Event type mptlemetry, p1 80024402c p2 endsearch p3 search p4 1.1.1593.0 p5 mpsidwn.dll p6 1.1.1593.

Inactive-A
By Joanne montanez
Jun 8, 2013
Topic Status:
Not open for further replies.
  1. Hi
    my computer is slow and I can not connect to the internet, I'm writing from my son's computer
    the title above is error my event viewer gives now and there are a few
    EVENT
    DATE:6/8/2013 SOURCE: MPSAMPLESUBMISSION
    TIME:8:51:46AM CATEGORY NONE
    TYPE:ERROR EVENT ID: 5000
    USER:N/A
    COMPUTER: HOME-52DC6E4B98
    DESCRIPTION
    :event type mptlemetry, p1 80024402c p2 endsearch p3 search p4 1.1.1593.0 p5 mpsidwn.dll p6 1.1.1593.0 p7 windows defender p8 nil p9 nil p10 nil
    0000: 0070006D 00650074 0065006C 0065006D
    0010: 00720074 002C0079 00380020 00320030
    0020: 00340034 00320030 002C0063 00650020
    0030: 0064006E 00650073 00720061 00680063
    0040: 0020002C 00650073 00720061 00680063
    0050: 0020002C 002E0031 002E0031 00350031
    0060: 00330039 0030002E 0020002C 0070006D
    0070: 00690073 00640067 006E0077 0064002E
    0080: 006C006C 0020002C 002E0031 002E0031
    0090: 00350031 00330039 0030002E 0020002C
    00A0: 00690077 0064006E 0077006F 00200073
    00B0: 00650064 00650066 0064006E 00720065
    00C0: 0020002C 0049004E 002C004C 004E0020
    00D0:004C0049 004E0020 004C0049 000A000D
    I run malaware nothing
    my antivirus titanium nothing
    so I'm pretty desperate at this moment
  2. Broni

    Broni Malware Annihilator Posts: 46,153   +251

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    =====================================

    Please download Farbar Service Scanner Download Link and run it on the computer with the issue.
    • Make sure the following options are checked:
      • Internet Services
      • Windows Firewall
      • System Restore
      • Security Center/Action Center
      • Windows Update
      • Windows Defender
      • Other Services
    • Press "Scan".
    • It will create a log (FSS.txt) in the same directory the tool is run.
    • Please copy and paste the log to your reply.
  3. Joanne montanez

    Joanne montanez Newcomer, in training Topic Starter Posts: 33

    Sorry for the delay everything on my computer takes forever to run and I was finishing windows defender that it took 12 hours to finish and now to make things worst I can not longer have internet connection on my computer it says limited or no connectivity
    I run FSS twice these are the logs
    Farbar Service Scanner Version: 31-05-2013 01

    Ran by home (administrator) on 08-06-2013 at 22:16:39

    Running from "G:\"

    Microsoft Windows XP Service Pack 3 (X86)

    Boot Mode: Normal

    ****************************************************************



    Internet Services:

    ============



    Connection Status:

    ==============

    Localhost is accessible.

    There is no connection to network.

    Attempt to access Google IP returned error. Google IP is unreachable

    Attempt to access Google.com returned error: Other errors

    Attempt to access Yahoo IP returned error. Yahoo IP is unreachable

    Attempt to access Yahoo.com returned error: Other errors





    Windows Firewall:

    =============



    Firewall Disabled Policy:

    ==================





    System Restore:

    ============



    System Restore Disabled Policy:

    ========================





    Security Center:

    ============





    Windows Update:

    ============



    Windows Autoupdate Disabled Policy:

    ============================





    File Check:

    ========

    C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit

    C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit

    C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit

    C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit

    C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit

    C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit

    C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit

    C:\WINDOWS\system32\netman.dll => MD5 is legit

    C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit

    C:\WINDOWS\system32\srsvc.dll => MD5 is legit

    C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit

    C:\WINDOWS\system32\wscsvc.dll => MD5 is legit

    C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit

    C:\WINDOWS\system32\wuauserv.dll => MD5 is legit

    C:\WINDOWS\system32\qmgr.dll => MD5 is legit

    C:\WINDOWS\system32\es.dll => MD5 is legit

    C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit

    C:\WINDOWS\system32\svchost.exe => MD5 is legit

    C:\WINDOWS\system32\rpcss.dll => MD5 is legit

    C:\WINDOWS\system32\services.exe => MD5 is legit



    Extra List:

    =======

    Gpc(3) IPSec(5) NetBT(6) NwlnkIpx(9) NwlnkNb(10) PSched(7) Tcpip(4) tcpipBM(11)

    0x0B00000005000000010000000200000003000000040000000B0000000C0000000600000007000000090000000A000000

    IpSec Tag value is correct.



