Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News:    McAfee Tech Support Scam Harvesting Credit Card Information

Featured Deal: Get 95% Off the Certified Information Systems Security Professional Training Course

Photo

Moving Old Files to New Computer - Potential to bring malware along?

Started by naughtyeyes , Feb 11 2016 04:53 PM

  • Please log in to reply
13 replies to this topic

#1 naughtyeyes

naughtyeyes

  • Members
  • 38 posts
  • OFFLINE
    •  
  • Local time:01:49 PM

Posted 11 February 2016 - 04:53 PM

I have a Dell Insprion 1520 Laptop running Windows XP.   I have purchased a new Dell desktop and would like to archive the old documents, pictures, and various files off of the old laptop and into the new one before the old one completely dies. 

 

I need to occasionally access a few of the old documents in word, excel, and pdf format for work.  

 

Is there potential to bring some type of virus or malware over with the documents?

 

All of these files are ones that I have originally created myself. But some of them have been shared back and forth via email with others and re- downloaded to my computer after being on others systems. 

 

What can I use to ensure there is nothing lurking in those documents that I would not want to get on my new system?

 

I am not sure if my virus software would be up to date since XP is no longer supported.

 

I'm sure someone will suggest cloud storage as an option - I realize this is a possibility but I would really like to not have to pay for the amount of space I would need. It really isn't possible for me to pick and choose just the files I need, I have no idea I need them until I need them. 


BC AdBot (Login to Remove)

 

#2 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Germany
  • Local time:08:49 PM

Posted 11 February 2016 - 05:07 PM

:welcome: to BleepingComputer.

Hi there,

my name is Jo and I will help you with your computer problems.


We check the OLD Computer for malware and clean it, before you copy any files!

Please follow these guidelines:
  • Read and follow the instructions in the sequence they are posted.
  • print or copy & save instructions.
  • back up all your private data / music / important files on another (external) drive before using our tools.
  • Do not install / uninstall any applications, unless otherwise instructed.
  • Use only that tools you have been instructed to use.
  • Copy and Paste the log files inside your post, unless otherwise instructed.
  • Ask for clarification, if you have any questions.
  • Stay with this topic til you get the all clean post.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

***


:step1: Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

***


:step2: Please download Malwarebytes Anti-Rootkit and save it to your desktop.
  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click in the introduction screen "next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
With some infections, you may see two messages boxes.
  • 'Could not load protection driver'. Click 'OK'.
  • 'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
  • If malware is found - do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


:step3: Please download AdwCleaner by Xplode and save to your Desktop.
Double-click AdwCleaner.exe
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
    The actual line should say "Pending. Please uncheck elements you do not want to remove" => scan is complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it.
    If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

***


:step4: MiniToolbox by Farbar

Disable your antivirus if it does not allow you to download the tool!
Please download MiniToolBox, save it to your desktop and run it.
Place a checkmark in Select all, then click Go and post the result (MTB.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Copy and paste the contents of that logfile in your next reply.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.

#3 Agouti

Agouti

  • Members
  • 1,548 posts
  • OFFLINE
    •  
  • Local time:02:49 PM

Posted 11 February 2016 - 06:18 PM

@naughtyeyes,

 

As long as the files you are transferring are not executable they won't pose a danger.  You can know whether a file is executable by looking at its extension.  The following posts by quietman7 could help you to determine which files are executable:

By default, file extensions are not visible but you can change that as follows:

 

a. To Make File Extensions Visible in Windows XP

 

https://support.microsoft.com/en-us/kb/865219 (Scroll down to about the middle of the page)

 

b. To Make File Extensions Visible in Windows 7, 8 and 10

 

http://www.thewindowsclub.com/show-file-extensions-in-windows


#4 naughtyeyes

naughtyeyes
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
    •  
  • Local time:01:49 PM

Posted 11 February 2016 - 10:06 PM

@naughtyeyes,

 

As long as the files you are transferring are not executable they won't pose a danger.  You can know whether a file is executable by looking at its extension.  The following posts by quietman7 could help you to determine which files are executable:

By default, file extensions are not visible but you can change that as follows:

 

a. To Make File Extensions Visible in Windows XP

 

https://support.microsoft.com/en-us/kb/865219 (Scroll down to about the middle of the page)

 

b. To Make File Extensions Visible in Windows 7, 8 and 10

 

http://www.thewindowsclub.com/show-file-extensions-in-windows

To look at the extensions for every file in hundreds of folders would take forever!

 

Edited by naughtyeyes, 11 February 2016 - 10:07 PM.

#5 naughtyeyes

naughtyeyes
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
    •  
  • Local time:01:49 PM

Posted 11 February 2016 - 10:07 PM

 
 
