734df57f1a8d5ad679dab55]
PUP.Optional.MySearch.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutDtDtCtCtCtC0BtCyEtDyDtC0C0B0FyEtN0D0Tzu0SyBtCyDtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R");), Replaced,[c946480c27543105138683ff49bb926e]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.hmpg", true);), Replaced,[888755ff136854e2d4ced4ae897bcf31]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearchdial.com/?f=1&a=irmsd1202&cd=2XzuyEtN2Y1L1QzutDtDtCtCtCtC0BtCyEtDyDtC0C0B0FyEtN0D0Tzu0SyBtCyDtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=587891966&ir=");), Replaced,[9c7311437efdce68851db9c9d82c52ae]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.dfltSrch", true);), Replaced,[709f124206756ccaebb70d751fe5a65a]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");), Replaced,[789769ebe79475c14c566f130df74ab6]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.dnsErr", true);), Replaced,[8b84cf85e992b4825f436c16d331a759]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial_i.newTab", false);), Replaced,[88872133f08b3df9445e552d9b6941bf]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.newTabUrl", "http://start.mysearchdial.com/?f=2&a=irmsd1202&cd=2XzuyEtN2Y1L1QzutDtDtCtCtCtC0BtCyEtDyDtC0C0B0FyEtN0D0Tzu0SyBtCyDtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=587891966&ir=");), Replaced,[7e91e1733b4049ed703299e928dcd52b]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.tlbrSrchUrl", "http://start.mysearchdial.com/?f=3&a=irmsd1202&cd=2XzuyEtN2Y1L1QzutDtDtCtCtCtC0BtCyEtDyDtC0C0B0FyEtN0D0Tzu0SyBtCyDtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=587891966&ir=&q=");), Replaced,[e32c7cd8ea9186b0247e6a1820e4e917]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.id", "001111B14051CBF4");), Replaced,[eb247cd8a4d792a41989c2c0c341aa56]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.instlDay", "16054");), Replaced,[98774113691242f4683a750d4bb955ab]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.vrsn", "1.8.21.0");), Replaced,[45ca72e2fd7ee155762ca2e07c88f50b]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.vrsni", "1.8.21.0");), Replaced,[aa659eb6483385b1c1e12f53976d7090]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.08:45:18");), Replaced,[5ab5c68e413aab8ba6fc99e9f60ee020]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");), Replaced,[44cba4b089f251e53072fc86b54f7888]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.prdct", "mysearchdial");), Replaced,[917e351f2d4ee155336f4240ca3a3ac6]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.aflt", "irmsd1202");), Replaced,[be51d4804734c96d1191e9990bf923dd]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial_i.smplGrp", "none");), Replaced,[cf409cb87506b1852a78087aad571ee2]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.tlbrId", "base");), Replaced,[26e96fe5dd9ea6902f732b57a26219e7]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.instlRef", "");), Replaced,[b956371dee8d290dcbd7572b62a2dc24]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.dfltLng", "");), Replaced,[f91691c32754b28492103a480004dc24]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");), Replaced,[fd1268ec5a21a6904b574c36bb49cf31]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.excTlbr", false);), Replaced,[739c7bd90477b5819d050082c73ddf21]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial_i.hmpg", true);), Replaced,[4dc29fb55c1f74c2f4aeb7cb43c127d9]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.cr", "587891966");), Replaced,[c64979db83f84beb5e44bdc57490bc44]
PUP.Optional.MySearchDial.A, C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzutDtDtCtCtCtC0BtCyEtDyDtC0C0B0FyEtN0D0Tzu0SyBtCyDtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R");), Replaced,[49c667ed3b405cda465c364c20e49070]

Physical Sectors: 0
(No malicious items detected)


(end)

# AdwCleaner v3.210 - Report created 23/05/2014 at 16:51:35
# Updated 19/05/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : jbandt - JBANDTBONE
# Running from : C:\Documents and Settings\jbandt\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

[x] Not Deleted : C:\Documents and Settings\All Users\Application Data\apn
Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\registry mechanic
[x] Not Deleted : C:\Program Files\jZip
Folder Deleted : C:\Program Files\registry mechanic
[x] Not Deleted : C:\Documents and Settings\jbandt\Local Settings\Application Data\FileTypeAssistant
[x] Not Deleted : C:\Documents and Settings\jbandt\Local Settings\Application Data\jZip
[x] Not Deleted : C:\DOCUME~1\jbandt\LOCALS~1\Temp\jZip
Folder Deleted : C:\Documents and Settings\jbandt\Application Data\DriverCure
Folder Deleted : C:\Documents and Settings\jbandt\Application Data\SpeedMaxPc
Folder Deleted : C:\Documents and Settings\jbandt\Application Data\Uniblue
[x] Not Deleted : C:\Documents and Settings\jbandt\Start Menu\Programs\jZip.lnk
File Deleted : C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Deleted : HKLM\SOFTWARE\Classes\.bdc
Key Deleted : HKLM\SOFTWARE\Classes\.bgl
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
[x] Not Deleted : HKLM\SOFTWARE\Classes\jZip.file
[x] Not Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
[x] Not Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppPath\jZip.exe
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
[x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKCU\Software\jZip
Key Deleted : HKCU\Software\MyWaySA
Key Deleted : HKCU\Software\SpeedMaxPC
Key Deleted : HKCU\Software\Uniblue
Key Deleted : HKCU\Software\YahooPartnerToolbar
[x] Not Deleted : HKLM\Software\jZip
Key Deleted : HKLM\Software\MyWaySA
Key Deleted : HKLM\Software\SpeedMaxPC
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\V9Software
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\jZip
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\jZip
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Search Protection

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v

[ File : C:\Documents and Settings\jbandt\Application Data\Mozilla\Firefox\Profiles\3\prefs.js ]

Line Deleted : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");

*************************

AdwCleaner[R0].txt - [5703 octets] - [23/05/2014 16:08:07]
AdwCleaner[S0].txt - [5564 octets] - [23/05/2014 16:51:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5624 octets] ##########

#4 jbandtbone

jbandtbone
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:56 PM

Posted 23 May 2014 - 09:59 PM

And here are the other two logs.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:23-05-2014
Ran by jbandt (administrator) on JBANDTBONE on 23-05-2014 17:07:19
Running from C:\Documents and Settings\jbandt\Desktop
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(MYSecurityCenter) C:\Program Files\MYSecurityCenter\MYAntivirus\vsserv.exe
(ATI Technologies Inc.) C:\WINDOWS\SYSTEM32\ati2evxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Creative Technology Ltd) C:\WINDOWS\SYSTEM32\CTSVCCDA.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(MYSecurityCenter) C:\Program Files\MYSecurityCenter\MYAntivirus\bdagent.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(MYSecurityCenter) C:\Program Files\MYSecurityCenter\MYAntivirus\updatesrv.exe
(WDC) C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
(Microsoft Corporation) C:\WINDOWS\SYSTEM32\MsPMSPSv.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [DLCJCATS] => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCJtime.dll [73728 2005-08-15] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Bdagent] => C:\Program Files\MYSecurityCenter\MYAntivirus\bdagent.exe [1428824 2013-09-26] (MYSecurityCenter)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\.DEFAULT\...\Run: [DWQueuedReporting] => C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)
HKU\.DEFAULT\...\RunOnce: [RunNarrator] - C:\Windows\system32\Narrator.exe [53760 2008-04-13] (Microsoft Corporation)
HKU\.DEFAULT\...\Policies\Explorer: [CDRAutoRun] 0
HKU\S-1-5-21-3930405495-149949848-2829475311-1006\...\Policies\Explorer: [ClearRecentDocsOnExit] 0x01000000
Lsa: [Authentication Packages] msv1_0 relog_ap

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4419D5DE065FCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
URLSearchHook: HKCU - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {AD4A5954-7421-4AD9-B56B-16AA6FE237F9} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7ADRA_en
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll No File
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech.com/devicedetector/bin/LogitechDeviceDetection32.cab
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} http://www.celartem.com/en/download/data/djvu_autoinstall/DjVuControl_en_US.cab
DPF: {15B782AF-55D8-11D1-B477-006097098764} http://download.macromedia.com/pub/shockwave/cabs/authorware/awswax70.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} https://fdotnfuse.dot.state.fl.us/Citrix/ICAWEB/en/ica32/wficat.cab
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} https://support.microsoft.com/OAS/ActiveX/odc.cab
DPF: {321FB770-1FBE-4BFE-BDC1-6F622D4FA499} https://pbells.broadjump.com/wizlet/iw60/static/controls/WebflowActiveXInstaller_4-0-0.cab
DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://i.dell.com/images/global/js/scanner/SysProExe.cab
DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} http://moneycentral.msn.com/cabs/pmupd806.exe
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {46D8BEE7-0B27-4466-ABA2-A5F1E157971C} http://dvr.floridanexuspark.com/RemoteWeb.cab
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,99/mcinsctl.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} http://doliver.earthcam.net/viewer/AMC.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
DPF: {8A5BE387-D09A-4DFA-A56B-DCB89BD11468} https://lowes.2020.net/planner/Core/Player/2020PlayerAX_WEB_Win32.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {8D3314D6-5914-46C1-9F3D-9F14B6A305F1} http://www.mytpi.com/mytpi05/eval/ectuploader.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} http://www.crucial.com/controls/cpcScanner.cab
DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadblocker.com/activex/sabspx.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} http://hgtv1.view22.com/view22/app/view22rte.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://www.cvsphoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} http://fdl.msn.com/zone/datafiles/heartbeat.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
DPF: {E7D2588A-7FB5-47DC-8830-832605661009} https://livewc01.custhelp.com/7550-b415h-quickenmedical/rnl/java/RntX.cab
DPF: {EF0DBA6F-43CE-4B26-9808-2AB38FA0DB29} http://fdl.msn.com/public/investor/v13/ticker.cab
DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} http://by107fd.bay107.hotmail.msn.com/activex/HMAtchmt.ocx
DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} http://www.paslc.org/acgm/f2_acgm.cab
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/optimize2/pcpitstop2.dll
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler: copernicagent - {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
Handler: copernicagentcache - {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-18] (SuperAdBlocker.com)
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @Motive.com/NpMotive,version=1.0 - C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF Plugin: @nosltd.com/getPlus+®,version=1.6.2.102 - C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\jbandt\Local Settings\Application Data\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\jbandt\Local Settings\Application Data\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\jbandt\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-07-11] (SUPERAntiSpyware.com)
S3 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [431384 2009-06-10] (Acronis)
R2 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.EXE [44032 1999-12-13] (Creative Technology Ltd)
S3 dlcj_device; C:\WINDOWS\system32\dlcjcoms.exe [491520 2005-07-12] ()
R2 IAANTMon; C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe [73852 2004-06-29] (Intel Corporation)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-04-24] (Oracle Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)
R2 UPDATESRV; C:\Program Files\MYSecurityCenter\MYAntivirus\updatesrv.exe [53592 2013-09-26] (MYSecurityCenter)
R2 VSSERV; C:\Program Files\MYSecurityCenter\MYAntivirus\vsserv.exe [1342960 2013-09-27] (MYSecurityCenter)
R2 WDBtnMgrSvc.exe; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [102400 2008-07-24] (WDC)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
R2 WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [53248 2001-05-01] (Microsoft Corporation)
S4 McDetect.exe; c:\program files\mcafee.com\agent\mcdetect.exe [X]
S3 McTskshd.exe; c:\PROGRA~1\mcafee.com\agent\mctskshd.exe [X]
S3 mcupdmgr.exe; C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe [X]