    **** End of log ****

    Farbar Service Scanner Version: 31-05-2013 01

    Ran by home (administrator) on 08-06-2013 at 22:20:54

    Running from "G:\"

    Microsoft Windows XP Service Pack 3 (X86)

    Boot Mode: Normal

    ****************************************************************



    Internet Services:

    ============



    Connection Status:

    ==============

    Localhost is accessible.

    There is no connection to network.

    Attempt to access Google IP returned error. Google IP is unreachable

    Attempt to access Google.com returned error: Other errors

    Attempt to access Yahoo IP returned error. Yahoo IP is unreachable

    Attempt to access Yahoo.com returned error: Other errors





    Windows Firewall:

    =============



    Firewall Disabled Policy:

    ==================





    System Restore:

    ============



    System Restore Disabled Policy:

    ========================





    Security Center:

    ============





    Windows Update:

    ============



    Windows Autoupdate Disabled Policy:

    ============================





    File Check:

    ========

    C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit

    C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit

    C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit

    C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit

    C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit

    C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit

    C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit

    C:\WINDOWS\system32\netman.dll => MD5 is legit

    C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit

    C:\WINDOWS\system32\srsvc.dll => MD5 is legit

    C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit

    C:\WINDOWS\system32\wscsvc.dll => MD5 is legit

    C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit

    C:\WINDOWS\system32\wuauserv.dll => MD5 is legit

    C:\WINDOWS\system32\qmgr.dll => MD5 is legit

    C:\WINDOWS\system32\es.dll => MD5 is legit

    C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit

    C:\WINDOWS\system32\svchost.exe => MD5 is legit

    C:\WINDOWS\system32\rpcss.dll => MD5 is legit

    C:\WINDOWS\system32\services.exe => MD5 is legit



    Extra List:

    =======

    Gpc(3) IPSec(5) NetBT(6) NwlnkIpx(9) NwlnkNb(10) PSched(7) Tcpip(4) tcpipBM(11)

    0x0B00000005000000010000000200000003000000040000000B0000000C0000000600000007000000090000000A000000

    IpSec Tag value is correct.



    **** End of log ****
  4. Broni

    Broni Malware Annihilator Posts: 46,153   +251

    The above looks normal. Except for no internet connection.

    Please download Farbar Recovery Scan Tool and save it to your desktop.

    Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
  5. Joanne montanez

    Joanne montanez Newcomer, in training Topic Starter Posts: 33

    I made a mistake disabiling my usb port and do not know how to enable again to run Fabar, wwould you please let know how to?
  6. Joanne montanez

    Joanne montanez Newcomer, in training Topic Starter Posts: 33

    Never mind I find it
  7. Joanne montanez

    Joanne montanez Newcomer, in training Topic Starter Posts: 33

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-06-2013

    Ran by home (administrator) on 08-06-2013 23:14:51

    Running from G:\

    Microsoft Windows XP Service Pack 3 (X86) OS Language: English(US)

    Internet Explorer Version 8

    Boot Mode: Normal



    ==================== Processes (Whitelisted) ===================



    (Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe

    (Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe

    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    (Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe

    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

    (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe

    (PCtel, Inc.) C:\WINDOWS\system32\pctspk.exe

    (Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

    () C:\Program Files\SoftwareUpdater\UpdaterService.exe

    () C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe

    (Seagate Technology LLC) C:\Program Files\Seagate Replica\bin\ReplicaSysMon.exe

    (Seagate Technology LLC) C:\Program Files\Seagate Replica\bin\Seagate-Replica-Svc.exe

    (Seagate Technology LLC) C:\Program Files\Seagate Replica\bin\Seagate-Replica-Autoplay.exe

    (Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe

    (Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe

    (Seagate Technology LLC) C:\Program Files\Seagate Replica\bin\Seagate-Replica-Tray.exe

    (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe

    () C:\Program Files\SoftwareUpdater\AppsUpdater.exe

    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe

    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

    (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe



    ==================== Registry (Whitelisted) ==================



    HKLM\...\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe [77824 2005-09-20] (Intel Corporation)

    HKLM\...\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe [114688 2005-09-20] (Intel Corporation)

    HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)

    HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)

    HKLM\...\Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL "" [1304296 2012-12-18] (Trend Micro Inc.)