 Results of screen317's Security Check version 1.014 --- 12/23/15  
 Windows XP Service Pack 3 x86   
 Internet Explorer 5 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
AVG Internet Security 2011      
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Windows Defender    
 Java 7 Update 45  
 Java version 32-bit out of Date! 
 Adobe Flash Player 20.0.0.286  
 Adobe Reader XI  
 Mozilla Firefox 15.0.1 Firefox out of Date!  
 Google Chrome (48.0.2564.103) 
 Google Chrome (48.0.2564.109) 
 Google Chrome (plugins...) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C::  
````````````````````End of Log`````````````````````` 

#6 naughtyeyes

naughtyeyes
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
    •  
  • Local time:01:49 PM

Posted 11 February 2016 - 11:47 PM

# AdwCleaner v5.033 - Logfile created 11/02/2016 at 23:40:56
# Updated 07/02/2016 by Xplode
# Database : 2016-02-07.2 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Jess - JESSICA
# Running from : C:\Documents and Settings\Jess\My Documents\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : AVG Security Toolbar Service
Service Found : CouponPrinterService
Service Found : IBUpdaterService
Service Found : Viewpoint Manager Service
 
***** [ Folders ] *****
 
Folder Found : C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
Folder Found : C:\Documents and Settings\All Users\Application Data\Conduit
Folder Found : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Found : C:\Documents and Settings\All Users\Start Menu\Programs\Coupons
Folder Found : C:\Documents and Settings\Jess\Application Data\Viewpoint
Folder Found : C:\Documents and Settings\Jess\Application Data\Yahoo!\Companion
Folder Found : C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\Smartbar
Folder Found : C:\Documents and Settings\Jess\Local Settings\Application Data\Conduit
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\Coupons
Folder Found : C:\Program Files\Viewpoint
Folder Found : C:\WINDOWS\system32\ARFC
Folder Found : C:\WINDOWS\system32\jmdp
Folder Found : C:\WINDOWS\system32\mjcm
Folder Found : C:\WINDOWS\system32\WNLT
 
***** [ Files ] *****
 
File Found : C:\END
File Found : C:\Documents and Settings\Jess\AppData\LocalLow\SkwConfig.bin
File Found : C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\searchplugins\Conduit.xml
File Found : C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\searchplugins\MyStart Search.xml
File Found : C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\user.js
File Found : C:\Documents and Settings\Jess\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_www.hydroflask.com_0.localstorage
File Found : C:\Documents and Settings\Jess\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_www.hydroflask.com_0.localstorage-journal
File Found : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Found : C:\WINDOWS\system32\dmwu.exe
File Found : C:\WINDOWS\system32\ImhxxpComm.dll
 
***** [ DLL ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Key Found : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Key Found : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3067892
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3310511
Key Found : HKCU\Software\Google\Chrome\Extensions\banjjklfojcdbofbhbgiedekefohoaff
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\banjjklfojcdbofbhbgiedekefohoaff
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E4E3E0F8-CD30-4380-8CE9-B96904BDEFCA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1}
Key Found : HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Found : HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
Key Found : HKCU\Software\AVG Security Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\SweetIM
Key Found : HKCU\Software\WNLT
Key Found : HKCU\Software\Yahoo\Companion
Key Found : HKCU\Software\Yahoo\YFriendsBar
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKCU\Software\Zugo
Key Found : HKLM\SOFTWARE\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\MetaStream
Key Found : HKLM\SOFTWARE\SweetIM
Key Found : HKLM\SOFTWARE\Viewpoint
Key Found : HKLM\SOFTWARE\WNLT
Key Found : HKLM\SOFTWARE\Yahoo\Companion
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WNLT
Key Found : HKU\.DEFAULT\Software\AVG Secure Search
Key Found : HKU\.DEFAULT\Software\AVG Security Toolbar
Key Found : HKU\.DEFAULT\Software\IGearSettings
Key Found : HKU\.DEFAULT\Software\IM
Key Found : HKU\.DEFAULT\Software\SweetIM
Key Found : HKU\.DEFAULT\Software\WNLT
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.conduit.com?SearchSource=10&CUI=UN29018547313162027&UM=2&ctid=CT3310511
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9B5AC51A-8E14-42FD-A3F8-16B6B1FBA64D}
Data Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {9B5AC51A-8E14-42FD-A3F8-16B6B1FBA64D}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ROC_roc_dec12]
Value Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run [SearchProtect]
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
 
***** [ Web browsers ] *****
 
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.FF19Solved", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.FirstTime", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.FirstTimeFF3", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.UserID", "UN13304685642362156");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.addressUrlXPETakeover", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.autoDisableScopes", 0);
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.browser.search.defaultthis.engineName", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.defaultSearch", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.defaultSearchXPETakeover", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.enableAlerts", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.enableSearchFromAddressBar", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.fixPageNotFoundError", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.fixUrls", true);
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.installDate", "6/5/2013 19:07:58");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.installId", "stub.exe");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.installSessionId", "{24BADFBB-067F-480E-A5A1-BCE5F9764678}");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.installSp", "TRUE");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.installType", "conduitnsisintegration");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.installUsage", "6/5/2013 19:09:55");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.installUsageEarly", "6/5/2013 19:09:55");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.installerVersion", "1.4.1.3");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.isCheckedStartAsHidden", true);
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.keyword", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.lastVersion", "10.15.2.23");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.migrateAppsAndComponents", true);
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.openThankYouPage", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.openUninstallPage", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.revertSettingsEnabled", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.searchRevert", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.searchUserMode", "2");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.settingsINI", true);
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.shouldFirstTimeDialog", "false");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.smartbar.CTID", "CT3067892");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.smartbar.Uninstall", "0");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.smartbar.homepage", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.smartbar.toolbarName", "Miniclip ");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.startPage", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.startPageXPETakeover", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892.versionFromInstaller", "10.15.2.23");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3067892_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1380661894574,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.FF19Solved", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.FirstTime", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.FirstTimeFF3", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.UserID", "UN34154661662186126");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.browser.search.defaultthis.engineName", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.defaultSearch", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.enableAlerts", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.enableSearchFromAddressBar", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.fixPageNotFoundError", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.fullUserID", "UN34154661662186126.IN.20130926233322");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.installDate", "26/09/2013 23:33:49");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.installId", "cid105");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.installSessionId", "{8F8BCA58-51D1-4CD4-817C-276EEEC3C437}");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.installSp", "TRUE");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.installType", "conduitnsisintegration");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.installerVersion", "1.7.1.4");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.isCheckedStartAsHidden", true);
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.keyword", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.lastVersion", "10.20.1.8");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.openThankYouPage", "false");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.openUninstallPage", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3067892&octid=CT3067892&SearchSource=61&CUI=UN13304685642362156&UM=2&UP=SP001D0A1C-D299-43E9-81BE-8F381AA72A6F");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3067892&SearchSource=2&CUI=UN13304685642362156&UM=2&q=");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.originalSearchEngine", "Miniclip Customized Web Search");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.originalSearchEngineName", "");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.revertSettingsEnabled", "false");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.searchRevert", "false");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.searchUserMode", "2");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.settingsINI", true);