==================== Drivers (Whitelisted) ====================

R0 abp480n5; C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS [23552 2004-08-12] (Microsoft Corporation)
S3 alcan5ln; C:\WINDOWS\System32\DRIVERS\alcan5ln.sys [36960 2002-07-31] (Alcatel Bell)
S3 alcan5wn; C:\WINDOWS\System32\DRIVERS\alcan5wn.sys [54256 2002-07-31] (Alcatel Bell)
S3 alcaudsl; C:\WINDOWS\System32\DRIVERS\alcaudsl.sys [740592 2002-07-31] (Alcatel Bell)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [640560 2013-07-19] (BitDefender)
R3 avchv; C:\WINDOWS\System32\DRIVERS\avchv.sys [242504 2012-11-02] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [490144 2013-07-19] (BitDefender)
R1 BANTExt; C:\WINDOWS\System32\Drivers\BANTExt.sys [3840 2003-03-06] ()
R1 bdftdif; C:\Program Files\Common Files\MYSecurityCenter\MYSecurityCenter Firewall\bdftdif.sys [130640 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\WINDOWS\system32\drivers\bdsandbox.sys [66832 2013-07-23] (BitDefender SRL)
R1 bdselfpr; C:\Program Files\MYSecurityCenter\MYAntivirus\bdselfpr.sys [135600 2013-07-26] (BitDefender LLC)
S3 bvrp_pci; C:\WINDOWS\system32\Drivers\bvrp_pci.sys [4272 2003-08-28] ()
R1 Cdr4_xp; C:\WINDOWS\system32\Drivers\Cdr4_xp.sys [66992 2006-04-13] (Roxio)
R1 Cdralw2k; C:\WINDOWS\system32\Drivers\Cdralw2k.sys [24698 2006-04-13] (Roxio)
R1 cdudf_xp; C:\WINDOWS\system32\Drivers\cdudf_xp.sys [259328 2003-07-18] (Roxio)
S3 COMMONFX.DLL; C:\WINDOWS\System32\COMMONFX.DLL [114688 2003-11-13] (Creative Technology Ltd)
S3 CT20XUT.DLL; C:\WINDOWS\System32\CT20XUT.DLL [164608 2007-04-12] (Creative Technology Ltd.)
S3 CTAUDFX.DLL; C:\WINDOWS\System32\CTAUDFX.DLL [585728 2004-07-12] (Creative Technology Ltd)
S3 ctdvda2k; C:\WINDOWS\System32\drivers\ctdvda2k.sys [333600 2003-11-12] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\WINDOWS\System32\CTEAPSFX.DLL [168192 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\WINDOWS\System32\CTEDSPFX.DLL [280320 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\WINDOWS\System32\CTEDSPIO.DLL [128768 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPSY.DLL; C:\WINDOWS\System32\CTEDSPSY.DLL [323328 2007-04-12] (Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\WINDOWS\System32\CTERFXFX.DLL [94976 2007-04-12] (Creative Technology Ltd)
S3 CTEXFIFX.DLL; C:\WINDOWS\System32\CTEXFIFX.DLL [1317632 2007-04-12] (Creative Technology Ltd.)
S3 CTHWIUT.DLL; C:\WINDOWS\System32\CTHWIUT.DLL [66816 2007-04-12] (Creative Technology Ltd.)
S3 CTSBLFX.DLL; C:\WINDOWS\System32\CTSBLFX.DLL [606208 2003-11-13] (Creative Technology Ltd)
R2 drvnddm; C:\WINDOWS\System32\drivers\drvnddm.sys [40480 2004-11-23] (Sonic Solutions)
R1 DVDVRRdr_xp; C:\WINDOWS\system32\Drivers\DVDVRRdr_xp.sys [146560 2003-07-17] (Roxio)
R3 dvd_2K; C:\WINDOWS\system32\Drivers\dvd_2K.sys [21993 2003-07-18] (Roxio)
S3 FTDIBUS; C:\WINDOWS\System32\drivers\ftdibus.sys [47249 2006-12-06] (FTDI Ltd.)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [162976 2012-10-04] (BitDefender LLC)
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [904752 2004-08-12] (Creative Technology Ltd)
R3 hap16v2k; C:\WINDOWS\System32\drivers\hap16v2k.sys [148432 2004-07-12] (Creative Technology Ltd)
S3 hap17v2k; C:\WINDOWS\System32\drivers\hap17v2k.sys [189736 2007-04-10] (Creative Technology Ltd)
R3 IntelC51; C:\WINDOWS\System32\DRIVERS\IntelC51.sys [1233525 2004-03-06] (Intel Corporation)
R3 IntelC52; C:\WINDOWS\System32\DRIVERS\IntelC52.sys [647929 2004-03-06] (Intel Corporation)
R3 IntelC53; C:\WINDOWS\System32\DRIVERS\IntelC53.sys [61157 2004-06-16] (Intel Corporation)
S3 libusb0; C:\WINDOWS\System32\DRIVERS\libusb0.sys [42592 2013-03-14] (http://libusb-win32.sourceforge.net)
R2 MASPINT; C:\WINDOWS\system32\Drivers\MASPINT.sys [8224 2002-06-21] (MicroStaff Co.,Ltd.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [110296 2014-05-23] (Malwarebytes Corporation)
R3 mf; C:\WINDOWS\System32\DRIVERS\mf.sys [63744 2008-04-13] (Microsoft Corporation)
S3 mmc_2K; C:\WINDOWS\system32\Drivers\mmc_2K.sys [22745 2003-07-18] (Roxio)
R3 mohfilt; C:\WINDOWS\System32\DRIVERS\mohfilt.sys [37048 2004-03-06] (Intel Corporation)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2012-06-14] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MREMPR5; C:\Program Files\Common Files\Motive\MREMPR5.sys [19345 2004-11-22] (Motive, Inc.)
S3 MRENDIS5; C:\Program Files\Common Files\Motive\MRENDIS5.sys [18003 2004-11-22] (Motive, Inc.)
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2012-06-14] (Printing Communications Assoc., Inc. (PCAUSA))
S3 NDMSHLP; C:\Program Files\Common Files\HHD Software\Device Monitor\ndmshlp.sys [7632 2005-05-24] (HHD Software)
R3 NmPar; C:\WINDOWS\System32\DRIVERS\NmPar.sys [80256 2008-12-24] (Windows ® 2000 DDK provider)
R3 nmserial; C:\WINDOWS\System32\DRIVERS\nmserial.sys [70016 2008-12-16] (Windows ® 2000 DDK provider)
R2 PfModNT; C:\WINDOWS\system32\drivers\PfModNT.sys [6656 2004-08-06] (Creative Technology Ltd.)
S3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf.sys [15544 2011-12-16] (Secunia)
R1 pwd_2k; C:\WINDOWS\system32\Drivers\pwd_2k.sys [118409 2003-07-18] (Roxio)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SerMon; C:\Program Files\HHD Software\Free Serial Port Monitor\sermon.sys [18432 2005-05-24] (HHD Software)
R1 sscdbhk5; C:\WINDOWS\System32\drivers\sscdbhk5.sys [5627 2004-07-14] (Sonic Solutions)
R1 ssrtln; C:\WINDOWS\System32\drivers\ssrtln.sys [23545 2004-07-14] (Sonic Solutions)
R0 tdrpman; C:\WINDOWS\System32\DRIVERS\tdrpman.sys [368480 2010-06-05] (Acronis)
R2 tfsnboio; C:\WINDOWS\System32\dla\tfsnboio.sys [25883 2004-11-16] (Sonic Solutions)
R2 tfsncofs; C:\WINDOWS\System32\dla\tfsncofs.sys [34843 2004-11-16] (Sonic Solutions)
R2 tfsndrct; C:\WINDOWS\System32\dla\tfsndrct.sys [4123 2004-11-16] (Sonic Solutions)
R2 tfsndres; C:\WINDOWS\System32\dla\tfsndres.sys [2239 2004-11-16] (Sonic Solutions)
R2 tfsnifs; C:\WINDOWS\System32\dla\tfsnifs.sys [86554 2004-11-16] (Sonic Solutions)
R2 tfsnopio; C:\WINDOWS\System32\dla\tfsnopio.sys [15227 2004-11-16] (Sonic Solutions)
R2 tfsnpool; C:\WINDOWS\System32\dla\tfsnpool.sys [6363 2004-11-16] (Sonic Solutions)
R2 tfsnudf; C:\WINDOWS\System32\dla\tfsnudf.sys [98714 2004-11-16] (Sonic Solutions)
R2 tfsnudfa; C:\WINDOWS\System32\dla\tfsnudfa.sys [100603 2004-11-16] (Sonic Solutions)
R2 tifsfilter; C:\WINDOWS\System32\DRIVERS\tifsfilt.sys [44384 2010-06-05] (Acronis)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [355744 2013-05-28] (BitDefender S.R.L.)
R1 UdfReadr_xp; C:\WINDOWS\system32\Drivers\UdfReadr_xp.sys [213120 2003-07-18] (Roxio)
S3 A4S2600; System32\drivers\A4S2600.sys [X]
S2 DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
S3 SABProcEnum; \??\C:\Program Files\Internet Explorer\SABProcEnum.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
U3 TlntSvr;
S3 TSP; \??\C:\WINDOWS\SYSTEM32\ZoneLabs\avsys\KLIF.SYS [X]
S3 wanatw; system32\DRIVERS\wanatw4.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-23 17:07 - 2014-05-23 17:08 - 00023247 _____ () C:\Documents and Settings\jbandt\Desktop\FRST.txt
2014-05-23 17:06 - 2014-05-23 17:07 - 00000000 ____D () C:\FRST
2014-05-23 17:05 - 2014-05-23 17:05 - 01056768 _____ (Farbar) C:\Documents and Settings\jbandt\Desktop\FRST.exe
2014-05-23 16:57 - 2014-05-23 16:57 - 00005704 _____ () C:\Documents and Settings\jbandt\Desktop\AdwCleaner[S0].txt
2014-05-23 16:07 - 2014-05-23 16:51 - 00000000 ____D () C:\AdwCleaner
2014-05-23 16:07 - 2014-05-23 16:07 - 01326389 _____ () C:\Documents and Settings\jbandt\Desktop\AdwCleaner.exe
2014-05-23 13:26 - 2014-05-23 16:56 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-05-23 13:25 - 2014-05-23 13:25 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-23 13:25 - 2014-05-23 13:25 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-23 13:25 - 2014-05-23 13:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-23 13:25 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-05-23 13:24 - 2014-05-23 13:24 - 17292760 _____ (Malwarebytes Corporation ) C:\Documents and Settings\jbandt\Desktop\mbam-setup-2.0.2.1012.exe
2014-05-20 05:09 - 2014-05-20 05:13 - 00072713 _____ () C:\Documents and Settings\jbandt\Desktop\dds.txt
2014-05-20 05:09 - 2014-05-20 05:13 - 00005222 _____ () C:\Documents and Settings\jbandt\Desktop\attach.txt
2014-05-20 05:06 - 2014-05-20 05:05 - 00688992 ____R (Swearware) C:\Documents and Settings\jbandt\Desktop\dds.com
2014-05-19 18:06 - 2014-05-19 18:06 - 00000000 _____ () C:\Program Files\GUM6F.tmp
2014-05-19 17:31 - 2014-05-19 17:31 - 00000385 _____ () C:\Documents and Settings\jbandt\Application Datauser_gensett.xml
2014-05-19 17:28 - 2014-05-19 17:28 - 00000000 __SHD () C:\found.002
2014-05-11 22:08 - 2014-05-11 22:08 - 00439416 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-3930405495-149949848-2829475311-1006-0.dat
2014-05-11 22:08 - 2014-05-11 22:08 - 00389590 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-05-10 16:15 - 2014-05-10 16:15 - 00000000 ____D () C:\Program Files\My Dell
2014-05-10 16:15 - 2014-05-10 16:15 - 00000000 ____D () C:\Program Files\Dell Support Center
2014-05-10 16:15 - 2014-05-10 16:15 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\Dell
2014-05-10 16:15 - 2014-05-10 16:15 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\PCDr
2014-05-10 16:13 - 2014-05-10 16:16 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\PCDr
2014-05-09 18:58 - 2014-05-09 18:58 - 00000385 _____ () C:\WINDOWS\system32\user_gensett.xml
2014-05-09 17:52 - 2014-05-09 17:52 - 00382141 _____ () C:\Documents and Settings\All Users\Application Data\1399665448.bdinstall.bin
2014-05-09 17:26 - 2014-05-09 17:26 - 00072704 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2014-05-09 16:58 - 2014-05-09 16:58 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\QuickScan
2014-05-09 16:57 - 2014-05-09 16:57 - 00001807 _____ () C:\Documents and Settings\All Users\Desktop\MYAntivirus.lnk
2014-05-09 16:57 - 2014-05-09 16:57 - 00001759 _____ () C:\Documents and Settings\All Users\Desktop\MYSecurityCenter Safepay.lnk
2014-05-09 16:57 - 2014-05-09 16:57 - 00000000 ____H () C:\WINDOWS\system32\Drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2014-05-09 16:57 - 2014-05-09 16:57 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-05-09 16:57 - 2014-05-09 16:57 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\MYAntivirus
2014-05-09 16:56 - 2014-05-09 16:57 - 00004260 _____ () C:\WINDOWS\Wdf01009Inst.log
2014-05-09 16:56 - 2014-05-09 16:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallWdf01009$
2014-05-09 16:56 - 2014-05-09 16:56 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Bitdefender
2014-05-09 16:56 - 2014-05-09 16:56 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\BDLogging
2014-05-09 16:56 - 2013-07-23 16:50 - 00066832 _____ (BitDefender SRL) C:\WINDOWS\system32\Drivers\bdsandbox.sys
2014-05-09 16:56 - 2009-07-14 23:27 - 01461992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2014-05-09 16:56 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2014-05-09 16:55 - 2014-05-09 16:58 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MYSecurityCenter
2014-05-09 16:55 - 2014-05-09 16:55 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\MYSecurityCenter
2014-05-09 16:55 - 2013-07-19 18:06 - 00490144 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2014-05-09 16:55 - 2013-07-19 18:03 - 00640560 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2014-05-09 16:55 - 2012-11-02 14:17 - 00242504 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys
2014-05-09 16:54 - 2014-05-09 16:54 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\QuickScan
2014-05-09 16:53 - 2014-05-09 16:53 - 00000000 ____D () C:\Program Files\MYSecurityCenter
2014-05-09 16:53 - 2013-05-28 12:11 - 00355744 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2014-05-09 16:53 - 2012-10-04 14:30 - 00162976 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2014-05-09 15:57 - 2014-05-09 16:53 - 00000000 ____D () C:\Program Files\Common Files\MYSecurityCenter
2014-05-06 16:55 - 2014-05-06 16:55 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\Wise
2014-05-06 16:55 - 2014-05-06 16:55 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\GetPrivate
2014-05-02 17:31 - 2014-05-02 17:35 - 00006065 _____ () C:\WINDOWS\KB2964358-IE8.log
2014-04-24 17:45 - 2014-04-24 17:45 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-04-24 17:45 - 2014-04-24 17:45 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-04-24 17:45 - 2014-04-24 17:45 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-04-24 17:45 - 2014-04-24 17:45 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-04-24 17:45 - 2014-04-24 17:45 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-04-24 17:45 - 2014-04-24 17:45 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java