    HKLM\...\Run: [AT&T Communication Manager] "C:\Program Files\AT&T\Communication Manager\ATTCM.exe" -a [883272 2010-07-15] (ATT)

    HKLM\...\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [133424 2012-02-27] (Trend Micro Inc.)

    MountPoints2: D - D:\WIN\setup.exe

    MountPoints2: {86259900-cfd9-11e2-ae3b-0040f4b1ff29} - D:\WIN\setup.exe

    MountPoints2: {d90283c2-c804-11e2-ae28-ddbddd7d607a} - D:\autorun.exe

    HKU\Administrator\...\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [ 2006-10-09] (Nero AG)

    HKU\Default User\...\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [ 2006-10-09] (Nero AG)

    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk

    ShortcutTarget: Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)

    Startup: C:\Documents and Settings\home\Start Menu\Programs\Startup\Seagate Product Registration.lnk

    ShortcutTarget: Seagate Product Registration.lnk -> C:\Documents and Settings\home\Application Data\Leadertech\PowerRegister\Seagate Product Registration.exe (Leader Technologies/Seagate)

    Startup: C:\Documents and Settings\home\Start Menu\Programs\Startup\tcbhn.lnk

    ShortcutTarget: tcbhn.lnk -> C:\Documents and Settings\home\Application Data\BrowserCompanion\tcbhn.exe (No File)

    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)



    ==================== Internet (Whitelisted) ====================



    ProxyServer: 169.254.103.158:80

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/

    HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com

    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

    SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

    SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://search.certified-toolbar.com?si=41460&bs=true&tid=592&q={searchTerms}

    SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.certified-toolbar.com?si=41460&bs=true&tid=592&q={searchTerms}

    SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

    SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =

    SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =

    BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

    BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)

    BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

    BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)

    BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

    BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

    BHO: AlterGeoBHO Class - {9BFBA68E-E21B-458E-AE12-FE85E903D2C1} - C:\Program Files\AlterGeo\AlterGeo Magic Scanner\3.2.1.742\AlterGeo.BrowserPlugin.dll (Wi2Geo)

    BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll (Trend Micro Inc.)

    BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

    BHO: AlxHelper Class - {F443A627-5009-4323-9C1D-7FD598D0D712} - C:\Program Files\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)

    Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

    Toolbar: HKLM - Amazon Browser Bar - {EA582743-9076-4178-9AA6-7393FDF4D5CE} - C:\Program Files\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)

    Toolbar: HKCU -No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

    Toolbar: HKCU -No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

    Toolbar: HKCU -No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

    Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

    Toolbar: HKCU -No Name - {09900DE8-1DCA-443F-9243-26FF581438AF} - No File

    Toolbar: HKCU -No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File

    DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab

    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab

    Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

    Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

    Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll (Trend Micro Inc.)

    Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)

    ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\PROGRA~1\WIFD1F~1\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)

    ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)

    Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

    Winsock: Catalog5 05 %SystemRoot%\System32\nwprovau.dll [142336] (Microsoft Corporation)

    Winsock: Catalog9 01 bmnet.dll [142336] (Microsoft Corporation)

    Winsock: Catalog9 02 bmnet.dll [142336] (Microsoft Corporation)

    Winsock: Catalog9 03 bmnet.dll [142336] (Microsoft Corporation)

    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt



    FireFox:

    ========

    FF ProfilePath: C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default

    FF SearchEngine: Bing

    FF Homepage: hxxp://www.mystart.com/?pr=vmn&id=yolobartb&v=1_0&ent=hp

    FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

    FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

    FF Plugin: google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)

    FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

    FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

    FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

    FF Extension: Babylon - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\ffxtlbr@babylon.com

    FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}

    FF Extension: ??????? @Mail.Ru - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}

    FF Extension: Yahoo! Toolbar - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

    FF Extension: Playdom Community Toolbar - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\{69d1a568-ffdf-4ef5-8919-7003582e0ee8}

    FF Extension: Zynga Community Toolbar - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}

    FF Extension: Adobe DLM (powered by getPlus(R)) - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}

    FF Extension: personas - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\personas@christopher.beard.xpi

    FF Extension: No Name - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\{5C46D283-ABDE-4dce-B83C-08881401921C}.xpi

    FF Extension: No Name - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi



    ========================== Services (Whitelisted) =================



    R2 Akamai; c:\program files\common files\akamai/netsession_win_ca0e279.dll [4561152 2013-03-27] (Akamai Technologies, Inc.)