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.shouldFirstTimeDialog", "false");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.smartbar.CTID", "CT3310511");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.smartbar.Uninstall", "0");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.smartbar.homepage", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.smartbar.toolbarName", "SweetPacks ");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.startPage", "true");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.versionFromInstaller", "10.20.1.8");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511.xpeMode", "0");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("CT3310511_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1380661895343,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3067892&SearchSource=2&CUI=UN13304685642362156&UM=2&q=");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("browser.search.defaultthis.engineName", "SweetPacks Customized Web Search");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3310511&CUI=UN34154661662186126&UM=2&SearchSource=3&q={searchTerms}");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("browser.search.selectedEngine", "MyStart Search");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("smartbar.addressBarOwnerCTID", "CT3310511");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3067892&CUI=UN13304685642362156&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3067892&octid=CT3067892&SearchSource[...]
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3067892&SearchSource=2&CUI=UN13304685642362156&UM=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?cti[...]
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("smartbar.defaultSearchOwnerCTID", "CT3310511");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("smartbar.homePageOwnerCTID", "CT3310511");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("smartbar.machineId", "L19SXWCQFHESPWX1JAQDZ70B6VWOTXWQK0XT8S5VKF9GXXQML7X0SPVYFIC8LFUMIBZV+JULYOJTBVRJ7Z/UGQ");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("smartbar.originalHomepage", "about:home");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3067892&SearchSource=2&CUI=UN13304685642362156&UM=2&q=");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("smartbar.originalSearchEngine", "");
[C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3310511&SearchSource=2&CUI=UN34154661662186126&UM=2&q=");
[C:\Documents and Settings\Jess\Local Settings\Application Data\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : banjjklfojcdbofbhbgiedekefohoaff
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [29243 bytes] ##########

MiniToolBox by Farbar  Version: 07-02-2016 01
Ran by Jess (administrator) on 11-02-2016 at 23:45:34
Running from "C:\Documents and Settings\Jess\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Model: Inspiron 1520 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
 
Windows IP Configuration
 
 
 
Successfully flushed the DNS Resolver Cache.
 
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
"network.proxy.no_proxies_on", "*.local"
"network.proxy.type", 0
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
127.0.0.1       localhost
========================= IP Configuration: ================================
 
1394 Net Adapter = 1394 Connection (Connected)
Dell Wireless 1505 Draft 802.11n WLAN Mini-Card = Wireless Network Connection (Connected)
Broadcom 440x 10/100 Integrated Controller = Local Area Connection (Media disconnected)
 
 
# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip
 
 
# Interface IP Configuration for "Local Area Connection"
 
set address name="Local Area Connection" source=dhcp 
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp
 
# Interface IP Configuration for "Wireless Network Connection"
 
set address name="Wireless Network Connection" source=dhcp 
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp
 
 
popd
# End of interface IP configuration
 
 
 
 
Windows IP Configuration
 
 
 
        Host Name . . . . . . . . . . . . : jessica
 
        Primary Dns Suffix  . . . . . . . : 
 
        Node Type . . . . . . . . . . . . : Broadcast
 
        IP Routing Enabled. . . . . . . . : No
 
        WINS Proxy Enabled. . . . . . . . : No
 
        DNS Suffix Search List. . . . . . : Home
 
 
 
Ethernet adapter Local Area Connection:
 
 
 
        Media State . . . . . . . . . . . : Media disconnected
 
        Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller
 
        Physical Address. . . . . . . . . : 00-1D-09-A8-B4-42
 
 
 
Ethernet adapter Wireless Network Connection:
 
 
 
        Connection-specific DNS Suffix  . : Home
 
        Description . . . . . . . . . . . : Dell Wireless 1505 Draft 802.11n WLAN Mini-Card
 
        Physical Address. . . . . . . . . : 00-1D-D9-45-77-FA
 
        Dhcp Enabled. . . . . . . . . . . : Yes
 
        Autoconfiguration Enabled . . . . : Yes
 
        IP Address. . . . . . . . . . . . : 192.168.254.5
 
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
 
        Default Gateway . . . . . . . . . : 192.168.254.254
 
        DHCP Server . . . . . . . . . . . : 192.168.254.254
 
        DNS Servers . . . . . . . . . . . : 192.168.254.254
 
        Lease Obtained. . . . . . . . . . : Thursday, February 11, 2016 4:30:00 PM
 
        Lease Expires . . . . . . . . . . : Friday, August 04, 2023 7:30:00 AM
 
Server:  MyRouter.Home
Address:  192.168.254.254
 
Name:    google.com
Address:  216.58.216.110
 
 
 
Pinging google.com [216.58.216.110] with 32 bytes of data:
 
 
 
Reply from 216.58.216.110: bytes=32 time=77ms TTL=49
 
Reply from 216.58.216.110: bytes=32 time=84ms TTL=49
 
 
 
Ping statistics for 216.58.216.110:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 77ms, Maximum = 84ms, Average = 80ms
 
Server:  MyRouter.Home
Address:  192.168.254.254
 
Name:    yahoo.com
Addresses:  206.190.36.45, 98.139.183.24, 98.138.253.109
 
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
 
 
 
Reply from 98.139.183.24: bytes=32 time=95ms TTL=49
 
Reply from 98.139.183.24: bytes=32 time=88ms TTL=49
 
 
 
Ping statistics for 98.139.183.24:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 88ms, Maximum = 95ms, Average = 91ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
 
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1d 09 a8 b4 42 ...... Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
0x3 ...00 1d d9 45 77 fa ...... Dell Wireless 1505 Draft 802.11n WLAN Mini-Card - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0  192.168.254.254   192.168.254.5  25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1  1
      169.254.0.0      255.255.0.0    192.168.254.5   192.168.254.5  20
    192.168.254.0    255.255.255.0    192.168.254.5   192.168.254.5  25
    192.168.254.5  255.255.255.255        127.0.0.1       127.0.0.1  25
  192.168.254.255  255.255.255.255    192.168.254.5   192.168.254.5  25
        224.0.0.0        240.0.0.0    192.168.254.5   192.168.254.5  25
  255.255.255.255  255.255.255.255    192.168.254.5   192.168.254.5  1
  255.255.255.255  255.255.255.255    192.168.254.5               2  1
Default Gateway:   192.168.254.254
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/11/2016 10:09:54 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (02/11/2016 10:09:54 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (02/11/2016 07:35:09 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12390
 
Error: (02/11/2016 07:35:09 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12390
 
Error: (02/11/2016 07:35:09 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/11/2016 07:35:06 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9062
 
Error: (02/11/2016 07:35:06 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9062
 
Error: (02/11/2016 07:35:06 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/11/2016 07:35:03 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6500
 
Error: (02/11/2016 07:35:03 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6500
 
 
System errors:
=============
Error: (02/11/2016 11:17:02 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D
 
Error: (02/11/2016 11:16:58 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D
 
Error: (02/11/2016 11:16:53 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D
 
Error: (02/11/2016 11:16:48 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D
 
Error: (02/11/2016 11:16:44 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D
 
Error: (02/11/2016 11:16:39 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D
 
Error: (02/11/2016 10:21:47 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D
 
Error: (02/11/2016 10:21:43 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D
 
Error: (02/11/2016 10:21:38 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D
 
Error: (02/11/2016 10:21:33 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D
 
 
Microsoft Office Sessions:
=========================
Error: (04/18/2012 03:51:22 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1506 seconds with 120 seconds of active time.  This session ended with a crash.
 
Error: (02/20/2012 10:06:20 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1250 seconds with 1080 seconds of active time.  This session ended with a crash.
 
 
=========================== Installed Programs ============================
 
32 Bit HP CIO Components Installer (HKLM\...\{A80FA752-C491-4ED9-ABF0-4278563160B2}) (Version: 7.1.8 - Hewlett-Packard) Hidden
6500_E709_eDocs (HKLM\...\{DE13432E-F0C1-4842-A5BA-CC997DA72A70}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
7000E809a_BasicWeb (HKLM\...\{774253BF-25C6-49FC-BF53-EA0FBD5F0DD4}) (Version: 140.0.000.000 - Hewlett-Packard) Hidden
7000E809a_Help_BasicWeb (HKLM\...\{2A57A661-D340-44E0-82DC-6B91CBEDBF41}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}) (Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.7.637 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version:  - )
Advanced Video FX Engine (HKLM\...\Advanced Video FX Engine) (Version:  - )
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