==================== One Month Modified Files and Folders =======

2014-05-23 17:08 - 2014-05-23 17:07 - 00023247 _____ () C:\Documents and Settings\jbandt\Desktop\FRST.txt
2014-05-23 17:07 - 2014-05-23 17:06 - 00000000 ____D () C:\FRST
2014-05-23 17:05 - 2014-05-23 17:05 - 01056768 _____ (Farbar) C:\Documents and Settings\jbandt\Desktop\FRST.exe
2014-05-23 17:04 - 2005-01-03 21:02 - 00002206 _____ () C:\WINDOWS\system32\WPA.DBL
2014-05-23 17:01 - 2007-12-23 20:48 - 01677887 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-23 16:58 - 2008-08-30 18:34 - 00000424 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{3F45EB98-1067-44F6-BEF8-FB04E0C7096F}.job
2014-05-23 16:57 - 2014-05-23 16:57 - 00005704 _____ () C:\Documents and Settings\jbandt\Desktop\AdwCleaner[S0].txt
2014-05-23 16:56 - 2014-05-23 13:26 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-05-23 16:55 - 2007-12-23 20:47 - 00000312 _____ () C:\WINDOWS\wiaservc.log
2014-05-23 16:55 - 2007-12-23 20:47 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-05-23 16:54 - 2014-03-27 15:51 - 00000224 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-05-23 16:54 - 2013-04-06 10:13 - 00000380 _____ () C:\WINDOWS\Tasks\FreeFileViewerUpdateChecker.job
2014-05-23 16:54 - 2005-01-03 21:04 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-23 16:53 - 2013-05-10 19:45 - 00001080 _____ () C:\WINDOWS\system32\settingsbkup.sfm
2014-05-23 16:53 - 2013-05-10 19:45 - 00001080 _____ () C:\WINDOWS\system32\settings.sfm
2014-05-23 16:53 - 2013-05-10 19:39 - 00000384 _____ () C:\WINDOWS\system32\DVCStateBkp-{00000004-00000000-00000002-00001102-00000004-20061102}.dat
2014-05-23 16:53 - 2013-05-10 19:39 - 00000384 _____ () C:\WINDOWS\system32\DVCState-{00000004-00000000-00000002-00001102-00000004-20061102}.dat
2014-05-23 16:53 - 2007-12-23 20:47 - 00032448 _____ () C:\WINDOWS\SchedLgU.Txt
2014-05-23 16:52 - 2005-01-06 19:33 - 00000278 ___SH () C:\Documents and Settings\jbandt\NTUSER.INI
2014-05-23 16:52 - 2005-01-06 19:33 - 00000000 ____D () C:\Documents and Settings\jbandt
2014-05-23 16:51 - 2014-05-23 16:07 - 00000000 ____D () C:\AdwCleaner
2014-05-23 16:49 - 2011-11-26 09:57 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-05-23 16:07 - 2014-05-23 16:07 - 01326389 _____ () C:\Documents and Settings\jbandt\Desktop\AdwCleaner.exe
2014-05-23 13:25 - 2014-05-23 13:25 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-23 13:25 - 2014-05-23 13:25 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-23 13:25 - 2014-05-23 13:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-23 13:25 - 2012-02-15 23:33 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-05-23 13:25 - 2008-09-05 17:01 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\Malwarebytes
2014-05-23 13:24 - 2014-05-23 13:24 - 17292760 _____ (Malwarebytes Corporation ) C:\Documents and Settings\jbandt\Desktop\mbam-setup-2.0.2.1012.exe
2014-05-21 17:13 - 2013-01-16 18:08 - 00000930 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3930405495-149949848-2829475311-1006Core.job
2014-05-20 05:13 - 2014-05-20 05:09 - 00072713 _____ () C:\Documents and Settings\jbandt\Desktop\dds.txt
2014-05-20 05:13 - 2014-05-20 05:09 - 00005222 _____ () C:\Documents and Settings\jbandt\Desktop\attach.txt
2014-05-20 05:05 - 2014-05-20 05:06 - 00688992 ____R (Swearware) C:\Documents and Settings\jbandt\Desktop\dds.com
2014-05-19 23:29 - 2010-04-04 13:54 - 00000000 ____D () C:\Program Files\PC Tune-Up
2014-05-19 23:29 - 2005-01-03 20:53 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-05-19 23:28 - 2005-01-03 20:53 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-05-19 23:05 - 2005-12-25 12:10 - 00143785 _____ () C:\dlcjscan.log
2014-05-19 22:09 - 2007-09-10 19:38 - 00000000 ____D () C:\Documents and Settings\jbandt\Local Settings\Application Data\Google
2014-05-19 22:09 - 2005-10-08 23:23 - 00000000 ____D () C:\Program Files\Google
2014-05-19 21:46 - 2010-03-14 14:41 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-05-19 19:34 - 2005-12-25 12:13 - 00000000 ____D () C:\Program Files\Dl_cats
2014-05-19 18:06 - 2014-05-19 18:06 - 00000000 _____ () C:\Program Files\GUM6F.tmp
2014-05-19 17:31 - 2014-05-19 17:31 - 00000385 _____ () C:\Documents and Settings\jbandt\Application Datauser_gensett.xml
2014-05-19 17:28 - 2014-05-19 17:28 - 00000000 __SHD () C:\found.002
2014-05-15 17:25 - 2006-04-29 14:43 - 00000000 ____D () C:\Documents and Settings\jbandt\My Documents\John Brewer
2014-05-14 13:45 - 2013-07-15 07:26 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-05-14 13:41 - 2005-05-10 20:23 - 90547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-05-12 07:26 - 2014-05-23 13:25 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-05-12 07:25 - 2013-04-14 17:19 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-05-11 22:08 - 2014-05-11 22:08 - 00439416 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-3930405495-149949848-2829475311-1006-0.dat
2014-05-11 22:08 - 2014-05-11 22:08 - 00389590 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-05-10 18:38 - 2013-01-13 22:21 - 00291572 _____ () C:\WINDOWS\setupapi.log
2014-05-10 18:36 - 2013-07-13 18:43 - 00000000 ____D () C:\Documents and Settings\jbandt\Local Settings\Application Data\Deployment
2014-05-10 16:16 - 2014-05-10 16:13 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\PCDr
2014-05-10 16:15 - 2014-05-10 16:15 - 00000000 ____D () C:\Program Files\My Dell
2014-05-10 16:15 - 2014-05-10 16:15 - 00000000 ____D () C:\Program Files\Dell Support Center
2014-05-10 16:15 - 2014-05-10 16:15 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\Dell
2014-05-10 16:15 - 2014-05-10 16:15 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\PCDr
2014-05-10 16:15 - 2005-01-03 21:13 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Dell
2014-05-09 19:03 - 2005-01-03 20:53 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-05-09 18:58 - 2014-05-09 18:58 - 00000385 _____ () C:\WINDOWS\system32\user_gensett.xml
2014-05-09 18:26 - 2005-01-03 21:03 - 00586086 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-09 17:52 - 2014-05-09 17:52 - 00382141 _____ () C:\Documents and Settings\All Users\Application Data\1399665448.bdinstall.bin
2014-05-09 17:26 - 2014-05-09 17:26 - 00072704 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2014-05-09 16:58 - 2014-05-09 16:58 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\QuickScan
2014-05-09 16:58 - 2014-05-09 16:55 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MYSecurityCenter
2014-05-09 16:57 - 2014-05-09 16:57 - 00001807 _____ () C:\Documents and Settings\All Users\Desktop\MYAntivirus.lnk
2014-05-09 16:57 - 2014-05-09 16:57 - 00001759 _____ () C:\Documents and Settings\All Users\Desktop\MYSecurityCenter Safepay.lnk
2014-05-09 16:57 - 2014-05-09 16:57 - 00000000 ____H () C:\WINDOWS\system32\Drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2014-05-09 16:57 - 2014-05-09 16:57 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-05-09 16:57 - 2014-05-09 16:57 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\MYAntivirus
2014-05-09 16:57 - 2014-05-09 16:56 - 00004260 _____ () C:\WINDOWS\Wdf01009Inst.log
2014-05-09 16:57 - 2014-05-09 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallWdf01009$
2014-05-09 16:57 - 2013-01-14 17:30 - 00217557 _____ () C:\WINDOWS\FaxSetup.log
2014-05-09 16:57 - 2013-01-14 17:30 - 00109681 _____ () C:\WINDOWS\tsoc.log
2014-05-09 16:57 - 2013-01-14 17:30 - 00097900 _____ () C:\WINDOWS\comsetup.log
2014-05-09 16:57 - 2013-01-14 17:30 - 00077184 _____ () C:\WINDOWS\ocgen.log
2014-05-09 16:57 - 2013-01-14 17:30 - 00066508 _____ () C:\WINDOWS\iis6.log
2014-05-09 16:57 - 2013-01-14 17:30 - 00063840 _____ () C:\WINDOWS\ntdtcsetup.log
2014-05-09 16:57 - 2013-01-14 17:30 - 00015879 _____ () C:\WINDOWS\msgsocm.log
2014-05-09 16:57 - 2013-01-14 17:30 - 00009647 _____ () C:\WINDOWS\setupact.log
2014-05-09 16:57 - 2013-01-14 17:30 - 00000575 _____ () C:\WINDOWS\imsins.log
2014-05-09 16:56 - 2014-05-09 16:56 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Bitdefender
2014-05-09 16:56 - 2014-05-09 16:56 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\BDLogging
2014-05-09 16:55 - 2014-05-09 16:55 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\MYSecurityCenter
2014-05-09 16:54 - 2014-05-09 16:54 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\QuickScan
2014-05-09 16:53 - 2014-05-09 16:53 - 00000000 ____D () C:\Program Files\MYSecurityCenter
2014-05-09 16:53 - 2014-05-09 15:57 - 00000000 ____D () C:\Program Files\Common Files\MYSecurityCenter
2014-05-09 15:15 - 2014-04-08 17:55 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-05-08 15:49 - 2014-03-27 15:51 - 00000218 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-05-07 18:53 - 2011-01-16 20:10 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2014-05-06 18:44 - 2013-01-17 22:18 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\uTorrent
2014-05-06 18:38 - 2005-08-14 20:07 - 00000000 ____D () C:\unzipped
2014-05-06 17:59 - 2010-02-10 23:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978037$
2014-05-06 17:17 - 2012-07-31 17:46 - 00000803 _____ () C:\Documents and Settings\jbandt\Start Menu\Programs\Internet Explorer.lnk
2014-05-06 16:55 - 2014-05-06 16:55 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\Wise
2014-05-06 16:55 - 2014-05-06 16:55 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\GetPrivate
2014-05-06 16:54 - 2013-01-18 19:00 - 00093062 _____ () C:\WINDOWS\wmsetup.log
2014-05-04 20:55 - 2013-12-08 18:08 - 00008475 _____ () C:\Documents and Settings\jbandt\Desktop\stmt.csv
2014-05-04 20:55 - 2012-11-04 09:21 - 00003385 _____ () C:\Documents and Settings\jbandt\Desktop\payments.csv
2014-05-02 17:35 - 2014-05-02 17:31 - 00006065 _____ () C:\WINDOWS\KB2964358-IE8.log
2014-05-02 17:35 - 2013-01-14 17:30 - 00045537 _____ () C:\WINDOWS\updspapi.log
2014-05-02 17:35 - 2013-01-14 17:30 - 00000575 _____ () C:\WINDOWS\imsins.BAK
2014-05-02 17:35 - 2009-06-24 23:27 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-04-30 04:13 - 2004-08-12 10:00 - 06022144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2014-04-30 04:13 - 2004-08-12 10:00 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-04-29 16:53 - 2011-11-21 11:40 - 00692400 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-04-29 16:53 - 2011-07-01 08:53 - 00070832 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-04-24 17:55 - 2005-01-03 21:12 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-04-24 17:45 - 2014-04-24 17:45 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-04-24 17:45 - 2014-04-24 17:45 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-04-24 17:45 - 2014-04-24 17:45 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-04-24 17:45 - 2014-04-24 17:45 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-04-24 17:45 - 2014-04-24 17:45 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-04-24 17:45 - 2014-04-24 17:45 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-04-24 17:45 - 2009-06-24 17:16 - 00000000 ____D () C:\Program Files\Java

Files to move or delete:
====================
C:\Documents and Settings\jbandt\jagex_runescape_preferences.dat
C:\Documents and Settings\jbandt\OFXLOG.DAT