    S3 ATTRcAppSvc; C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe [121416 2010-07-15] (SmithMicro Inc.)

    R2 NwSapAgent; C:\Windows\System32\ipxsap.dll [66560 2004-08-04] (Microsoft Corporation)

    R2 Pctspk; C:\Windows\system32\pctspk.exe [86016 2001-08-17] (PCtel, Inc.)

    R2 ReplicaSysMon; C:\Program Files\Seagate Replica\bin\ReplicaSysMon.exe [416208 2010-06-08] (Seagate Technology LLC)

    R2 Seagate-Replica-Svc; C:\Program Files\Seagate Replica\bin\Seagate-Replica-Svc.exe [1947600 2010-06-08] (Seagate Technology LLC)

    R2 SrvUpdater; C:\Program Files\SoftwareUpdater\UpdaterService.exe [31744 2013-02-18] ()

    R2 Updater Service for AMZN; C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe [222368 2012-05-22] ()

    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)

    R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad [x]

    S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]

    S2 BrowserProtect; C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [x]

    R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" [x]



    ==================== Drivers (Whitelisted) ====================
  8. Joanne montanez

    Joanne montanez Newcomer, in training Topic Starter Posts: 33

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-06-2013

    Ran by home (administrator) on 08-06-2013 23:14:51

    Running from G:\

    Microsoft Windows XP Service Pack 3 (X86) OS Language: English(US)

    Internet Explorer Version 8

    Boot Mode: Normal



    ==================== Processes (Whitelisted) ===================



    (Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe

    (Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe

    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    (Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe

    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

    (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe

    (PCtel, Inc.) C:\WINDOWS\system32\pctspk.exe

    (Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

    () C:\Program Files\SoftwareUpdater\UpdaterService.exe

    () C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe

    (Seagate Technology LLC) C:\Program Files\Seagate Replica\bin\ReplicaSysMon.exe

    (Seagate Technology LLC) C:\Program Files\Seagate Replica\bin\Seagate-Replica-Svc.exe

    (Seagate Technology LLC) C:\Program Files\Seagate Replica\bin\Seagate-Replica-Autoplay.exe

    (Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe

    (Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe

    (Seagate Technology LLC) C:\Program Files\Seagate Replica\bin\Seagate-Replica-Tray.exe

    (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe

    () C:\Program Files\SoftwareUpdater\AppsUpdater.exe

    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe

    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

    (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe



    ==================== Registry (Whitelisted) ==================



    HKLM\...\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe [77824 2005-09-20] (Intel Corporation)

    HKLM\...\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe [114688 2005-09-20] (Intel Corporation)

    HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)

    HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)

    HKLM\...\Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL "" [1304296 2012-12-18] (Trend Micro Inc.)

    HKLM\...\Run: [AT&T Communication Manager] "C:\Program Files\AT&T\Communication Manager\ATTCM.exe" -a [883272 2010-07-15] (ATT)

    HKLM\...\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [133424 2012-02-27] (Trend Micro Inc.)

    MountPoints2: D - D:\WIN\setup.exe

    MountPoints2: {86259900-cfd9-11e2-ae3b-0040f4b1ff29} - D:\WIN\setup.exe

    MountPoints2: {d90283c2-c804-11e2-ae28-ddbddd7d607a} - D:\autorun.exe

    HKU\Administrator\...\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [ 2006-10-09] (Nero AG)

    HKU\Default User\...\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [ 2006-10-09] (Nero AG)

    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk

    ShortcutTarget: Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)

    Startup: C:\Documents and Settings\home\Start Menu\Programs\Startup\Seagate Product Registration.lnk

    ShortcutTarget: Seagate Product Registration.lnk -> C:\Documents and Settings\home\Application Data\Leadertech\PowerRegister\Seagate Product Registration.exe (Leader Technologies/Seagate)