bpd_scan (HKLM\...\{57F60D52-630B-43C5-BD20-176F5CD4EED6}) (Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (HKLM\...\{38DAE5F5-EC70-4aa5-801B-D11CA0A33B41}) (Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (HKLM\...\{6CC080F1-2E00-41D5-BE47-A3BC784E9DFB}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (HKLM\...\{756BCE8E-1AFA-4D74-A704-6E0252665891}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Broadcom 440x 10/100 Integrated Controller (HKLM\...\{612B9183-67A9-4B44-9877-2F059E35B86A}) (Version: 10.04.01 - Broadcom Corporation)
BufferChm (HKLM\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HDA D330 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F) (Version: 7.74.00 - Conexant)
Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.1.2) (Version: 5.0.1.2 - Coupons.com Incorporated)
Dell Resource CD (HKLM\...\{42929F0F-CE14-47AF-9FC7-FF297A603021}) (Version: 1.00.0000 - Dell Inc.)
DELL Webcam Center (HKLM\...\DELL Webcam Center) (Version:  - )
DELL Webcam Manager (HKLM\...\DELL Webcam Manager) (Version:  - )
Dell Wireless WLAN Card (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.170.25.12 - Dell Inc.)
Destination Component (HKLM\...\{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}) (Version: 110.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM\...\{F769B78E-FF0E-4db5-95E2-9F4C8D6352FE}) (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Express Burn (HKLM\...\ExpressBurn) (Version:  - NCH Software)
Fax (HKLM\...\{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}) (Version: 120.0.194.000 - Hewlett-Packard) Hidden
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.5 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Imaging Device Functions 12.0 (HKLM\...\HP Imaging Device Functions) (Version: 12.0 - HP)
HP Officejet 6500 E709 Series (HKLM\...\{FA0F0A01-4631-4161-A6C2-948BF694382E}) (Version: 12.0 - HP)
HP Officejet 7000 E809a Series (HKLM\...\{5A9CA18F-976B-4F44-8716-457B6D39FDCF}) (Version: 14.0 - HP)
HP Officejet 7500 E910 Basic Device Software (HKLM\...\{634FA727-B731-4204-AADC-D6F34F41374F}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet 7500 E910 Help (HKLM\...\{24DC9885-E759-4BD2-8A20-D4AC509A7FDE}) (Version: 140.0.93.93 - Hewlett Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (HKLM\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IB Updater Service (HKLM\...\WNLT) (Version: 5.1.5.4 - )
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{C197BC08-3D82-4651-8886-E68C21578A38}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (HKLM\...\{4A03706F-666A-4037-7777-5F2748764D10}) (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (HKLM\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Laptop Integrated Webcam Driver (1.04.01.1011)   (HKLM\...\Creative OEM002) (Version:  - )
Mabinogi (HKLM\...\Mabinogi) (Version:  - devCAT)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Calculator Plus (HKLM\...\{83073C45-3003-4671-9A86-243AAADD915A}) (Version: 1.0.0 - Microsoft)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95120000-0122-0409-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office Small Business 2007 (HKLM\...\SMALLBUSINESSR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Mozilla Firefox 15.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 15.0.1 (x86 en-US)) (Version: 15.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 15.0.1 - Mozilla)
MSVCSetup (HKLM\...\{3700194C-C5DD-439A-BE06-A66960CA4C70}) (Version: 1.00.0000 - HP) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Network (HKLM\...\{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}) (Version: 140.0.215.000 - Hewlett-Packard) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
OGA Notifier 2.0.0048.0 (HKLM\...\{B2544A03-10D0-4E5E-BA69-0362FFC20D18}) (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Paint.NET v3.36 (HKLM\...\{43602F34-1AA3-44FB-AEB2-D08C2C73743F}) (Version: 3.36.0 - dotPDN LLC)
QuickBooks (HKLM\...\{25E202D1-D8E7-46AF-B4B0-157D9993A93E}) (Version: 22.0.4015.2206 - Intuit Inc.) Hidden
QuickBooks Pro 2012 (HKLM\...\{22057D8D-7CC8-46FF-AD8C-9BD24F9014F3}) (Version: 22.0.4015.2206 - Intuit Inc.)
QuickSet (HKLM\...\{C5074CC4-0E26-4716-A307-960272A90040}) (Version: 8.3.17 - Dell Computer Corporation)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Rosetta Stone Ltd Services (HKLM\...\{3165E4A6-D5DE-46B0-8597-D55E2B826B84}) (Version: 3.2.21 - Rosetta Stone Ltd.)
Rosetta Stone TOTALe (HKLM\...\{6B6BC189-D606-4BC7-9758-E6C364F76A55}) (Version: 4.5.5.0 - Rosetta Stone, Ltd)
Scan (HKLM\...\{9CCCFD9C-248F-47FE-9496-1680E3E5C163}) (Version: 12.0.0.0 - Hewlett-Packard) Hidden
Segoe UI (HKLM\...\{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}) (Version: 14.0.4327.805 - Microsoft Corp) Hidden
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5210.0 - SigmaTel)
Skype web features (HKLM\...\{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}) (Version: 1.0.3971 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SolutionCenter (HKLM\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (HKLM\...\{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}) (Version: 120.0.194.000 - Hewlett-Packard) Hidden
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Toolbox (HKLM\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (HKLM\...\{4D304678-738E-42a0-931A-2B022F49DEB8}) (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Try Corel Snapfire muvee autoProducer add on (HKLM\...\{12665B01-3F3A-4433-B179-9D8E352D7547}) (Version: 1.00.0000 - Corel Corporation) Hidden
UnloadSupport (HKLM\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Windows XP (KB2492386) (HKLM\...\KB2492386) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676-v2) (HKLM\...\KB2616676-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Viewpoint Media Player (HKLM\...\ViewpointMediaPlayer) (Version:  - )
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
WebFldrs XP (HKLM\...\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}) (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (HKLM\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.213.017 - Hewlett-Packard) Hidden
Windows Defender (HKLM\...\{A06275F4-324B-4E85-95E6-87B2CD729401}) (Version: 1.1.1593.21 - Microsoft Corporation)
Windows Driver Package - Ricoh Company (rimsptsk) hdc  (11/14/2006 6.00.01.04) (HKLM\...\4569969E1360D2854474C661EF9B4D54F143EB16) (Version: 11/14/2006 6.00.01.04 - Ricoh Company)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{10A44844-4465-456E-8C97-80BDD4F68845}) (Version: 6.500.3146.0 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version:  - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
 
========================= Devices: ================================
 
Name: Officejet 7500 E910
Description: Officejet 7500 E910
Class Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}
Manufacturer: HP
Service: 
Device ID: ROOT\MULTIFUNCTION\0000
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Officejet Pro 8100
Description: Officejet Pro 8100
Class Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}
Manufacturer: HP
Service: 
Device ID: ROOT\MULTIFUNCTION\0001
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Photosmart C7200 series
Description: Photosmart C7200 series
Class Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}
Manufacturer: HP
Service: 
Device ID: ROOT\MULTIFUNCTION\0002
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Officejet Pro 8600
Description: Officejet Pro 8600
Class Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}
Manufacturer: HP
Service: 
Device ID: ROOT\MULTIFUNCTION\0003
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 63%
Total physical RAM: 2045.97 MB
Available physical RAM: 751.11 MB
Total Virtual: 4959.64 MB
Available Virtual: 3444.62 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:71.48 GB) (Free:7.01 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\JESSICA
 
Administrator            ASPNET                   Guest                    
HelpAssistant            Jess                     SUPPORT_388945a0         
 
========================= Minidump Files ==================================
 
C:\WINDOWS\Minidump\Mini021615-01.dmp
C:\WINDOWS\Minidump\Mini051113-01.dmp
C:\WINDOWS\Minidump\Mini061012-01.dmp
C:\WINDOWS\Minidump\Mini070913-01.dmp
C:\WINDOWS\Minidump\Mini071313-01.dmp
C:\WINDOWS\Minidump\Mini071909-01.dmp
C:\WINDOWS\Minidump\Mini072613-01.dmp
C:\WINDOWS\Minidump\Mini081213-01.dmp
C:\WINDOWS\Minidump\Mini090915-01.dmp
C:\WINDOWS\Minidump\Mini092813-01.dmp
C:\WINDOWS\Minidump\Mini101014-01.dmp
C:\WINDOWS\Minidump\Mini111209-01.dmp
C:\WINDOWS\Minidump\Mini120315-01.dmp
C:\WINDOWS\Minidump\Mini122612-01.dmp
========================= Restore Points ==================================
 
16-11-2015 13:16:08 System Checkpoint
17-11-2015 14:04:57 Software Distribution Service 3.0
18-11-2015 14:43:30 System Checkpoint
19-11-2015 01:42:55 Software Distribution Service 3.0
20-11-2015 02:14:39 System Checkpoint
23-11-2015 16:01:49 Software Distribution Service 3.0
02-12-2015 14:41:57 Software Distribution Service 3.0
04-12-2015 01:55:28 Software Distribution Service 3.0
08-12-2015 14:01:37 Software Distribution Service 3.0
09-12-2015 14:03:47 Software Distribution Service 3.0
11-12-2015 03:26:45 Software Distribution Service 3.0
15-12-2015 04:07:50 Software Distribution Service 3.0
16-12-2015 15:04:47 Software Distribution Service 3.0
28-12-2015 12:49:40 Software Distribution Service 3.0
29-12-2015 13:09:41 Software Distribution Service 3.0
30-12-2015 13:09:49 Software Distribution Service 3.0
31-12-2015 13:09:47 Software Distribution Service 3.0
01-01-2016 13:09:26 Software Distribution Service 3.0
02-01-2016 13:14:38 System Checkpoint
03-01-2016 13:26:38 System Checkpoint
04-01-2016 13:09:44 Software Distribution Service 3.0
05-01-2016 13:10:02 Software Distribution Service 3.0
06-01-2016 13:09:58 Software Distribution Service 3.0
07-01-2016 13:09:54 Software Distribution Service 3.0
08-01-2016 13:09:52 Software Distribution Service 3.0
10-01-2016 02:47:51 Software Distribution Service 3.0
11-01-2016 18:16:52 Software Distribution Service 3.0
13-01-2016 01:31:32 Software Distribution Service 3.0
18-01-2016 13:18:45 Software Distribution Service 3.0
20-01-2016 04:46:03 Software Distribution Service 3.0
21-01-2016 15:15:59 Software Distribution Service 3.0
22-01-2016 15:37:13 System Checkpoint
22-01-2016 20:17:16 Software Distribution Service 3.0
23-01-2016 20:17:20 Software Distribution Service 3.0
24-01-2016 20:17:07 Software Distribution Service 3.0