Some content of TEMP:
====================
C:\Documents and Settings\jbandt\Local Settings\temp\2a585d45-7ae3-4245-b0c9-40a40c5732a2.exe
C:\Documents and Settings\jbandt\Local Settings\temp\ARPPRODUCTICON.exe
C:\Documents and Settings\jbandt\Local Settings\temp\f.exe
C:\Documents and Settings\jbandt\Local Settings\temp\install_flashplayer13x32axau_gtbd_chrd_dn_awb_aih[1].exe
C:\Documents and Settings\jbandt\Local Settings\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version:23-05-2014
Ran by jbandt at 2014-05-23 17:09:36
Running from C:\Documents and Settings\jbandt\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: MYSecurityCenter Antivirus (Disabled - Up to date) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: AVG Firewall (Disabled) {8decf618-9569-4340-b34a-d78d28969b66}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.30888 - BitTorrent Inc.)
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.41612 - ABBYY Software House)
Acronis True Image WD Edition (HKLM\...\{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}) (Version: 11.0.8311 - Acronis)
Adobe AIR (Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Atmosphere Player for Acrobat and Adobe Reader (HKLM\...\Adobe Atmosphere Player) (Version: - )
Adobe Download Manager (HKLM\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.102 - NOS Microsystems Ltd.)
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Alcatel SpeedTouch USB Software (HKLM\...\{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}) (Version: - )
AMD APP SDK Runtime (Version: 2.5.793.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{D9CC869F-DA2B-3E9B-EF47-29F831A41619}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.)
ArcSoft Panorama Maker 4 (HKLM\...\{D45E8C45-B601-4A80-AFD8-E16338744DE1}) (Version: - ArcSoft)
ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1014 - )
ATI Control Panel (HKLM\...\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}) (Version: 6.14.10.5183 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.23-060209a1-030546C-Dell - )
att.net Internet Mail (HKLM\...\Yahoo! Mail) (Version: - )
Avery DesignPro (HKLM\...\{2CC982C0-7EAE-11D4-ACC3-0050568AD318}) (Version: - )
Belarc Advisor 6.1 (HKLM\...\Belarc Advisor 2.0) (Version: - )
Broadcom Advanced Control Suite 2 (HKLM\...\InstallShield_{2E086814-7392-4E0F-ADB8-54A81E47406C}) (Version: 7.58.01 - Broadcom)
Broadcom Advanced Control Suite 2 (Version: 7.58.01 - Broadcom) Hidden
BroadJump Client Foundation (HKLM\...\BroadJump Client Foundation) (Version: - )
CELI USB Serial Converter Drivers (HKLM\...\FTDICOMM) (Version: 2.00.00 - thermotech.hk@gmail.com)
Citrix Delivery Clients (SV) - Web Client (HKLM\...\{05522745-611A-410E-BFD0-48D25B2195C2}) (Version: 11.0.0.5252 - Citrix Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ConverterLite 1.6.6.0 (HKLM\...\ConverterLite) (Version: 1.6.6.0 - ConverterLite)
Copernic Agent Basic (HKLM\...\Copernic Agent Basic) (Version: - Copernic)
Creative AudioHQ (HKLM\...\AudioHQ) (Version: - )
Creative Diagnostics (HKLM\...\Diagnostics_Audigy2) (Version: - )
Creative Graphic Equalizer (HKLM\...\EQUALIZER) (Version: - )
Creative MediaSource DVD-Audio Player (HKLM\...\Creative MediaSource DVD-Audio Player) (Version: - )
Creative MiniDisc Center (HKLM\...\Creative MiniDisc Center) (Version: - )
Creative Restore Defaults (HKLM\...\Creative Restore Defaults) (Version: - )
Creative Speaker Calibrator (HKLM\...\SPKR_CALIBRATOR) (Version: - )
Creative Speaker Settings (HKLM\...\SPEAKER) (Version: - )
Creative Surround Mixer (HKLM\...\SURMIXER) (Version: - )
Creative THX Setup Console (HKLM\...\THX_Console) (Version: - )
Creative WaveStudio (HKLM\...\Creative WaveStudio) (Version: - )
Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version: - Microsoft Corporation)
Data Lifeguard Diagnostic for Windows (HKLM\...\{E40CE517-0D42-4198-96B4-C8232B257EB5}) (Version: 1.13 - Western Digital Corporation)
Dell Driver Reset Tool (HKLM\...\{5905F42D-3F5F-4916-ADA6-94A3646AEE76}) (Version: 1.02.0000 - Dell Inc.)
Dell Media Experience (HKLM\...\{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}) (Version: 3.0 - Dell)
Dell Media Experience Update (HKLM\...\{CDE4CC8B-134B-421E-943C-90799E56F664}) (Version: - )
Dell Networking Guide (Version: 1.00.0001 - Dell) Hidden
Dell Photo AIO Printer 964 (HKLM\...\Dell Photo AIO Printer 964) (Version: - )
Dell Support 5.0.0 (766) (HKLM\...\DellSupport) (Version: - )
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.4.0.4 - Dell)
DTS Neo:6 Settings (HKLM\...\DTS Console) (Version: - )
Easy CD & DVD Creator 6 (HKLM\...\{644F9DBE-CEDB-45AF-ACB8-E26692B74F62}) (Version: 6.1.1.17 - Roxio Inc.,)
EAX Console (HKLM\...\EAX) (Version: - )
eReg (Version: 1.20.138.34 - Logitech, Inc.) Hidden
erLT (Version: 1.20.0137 - Logitech, Inc.) Hidden
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version: - Lars Hederer)
File Uploader (HKLM\...\{237CD223-1B9D-47E8-A76C-E478B83CCEA2}) (Version: 1.2.2 - Nikon)
FinePixViewer Ver.4.0 (HKLM\...\{24ED4D80-8294-11D5-96CD-0040266301AD}) (Version: - )
FormFlow 99 Controls (HKLM\...\FormFlow 99 Controls) (Version: - )
Free File Viewer 2012 (HKLM\...\FreeFileViewer_is1) (Version: 2012.10.9.0 - Bitberry Software)
FUJIFILM USB Driver (HKLM\...\{5490882C-6961-11D5-BAE5-00E0188E010B}) (Version: - )
Google Earth (HKLM\...\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}) (Version: 6.1.0.5001 - Google)
HHD Software Free Serial Port Monitor 3.31 (HKLM\...\{3472693C-6EC5-41FA-B5B9-A22B11AEFE72}) (Version: 3.31.0.0000 - HHD Software)
HighMAT Extension to Microsoft Windows XP CD Writing Wizard (HKLM\...\{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}) (Version: 1.1.1905.1 - Microsoft Corporation)
ImageMixer VCD for FinePix (HKLM\...\{D3AA158A-9421-4883-8767-E771B0964A1D}) (Version: - )
Intel Application Accelerator (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - )
Intel® 537EP V9x DF PCI Modem (HKLM\...\Intel® 537EP V9x DF PCI Modem) (Version: - )
Internet Explorer Default Page (Version: 1.00.03 - Dell Inc.) Hidden
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jawbone Updater (HKLM\...\Jawbone Updater) (Version: 0.1 - Jawbone)
Lizardtech DjVu Control (autoinstall) (HKLM\...\DjVu) (Version: - )
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Shredder (Version: 1.00.0000 - McAfee, Inc) Hidden
MediaMonkey 4.1 (HKLM\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
MetaFrame Presentation Server Web Client for Win32 (HKLM\...\Citrix ICA Web Client) (Version: - )
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Internationalized Domain Names Mitigation APIs (Version: - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 (Version: - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 (Version: - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 (Version: - Microsoft Corporation) Hidden
Microsoft Links 2003 (HKLM\...\Links 2003 1.0) (Version: - )
Microsoft National Language Support Downlevel APIs (Version: - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office XP Small Business (HKLM\...\{91130409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3514 - Microsoft Corporation)
Microsoft Plus! Photo Story 2 LE (HKLM\...\{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WinUsb 1.0 (HKLM\...\winusb0100) (Version: - Microsoft Corporation)
MicroStaff WINASPI NT (HKLM\...\MWASPINT) (Version: - )
Modem Event Monitor (HKLM\...\{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}) (Version: - )
Modem Helper (HKLM\...\{7F142D56-3326-11D5-B229-002078017FBF}) (Version: 2.25 - BVRP Software)
Modem On Hold (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 1.12 - BVRP Software, Inc)
MosChip Multi-IO Controller (HKLM\...\MosChip Technology) (Version: - )
MSN (HKLM\...\MSNINST) (Version: - )
MSN Gaming Zone (HKLM\...\Microsoft Internet Gaming Zone) (Version: - )
MSN Money Investment Toolbox (HKLM\...\Money2006a) (Version: 15 - Microsoft)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB925672) (HKLM\...\{A9CF9052-F4A0-475D-A00F-A8388C62DD63}) (Version: 4.20.9839.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
Music Manager (HKCU\...\MusicManager) (Version: - Google, Inc.)
Musicmatch® Jukebox (HKLM\...\{85D3CC30-8859-481A-9654-FD9B74310BEF}) (Version: 10.00.3030 - )
My Way Search Assistant (Version: 1.0.256 - MyWay.com) Hidden
MYAntivirus (HKLM\...\MYSecurityCenter) (Version: 16.27 - MYSecurityCenter)
Nikon Message Center (HKLM\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon)
Nikon Transfer (HKLM\...\{E9757890-7EC5-46C8-99AB-B00F07B6525C}) (Version: 1.5.1 - Nikon)
OptiPix Pro (HKLM\...\{306AC1F8-42D9-4639-B412-ABCB7F01F85A}) (Version: 1.50.0000 - Smartparts)
PC Tune-Up (HKLM\...\PC Tune-Up) (Version: 2.1.1.15 - Large Software)
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.1.7 - Nikon)
Print to Fax (HKLM\...\{5BF2B19D-9C79-492A-8969-F059F06A627F}) (Version: 1.00 - BVRP Software)
Qualxserve Service Agreement (HKLM\...\{0F756CD9-4A1E-409B-B101-601DDC4C03AA}) (Version: 1.10.0000 - Dell)
RAW FILE CONVERTER LE (HKLM\...\{D680C913-5955-469D-9D88-C1940F7506D6}) (Version: - )
Registry Mechanic 5.2 (HKLM\...\Registry Mechanic_is1) (Version: 5.2 - PC Tools Pty. Ltd.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.0.12104_15 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.5.0.12104_15 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.)
Secunia PSI (3.0.0.4001) (HKLM\...\Secunia PSI) (Version: 3.0.0.4001 - Secunia)
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Sonic DLA (HKLM\...\{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 4.95.3 - Sonic Solutions)
Sonic MyDVD (HKLM\...\{21657574-BD54-48A2-9450-EB03B2C7FC29}) (Version: 5.3.0 - Sonic Solutions)
Sonic RecordNow! (HKLM\...\{9541FED0-327F-4DF0-8B96-EF57EF622F19}) (Version: 7.3 - Sonic Solutions)
Sonic Update Manager (HKLM\...\{09DA4F91-2A09-4232-AB8C-6BC740096DE3}) (Version: 2.9 - Sonic Solutions)
Sound Blaster Audigy 2 ZS (HKLM\...\{9E2514D9-DC24-4634-B348-61F3EF0F1628}) (Version: - )
SoundFont Bank Manager (HKLM\...\SFBM) (Version: - )
Spelling Dictionaries Support For Adobe Reader 8 (HKLM\...\{AC76BA86-7AD7-5464-3428-800000000003}) (Version: 8.0.0 - Adobe Systems)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1012 - SUPERAntiSpyware.com)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tweak UI (HKLM\...\Tweak UI 2.10) (Version: - )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB971930) (HKLM\...\KB971930-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB976749) (HKLM\...\KB976749-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2492386) (HKLM\...\KB2492386) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2808679) (HKLM\...\KB2808679) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB961503) (HKLM\...\KB961503) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VC 9.0 Runtime (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
ViewNX (HKLM\...\{F007CBCE-D714-4C0B-8CE9-9B0D78116468}) (Version: 1.5.0 - Nikon)
WD Drive Manager (x86) (HKLM\...\{CCD04643-5246-48AC-9D8C-F43A37BB8F36}) (Version: 2.107 - Western Digital)
Weather Display 10.37Q Build 04 (HKLM\...\Weather Display_is1) (Version: - )
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Webshots Desktop (HKLM\...\Webshots Desktop) (Version: - )
Windows Backup Utility (HKLM\...\{76EFFC7C-17A6-479D-9E47-8E658C1695AE}) (Version: 5.1 - Microsoft Corporation)
Windows Defender (HKLM\...\{A06275F4-324B-4E85-95E6-87B2CD729401}) (Version: 1.1.1593.21 - Microsoft Corporation)
Windows Driver Package - CELI CDM Driver Package (05/19/2006 2.00.00) (HKLM\...\A65DAD50EB6CD8AE75E4966D236B5D23AAB99350) (Version: 05/19/2006 2.00.00 - CELI)
Windows Driver Package - CELI CDM Driver Package (05/19/2006 2.00.00) (HKLM\...\C75E849BFC5CCAD44C5B4271606F92C296AA1E17) (Version: 05/19/2006 2.00.00 - CELI)
Windows Genuine Advantage v1.3.0254.0 (Version: 1.3.0254.0 - Microsoft) Hidden
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Internet Explorer 7 (Version: 20061027.150806 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Call (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Mail (HKLM\...\{184E7118-0295-43C4-B72C-1D54AA75AAF7}) (Version: - )
Windows Live Messenger (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation)
Windows Media Connect (Version: - Microsoft Corporation) Hidden
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
Windows Media Player 10 (Version: 9.00.3636 - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Media Player 11 (Version: - Microsoft Corporation) Hidden
Windows Presentation Foundation (Version: 3.0.6920.0 - Microsoft Corporation) Hidden
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WordPerfect Office 12 (HKLM\...\{AF19F291-F22F-4798-9662-525305AE9E48}) (Version: 12.0.0.238 - Corel Corporation)
XML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hidden

==================== Restore Points =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

2004-08-12 09:57 - 2013-01-13 16:59 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3930405495-149949848-2829475311-1006Core.job => C:\Documents and Settings\jbandt\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{3F45EB98-1067-44F6-BEF8-FB04E0C7096F}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2014-05-09 16:56 - 2013-08-07 18:51 - 00204280 _____ () C:\Program Files\MYSecurityCenter\MYAntivirus\txmlutil.dll
2014-05-09 16:56 - 2013-09-27 13:38 - 00003072 _____ () C:\Program Files\MYSecurityCenter\MYAntivirus\UI\accessl.ui
2014-05-09 16:56 - 2013-09-27 13:38 - 00004608 _____ () C:\Program Files\MYSecurityCenter\MYAntivirus\UI\IMSecurityAL.ui
2014-05-09 17:13 - 2014-05-09 17:14 - 00668840 _____ () C:\Program Files\MYSecurityCenter\MYAntivirus\otengines_00030_002\ashttpbr.mdl
2014-05-09 17:13 - 2014-05-09 17:14 - 00489120 _____ () C:\Program Files\MYSecurityCenter\MYAntivirus\otengines_00030_002\ashttpdsp.mdl
2014-05-09 17:13 - 2014-05-09 17:14 - 02137584 _____ () C:\Program Files\MYSecurityCenter\MYAntivirus\otengines_00030_002\ashttpph.mdl
2014-05-09 17:13 - 2014-05-09 17:14 - 01124088 _____ () C:\Program Files\MYSecurityCenter\MYAntivirus\otengines_00030_002\ashttprbl.mdl
2005-12-25 12:11 - 2005-07-12 17:34 - 00491520 ____N () C:\WINDOWS\system32\dlcjlmpm.DLL
2005-06-01 12:53 - 2005-06-01 12:53 - 00069632 ____N () C:\WINDOWS\system32\dlcjcfg.dll
2005-08-08 10:01 - 2005-08-08 10:01 - 00061440 ____N () C:\Program Files\Dell Photo AIO Printer 964\dlcjcnv4.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\WINDOWS\system32\asuninst.exe:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Documents and Settings\jbandt\jagex_runescape_preferences.dat:SummaryInformation
AlternateDataStreams: C:\Documents and Settings\jbandt\jagex_runescape_preferences.dat:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Documents and Settings\jbandt\Desktop\AdwCleaner.exe:BDU
AlternateDataStreams: C:\Documents and Settings\jbandt\Desktop\dds.com:BDU
AlternateDataStreams: C:\Documents and Settings\jbandt\Desktop\FRST.exe:BDU
AlternateDataStreams: C:\Documents and Settings\jbandt\Desktop\mbam-setup-2.0.2.1012.exe:BDU
AlternateDataStreams: C:\Documents and Settings\jbandt\My Documents\CJ201100SE.exe:SummaryInformation
AlternateDataStreams: C:\Documents and Settings\jbandt\My Documents\CJ201100SE.exe:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\AFD => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\AppMgmt => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Base => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Boot Bus Extender => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Boot file system => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Browser => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\CryptSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\DcomLaunch => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Dhcp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\dmadmin => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\dmboot.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\dmio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\dmload.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\dmserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\DnsCache => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\EventLog => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\File system => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Filter => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\HelpSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\ip6fw.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\ipnat.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\LanmanServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\LanmanWorkstation => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\LmHosts => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Messenger => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\NDIS => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\NDIS Wrapper => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Ndisuio => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\NetBIOS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\NetBIOSGroup => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\NetBT => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\NetDDEGroup => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Netlogon => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\NetMan => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WdfLoadGroup => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\NetworkProvider => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\nm => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\nm.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\NtLmSsp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\PCI Configuration => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\PlugPlay => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\PNP Filter => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\PNP_TDI => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Primary disk => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\rdpcdd.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\rdpdd.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\rdpwd.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\rdsessmgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\RpcSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\SCSI Class => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\sermouse.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\sr.sys => ""="FSFilter System Recovery"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\SRService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Streams Drivers => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\System Bus Extender => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Tcpip => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\TDI => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\tdpipe.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\tdtcp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\termservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\vds => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\vga.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\vgasave.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\WdfLoadGroup => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\WinMgmt => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\WZCSVC => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\{36FC9E60-C465-11CF-8056-444553540000} => ""="Universal Serial Bus controllers"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\{4D36E965-E325-11CE-BFC1-08002BE10318} => ""="CD-ROM Drive"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\{4D36E967-E325-11CE-BFC1-08002BE10318} => ""="DiskDrive"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\{4D36E969-E325-11CE-BFC1-08002BE10318} => ""="Standard floppy disk controller"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\{4D36E96A-E325-11CE-BFC1-08002BE10318} => ""="Hdc"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\{4D36E96B-E325-11CE-BFC1-08002BE10318} => ""="Keyboard"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\{4D36E96F-E325-11CE-BFC1-08002BE10318} => ""="Mouse"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\{4D36E972-E325-11CE-BFC1-08002BE10318} => ""="Net"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\{4D36E973-E325-11CE-BFC1-08002BE10318} => ""="NetClient"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\{4D36E974-E325-11CE-BFC1-08002BE10318} => ""="NetService"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\{4D36E975-E325-11CE-BFC1-08002BE10318} => ""="NetTrans"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\{4D36E977-E325-11CE-BFC1-08002BE10318} => ""="PCMCIA Adapters"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\{4D36E97B-E325-11CE-BFC1-08002BE10318} => ""="SCSIAdapter"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\{4D36E97D-E325-11CE-BFC1-08002BE10318} => ""="System"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\{4D36E980-E325-11CE-BFC1-08002BE10318} => ""="Floppy disk drive"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\{533C5B84-EC70-11D2-9505-00C04F79DEAF} => ""="Volume shadow copy"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\{71A27CDD-812A-11D0-BEC7-08002BE2092F} => ""="Volume"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} => ""="Human Interface Devices"

==================== EXE Association (whitelisted) =============



HKU\S-1-5-21-3930405495-149949848-2829475311-1006\Software\Classes\exefile: <===== ATTENTION!