    Startup: C:\Documents and Settings\home\Start Menu\Programs\Startup\tcbhn.lnk

    ShortcutTarget: tcbhn.lnk -> C:\Documents and Settings\home\Application Data\BrowserCompanion\tcbhn.exe (No File)

    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)



    ==================== Internet (Whitelisted) ====================



    ProxyServer: 169.254.103.158:80

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/

    HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com

    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

    SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

    SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://search.certified-toolbar.com?si=41460&bs=true&tid=592&q={searchTerms}

    SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.certified-toolbar.com?si=41460&bs=true&tid=592&q={searchTerms}

    SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

    SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =

    SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =

    BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

    BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)

    BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

    BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)

    BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

    BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

    BHO: AlterGeoBHO Class - {9BFBA68E-E21B-458E-AE12-FE85E903D2C1} - C:\Program Files\AlterGeo\AlterGeo Magic Scanner\3.2.1.742\AlterGeo.BrowserPlugin.dll (Wi2Geo)

    BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll (Trend Micro Inc.)

    BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

    BHO: AlxHelper Class - {F443A627-5009-4323-9C1D-7FD598D0D712} - C:\Program Files\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)

    Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

    Toolbar: HKLM - Amazon Browser Bar - {EA582743-9076-4178-9AA6-7393FDF4D5CE} - C:\Program Files\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)

    Toolbar: HKCU -No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

    Toolbar: HKCU -No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

    Toolbar: HKCU -No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

    Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

    Toolbar: HKCU -No Name - {09900DE8-1DCA-443F-9243-26FF581438AF} - No File

    Toolbar: HKCU -No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File

    DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab

    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab

    Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

    Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

    Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll (Trend Micro Inc.)

    Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)

    ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\PROGRA~1\WIFD1F~1\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)

    ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)

    Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

    Winsock: Catalog5 05 %SystemRoot%\System32\nwprovau.dll [142336] (Microsoft Corporation)

    Winsock: Catalog9 01 bmnet.dll [142336] (Microsoft Corporation)

    Winsock: Catalog9 02 bmnet.dll [142336] (Microsoft Corporation)

    Winsock: Catalog9 03 bmnet.dll [142336] (Microsoft Corporation)

    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
  9. Joanne montanez

    Joanne montanez Newcomer, in training Topic Starter Posts: 33

    FireFox:

    ========

    FF ProfilePath: C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default

    FF SearchEngine: Bing

    FF Homepage: hxxp://www.mystart.com/?pr=vmn&id=yolobartb&v=1_0&ent=hp

    FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

    FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

    FF Plugin: google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)

    FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

    FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

    FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

    FF Extension: Babylon - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\ffxtlbr@babylon.com

    FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}

    FF Extension: ??????? @Mail.Ru - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}

    FF Extension: Yahoo! Toolbar - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

    FF Extension: Playdom Community Toolbar - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\{69d1a568-ffdf-4ef5-8919-7003582e0ee8}

    FF Extension: Zynga Community Toolbar - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}

    FF Extension: Adobe DLM (powered by getPlus(R)) - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}

    FF Extension: personas - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\personas@christopher.beard.xpi

    FF Extension: No Name - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\{5C46D283-ABDE-4dce-B83C-08881401921C}.xpi

    FF Extension: No Name - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi



    ========================== Services (Whitelisted) =================



    R2 Akamai; c:\program files\common files\akamai/netsession_win_ca0e279.dll [4561152 2013-03-27] (Akamai Technologies, Inc.)

    S3 ATTRcAppSvc; C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe [121416 2010-07-15] (SmithMicro Inc.)

    R2 NwSapAgent; C:\Windows\System32\ipxsap.dll [66560 2004-08-04] (Microsoft Corporation)

    R2 Pctspk; C:\Windows\system32\pctspk.exe [86016 2001-08-17] (PCtel, Inc.)