25-01-2016 20:17:07 Software Distribution Service 3.0
26-01-2016 20:17:08 Software Distribution Service 3.0
29-01-2016 02:17:12 Software Distribution Service 3.0
03-02-2016 21:15:28 Software Distribution Service 3.0
04-02-2016 21:16:23 Software Distribution Service 3.0
09-02-2016 04:03:47 Software Distribution Service 3.0
11-02-2016 00:56:25 Software Distribution Service 3.0
11-02-2016 12:18:49 Software Distribution Service 3.0
 
**** End of log ****

#7 naughtyeyes

naughtyeyes
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
    •  
  • Local time:01:49 PM

Posted 11 February 2016 - 11:48 PM

MiniToolBox by Farbar  Version: 07-02-2016 01
Ran by Jess (administrator) on 11-02-2016 at 23:45:34
Running from "C:\Documents and Settings\Jess\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Model: Inspiron 1520 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
 
Windows IP Configuration
 
 
 
Successfully flushed the DNS Resolver Cache.
 
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
"network.proxy.no_proxies_on", "*.local"
"network.proxy.type", 0
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
127.0.0.1       localhost
========================= IP Configuration: ================================
 
1394 Net Adapter = 1394 Connection (Connected)
Dell Wireless 1505 Draft 802.11n WLAN Mini-Card = Wireless Network Connection (Connected)
Broadcom 440x 10/100 Integrated Controller = Local Area Connection (Media disconnected)
 
 
# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip
 
 
# Interface IP Configuration for "Local Area Connection"
 
set address name="Local Area Connection" source=dhcp 
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp
 
# Interface IP Configuration for "Wireless Network Connection"
 
set address name="Wireless Network Connection" source=dhcp 
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp
 
 
popd
# End of interface IP configuration
 
 
 
 
Windows IP Configuration
 
 
 
        Host Name . . . . . . . . . . . . : jessica
 
        Primary Dns Suffix  . . . . . . . : 
 
        Node Type . . . . . . . . . . . . : Broadcast
 
        IP Routing Enabled. . . . . . . . : No
 
        WINS Proxy Enabled. . . . . . . . : No
 
        DNS Suffix Search List. . . . . . : Home
 
 
 
Ethernet adapter Local Area Connection:
 
 
 
        Media State . . . . . . . . . . . : Media disconnected
 
        Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller
 
        Physical Address. . . . . . . . . : 00-1D-09-A8-B4-42
 
 
 
Ethernet adapter Wireless Network Connection:
 
 
 
        Connection-specific DNS Suffix  . : Home
 
        Description . . . . . . . . . . . : Dell Wireless 1505 Draft 802.11n WLAN Mini-Card
 
        Physical Address. . . . . . . . . : 00-1D-D9-45-77-FA
 
        Dhcp Enabled. . . . . . . . . . . : Yes
 
        Autoconfiguration Enabled . . . . : Yes
 
        IP Address. . . . . . . . . . . . : 192.168.254.5
 
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
 
        Default Gateway . . . . . . . . . : 192.168.254.254
 
        DHCP Server . . . . . . . . . . . : 192.168.254.254
 
        DNS Servers . . . . . . . . . . . : 192.168.254.254
 
        Lease Obtained. . . . . . . . . . : Thursday, February 11, 2016 4:30:00 PM
 
        Lease Expires . . . . . . . . . . : Friday, August 04, 2023 7:30:00 AM
 
Server:  MyRouter.Home
Address:  192.168.254.254
 
Name:    google.com
Address:  216.58.216.110
 
 
 
Pinging google.com [216.58.216.110] with 32 bytes of data:
 
 
 
Reply from 216.58.216.110: bytes=32 time=77ms TTL=49
 
Reply from 216.58.216.110: bytes=32 time=84ms TTL=49
 
 
 
Ping statistics for 216.58.216.110:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 77ms, Maximum = 84ms, Average = 80ms
 
Server:  MyRouter.Home
Address:  192.168.254.254
 
Name:    yahoo.com
Addresses:  206.190.36.45, 98.139.183.24, 98.138.253.109
 
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
 
 
 
Reply from 98.139.183.24: bytes=32 time=95ms TTL=49
 
Reply from 98.139.183.24: bytes=32 time=88ms TTL=49
 
 
 
Ping statistics for 98.139.183.24:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 88ms, Maximum = 95ms, Average = 91ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
 
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1d 09 a8 b4 42 ...... Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
0x3 ...00 1d d9 45 77 fa ...... Dell Wireless 1505 Draft 802.11n WLAN Mini-Card - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0  192.168.254.254   192.168.254.5  25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1  1
      169.254.0.0      255.255.0.0    192.168.254.5   192.168.254.5  20
    192.168.254.0    255.255.255.0    192.168.254.5   192.168.254.5  25
    192.168.254.5  255.255.255.255        127.0.0.1       127.0.0.1  25
  192.168.254.255  255.255.255.255    192.168.254.5   192.168.254.5  25
        224.0.0.0        240.0.0.0    192.168.254.5   192.168.254.5  25
  255.255.255.255  255.255.255.255    192.168.254.5   192.168.254.5  1
  255.255.255.255  255.255.255.255    192.168.254.5               2  1
Default Gateway:   192.168.254.254
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/11/2016 10:09:54 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (02/11/2016 10:09:54 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (02/11/2016 07:35:09 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12390
 
Error: (02/11/2016 07:35:09 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12390
 
Error: (02/11/2016 07:35:09 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/11/2016 07:35:06 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9062
 
Error: (02/11/2016 07:35:06 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9062
 
Error: (02/11/2016 07:35:06 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/11/2016 07:35:03 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6500
 
Error: (02/11/2016 07:35:03 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6500
 
 
System errors:
=============
Error: (02/11/2016 11:17:02 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D
 
Error: (02/11/2016 11:16:58 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D
 
Error: (02/11/2016 11:16:53 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D
 
Error: (02/11/2016 11:16:48 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D
 
Error: (02/11/2016 11:16:44 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D
 
Error: (02/11/2016 11:16:39 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D
 
Error: (02/11/2016 10:21:47 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D
 
Error: (02/11/2016 10:21:43 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D
 
Error: (02/11/2016 10:21:38 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D
 
Error: (02/11/2016 10:21:33 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D
 
 
Microsoft Office Sessions:
=========================
Error: (04/18/2012 03:51:22 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1506 seconds with 120 seconds of active time.  This session ended with a crash.
 
Error: (02/20/2012 10:06:20 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1250 seconds with 1080 seconds of active time.  This session ended with a crash.
 
 
=========================== Installed Programs ============================
 
32 Bit HP CIO Components Installer (HKLM\...\{A80FA752-C491-4ED9-ABF0-4278563160B2}) (Version: 7.1.8 - Hewlett-Packard) Hidden
6500_E709_eDocs (HKLM\...\{DE13432E-F0C1-4842-A5BA-CC997DA72A70}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
7000E809a_BasicWeb (HKLM\...\{774253BF-25C6-49FC-BF53-EA0FBD5F0DD4}) (Version: 140.0.000.000 - Hewlett-Packard) Hidden
7000E809a_Help_BasicWeb (HKLM\...\{2A57A661-D340-44E0-82DC-6B91CBEDBF41}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}) (Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.7.637 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version:  - )
Advanced Video FX Engine (HKLM\...\Advanced Video FX Engine) (Version:  - )
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
bpd_scan (HKLM\...\{57F60D52-630B-43C5-BD20-176F5CD4EED6}) (Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (HKLM\...\{38DAE5F5-EC70-4aa5-801B-D11CA0A33B41}) (Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (HKLM\...\{6CC080F1-2E00-41D5-BE47-A3BC784E9DFB}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (HKLM\...\{756BCE8E-1AFA-4D74-A704-6E0252665891}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Broadcom 440x 10/100 Integrated Controller (HKLM\...\{612B9183-67A9-4B44-9877-2F059E35B86A}) (Version: 10.04.01 - Broadcom Corporation)
BufferChm (HKLM\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HDA D330 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F) (Version: 7.74.00 - Conexant)
Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.1.2) (Version: 5.0.1.2 - Coupons.com Incorporated)
Dell Resource CD (HKLM\...\{42929F0F-CE14-47AF-9FC7-FF297A603021}) (Version: 1.00.0000 - Dell Inc.)
DELL Webcam Center (HKLM\...\DELL Webcam Center) (Version:  - )
DELL Webcam Manager (HKLM\...\DELL Webcam Manager) (Version:  - )
Dell Wireless WLAN Card (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.170.25.12 - Dell Inc.)
Destination Component (HKLM\...\{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}) (Version: 110.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM\...\{F769B78E-FF0E-4db5-95E2-9F4C8D6352FE}) (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Express Burn (HKLM\...\ExpressBurn) (Version:  - NCH Software)
Fax (HKLM\...\{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}) (Version: 120.0.194.000 - Hewlett-Packard) Hidden
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.5 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Imaging Device Functions 12.0 (HKLM\...\HP Imaging Device Functions) (Version: 12.0 - HP)
HP Officejet 6500 E709 Series (HKLM\...\{FA0F0A01-4631-4161-A6C2-948BF694382E}) (Version: 12.0 - HP)
HP Officejet 7000 E809a Series (HKLM\...\{5A9CA18F-976B-4F44-8716-457B6D39FDCF}) (Version: 14.0 - HP)
HP Officejet 7500 E910 Basic Device Software (HKLM\...\{634FA727-B731-4204-AADC-D6F34F41374F}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet 7500 E910 Help (HKLM\...\{24DC9885-E759-4BD2-8A20-D4AC509A7FDE}) (Version: 140.0.93.93 - Hewlett Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (HKLM\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IB Updater Service (HKLM\...\WNLT) (Version: 5.1.5.4 - )