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk => C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Exif Launcher.lnk => C:\WINDOWS\pss\Exif Launcher.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Lexmark X125 Settings Utility.lnk => C:\WINDOWS\pss\Lexmark X125 Settings Utility.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk => C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk => C:\WINDOWS\pss\Logitech SetPoint.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk => C:\WINDOWS\pss\Windows Search.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^jbandt^Start Menu^Programs^Startup^ERUNT AutoBackup.lnk => C:\WINDOWS\pss\ERUNT AutoBackup.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^jbandt^Start Menu^Programs^Startup^Logitech . Product Registration.lnk => C:\WINDOWS\pss\Logitech . Product Registration.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^jbandt^Start Menu^Programs^Startup^Secunia PSI.lnk => C:\WINDOWS\pss\Secunia PSI.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^jbandt^Start Menu^Programs^Startup^Webshots.lnk => C:\WINDOWS\pss\Webshots.lnkStartup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: AcronisTimounterMonitor => C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ATIModeChange => Ati2mdxx.exe
MSCONFIG\startupreg: ATIPTA => "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
MSCONFIG\startupreg: CTDVDDET => "C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE"
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: CTHelper => CTHELPER.EXE
MSCONFIG\startupreg: CTSysVol => C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
MSCONFIG\startupreg: DellSystemDetect => C:\Documents and Settings\jbandt\Start Menu\Programs\Dell\Dell System Detect.appref-ms
MSCONFIG\startupreg: dla => C:\WINDOWS\system32\dla\tfswctrl.exe
MSCONFIG\startupreg: DLCJCATS => rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCJtime.dll,_RunDLLEntry@16
MSCONFIG\startupreg: dlcjmon.exe => "C:\Program Files\Dell Photo AIO Printer 964\dlcjmon.exe"
MSCONFIG\startupreg: DMXLauncher => C:\Program Files\Dell\Media Experience\DMXLauncher.exe
MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: Google Update => "C:\Documents and Settings\jbandt\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: IAAnotif => C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
MSCONFIG\startupreg: IMEKRMIG6.1 => C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
MSCONFIG\startupreg: IMJPMIG8.1 => "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
MSCONFIG\startupreg: IntelMeM => C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
MSCONFIG\startupreg: KernelFaultCheck => %systemroot%\system32\dumprep 0 -k
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: MemoryCardManager => C:\Program Files\Dell Photo AIO Printer 964\memcard.exe
MSCONFIG\startupreg: MimBoot => C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
MSCONFIG\startupreg: MRC => "C:\Program Files\PC Tune-Up\PCTuneUp.exe" /MBRSTART
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: Nikon Transfer Monitor => C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
MSCONFIG\startupreg: REGSHAVE => C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
MSCONFIG\startupreg: RoxioAudioCentral => "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
MSCONFIG\startupreg: RoxioDragToDisc => "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
MSCONFIG\startupreg: RoxioEngineUtility => "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
MSCONFIG\startupreg: SpeedTouch USB Diagnostics => "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: TrueImageMonitor.exe => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
MSCONFIG\startupreg: UpdateManager => "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
MSCONFIG\startupreg: UpdReg => C:\WINDOWS\UpdReg.EXE
MSCONFIG\startupreg: uTorrent => "C:\Documents and Settings\jbandt\Application Data\uTorrent\uTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: WD Drive Manager => C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
MSCONFIG\startupreg: Windows Defender => "C:\Program Files\Windows Defender\MSASCui.exe" -hide
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files\Windows Media Player\WMPNSCFG.exe

==================== Faulty Device Manager Devices =============

Name: RADEON X300 Series Secondary
Description: RADEON X300 Series Secondary
Class Guid: TI Technologies Inc.
Manufacturer: ATI Technologies Inc.
Service: ati2mtag
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: 1394 Net Adapter
Description: 1394 Net Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NIC1394
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/23/2014 04:56:07 PM) (Source: SecurityCenter) (EventID: 1802) (User: )
Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall.

Error: (05/23/2014 01:25:29 PM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry0x800705b4mpupdateengineas fe11.1.4590.0mpsigstub.exe1.1.1593.0microsoft windows defender (downlevel)NILNILNIL

Error: (05/23/2014 01:15:38 PM) (Source: SecurityCenter) (EventID: 1802) (User: )
Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall.

Error: (05/23/2014 04:53:39 AM) (Source: SecurityCenter) (EventID: 1802) (User: )
Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall.

Error: (05/22/2014 06:14:29 PM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry0x800705b4mpupdateengineas fe11.1.4590.0mpsigstub.exe1.1.1593.0microsoft windows defender (downlevel)NILNILNIL

Error: (05/22/2014 06:04:16 PM) (Source: SecurityCenter) (EventID: 1802) (User: )
Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall.

Error: (05/21/2014 04:27:09 PM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry0x800705b4mpupdateengineas fe11.1.4590.0mpsigstub.exe1.1.1593.0microsoft windows defender (downlevel)NILNILNIL

Error: (05/21/2014 04:17:45 PM) (Source: SecurityCenter) (EventID: 1802) (User: )
Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall.

Error: (05/20/2014 04:29:57 PM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry0x800705b4mpupdateengineas fe11.1.4590.0mpsigstub.exe1.1.1593.0microsoft windows defender (downlevel)NILNILNIL

Error: (05/20/2014 04:19:50 PM) (Source: SecurityCenter) (EventID: 1802) (User: )
Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall.


System errors:
=============
Error: (05/23/2014 04:57:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Media Player Network Sharing Service service depends on the Universal Plug and Play Device Host service which failed to start because of the following error:
%%1058

Error: (05/23/2014 04:57:16 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.

Error: (05/23/2014 04:57:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DgiVecp service failed to start due to the following error:
%%2

Error: (05/23/2014 04:57:16 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Defender service terminated with the following error:
%%2152767489

Error: (05/23/2014 04:54:51 PM) (Source: WinDefend) (EventID: 2004) (User: )
Description: %%%82627 has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.

Signatures Attempted: %%%82625

Error Code: 0x8050a001

Error description: The program can't find definition files that help detect unwanted software. Check for updates to the definition files, and then try again. For information on installing updates, see Help and Support.

Signatures loading: %%826

Loading signature version: 0.0.0.0

Loading engine version: %%%826270

Error: (05/23/2014 04:54:50 PM) (Source: WinDefend) (EventID: 2004) (User: )
Description: %%%82527 has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.

Signatures Attempted: %%%82524

Error Code: 0x8050a001

Error description: The program can't find definition files that help detect unwanted software. Check for updates to the definition files, and then try again. For information on installing updates, see Help and Support.

Signatures loading: %%825

Loading signature version: 0.0.0.0

Loading engine version: %%%825270

Error: (05/23/2014 01:25:50 PM) (Source: Windows Update Agent) (EventID: 20) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.175.230.0).

Error: (05/23/2014 01:18:28 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Defender service terminated with the following error:
%%2152767489

Error: (05/23/2014 01:18:28 PM) (Source: WinDefend) (EventID: 2004) (User: )
Description: %%%82627 has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.

Signatures Attempted: %%%82625

Error Code: 0x8050a001

Error description: The program can't find definition files that help detect unwanted software. Check for updates to the definition files, and then try again. For information on installing updates, see Help and Support.

Signatures loading: %%826

Loading signature version: 0.0.0.0

Loading engine version: %%%826270

Error: (05/23/2014 01:18:27 PM) (Source: WinDefend) (EventID: 2004) (User: )
Description: %%%82527 has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.

Signatures Attempted: %%%82524

Error Code: 0x8050a001

Error description: The program can't find definition files that help detect unwanted software. Check for updates to the definition files, and then try again. For information on installing updates, see Help and Support.

Signatures loading: %%825

Loading signature version: 0.0.0.0

Loading engine version: %%%825270


Microsoft Office Sessions:
=========================
Error: (05/23/2014 04:56:07 PM) (Source: SecurityCenter) (EventID: 1802) (User: )
Description:

Error: (05/23/2014 01:25:29 PM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry0x800705b4mpupdateengineas fe11.1.4590.0mpsigstub.exe1.1.1593.0microsoft windows defender (downlevel)NILNILNIL

Error: (05/23/2014 01:15:38 PM) (Source: SecurityCenter) (EventID: 1802) (User: )
Description:

Error: (05/23/2014 04:53:39 AM) (Source: SecurityCenter) (EventID: 1802) (User: )
Description:

Error: (05/22/2014 06:14:29 PM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry0x800705b4mpupdateengineas fe11.1.4590.0mpsigstub.exe1.1.1593.0microsoft windows defender (downlevel)NILNILNIL

Error: (05/22/2014 06:04:16 PM) (Source: SecurityCenter) (EventID: 1802) (User: )
Description:

Error: (05/21/2014 04:27:09 PM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry0x800705b4mpupdateengineas fe11.1.4590.0mpsigstub.exe1.1.1593.0microsoft windows defender (downlevel)NILNILNIL

Error: (05/21/2014 04:17:45 PM) (Source: SecurityCenter) (EventID: 1802) (User: )
Description:

Error: (05/20/2014 04:29:57 PM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry0x800705b4mpupdateengineas fe11.1.4590.0mpsigstub.exe1.1.1593.0microsoft windows defender (downlevel)NILNILNIL

Error: (05/20/2014 04:19:50 PM) (Source: SecurityCenter) (EventID: 1802) (User: )
Description:


==================== Memory info ===========================

Percentage of memory in use: 28%
Total physical RAM: 3070.09 MB
Available physical RAM: 2197 MB
Total Pagefile: 5976.5 MB
Available Pagefile: 5175.99 MB
Total Virtual: 2047.88 MB
Available Virtual: 1929.56 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:684.13 GB) (Free:320.03 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive f: () (Fixed) (Total:0.29 GB) (Free:0.28 GB) FAT
Drive g: () (Fixed) (Total:14.2 GB) (Free:11.47 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: E8899F34)
Partition 1: (Not Active) - (Size=298 MB) - (Type=DE)
Partition 2: (Active) - (Size=684 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14 GB) - (Type=DB)

==================== End Of Log ============================

#5 nasdaq

nasdaq

  • Malware Response Team
  • 40,759 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:56 PM

Posted 24 May 2014 - 08:22 AM



Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.

start

URLSearchHook: HKCU - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
S4 McDetect.exe; c:\program files\mcafee.com\agent\mcdetect.exe [X]
S3 McTskshd.exe; c:\PROGRA~1\mcafee.com\agent\mctskshd.exe [X]
S3 mcupdmgr.exe; C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe [X]
S3 A4S2600; System32\drivers\A4S2600.sys [X]
S2 DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
S3 SABProcEnum; \??\C:\Program Files\Internet Explorer\SABProcEnum.sys [X]
U3 TlntSvr;
S3 TSP; \??\C:\WINDOWS\SYSTEM32\ZoneLabs\avsys\KLIF.SYS [X]
C:\Documents and Settings\jbandt\Local Settings\temp\2a585d45-7ae3-4245-b0c9-40a40c5732a2.exe
C:\Documents and Settings\jbandt\Local Settings\temp\ARPPRODUCTICON.exe
C:\Documents and Settings\jbandt\Local Settings\temp\f.exe
C:\Documents and Settings\jbandt\Local Settings\temp\install_flashplayer13x32axau_gtbd_chrd_dn_awb_aih[1].exe
HKU\S-1-5-21-3930405495-149949848-2829475311-1006\Software\Classes\exefile: <===== ATTENTION!

end

Save the files as fixlist.txt in to the same folder as FRST
Run FRST and click Fix only once and wait.

Restart the computer to reset the registry.
The tool will create a log (Fixlog.txt) please post it to your reply.

====

Could not list Restore Points. Check "winmgmt" service or repair WMI.

Lets fix this.

Download this program to your desktop.
Tweaking.com - Windows Repair
http://www.bleepingcomputer.com/download/windows-repair-all-in-one-portable/


Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following option only.


Repair WMI
  • Checkmark Restart System When Finished option
  • click the Start button
  • System should restart after repair
===
Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===

Let me know what problem persists.

#6 jbandtbone

jbandtbone
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:56 PM

Posted 24 May 2014 - 11:04 AM

Ok here are the logs you requested. Security check did not create a log Had an Error. the error message reads: Autolt Error Line -1: Error: Variable must be of type "Object". I run as an Administrator.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:24-05-2014 1
Ran by jbandt at 2014-05-24 10:04:13 Run:1
Running from C:\Documents and Settings\jbandt\Desktop\FRST
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start

URLSearchHook: HKCU - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
S4 McDetect.exe; c:\program files\mcafee.com\agent\mcdetect.exe [X]
S3 McTskshd.exe; c:\PROGRA~1\mcafee.com\agent\mctskshd.exe [X]
S3 mcupdmgr.exe; C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe [X]
S3 A4S2600; System32\drivers\A4S2600.sys [X]
S2 DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
S3 SABProcEnum; \??\C:\Program Files\Internet Explorer\SABProcEnum.sys [X]
U3 TlntSvr;
S3 TSP; \??\C:\WINDOWS\SYSTEM32\ZoneLabs\avsys\KLIF.SYS [X]
C:\Documents and Settings\jbandt\Local Settings\temp\2a585d45-7ae3-4245-b0c9-40a40c5732a2.exe
C:\Documents and Settings\jbandt\Local Settings\temp\ARPPRODUCTICON.exe
C:\Documents and Settings\jbandt\Local Settings\temp\f.exe
C:\Documents and Settings\jbandt\Local Settings\temp\install_flashplayer13x32axau_gtbd_chrd_dn_awb_aih[1].exe
HKU\S-1-5-21-3930405495-149949848-2829475311-1006\Software\Classes\exefile: <===== ATTENTION!

end



*****************

HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} => Key deleted successfully.
HKCR\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C} => Key deleted successfully.
HKCR\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
McDetect.exe => Service deleted successfully.
McTskshd.exe => Service deleted successfully.
mcupdmgr.exe => Service deleted successfully.
A4S2600 => Service deleted successfully.
DgiVecp => Service deleted successfully.
MREMP50a64 => Service deleted successfully.
MRESP50a64 => Service deleted successfully.
SABProcEnum => Service deleted successfully.
TlntSvr => Service deleted successfully.
TSP => Service deleted successfully.
C:\Documents and Settings\jbandt\Local Settings\temp\2a585d45-7ae3-4245-b0c9-40a40c5732a2.exe => Moved successfully.
C:\Documents and Settings\jbandt\Local Settings\temp\ARPPRODUCTICON.exe => Moved successfully.
C:\Documents and Settings\jbandt\Local Settings\temp\f.exe => Moved successfully.
C:\Documents and Settings\jbandt\Local Settings\temp\install_flashplayer13x32axau_gtbd_chrd_dn_awb_aih[1].exe => Moved successfully.
HKU\S-1-5-21-3930405495-149949848-2829475311-1006\Software\Classes\exefile => Key deleted successfully.