    R2 ReplicaSysMon; C:\Program Files\Seagate Replica\bin\ReplicaSysMon.exe [416208 2010-06-08] (Seagate Technology LLC)

    R2 Seagate-Replica-Svc; C:\Program Files\Seagate Replica\bin\Seagate-Replica-Svc.exe [1947600 2010-06-08] (Seagate Technology LLC)

    R2 SrvUpdater; C:\Program Files\SoftwareUpdater\UpdaterService.exe [31744 2013-02-18] ()

    R2 Updater Service for AMZN; C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe [222368 2012-05-22] ()

    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)

    R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad [x]

    S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]

    S2 BrowserProtect; C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [x]

    R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" [x]



    ==================== Drivers (Whitelisted) ====================



    R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-03-06] (AVAST Software)

    S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)

    R1 cdrbsvsd; C:\Windows\System32\Drivers\cdrbsvsd.sys [13566 2003-12-03] (B.H.A Corporation)

    S3 cmipci; C:\Windows\System32\drivers\cmipci.sys [37888 2007-11-21] (Dogbert)

    R3 cmpci; C:\Windows\System32\drivers\cmaudio.sys [377358 2002-11-18] (C-Media Inc)

    R3 FET5X86V; C:\Windows\System32\DRIVERS\fetnd5bv.sys [48128 2011-04-01] (VIA Technologies, Inc. )

    R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows (R) Server 2003 DDK provider)

    S3 ialm; C:\Windows\System32\DRIVERS\ialmnt5.sys [1302332 2005-09-20] (Intel Corporation)

    S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-13] (Microsoft Corporation)

    S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)

    R2 NwlnkIpx; C:\Windows\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-13] (Microsoft Corporation)

    R2 NwlnkNb; C:\Windows\System32\DRIVERS\nwlnknb.sys [63232 2004-08-04] (Microsoft Corporation)

    R2 NwlnkSpx; C:\Windows\System32\DRIVERS\nwlnkspx.sys [55936 2004-08-04] (Microsoft Corporation)

    R3 PCTINDIS5; C:\WINDOWS\system32\PCTINDIS5.SYS [32408 2010-07-15] (Smith Micro Inc.)

    S3 Ptserlp; C:\Windows\System32\DRIVERS\ptserlp.sys [112574 2001-08-17] (PCTEL, INC.)

    R1 sf; C:\Windows\System32\drivers\sf.sys [33183 2006-04-01] (Sonic Focus, Inc)

    S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-13] (Microsoft Corporation)

    S3 SONYPVU1; C:\Windows\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)

    R0 sptd; C:\Windows\System32\Drivers\sptd.sys [639224 2010-01-18] ()

    S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-13] (Microsoft Corporation)

    S3 swmsflt; C:\Windows\System32\drivers\swmsflt.sys [40408 2010-04-26] ()

    S3 SWNC8UA3; C:\Windows\System32\DRIVERS\swnc8ua3.sys [197504 2009-08-12] (Sierra Wireless Inc.)

    S3 SWUMXA3; C:\Windows\System32\DRIVERS\swumxa3.sys [148992 2009-07-22] (Sierra Wireless Inc.)

    S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2011-07-01] (The OpenVPN Project)

    S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [33512 2012-10-15] (AnchorFree Inc)

    R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [95224 2012-09-24] (Trend Micro Inc.)

    R1 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [257952 2012-09-24] (Trend Micro Inc.)

    R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [76648 2012-09-24] (Trend Micro Inc.)

    R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [92432 2011-08-02] (Trend Micro Inc.)

    R0 Vmodem; C:\Windows\System32\DRIVERS\vmodem.sys [604253 2001-08-17] (PCTEL, INC.)

    R0 Vpctcom; C:\Windows\System32\DRIVERS\vpctcom.sys [397502 2001-08-17] (PCtel, Inc.)

    R3 vvftav303; C:\Windows\System32\drivers\vvftav303.sys [480128 2007-06-23] (Vimicro Corporation)

    R0 Vvoice; C:\Windows\System32\DRIVERS\vvoice.sys [64605 2001-08-17] (PCtel, Inc.)

    S3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [27496 2013-01-25] (Wondershare)

    S3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [27496 2013-01-25] (Wondershare)

    S3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [27496 2013-01-25] (Wondershare)

    S3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [27496 2013-01-25] (Wondershare)

    S3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [27496 2013-01-25] (Wondershare)

    S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-13] (Microsoft Corporation)

    R3 ZSMC0303; C:\Windows\System32\Drivers\usbVM303.sys [1472768 2007-05-14] (Vimicro Corporation)