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{C197BC08-3D82-4651-8886-E68C21578A38}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (HKLM\...\{4A03706F-666A-4037-7777-5F2748764D10}) (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (HKLM\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Laptop Integrated Webcam Driver (1.04.01.1011)   (HKLM\...\Creative OEM002) (Version:  - )
Mabinogi (HKLM\...\Mabinogi) (Version:  - devCAT)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Calculator Plus (HKLM\...\{83073C45-3003-4671-9A86-243AAADD915A}) (Version: 1.0.0 - Microsoft)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95120000-0122-0409-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office Small Business 2007 (HKLM\...\SMALLBUSINESSR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Mozilla Firefox 15.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 15.0.1 (x86 en-US)) (Version: 15.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 15.0.1 - Mozilla)
MSVCSetup (HKLM\...\{3700194C-C5DD-439A-BE06-A66960CA4C70}) (Version: 1.00.0000 - HP) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Network (HKLM\...\{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}) (Version: 140.0.215.000 - Hewlett-Packard) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
OGA Notifier 2.0.0048.0 (HKLM\...\{B2544A03-10D0-4E5E-BA69-0362FFC20D18}) (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Paint.NET v3.36 (HKLM\...\{43602F34-1AA3-44FB-AEB2-D08C2C73743F}) (Version: 3.36.0 - dotPDN LLC)
QuickBooks (HKLM\...\{25E202D1-D8E7-46AF-B4B0-157D9993A93E}) (Version: 22.0.4015.2206 - Intuit Inc.) Hidden
QuickBooks Pro 2012 (HKLM\...\{22057D8D-7CC8-46FF-AD8C-9BD24F9014F3}) (Version: 22.0.4015.2206 - Intuit Inc.)
QuickSet (HKLM\...\{C5074CC4-0E26-4716-A307-960272A90040}) (Version: 8.3.17 - Dell Computer Corporation)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Rosetta Stone Ltd Services (HKLM\...\{3165E4A6-D5DE-46B0-8597-D55E2B826B84}) (Version: 3.2.21 - Rosetta Stone Ltd.)
Rosetta Stone TOTALe (HKLM\...\{6B6BC189-D606-4BC7-9758-E6C364F76A55}) (Version: 4.5.5.0 - Rosetta Stone, Ltd)
Scan (HKLM\...\{9CCCFD9C-248F-47FE-9496-1680E3E5C163}) (Version: 12.0.0.0 - Hewlett-Packard) Hidden
Segoe UI (HKLM\...\{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}) (Version: 14.0.4327.805 - Microsoft Corp) Hidden
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5210.0 - SigmaTel)
Skype web features (HKLM\...\{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}) (Version: 1.0.3971 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SolutionCenter (HKLM\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (HKLM\...\{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}) (Version: 120.0.194.000 - Hewlett-Packard) Hidden
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Toolbox (HKLM\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (HKLM\...\{4D304678-738E-42a0-931A-2B022F49DEB8}) (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Try Corel Snapfire muvee autoProducer add on (HKLM\...\{12665B01-3F3A-4433-B179-9D8E352D7547}) (Version: 1.00.0000 - Corel Corporation) Hidden
UnloadSupport (HKLM\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Windows XP (KB2492386) (HKLM\...\KB2492386) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676-v2) (HKLM\...\KB2616676-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Viewpoint Media Player (HKLM\...\ViewpointMediaPlayer) (Version:  - )
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
WebFldrs XP (HKLM\...\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}) (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (HKLM\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.213.017 - Hewlett-Packard) Hidden
Windows Defender (HKLM\...\{A06275F4-324B-4E85-95E6-87B2CD729401}) (Version: 1.1.1593.21 - Microsoft Corporation)
Windows Driver Package - Ricoh Company (rimsptsk) hdc  (11/14/2006 6.00.01.04) (HKLM\...\4569969E1360D2854474C661EF9B4D54F143EB16) (Version: 11/14/2006 6.00.01.04 - Ricoh Company)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{10A44844-4465-456E-8C97-80BDD4F68845}) (Version: 6.500.3146.0 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version:  - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
 
========================= Devices: ================================
 
Name: Officejet 7500 E910
Description: Officejet 7500 E910
Class Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}
Manufacturer: HP
Service: 
Device ID: ROOT\MULTIFUNCTION\0000
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Officejet Pro 8100
Description: Officejet Pro 8100
Class Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}
Manufacturer: HP
Service: 
Device ID: ROOT\MULTIFUNCTION\0001
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Photosmart C7200 series
Description: Photosmart C7200 series
Class Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}
Manufacturer: HP
Service: 
Device ID: ROOT\MULTIFUNCTION\0002
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Officejet Pro 8600
Description: Officejet Pro 8600
Class Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}
Manufacturer: HP
Service: 
Device ID: ROOT\MULTIFUNCTION\0003
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 63%
Total physical RAM: 2045.97 MB
Available physical RAM: 751.11 MB
Total Virtual: 4959.64 MB
Available Virtual: 3444.62 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:71.48 GB) (Free:7.01 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\JESSICA
 
Administrator            ASPNET                   Guest                    
HelpAssistant            Jess                     SUPPORT_388945a0         
 
========================= Minidump Files ==================================
 
C:\WINDOWS\Minidump\Mini021615-01.dmp
C:\WINDOWS\Minidump\Mini051113-01.dmp
C:\WINDOWS\Minidump\Mini061012-01.dmp
C:\WINDOWS\Minidump\Mini070913-01.dmp
C:\WINDOWS\Minidump\Mini071313-01.dmp
C:\WINDOWS\Minidump\Mini071909-01.dmp
C:\WINDOWS\Minidump\Mini072613-01.dmp
C:\WINDOWS\Minidump\Mini081213-01.dmp
C:\WINDOWS\Minidump\Mini090915-01.dmp
C:\WINDOWS\Minidump\Mini092813-01.dmp
C:\WINDOWS\Minidump\Mini101014-01.dmp
C:\WINDOWS\Minidump\Mini111209-01.dmp
C:\WINDOWS\Minidump\Mini120315-01.dmp
C:\WINDOWS\Minidump\Mini122612-01.dmp
========================= Restore Points ==================================
 
16-11-2015 13:16:08 System Checkpoint
17-11-2015 14:04:57 Software Distribution Service 3.0
18-11-2015 14:43:30 System Checkpoint
19-11-2015 01:42:55 Software Distribution Service 3.0
20-11-2015 02:14:39 System Checkpoint
23-11-2015 16:01:49 Software Distribution Service 3.0
02-12-2015 14:41:57 Software Distribution Service 3.0
04-12-2015 01:55:28 Software Distribution Service 3.0
08-12-2015 14:01:37 Software Distribution Service 3.0
09-12-2015 14:03:47 Software Distribution Service 3.0
11-12-2015 03:26:45 Software Distribution Service 3.0
15-12-2015 04:07:50 Software Distribution Service 3.0
16-12-2015 15:04:47 Software Distribution Service 3.0
28-12-2015 12:49:40 Software Distribution Service 3.0
29-12-2015 13:09:41 Software Distribution Service 3.0
30-12-2015 13:09:49 Software Distribution Service 3.0
31-12-2015 13:09:47 Software Distribution Service 3.0
01-01-2016 13:09:26 Software Distribution Service 3.0
02-01-2016 13:14:38 System Checkpoint
03-01-2016 13:26:38 System Checkpoint
04-01-2016 13:09:44 Software Distribution Service 3.0
05-01-2016 13:10:02 Software Distribution Service 3.0
06-01-2016 13:09:58 Software Distribution Service 3.0
07-01-2016 13:09:54 Software Distribution Service 3.0
08-01-2016 13:09:52 Software Distribution Service 3.0
10-01-2016 02:47:51 Software Distribution Service 3.0
11-01-2016 18:16:52 Software Distribution Service 3.0
13-01-2016 01:31:32 Software Distribution Service 3.0
18-01-2016 13:18:45 Software Distribution Service 3.0
20-01-2016 04:46:03 Software Distribution Service 3.0
21-01-2016 15:15:59 Software Distribution Service 3.0
22-01-2016 15:37:13 System Checkpoint
22-01-2016 20:17:16 Software Distribution Service 3.0
23-01-2016 20:17:20 Software Distribution Service 3.0
24-01-2016 20:17:07 Software Distribution Service 3.0
25-01-2016 20:17:07 Software Distribution Service 3.0
26-01-2016 20:17:08 Software Distribution Service 3.0
29-01-2016 02:17:12 Software Distribution Service 3.0
03-02-2016 21:15:28 Software Distribution Service 3.0
04-02-2016 21:16:23 Software Distribution Service 3.0
09-02-2016 04:03:47 Software Distribution Service 3.0
11-02-2016 00:56:25 Software Distribution Service 3.0
11-02-2016 12:18:49 Software Distribution Service 3.0
 
**** End of log ****

#8 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Germany
  • Local time:08:49 PM

Posted 12 February 2016 - 05:02 AM

Hello,

:step1: Run Malwarebytes Anti-Rootkit again: Right-click mbar.exe and select Run As Administrator
  • Scan your system for malware
  • If malware is found, click on the Cleanup
  • button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • then please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


:step2: Double click on AdwCleaner.exe to run the tool again.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • When the scan has finished, the actual line should say "Pending. Please uncheck elements you do not want to remove". Look through the scan results and uncheck any entries that you do not wish to remove.
  • This time, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[C#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

***


:step3: Please download Junkware Removal Tool from HERE and save it to your desktop.
Shutdown your antivirus to avoid any potential conflicts.
Double click JRT.exe to run the tool.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • JRT will begin to backup your registry and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, the log JRT.txt is saved on your desktop and will automatically open.
Enable your antivirus!
Post the contents of JRT.txt into your next reply.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.

#9 Agouti

Agouti

  • Members
  • 1,548 posts
  • OFFLINE
    •  
  • Local time:02:49 PM

Posted 12 February 2016 - 09:47 AM

To look at the extensions for every file in hundreds of folders would take forever!

Not really.  If you work smart it won't take much time at all.  What I would do is search for the potentially harmful file extensions using wildcards, e.g. *.exe.  Also, when it comes to Microsoft Office file extensions you said you created those files yourself so you should know whether they contain any macros.