==== End of Fixlog ====

Browser seem to be opening better.Still a little slow depending on what web site I'm going to open.

Edited by jbandtbone, 24 May 2014 - 11:32 AM.


#7 nasdaq

nasdaq

  • Malware Response Team
  • 40,759 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:56 PM

Posted 24 May 2014 - 01:12 PM

Restart the computer normally and run the SecurityCheck tool.
Make sure it's on your Desktop.

#8 jbandtbone

jbandtbone
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:56 PM

Posted 24 May 2014 - 01:48 PM

When I restarted I got this error message: Run DLL Errorin C:\windows\system32\spool\DRIVERS\W32x86\3\DLCJtime.dll Missing entry: RunDLL Entry. clicked ok. Then tried to run the SecurityCheck tool again. And the Same Error message came up as I said in my last post.

#9 nasdaq

nasdaq

  • Malware Response Team
  • 40,759 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:56 PM

Posted 25 May 2014 - 06:40 AM

MSCONFIG\startupreg: DLCJCATS => rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCJtime.dll,_RunDLLEntry@16

DLCJtime.dll is for your DELL printer.
It's disable as are all the other startup items.
See the list under this heading ==================== Disabled items from MSCONFIG ==============
Post No 4.


From the Start > run box
Type MSCONFIG and enable all of the items.

Let me know of any issues.

#10 jbandtbone

jbandtbone
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:56 PM

Posted 25 May 2014 - 07:19 AM

After doing your request error was not there on restart, but I did not enable all, because startup takes too long.

#11 nasdaq

nasdaq

  • Malware Response Team
  • 40,759 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:56 PM

Posted 25 May 2014 - 07:51 AM

In the absence of a SecurityCheck log just make sure you have the latest version of these 3rd party programs.

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
Latest version is Java JRE 7u55.

You can manually check your present version and update as recommended.
https://www.java.com/en/download/installed.jsp

Be careful not to install malware posing as Java update!
Important read this blog.
http://blog.trendmicro.com/trendlabs-security-intelligence/malware-poses-as-an-update-for-java-0-day-fix/

Quoted from the page.
"In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
http://www.oracle.com/technetwork/java/javase/downloads/index.html

How to disable Java in your browsers
http://www.infoworld.com/t/web-browsers/how-disable-java-in-your-browsers-210882


If present remove the old version(s) of Java using the Add/Remove Programs applet.

Old versions....

===

Critical vulnerabilities have been identified in old version of Adobe Flash Player please get the latest version.

Flash test site:
http://www.adobe.com/software/flash/about/
Install the new version or if you have the latest close the windows.

Flash Player Help / Find version
http://helpx.adobe.com/flash-player/kb/find-version-flash-player.html#main_Find_the_Flash_Player_version_installed_on_your_machine

===

Get the latest version of the Adobe Reader.
http://get.adobe.com/reader/
Before your download I suggest you unckeck the box on the top right "Yes, install McAfee Security Scan Plus - optional" this is not required if you are not a McAfee subscriber. While the installation is in progress you can also deny the installation of any other programs that may be suggested.

When installed remove your old version of the Reader using the Add/Remove Programs applet if present.
<<<>>>

#12 jbandtbone

jbandtbone
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:56 PM

Posted 25 May 2014 - 10:27 AM

Well the error message about my Dell printer is back. After updating the adobe reader it asked to restart and that when it appeared again. Went to the msconfig and start items it was not there any more??

#13 nasdaq

nasdaq

  • Malware Response Team
  • 40,759 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:56 PM

Posted 25 May 2014 - 10:29 AM

Run the Farbar too and submit a fresh FRST log for my review.

#14 jbandtbone

jbandtbone
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:56 PM

Posted 25 May 2014 - 10:42 AM

The Browser has slowed down loading again. Here is the log

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-05-2014 01
Ran by jbandt (administrator) on JBANDTBONE on 25-05-2014 11:38:44
Running from C:\Documents and Settings\jbandt\Desktop\FRST
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(MYSecurityCenter) C:\Program Files\MYSecurityCenter\MYAntivirus\vsserv.exe
(ATI Technologies Inc.) C:\WINDOWS\SYSTEM32\ati2evxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Creative Technology Ltd) C:\WINDOWS\SYSTEM32\CTSVCCDA.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(MYSecurityCenter) C:\Program Files\MYSecurityCenter\MYAntivirus\bdagent.exe
(Dell) C:\Program Files\Dell Photo AIO Printer 964\dlcjmon.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(MYSecurityCenter) C:\Program Files\MYSecurityCenter\MYAntivirus\updatesrv.exe
(WDC) C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
(Microsoft Corporation) C:\WINDOWS\SYSTEM32\MsPMSPSv.exe
() C:\WINDOWS\SYSTEM32\dlcjcoms.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Bdagent] => C:\Program Files\MYSecurityCenter\MYAntivirus\bdagent.exe [1428824 2013-09-26] (MYSecurityCenter)
HKLM\...\Run: [DLCJCATS] => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCJtime.dll [73728 2005-08-15] ()
HKLM\...\Run: [dlcjmon.exe] => C:\Program Files\Dell Photo AIO Printer 964\dlcjmon.exe [430080 2005-08-12] (Dell)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\.DEFAULT\...\Run: [DWQueuedReporting] => C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)
HKU\.DEFAULT\...\RunOnce: [RunNarrator] - C:\Windows\system32\Narrator.exe [53760 2008-04-13] (Microsoft Corporation)
HKU\.DEFAULT\...\Policies\Explorer: [CDRAutoRun] 0
HKU\S-1-5-21-3930405495-149949848-2829475311-1006\...\Run: [MusicManager] => C:\Documents and Settings\jbandt\Local Settings\Application Data\Programs\Google\MusicManager\MusicManager.exe [7631872 2014-05-15] (Google Inc.)
HKU\S-1-5-21-3930405495-149949848-2829475311-1006\...\Policies\Explorer: [ClearRecentDocsOnExit] 0x01000000
Lsa: [Authentication Packages] msv1_0 relog_ap