#10 naughtyeyes

naughtyeyes
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
    •  
  • Local time:01:49 PM

Posted 13 February 2016 - 08:41 PM

# AdwCleaner v5.033 - Logfile created 13/02/2016 at 20:26:46
# Updated 07/02/2016 by Xplode
# Database : 2016-02-07.2 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Jess - JESSICA
# Running from : C:\Documents and Settings\Jess\My Documents\Downloads\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
[-] Service Deleted : AVG Security Toolbar Service
[-] Service Deleted : CouponPrinterService
[-] Service Deleted : Viewpoint Manager Service
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[-] Folder Deleted : C:\Documents and Settings\All Users\Application Data\Conduit
[-] Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
[-] Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\Coupons
[-] Folder Deleted : C:\Documents and Settings\Jess\Application Data\Viewpoint
[-] Folder Deleted : C:\Documents and Settings\Jess\Application Data\Yahoo!\Companion
[-] Folder Deleted : C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\Smartbar
[-] Folder Deleted : C:\Documents and Settings\Jess\Local Settings\Application Data\Conduit
[-] Folder Deleted : C:\Program Files\Conduit
[-] Folder Deleted : C:\Program Files\Coupons
[-] Folder Deleted : C:\Program Files\Viewpoint
[-] Folder Deleted : C:\WINDOWS\system32\ARFC
[-] Folder Deleted : C:\WINDOWS\system32\jmdp
[-] Folder Deleted : C:\WINDOWS\system32\mjcm
[-] Folder Deleted : C:\WINDOWS\system32\WNLT
 
***** [ Files ] *****
 
[-] File Deleted : C:\END
[-] File Deleted : C:\Documents and Settings\Jess\AppData\LocalLow\SkwConfig.bin
[-] File Deleted : C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\searchplugins\Conduit.xml
[-] File Deleted : C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\searchplugins\MyStart Search.xml
[-] File Deleted : C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\user.js
[-] File Deleted : C:\Documents and Settings\Jess\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_www.hydroflask.com_0.localstorage
[-] File Deleted : C:\Documents and Settings\Jess\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_www.hydroflask.com_0.localstorage-journal
[-] File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
[-] File Deleted : C:\WINDOWS\system32\ImhxxpComm.dll
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3067892
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3310511
[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\banjjklfojcdbofbhbgiedekefohoaff
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\banjjklfojcdbofbhbgiedekefohoaff
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4E3E0F8-CD30-4380-8CE9-B96904BDEFCA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Key Deleted : HKCU\Software\AVG Security Toolbar
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\IM
[-] Key Deleted : HKCU\Software\ImInstaller
[-] Key Deleted : HKCU\Software\SweetIM
[-] Key Deleted : HKCU\Software\WNLT
[-] Key Deleted : HKCU\Software\Yahoo\Companion
[-] Key Deleted : HKCU\Software\Yahoo\YFriendsBar
[-] Key Deleted : HKCU\Software\YahooPartnerToolbar
[-] Key Deleted : HKCU\Software\Zugo
[-] Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\MetaStream
[-] Key Deleted : HKLM\SOFTWARE\SweetIM
[-] Key Deleted : HKLM\SOFTWARE\Viewpoint
[-] Key Deleted : HKLM\SOFTWARE\WNLT
[-] Key Deleted : HKLM\SOFTWARE\Yahoo\Companion
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WNLT
[-] Key Deleted : HKU\.DEFAULT\Software\AVG Secure Search
[-] Key Deleted : HKU\.DEFAULT\Software\AVG Security Toolbar
[-] Key Deleted : HKU\.DEFAULT\Software\IGearSettings
[-] Key Deleted : HKU\.DEFAULT\Software\IM
[-] Key Deleted : HKU\.DEFAULT\Software\SweetIM
[-] Key Deleted : HKU\.DEFAULT\Software\WNLT
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9B5AC51A-8E14-42FD-A3F8-16B6B1FBA64D}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ROC_roc_dec12]
[-] Value Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run [SearchProtect]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
 
***** [ Web browsers ] *****
 
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.FF19Solved", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.FirstTime", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.FirstTimeFF3", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.UserID", "UN13304685642362156");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.addressUrlXPETakeover", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.autoDisableScopes", 0);
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.browser.search.defaultthis.engineName", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.defaultSearch", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.defaultSearchXPETakeover", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.enableAlerts", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.enableSearchFromAddressBar", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.fixPageNotFoundError", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.fixUrls", true);
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.installDate", "6/5/2013 19:07:58");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.installId", "stub.exe");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.installSessionId", "{24BADFBB-067F-480E-A5A1-BCE5F9764678}");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.installSp", "TRUE");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.installType", "conduitnsisintegration");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.installUsage", "6/5/2013 19:09:55");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.installUsageEarly", "6/5/2013 19:09:55");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.installerVersion", "1.4.1.3");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.isCheckedStartAsHidden", true);
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.keyword", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.lastVersion", "10.15.2.23");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.migrateAppsAndComponents", true);
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.openThankYouPage", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.openUninstallPage", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.revertSettingsEnabled", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.searchRevert", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.searchUserMode", "2");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.settingsINI", true);
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.shouldFirstTimeDialog", "false");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.smartbar.CTID", "CT3067892");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.smartbar.Uninstall", "0");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.smartbar.homepage", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.smartbar.toolbarName", "Miniclip ");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.startPage", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.startPageXPETakeover", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892.versionFromInstaller", "10.15.2.23");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3067892_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1380661894574,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.FF19Solved", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.FirstTime", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.FirstTimeFF3", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.UserID", "UN34154661662186126");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.browser.search.defaultthis.engineName", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.defaultSearch", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.enableAlerts", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.enableSearchFromAddressBar", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.fixPageNotFoundError", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.fullUserID", "UN34154661662186126.IN.20130926233322");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.installDate", "26/09/2013 23:33:49");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.installId", "cid105");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.installSessionId", "{8F8BCA58-51D1-4CD4-817C-276EEEC3C437}");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.installSp", "TRUE");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.installType", "conduitnsisintegration");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.installerVersion", "1.7.1.4");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.isCheckedStartAsHidden", true);
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.keyword", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.lastVersion", "10.20.1.8");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.openThankYouPage", "false");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.openUninstallPage", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3067892&octid=CT3067892&SearchSource=61&CUI=UN13304685642362156&UM=2&UP=SP001D0A1C-D299-43E9-81BE-8F381AA72A6F");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3067892&SearchSource=2&CUI=UN13304685642362156&UM=2&q=");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.originalSearchEngine", "Miniclip Customized Web Search");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.originalSearchEngineName", "");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.revertSettingsEnabled", "false");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.searchRevert", "false");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.searchUserMode", "2");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.settingsINI", true);