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4419D5DE065FCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKLM - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {AD4A5954-7421-4AD9-B56B-16AA6FE237F9} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7ADRA_en
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech.com/devicedetector/bin/LogitechDeviceDetection32.cab
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} http://www.celartem.com/en/download/data/djvu_autoinstall/DjVuControl_en_US.cab
DPF: {15B782AF-55D8-11D1-B477-006097098764} http://download.macromedia.com/pub/shockwave/cabs/authorware/awswax70.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} https://fdotnfuse.dot.state.fl.us/Citrix/ICAWEB/en/ica32/wficat.cab
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} https://support.microsoft.com/OAS/ActiveX/odc.cab
DPF: {321FB770-1FBE-4BFE-BDC1-6F622D4FA499} https://pbells.broadjump.com/wizlet/iw60/static/controls/WebflowActiveXInstaller_4-0-0.cab
DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://i.dell.com/images/global/js/scanner/SysProExe.cab
DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} http://moneycentral.msn.com/cabs/pmupd806.exe
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {46D8BEE7-0B27-4466-ABA2-A5F1E157971C} http://dvr.floridanexuspark.com/RemoteWeb.cab
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,99/mcinsctl.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} http://doliver.earthcam.net/viewer/AMC.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
DPF: {8A5BE387-D09A-4DFA-A56B-DCB89BD11468} https://lowes.2020.net/planner/Core/Player/2020PlayerAX_WEB_Win32.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {8D3314D6-5914-46C1-9F3D-9F14B6A305F1} http://www.mytpi.com/mytpi05/eval/ectuploader.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} http://www.crucial.com/controls/cpcScanner.cab
DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadblocker.com/activex/sabspx.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} http://hgtv1.view22.com/view22/app/view22rte.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://www.cvsphoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} http://fdl.msn.com/zone/datafiles/heartbeat.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
DPF: {E7D2588A-7FB5-47DC-8830-832605661009} https://livewc01.custhelp.com/7550-b415h-quickenmedical/rnl/java/RntX.cab
DPF: {EF0DBA6F-43CE-4B26-9808-2AB38FA0DB29} http://fdl.msn.com/public/investor/v13/ticker.cab
DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} http://by107fd.bay107.hotmail.msn.com/activex/HMAtchmt.ocx
DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} http://www.paslc.org/acgm/f2_acgm.cab
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/optimize2/pcpitstop2.dll
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler: copernicagent - {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
Handler: copernicagentcache - {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-18] (SuperAdBlocker.com)
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @Motive.com/NpMotive,version=1.0 - C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF Plugin: @nosltd.com/getPlus+®,version=1.6.2.102 - C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\jbandt\Local Settings\Application Data\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\jbandt\Local Settings\Application Data\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\jbandt\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-07-11] (SUPERAntiSpyware.com)
S3 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [431384 2009-06-10] (Acronis)
R2 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.EXE [44032 1999-12-13] (Creative Technology Ltd)
R3 dlcj_device; C:\WINDOWS\system32\dlcjcoms.exe [491520 2005-07-12] ()
R2 IAANTMon; C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe [73852 2004-06-29] (Intel Corporation)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-04-24] (Oracle Corporation)
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)
R2 UPDATESRV; C:\Program Files\MYSecurityCenter\MYAntivirus\updatesrv.exe [53592 2013-09-26] (MYSecurityCenter)
R2 VSSERV; C:\Program Files\MYSecurityCenter\MYAntivirus\vsserv.exe [1342960 2013-09-27] (MYSecurityCenter)
R2 WDBtnMgrSvc.exe; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [102400 2008-07-24] (WDC)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
R2 WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [53248 2001-05-01] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R0 abp480n5; C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS [23552 2004-08-12] (Microsoft Corporation)
S3 alcan5ln; C:\WINDOWS\System32\DRIVERS\alcan5ln.sys [36960 2002-07-31] (Alcatel Bell)
S3 alcan5wn; C:\WINDOWS\System32\DRIVERS\alcan5wn.sys [54256 2002-07-31] (Alcatel Bell)
S3 alcaudsl; C:\WINDOWS\System32\DRIVERS\alcaudsl.sys [740592 2002-07-31] (Alcatel Bell)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [640560 2013-07-19] (BitDefender)
R3 avchv; C:\WINDOWS\System32\DRIVERS\avchv.sys [242504 2012-11-02] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [490144 2013-07-19] (BitDefender)
R1 BANTExt; C:\WINDOWS\System32\Drivers\BANTExt.sys [3840 2003-03-06] ()
R1 bdftdif; C:\Program Files\Common Files\MYSecurityCenter\MYSecurityCenter Firewall\bdftdif.sys [130640 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\WINDOWS\system32\drivers\bdsandbox.sys [66832 2013-07-23] (BitDefender SRL)
R1 bdselfpr; C:\Program Files\MYSecurityCenter\MYAntivirus\bdselfpr.sys [135600 2013-07-26] (BitDefender LLC)
S3 bvrp_pci; C:\WINDOWS\system32\Drivers\bvrp_pci.sys [4272 2003-08-28] ()
R1 Cdr4_xp; C:\WINDOWS\system32\Drivers\Cdr4_xp.sys [66992 2006-04-13] (Roxio)
R1 Cdralw2k; C:\WINDOWS\system32\Drivers\Cdralw2k.sys [24698 2006-04-13] (Roxio)
R1 cdudf_xp; C:\WINDOWS\system32\Drivers\cdudf_xp.sys [259328 2003-07-18] (Roxio)
S3 COMMONFX.DLL; C:\WINDOWS\System32\COMMONFX.DLL [114688 2003-11-13] (Creative Technology Ltd)
S3 CT20XUT.DLL; C:\WINDOWS\System32\CT20XUT.DLL [164608 2007-04-12] (Creative Technology Ltd.)
S3 CTAUDFX.DLL; C:\WINDOWS\System32\CTAUDFX.DLL [585728 2004-07-12] (Creative Technology Ltd)
S3 ctdvda2k; C:\WINDOWS\System32\drivers\ctdvda2k.sys [333600 2003-11-12] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\WINDOWS\System32\CTEAPSFX.DLL [168192 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\WINDOWS\System32\CTEDSPFX.DLL [280320 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\WINDOWS\System32\CTEDSPIO.DLL [128768 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPSY.DLL; C:\WINDOWS\System32\CTEDSPSY.DLL [323328 2007-04-12] (Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\WINDOWS\System32\CTERFXFX.DLL [94976 2007-04-12] (Creative Technology Ltd)
S3 CTEXFIFX.DLL; C:\WINDOWS\System32\CTEXFIFX.DLL [1317632 2007-04-12] (Creative Technology Ltd.)
S3 CTHWIUT.DLL; C:\WINDOWS\System32\CTHWIUT.DLL [66816 2007-04-12] (Creative Technology Ltd.)
S3 CTSBLFX.DLL; C:\WINDOWS\System32\CTSBLFX.DLL [606208 2003-11-13] (Creative Technology Ltd)
R2 drvnddm; C:\WINDOWS\System32\drivers\drvnddm.sys [40480 2004-11-23] (Sonic Solutions)
R1 DVDVRRdr_xp; C:\WINDOWS\system32\Drivers\DVDVRRdr_xp.sys [146560 2003-07-17] (Roxio)
S3 dvd_2K; C:\WINDOWS\system32\Drivers\dvd_2K.sys [21993 2003-07-18] (Roxio)
S3 FTDIBUS; C:\WINDOWS\System32\drivers\ftdibus.sys [47249 2006-12-06] (FTDI Ltd.)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [162976 2012-10-04] (BitDefender LLC)
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [904752 2004-08-12] (Creative Technology Ltd)
R3 hap16v2k; C:\WINDOWS\System32\drivers\hap16v2k.sys [148432 2004-07-12] (Creative Technology Ltd)
S3 hap17v2k; C:\WINDOWS\System32\drivers\hap17v2k.sys [189736 2007-04-10] (Creative Technology Ltd)
R3 IntelC51; C:\WINDOWS\System32\DRIVERS\IntelC51.sys [1233525 2004-03-06] (Intel Corporation)
R3 IntelC52; C:\WINDOWS\System32\DRIVERS\IntelC52.sys [647929 2004-03-06] (Intel Corporation)
R3 IntelC53; C:\WINDOWS\System32\DRIVERS\IntelC53.sys [61157 2004-06-16] (Intel Corporation)
S3 libusb0; C:\WINDOWS\System32\DRIVERS\libusb0.sys [42592 2013-03-14] (http://libusb-win32.sourceforge.net)
R2 MASPINT; C:\WINDOWS\system32\Drivers\MASPINT.sys [8224 2002-06-21] (MicroStaff Co.,Ltd.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 mf; C:\WINDOWS\System32\DRIVERS\mf.sys [63744 2008-04-13] (Microsoft Corporation)
S3 mmc_2K; C:\WINDOWS\system32\Drivers\mmc_2K.sys [22745 2003-07-18] (Roxio)
R3 mohfilt; C:\WINDOWS\System32\DRIVERS\mohfilt.sys [37048 2004-03-06] (Intel Corporation)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2012-06-14] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MREMPR5; C:\Program Files\Common Files\Motive\MREMPR5.sys [19345 2004-11-22] (Motive, Inc.)
S3 MRENDIS5; C:\Program Files\Common Files\Motive\MRENDIS5.sys [18003 2004-11-22] (Motive, Inc.)
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2012-06-14] (Printing Communications Assoc., Inc. (PCAUSA))
S3 NDMSHLP; C:\Program Files\Common Files\HHD Software\Device Monitor\ndmshlp.sys [7632 2005-05-24] (HHD Software)
R3 NmPar; C:\WINDOWS\System32\DRIVERS\NmPar.sys [80256 2008-12-24] (Windows ® 2000 DDK provider)
R3 nmserial; C:\WINDOWS\System32\DRIVERS\nmserial.sys [70016 2008-12-16] (Windows ® 2000 DDK provider)
R2 PfModNT; C:\WINDOWS\system32\drivers\PfModNT.sys [6656 2004-08-06] (Creative Technology Ltd.)
S3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf.sys [15544 2011-12-16] (Secunia)
R1 pwd_2k; C:\WINDOWS\system32\Drivers\pwd_2k.sys [118409 2003-07-18] (Roxio)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SerMon; C:\Program Files\HHD Software\Free Serial Port Monitor\sermon.sys [18432 2005-05-24] (HHD Software)
R1 sscdbhk5; C:\WINDOWS\System32\drivers\sscdbhk5.sys [5627 2004-07-14] (Sonic Solutions)
R1 ssrtln; C:\WINDOWS\System32\drivers\ssrtln.sys [23545 2004-07-14] (Sonic Solutions)
R0 tdrpman; C:\WINDOWS\System32\DRIVERS\tdrpman.sys [368480 2010-06-05] (Acronis)
R2 tfsnboio; C:\WINDOWS\System32\dla\tfsnboio.sys [25883 2004-11-16] (Sonic Solutions)
R2 tfsncofs; C:\WINDOWS\System32\dla\tfsncofs.sys [34843 2004-11-16] (Sonic Solutions)
R2 tfsndrct; C:\WINDOWS\System32\dla\tfsndrct.sys [4123 2004-11-16] (Sonic Solutions)
R2 tfsndres; C:\WINDOWS\System32\dla\tfsndres.sys [2239 2004-11-16] (Sonic Solutions)
R2 tfsnifs; C:\WINDOWS\System32\dla\tfsnifs.sys [86554 2004-11-16] (Sonic Solutions)
R2 tfsnopio; C:\WINDOWS\System32\dla\tfsnopio.sys [15227 2004-11-16] (Sonic Solutions)
R2 tfsnpool; C:\WINDOWS\System32\dla\tfsnpool.sys [6363 2004-11-16] (Sonic Solutions)
R2 tfsnudf; C:\WINDOWS\System32\dla\tfsnudf.sys [98714 2004-11-16] (Sonic Solutions)
R2 tfsnudfa; C:\WINDOWS\System32\dla\tfsnudfa.sys [100603 2004-11-16] (Sonic Solutions)
R2 tifsfilter; C:\WINDOWS\System32\DRIVERS\tifsfilt.sys [44384 2010-06-05] (Acronis)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [355744 2013-05-28] (BitDefender S.R.L.)
R1 UdfReadr_xp; C:\WINDOWS\system32\Drivers\UdfReadr_xp.sys [213120 2003-07-18] (Roxio)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
S3 wanatw; system32\DRIVERS\wanatw4.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-25 11:14 - 2014-05-25 11:20 - 00000982 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3930405495-149949848-2829475311-1006UA.job
2014-05-25 10:59 - 2014-05-25 10:59 - 00001804 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-25 10:59 - 2014-05-25 10:59 - 00001734 _____ () C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
2014-05-25 09:45 - 2014-05-25 09:45 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\Oracle
2014-05-24 11:30 - 2014-05-24 11:33 - 00854367 _____ () C:\Documents and Settings\jbandt\Desktop\SecurityCheck.exe
2014-05-24 11:11 - 2014-05-24 11:11 - 00000000 ____D () C:\Documents and Settings\LocalService\Start Menu\Programs\Accessories
2014-05-24 11:00 - 2014-05-24 11:13 - 00007514 _____ () C:\WINDOWS\bitssetup.log
2014-05-24 11:00 - 2014-05-24 11:01 - 00000558 _____ () C:\WINDOWS\Windows Update.log
2014-05-24 10:47 - 2014-05-24 11:16 - 00181064 _____ (Sysinternals) C:\WINDOWS\PSEXESVC.EXE
2014-05-24 10:32 - 2014-05-24 10:32 - 00000000 ____D () C:\RegBackup
2014-05-24 10:26 - 2014-05-24 10:28 - 00000000 ____D () C:\Documents and Settings\jbandt\Desktop\Tweaking.com - Windows Repair
2014-05-24 10:24 - 2014-05-24 10:24 - 03589534 _____ () C:\Documents and Settings\jbandt\Desktop\tweaking.com_windows_repair_aio.zip
2014-05-24 10:03 - 2014-05-25 11:38 - 00000000 ____D () C:\Documents and Settings\jbandt\Desktop\FRST
2014-05-23 17:09 - 2014-05-23 17:10 - 00049883 _____ () C:\Documents and Settings\jbandt\Desktop\Addition.txt
2014-05-23 17:07 - 2014-05-23 17:10 - 00043522 _____ () C:\Documents and Settings\jbandt\Desktop\FRST.txt
2014-05-23 17:06 - 2014-05-25 11:38 - 00000000 ____D () C:\FRST
2014-05-23 16:57 - 2014-05-23 16:57 - 00005704 _____ () C:\Documents and Settings\jbandt\Desktop\AdwCleaner[S0].txt
2014-05-23 16:07 - 2014-05-23 16:51 - 00000000 ____D () C:\AdwCleaner
2014-05-23 16:07 - 2014-05-23 16:07 - 01326389 _____ () C:\Documents and Settings\jbandt\Desktop\AdwCleaner.exe
2014-05-23 13:26 - 2014-05-24 07:22 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-05-23 13:25 - 2014-05-23 13:25 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-23 13:25 - 2014-05-23 13:25 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-23 13:25 - 2014-05-23 13:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-23 13:25 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-05-23 13:24 - 2014-05-23 13:24 - 17292760 _____ (Malwarebytes Corporation ) C:\Documents and Settings\jbandt\Desktop\mbam-setup-2.0.2.1012.exe
2014-05-20 05:09 - 2014-05-20 05:13 - 00072713 _____ () C:\Documents and Settings\jbandt\Desktop\dds.txt
2014-05-20 05:09 - 2014-05-20 05:13 - 00005222 _____ () C:\Documents and Settings\jbandt\Desktop\attach.txt
2014-05-20 05:06 - 2014-05-20 05:05 - 00688992 ____R (Swearware) C:\Documents and Settings\jbandt\Desktop\dds.com
2014-05-19 18:06 - 2014-05-19 18:06 - 00000000 _____ () C:\Program Files\GUM6F.tmp
2014-05-19 17:31 - 2014-05-19 17:31 - 00000385 _____ () C:\Documents and Settings\jbandt\Application Datauser_gensett.xml
2014-05-19 17:28 - 2014-05-19 17:28 - 00000000 __SHD () C:\found.002
2014-05-11 22:08 - 2014-05-11 22:08 - 00439416 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-3930405495-149949848-2829475311-1006-0.dat
2014-05-11 22:08 - 2014-05-11 22:08 - 00389590 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-05-10 16:15 - 2014-05-10 16:15 - 00000000 ____D () C:\Program Files\My Dell
2014-05-10 16:15 - 2014-05-10 16:15 - 00000000 ____D () C:\Program Files\Dell Support Center
2014-05-10 16:15 - 2014-05-10 16:15 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\Dell
2014-05-10 16:15 - 2014-05-10 16:15 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\PCDr
2014-05-10 16:13 - 2014-05-10 16:16 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\PCDr
2014-05-09 18:58 - 2014-05-09 18:58 - 00000385 _____ () C:\WINDOWS\system32\user_gensett.xml
2014-05-09 17:52 - 2014-05-09 17:52 - 00382141 _____ () C:\Documents and Settings\All Users\Application Data\1399665448.bdinstall.bin
2014-05-09 17:26 - 2014-05-09 17:26 - 00072704 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2014-05-09 16:58 - 2014-05-09 16:58 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\QuickScan
2014-05-09 16:57 - 2014-05-09 16:57 - 00001807 _____ () C:\Documents and Settings\All Users\Desktop\MYAntivirus.lnk
2014-05-09 16:57 - 2014-05-09 16:57 - 00001759 _____ () C:\Documents and Settings\All Users\Desktop\MYSecurityCenter Safepay.lnk
2014-05-09 16:57 - 2014-05-09 16:57 - 00000000 ____H () C:\WINDOWS\system32\Drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2014-05-09 16:57 - 2014-05-09 16:57 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-05-09 16:57 - 2014-05-09 16:57 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\MYAntivirus
2014-05-09 16:56 - 2014-05-09 16:57 - 00004260 _____ () C:\WINDOWS\Wdf01009Inst.log
2014-05-09 16:56 - 2014-05-09 16:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallWdf01009$
2014-05-09 16:56 - 2014-05-09 16:56 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Bitdefender
2014-05-09 16:56 - 2014-05-09 16:56 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\BDLogging
2014-05-09 16:56 - 2013-07-23 16:50 - 00066832 _____ (BitDefender SRL) C:\WINDOWS\system32\Drivers\bdsandbox.sys
2014-05-09 16:56 - 2009-07-14 23:27 - 01461992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2014-05-09 16:56 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2014-05-09 16:55 - 2014-05-09 16:58 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MYSecurityCenter
2014-05-09 16:55 - 2014-05-09 16:55 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\MYSecurityCenter
2014-05-09 16:55 - 2013-07-19 18:06 - 00490144 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2014-05-09 16:55 - 2013-07-19 18:03 - 00640560 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2014-05-09 16:55 - 2012-11-02 14:17 - 00242504 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys
2014-05-09 16:54 - 2014-05-09 16:54 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\QuickScan
2014-05-09 16:53 - 2014-05-09 16:53 - 00000000 ____D () C:\Program Files\MYSecurityCenter
2014-05-09 16:53 - 2013-05-28 12:11 - 00355744 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2014-05-09 16:53 - 2012-10-04 14:30 - 00162976 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2014-05-09 15:57 - 2014-05-09 16:53 - 00000000 ____D () C:\Program Files\Common Files\MYSecurityCenter
2014-05-06 16:55 - 2014-05-06 16:55 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\Wise
2014-05-06 16:55 - 2014-05-06 16:55 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\GetPrivate
2014-05-02 17:31 - 2014-05-02 17:35 - 00006065 _____ () C:\WINDOWS\KB2964358-IE8.log