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.shouldFirstTimeDialog", "false");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.smartbar.CTID", "CT3310511");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.smartbar.Uninstall", "0");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.smartbar.homepage", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.smartbar.toolbarName", "SweetPacks ");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.startPage", "true");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.versionFromInstaller", "10.20.1.8");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511.xpeMode", "0");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("CT3310511_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1380661895343,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3067892&SearchSource=2&CUI=UN13304685642362156&UM=2&q=");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("browser.search.defaultthis.engineName", "SweetPacks Customized Web Search");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3310511&CUI=UN34154661662186126&UM=2&SearchSource=3&q={searchTerms}");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("browser.search.selectedEngine", "MyStart Search");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3310511");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3067892&CUI=UN13304685642362156&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3067892&octid=CT3067892&SearchSource[...]
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3067892&SearchSource=2&CUI=UN13304685642362156&UM=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?cti[...]
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3310511");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3310511");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("smartbar.machineId", "L19SXWCQFHESPWX1JAQDZ70B6VWOTXWQK0XT8S5VKF9GXXQML7X0SPVYFIC8LFUMIBZV+JULYOJTBVRJ7Z/UGQ");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("smartbar.originalHomepage", "about:home");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3067892&SearchSource=2&CUI=UN13304685642362156&UM=2&q=");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("smartbar.originalSearchEngine", "");
[-] [C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\prefs.js] [Preference] Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3310511&SearchSource=2&CUI=UN34154661662186126&UM=2&q=");
[-] [C:\Documents and Settings\Jess\Local Settings\Application Data\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : banjjklfojcdbofbhbgiedekefohoaff
 
*************************
 
:: "Tracing" keys removed
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [30356 bytes] ##########

#11 naughtyeyes

naughtyeyes
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
    •  
  • Local time:01:49 PM

Posted 13 February 2016 - 09:03 PM

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
 
Database version:
  main:    v2016.02.12.01
  rootkit: v2016.02.08.01
 
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Jess :: JESSICA [administrator]
 
2/11/2016 10:13:06 PM
mbar-log-2016-02-11 (22-13-06).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 371988
Time elapsed: 1 hour(s), 11 minute(s), 33 second(s)
 
Memory Processes Detected: 1
C:\WINDOWS\system32\dmwu.exe (Adware.InstallBrain) -> 2604 -> Delete on reboot. [b8198fd0465362d43ce1465262a1c63a]
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 9
HKLM\SOFTWARE\CLASSES\TYPELIB\{E24211B3-A78A-C6A9-D317-70979ACE5058} (Trojan.FakeAlert) -> Delete on reboot. [973a37280d8c3bfbe98ea7e5877b54ac]
HKU\S-1-5-21-2025429265-776561741-1177238915-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Delete on reboot. [d2ffb5aadcbdb38313ad513c47bb7987]
HKLM\SOFTWARE\Refog Software (Trojan.RefogKeyLogger) -> Delete on reboot. [b41d4718a2f795a116e062ad7b8938c8]
HKLM\SOFTWARE\CLASSES\XML.XML (Trojan.FakeAlert) -> Delete on reboot. [22af57081e7b58de5078064a55ae29d7]
HKLM\SOFTWARE\CLASSES\XML.XML.1 (Trojan.FakeAlert) -> Delete on reboot. [468be47b9306c86e794fed63fc076f91]
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IBUpdaterService (Adware.InstallBrain) -> Delete on reboot. [b8198fd0465362d43ce1465262a1c63a]
HKU\S-1-5-21-2025429265-776561741-1177238915-1003\SOFTWARE\Cognac (Rogue.Multiple) -> Delete on reboot. [17ba2c330099df57b0d797ba50b35ca4]
HKU\S-1-5-21-2025429265-776561741-1177238915-1003\SOFTWARE\ColdWare (Trojan.Agent.Trace) -> Delete on reboot. [3a97ff60d1c8c96d760f150b798b7a86]
HKU\S-1-5-21-2025429265-776561741-1177238915-1003\SOFTWARE\XML (Trojan.FakeAlert) -> Delete on reboot. [ddf4b8a746532b0b878f78e24ab941bf]
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 11
C:\Documents and Settings\All Users\Application Data\MPK (Trojan.RefogKeyLogger) -> Delete on reboot. [01d0ce912c6d72c49f3a1cc837cb7c84]
C:\Documents and Settings\All Users\Application Data\MPK\1 (Trojan.RefogKeyLogger) -> Delete on reboot. [01d0ce912c6d72c49f3a1cc837cb7c84]
C:\Documents and Settings\All Users\Application Data\MPK\2 (Trojan.RefogKeyLogger) -> Delete on reboot. [01d0ce912c6d72c49f3a1cc837cb7c84]
C:\Documents and Settings\All Users\Application Data\MPK\CPDM (Trojan.RefogKeyLogger) -> Delete on reboot. [01d0ce912c6d72c49f3a1cc837cb7c84]
C:\Documents and Settings\All Users\Application Data\MPK\REFOG Keylogger (Trojan.RefogKeyLogger) -> Delete on reboot. [01d0ce912c6d72c49f3a1cc837cb7c84]
C:\WINDOWS\system32\MPK (Trojan.RefogKeyLogger) -> Delete on reboot. [a130322d5c3de74f8b50b92bf30f52ae]
C:\WINDOWS\system32\MPK\Help (Trojan.RefogKeyLogger) -> Delete on reboot. [a130322d5c3de74f8b50b92bf30f52ae]
C:\WINDOWS\system32\MPK\Help\English (Trojan.RefogKeyLogger) -> Delete on reboot. [a130322d5c3de74f8b50b92bf30f52ae]
C:\WINDOWS\system32\MPK\Help\German (Trojan.RefogKeyLogger) -> Delete on reboot. [a130322d5c3de74f8b50b92bf30f52ae]
C:\WINDOWS\system32\MPK\Help\Spanish (Trojan.RefogKeyLogger) -> Delete on reboot. [a130322d5c3de74f8b50b92bf30f52ae]
C:\WINDOWS\system32\MPK\Images (Trojan.RefogKeyLogger) -> Delete on reboot. [a130322d5c3de74f8b50b92bf30f52ae]
 
Files Detected: 3171
C:\WINDOWS\system32\dmwu.exe (Adware.InstallBrain) -> Delete on reboot. [b8198fd0465362d43ce1465262a1c63a]
C:\Documents and Settings\All Users\Application Data\MPK\key.bin (Trojan.RefogKeyLogger) -> Delete on reboot. [01d0ce912c6d72c49f3a1cc837cb7c84]
C:\Documents and Settings\All Users\Application Data\MPK\M0000 (Trojan.RefogKeyLogger) -> Delete on reboot. [01d0ce912c6d72c49f3a1cc837cb7c84]
C:\Documents and Settings\All Users\Application Data\MPK\S0000 (Trojan.RefogKeyLogger) -> Delete on reboot. [01d0ce912c6d72c49f3a1cc837cb7c84]
C:\Documents and Settings\All Users\Application Data\MPK\1\I40529_0117860069 (Trojan.RefogKeyLogger) -> Delete on reboot. [01d0ce912c6d72c49f3a1cc837cb7c84]
C:\Documents and Settings\All Users\Application Data\MPK\1\I40529_0118348380 (Trojan.RefogKeyLogger) -> Delete on reboot. [01d0ce912c6d72c49f3a1cc837cb7c84]
C:\Documents and Settings\All Users\Application Data\MPK\1\I40529_0118731713 (Trojan.RefogKeyLogger) -> Delete on reboot. [01d0ce912c6d72c49f3a1cc837cb7c84]
C:\Documents and Settings\All Users\Application Data\MPK\1\I40529_0119739120 (Trojan.RefogKeyLogger) -> Delete on reboot. [01d0ce912c6d72c49f3a1cc837cb7c84]
C:\Documents and Settings\All Users\Application Data\MPK\1\I40529_0120339468 (Trojan.RefogKeyLogger) -> Delete on reboot. [01d0ce912c6d72c49f3a1cc837cb7c84]
C:\Documents and Settings\All Users\Application Data\MPK\1\I40529_0120513079 (Trojan.RefogKeyLogger) -> Delete on reboot. [01d0ce912c6d72c49f3a1cc837cb7c84]
C:\Documents and Settings\All Users\Application Data\MPK\1\I40529_0122647106 (Trojan.RefogKeyLogger) -> Delete on reboot. [01d0ce912c6d72c49f3a1cc837cb7c84]
C:\Documents and Settings\All Users\Application Data\MPK\1\I40529_0122987037 (Trojan.RefogKeyLogger) -> Delete on reboot. [01d0ce912c6d72c49f3a1cc837cb7c84]
C:\Documents and Settings\All Users\Application Data\MPK\1\I40529_0123412037 (Trojan.RefogKeyLogger) -> Delete on reboot. [01d0ce912c6d72c49f3a1cc837cb7c84]
C:\Documents and Settings\All Users\Application Data\MPK\1\I40529_0129222569 (Trojan.RefogKeyLogger) -> Delete on reboot. [01d0ce912c6d72c49f3a1cc837cb7c84]
C:\Documents and Settings\All Users\Application Data\MPK\1\I40529_0129316667 (Trojan.RefogKeyLogger) -> Delete on reboot. [01d0ce912c6d72c49f3a1cc837cb7c84]
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)
 
 
 
I left out a huge chunk of this log. It would not let me post it all.  All of the lines were nearly identical to the ones above. 

#12 naughtyeyes

naughtyeyes
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
    •  
  • Local time:01:49 PM

Posted 13 February 2016 - 09:12 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Microsoft Windows XP x86 
Ran by Jess (Administrator) on Sat 02/13/2016 at 21:07:18.25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 9 
 
Successfully deleted: C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\extensions\{1c68c940-1b2f-46eb-bd8c-2e1612ff6a58}\chrome\CT3067892 (Folder) 
Successfully deleted: C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\extensions\{7e8a1050-cf67-4575-92df-dcc60e7d952d} (Folder) 
Successfully deleted: C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\ke6lolob.default\extensions\{7e8a1050-cf67-4575-92df-dcc60e7d952d}\chrome\CT3310511 (Folder) 
Successfully deleted: C:\Documents and Settings\Jess\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic (Folder) 
Successfully deleted: C:\Program Files\mozilla firefox\defaults\pref\itms.js (File) 
Successfully deleted: C:\Program Files\mozilla firefox\plugins\npcouponprinter.dll (File) 
Successfully deleted: C:\Program Files\mozilla firefox\plugins\npmozcouponprinter.dll (File) 
Successfully deleted: C:\WINDOWS\couponprinter.ocx (File) 
Successfully deleted: C:\WINDOWS\prefetch\GOOGLETOOLBARNOTIFIER.EXE-0047A1C5.pf (File) 
 
 
 
Registry: 2 
 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value) 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 02/13/2016 at 21:11:02.07
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#13 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Germany
  • Local time:08:49 PM

Posted 14 February 2016 - 11:07 AM

Download ComboFix from the following location:
Link

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

CF_RC_notice.png
  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
cfRC_screen_2.png
  • Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

Enable your antivirus!

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.

#14 RolandJS

RolandJS

  • Members
  • 4,533 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:01:49 PM

Posted 14 February 2016 - 11:17 AM

Someone mentioned that nonEXEcutables probably pose no danger, anyone remember Word macro malware?

As someone posted earlier, check all files on old computer just before making the Copy [or Move].


"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)

Back to Am I infected? What do I do?


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Security
  3. Am I infected? What do I do?
  4. Privacy Policy
  5. Rules ·