==================== One Month Modified Files and Folders =======

2014-05-25 11:38 - 2014-05-24 10:03 - 00000000 ____D () C:\Documents and Settings\jbandt\Desktop\FRST
2014-05-25 11:38 - 2014-05-23 17:06 - 00000000 ____D () C:\FRST
2014-05-25 11:38 - 2013-12-16 23:38 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\MediaMonkey
2014-05-25 11:26 - 2008-08-30 18:34 - 00000424 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{3F45EB98-1067-44F6-BEF8-FB04E0C7096F}.job
2014-05-25 11:25 - 2007-12-23 20:48 - 02017845 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-25 11:20 - 2014-05-25 11:14 - 00000982 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3930405495-149949848-2829475311-1006UA.job
2014-05-25 11:19 - 2013-01-16 18:08 - 00000930 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3930405495-149949848-2829475311-1006Core.job
2014-05-25 11:19 - 2005-01-03 21:02 - 00002206 _____ () C:\WINDOWS\system32\WPA.DBL
2014-05-25 11:18 - 2014-03-27 15:51 - 00000224 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-05-25 11:18 - 2007-12-23 20:47 - 00000312 _____ () C:\WINDOWS\wiaservc.log
2014-05-25 11:18 - 2007-12-23 20:47 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-05-25 11:17 - 2013-04-06 10:13 - 00000380 _____ () C:\WINDOWS\Tasks\FreeFileViewerUpdateChecker.job
2014-05-25 11:17 - 2005-01-03 21:04 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-25 11:16 - 2013-05-10 19:46 - 04934565 _____ () C:\WINDOWS\{00000004-00000000-00000002-00001102-00000004-20061102}.CDF
2014-05-25 11:16 - 2013-05-10 19:45 - 00001080 _____ () C:\WINDOWS\system32\settingsbkup.sfm
2014-05-25 11:16 - 2013-05-10 19:45 - 00001080 _____ () C:\WINDOWS\system32\settings.sfm
2014-05-25 11:16 - 2013-05-10 19:39 - 00000384 _____ () C:\WINDOWS\system32\DVCStateBkp-{00000004-00000000-00000002-00001102-00000004-20061102}.dat
2014-05-25 11:16 - 2013-05-10 19:39 - 00000384 _____ () C:\WINDOWS\system32\DVCState-{00000004-00000000-00000002-00001102-00000004-20061102}.dat
2014-05-25 11:16 - 2013-01-17 22:18 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\uTorrent
2014-05-25 11:16 - 2007-12-23 20:47 - 00032632 _____ () C:\WINDOWS\SchedLgU.Txt
2014-05-25 11:16 - 2005-01-07 20:25 - 00000000 ____D () C:\WINDOWS\pss
2014-05-25 11:16 - 2005-01-06 19:33 - 00000278 ___SH () C:\Documents and Settings\jbandt\NTUSER.INI
2014-05-25 11:16 - 2005-01-06 19:33 - 00000000 ____D () C:\Documents and Settings\jbandt
2014-05-25 11:16 - 2005-01-03 21:01 - 00000327 ____H () C:\boot.ini
2014-05-25 11:16 - 2004-08-10 15:04 - 00000858 _____ () C:\WINDOWS\WIN.INI
2014-05-25 11:16 - 2004-08-10 14:57 - 00000227 _____ () C:\WINDOWS\system.ini
2014-05-25 11:11 - 2005-01-06 19:33 - 00139640 _____ () C:\Documents and Settings\jbandt\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-05-25 10:59 - 2014-05-25 10:59 - 00001804 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-25 10:59 - 2014-05-25 10:59 - 00001734 _____ () C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
2014-05-25 10:59 - 2005-01-08 11:00 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-25 10:59 - 2005-01-03 21:18 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Adobe
2014-05-25 10:58 - 2005-01-03 21:18 - 00000000 ____D () C:\Program Files\Adobe
2014-05-25 10:55 - 2005-01-08 11:00 - 00000000 ____D () C:\Documents and Settings\jbandt\Local Settings\Application Data\Adobe
2014-05-25 10:51 - 2011-11-26 09:57 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-05-25 10:51 - 2011-11-21 11:40 - 00692400 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-05-25 10:51 - 2011-07-01 08:53 - 00070832 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-05-25 09:45 - 2014-05-25 09:45 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\Oracle
2014-05-25 08:13 - 2013-01-13 22:21 - 00292322 _____ () C:\WINDOWS\setupapi.log
2014-05-24 19:29 - 2005-01-03 20:53 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-05-24 12:00 - 2005-01-06 19:33 - 00000000 ___RD () C:\Documents and Settings\jbandt\My Documents\My Music 2
2014-05-24 11:58 - 2013-12-16 23:38 - 00000000 ____D () C:\Program Files\MediaMonkey
2014-05-24 11:58 - 2013-12-16 23:38 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\MediaMonkey
2014-05-24 11:33 - 2014-05-24 11:30 - 00854367 _____ () C:\Documents and Settings\jbandt\Desktop\SecurityCheck.exe
2014-05-24 11:18 - 2004-08-10 15:08 - 00468392 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-05-24 11:17 - 2013-07-16 17:48 - 00004332 _____ () C:\WINDOWS\COM+.log
2014-05-24 11:16 - 2014-05-24 10:47 - 00181064 _____ (Sysinternals) C:\WINDOWS\PSEXESVC.EXE
2014-05-24 11:14 - 2005-01-03 20:53 - 00000000 ____D () C:\WINDOWS\Registration
2014-05-24 11:13 - 2014-05-24 11:00 - 00007514 _____ () C:\WINDOWS\bitssetup.log
2014-05-24 11:11 - 2014-05-24 11:11 - 00000000 ____D () C:\Documents and Settings\LocalService\Start Menu\Programs\Accessories
2014-05-24 11:11 - 2013-03-16 15:05 - 00023392 _____ () C:\WINDOWS\system32\nscompat.tlb
2014-05-24 11:11 - 2013-03-16 15:05 - 00016832 _____ () C:\WINDOWS\system32\amcompat.tlb
2014-05-24 11:09 - 2008-03-20 16:40 - 00000000 ___RD () C:\Documents and Settings\jbandt\Start Menu\Programs\Accessories
2014-05-24 11:09 - 2005-01-03 21:03 - 00608818 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-24 11:01 - 2014-05-24 11:00 - 00000558 _____ () C:\WINDOWS\Windows Update.log
2014-05-24 10:32 - 2014-05-24 10:32 - 00000000 ____D () C:\RegBackup
2014-05-24 10:32 - 2005-01-03 20:52 - 00000000 ____D () C:\WINDOWS\REPAIR
2014-05-24 10:28 - 2014-05-24 10:26 - 00000000 ____D () C:\Documents and Settings\jbandt\Desktop\Tweaking.com - Windows Repair
2014-05-24 10:24 - 2014-05-24 10:24 - 03589534 _____ () C:\Documents and Settings\jbandt\Desktop\tweaking.com_windows_repair_aio.zip
2014-05-24 07:22 - 2014-05-23 13:26 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-05-23 17:10 - 2014-05-23 17:09 - 00049883 _____ () C:\Documents and Settings\jbandt\Desktop\Addition.txt
2014-05-23 17:10 - 2014-05-23 17:07 - 00043522 _____ () C:\Documents and Settings\jbandt\Desktop\FRST.txt
2014-05-23 16:57 - 2014-05-23 16:57 - 00005704 _____ () C:\Documents and Settings\jbandt\Desktop\AdwCleaner[S0].txt
2014-05-23 16:51 - 2014-05-23 16:07 - 00000000 ____D () C:\AdwCleaner
2014-05-23 16:07 - 2014-05-23 16:07 - 01326389 _____ () C:\Documents and Settings\jbandt\Desktop\AdwCleaner.exe
2014-05-23 13:25 - 2014-05-23 13:25 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-23 13:25 - 2014-05-23 13:25 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-23 13:25 - 2014-05-23 13:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-23 13:25 - 2012-02-15 23:33 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-05-23 13:25 - 2008-09-05 17:01 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\Malwarebytes
2014-05-23 13:24 - 2014-05-23 13:24 - 17292760 _____ (Malwarebytes Corporation ) C:\Documents and Settings\jbandt\Desktop\mbam-setup-2.0.2.1012.exe
2014-05-20 05:13 - 2014-05-20 05:09 - 00072713 _____ () C:\Documents and Settings\jbandt\Desktop\dds.txt
2014-05-20 05:13 - 2014-05-20 05:09 - 00005222 _____ () C:\Documents and Settings\jbandt\Desktop\attach.txt
2014-05-20 05:05 - 2014-05-20 05:06 - 00688992 ____R (Swearware) C:\Documents and Settings\jbandt\Desktop\dds.com
2014-05-19 23:29 - 2010-04-04 13:54 - 00000000 ____D () C:\Program Files\PC Tune-Up
2014-05-19 23:29 - 2005-01-03 20:53 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-05-19 23:28 - 2005-01-03 20:53 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-05-19 23:05 - 2005-12-25 12:10 - 00143785 _____ () C:\dlcjscan.log
2014-05-19 22:09 - 2007-09-10 19:38 - 00000000 ____D () C:\Documents and Settings\jbandt\Local Settings\Application Data\Google
2014-05-19 22:09 - 2005-10-08 23:23 - 00000000 ____D () C:\Program Files\Google
2014-05-19 21:46 - 2010-03-14 14:41 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-05-19 19:34 - 2005-12-25 12:13 - 00000000 ____D () C:\Program Files\Dl_cats
2014-05-19 18:06 - 2014-05-19 18:06 - 00000000 _____ () C:\Program Files\GUM6F.tmp
2014-05-19 17:31 - 2014-05-19 17:31 - 00000385 _____ () C:\Documents and Settings\jbandt\Application Datauser_gensett.xml
2014-05-19 17:28 - 2014-05-19 17:28 - 00000000 __SHD () C:\found.002
2014-05-15 17:25 - 2006-04-29 14:43 - 00000000 ____D () C:\Documents and Settings\jbandt\My Documents\John Brewer
2014-05-14 13:45 - 2013-07-15 07:26 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-05-14 13:41 - 2005-05-10 20:23 - 90547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-05-12 07:26 - 2014-05-23 13:25 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-05-12 07:25 - 2013-04-14 17:19 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-05-11 22:08 - 2014-05-11 22:08 - 00439416 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-3930405495-149949848-2829475311-1006-0.dat
2014-05-11 22:08 - 2014-05-11 22:08 - 00389590 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-05-10 18:36 - 2013-07-13 18:43 - 00000000 ____D () C:\Documents and Settings\jbandt\Local Settings\Application Data\Deployment
2014-05-10 16:16 - 2014-05-10 16:13 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\PCDr
2014-05-10 16:15 - 2014-05-10 16:15 - 00000000 ____D () C:\Program Files\My Dell
2014-05-10 16:15 - 2014-05-10 16:15 - 00000000 ____D () C:\Program Files\Dell Support Center
2014-05-10 16:15 - 2014-05-10 16:15 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\Dell
2014-05-10 16:15 - 2014-05-10 16:15 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\PCDr
2014-05-10 16:15 - 2005-01-03 21:13 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Dell
2014-05-09 18:58 - 2014-05-09 18:58 - 00000385 _____ () C:\WINDOWS\system32\user_gensett.xml
2014-05-09 17:52 - 2014-05-09 17:52 - 00382141 _____ () C:\Documents and Settings\All Users\Application Data\1399665448.bdinstall.bin
2014-05-09 17:26 - 2014-05-09 17:26 - 00072704 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2014-05-09 16:58 - 2014-05-09 16:58 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\QuickScan
2014-05-09 16:58 - 2014-05-09 16:55 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MYSecurityCenter
2014-05-09 16:57 - 2014-05-09 16:57 - 00001807 _____ () C:\Documents and Settings\All Users\Desktop\MYAntivirus.lnk
2014-05-09 16:57 - 2014-05-09 16:57 - 00001759 _____ () C:\Documents and Settings\All Users\Desktop\MYSecurityCenter Safepay.lnk
2014-05-09 16:57 - 2014-05-09 16:57 - 00000000 ____H () C:\WINDOWS\system32\Drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2014-05-09 16:57 - 2014-05-09 16:57 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-05-09 16:57 - 2014-05-09 16:57 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\MYAntivirus
2014-05-09 16:57 - 2014-05-09 16:56 - 00004260 _____ () C:\WINDOWS\Wdf01009Inst.log
2014-05-09 16:57 - 2014-05-09 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallWdf01009$
2014-05-09 16:57 - 2013-01-14 17:30 - 00217557 _____ () C:\WINDOWS\FaxSetup.log
2014-05-09 16:57 - 2013-01-14 17:30 - 00109681 _____ () C:\WINDOWS\tsoc.log
2014-05-09 16:57 - 2013-01-14 17:30 - 00097900 _____ () C:\WINDOWS\comsetup.log
2014-05-09 16:57 - 2013-01-14 17:30 - 00077184 _____ () C:\WINDOWS\ocgen.log
2014-05-09 16:57 - 2013-01-14 17:30 - 00066508 _____ () C:\WINDOWS\iis6.log
2014-05-09 16:57 - 2013-01-14 17:30 - 00063840 _____ () C:\WINDOWS\ntdtcsetup.log
2014-05-09 16:57 - 2013-01-14 17:30 - 00015879 _____ () C:\WINDOWS\msgsocm.log
2014-05-09 16:57 - 2013-01-14 17:30 - 00009647 _____ () C:\WINDOWS\setupact.log
2014-05-09 16:57 - 2013-01-14 17:30 - 00000575 _____ () C:\WINDOWS\imsins.log
2014-05-09 16:56 - 2014-05-09 16:56 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Bitdefender
2014-05-09 16:56 - 2014-05-09 16:56 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\BDLogging
2014-05-09 16:55 - 2014-05-09 16:55 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\MYSecurityCenter
2014-05-09 16:54 - 2014-05-09 16:54 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\QuickScan
2014-05-09 16:53 - 2014-05-09 16:53 - 00000000 ____D () C:\Program Files\MYSecurityCenter
2014-05-09 16:53 - 2014-05-09 15:57 - 00000000 ____D () C:\Program Files\Common Files\MYSecurityCenter
2014-05-09 15:15 - 2014-04-08 17:55 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-05-08 15:49 - 2014-03-27 15:51 - 00000218 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-05-07 18:53 - 2011-01-16 20:10 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2014-05-06 18:38 - 2005-08-14 20:07 - 00000000 ____D () C:\unzipped
2014-05-06 17:59 - 2010-02-10 23:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978037$
2014-05-06 17:17 - 2012-07-31 17:46 - 00000803 _____ () C:\Documents and Settings\jbandt\Start Menu\Programs\Internet Explorer.lnk
2014-05-06 16:55 - 2014-05-06 16:55 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\Wise
2014-05-06 16:55 - 2014-05-06 16:55 - 00000000 ____D () C:\Documents and Settings\jbandt\Application Data\GetPrivate
2014-05-06 16:54 - 2013-01-18 19:00 - 00093062 _____ () C:\WINDOWS\wmsetup.log
2014-05-04 20:55 - 2013-12-08 18:08 - 00008475 _____ () C:\Documents and Settings\jbandt\Desktop\stmt.csv
2014-05-04 20:55 - 2012-11-04 09:21 - 00003385 _____ () C:\Documents and Settings\jbandt\Desktop\payments.csv
2014-05-02 17:35 - 2014-05-02 17:31 - 00006065 _____ () C:\WINDOWS\KB2964358-IE8.log
2014-05-02 17:35 - 2013-01-14 17:30 - 00045537 _____ () C:\WINDOWS\updspapi.log
2014-05-02 17:35 - 2013-01-14 17:30 - 00000575 _____ () C:\WINDOWS\imsins.BAK
2014-05-02 17:35 - 2009-06-24 23:27 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-04-30 04:13 - 2004-08-12 10:00 - 06022144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2014-04-30 04:13 - 2004-08-12 10:00 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

Files to move or delete:
====================
C:\Documents and Settings\jbandt\jagex_runescape_preferences.dat
C:\Documents and Settings\jbandt\OFXLOG.DAT


Some content of TEMP:
====================
C:\Documents and Settings\jbandt\Local Settings\temp\install_reader11_en_gtbd_chrd_dn_awb_aih[1].exe
C:\Documents and Settings\jbandt\Local Settings\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

Edited by jbandtbone, 25 May 2014 - 12:05 PM.


#15 nasdaq

nasdaq

  • Malware Response Team
  • 40,759 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:56 PM

Posted 26 May 2014 - 06:47 AM

Your log is clean.

Checking further on the printer issue and I may have found a solution from DELL>

The possible solution came from this article.
http://answers.microsoft.com/en-us/windows/forum/windows_other-windows_update/error/c86a5bcb-8df2-4b63-bd99-365db7ca98df

Try this.
http://www.dell.com/support/troubleshooting/jm/en/jmbsdt1/KCS/KcsArticles/ArticleView?c=jm&l=en&s=gen&docid=DSN_28E393B4B4A5ADEEE040A68F5B2849AA




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users