    S4 Abiosdsk; No ImagePath

    S4 abp480n5; No ImagePath

    S4 adpu160m; No ImagePath

    S4 Aha154x; No ImagePath

    S4 aic78u2; No ImagePath

    S4 aic78xx; No ImagePath

    S4 AliIde; No ImagePath

    S4 amsint; No ImagePath

    S4 asc; No ImagePath

    S4 asc3350p; No ImagePath

    S4 asc3550; No ImagePath

    S4 Atdisk; No ImagePath

    S4 cd20xrnt; No ImagePath

    S1 Changer; No ImagePath

    S4 CmdIde; No ImagePath

    S4 Cpqarray; No ImagePath

    U4 dac2w2k; No ImagePath

    S4 dac960nt; No ImagePath

    S4 dpti2o; No ImagePath

    S4 hpn; No ImagePath

    S1 i2omgmt; No ImagePath

    S4 i2omp; No ImagePath

    S4 ini910u; No ImagePath

    S0 jdro; System32\drivers\yyjglij.sys [x]

    S1 lbrtfdc; No ImagePath

    S4 mraid35x; No ImagePath

    S1 PCIDump; No ImagePath

    S3 PDCOMP; No ImagePath

    S3 PDFRAME; No ImagePath

    S3 PDRELI; No ImagePath

    S3 PDRFRAME; No ImagePath

    S4 perc2; No ImagePath

    S4 perc2hib; No ImagePath

    S4 ql1080; No ImagePath

    S4 Ql10wnt; No ImagePath

    S4 ql12160; No ImagePath

    S4 ql1240; No ImagePath

    S4 ql1280; No ImagePath

    S4 Simbad; No ImagePath

    S4 Sparrow; No ImagePath

    S4 symc810; No ImagePath

    S4 symc8xx; No ImagePath

    S4 sym_hi; No ImagePath

    S4 sym_u3; No ImagePath

    U2 TMAgent;

    S4 TosIde; No ImagePath

    S4 ultra; No ImagePath

    S4 ViaIde; No ImagePath

    S0 waytnjrc; System32\drivers\gdti.sys [x]

    S3 WDICA; No ImagePath



    ==================== NetSvcs (Whitelisted) ===================
  10. Joanne montanez

    Joanne montanez Newcomer, in training Topic Starter Posts: 33

    ==================== One Month Created Files and Folders ========



    2013-06-08 23:14 - 2013-06-08 23:14 - 00000000 ____D C:\FRST

    2013-06-08 23:05 - 2013-06-08 23:09 - 00013580 ____A C:\Windows\FaxSetup.log

    2013-06-08 23:05 - 2013-06-08 23:09 - 00007848 ____A C:\Windows\tsoc.log

    2013-06-08 23:05 - 2013-06-08 23:09 - 00004614 ____A C:\Windows\comsetup.log

    2013-06-08 23:05 - 2013-06-08 23:09 - 00003200 ____A C:\Windows\ntdtcsetup.log

    2013-06-08 23:05 - 2013-06-08 23:09 - 00001920 ____A C:\Windows\iis6.log

    2013-06-08 23:05 - 2013-06-08 23:09 - 00001891 ____A C:\Windows\imsins.log

    2013-06-08 23:05 - 2013-06-08 23:09 - 00000860 ____A C:\Windows\msgsocm.log

    2013-06-08 23:05 - 2013-06-08 23:09 - 00000850 ____A C:\Windows\ocmsn.log

    2013-06-08 23:05 - 2013-06-08 23:05 - 00001891 ____A C:\Windows\imsins.BAK

    2013-06-08 23:05 - 2013-06-08 23:05 - 00000000 ____A C:\Windows\setuperr.log

    2013-06-08 23:05 - 2013-06-08 23:05 - 00000000 ____A C:\Windows\setupact.log

    2013-06-08 23:04 - 2013-06-08 23:09 - 00011138 ____A C:\Windows\ocgen.log

    2013-06-08 22:18 - 2013-06-08 23:10 - 00003671 ____A C:\Windows\setupapi.log

    2013-06-08 08:33 - 2013-06-08 21:00 - 00000330 ___AH C:\Windows\Tasks\MP Scheduled Scan.job

    2013-06-08 08:23 - 2013-06-08 08:23 - 00049944 ____A C:\Documents and Settings\home\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

    2013-06-08 08:04 - 2013-06-08 08:04 - 00000000 ____D C:\Documents and Settings\NetworkService\Application Data\Bytemobile

    2013-06-08 08:00 - 2013-06-08 08:06 - 00000092 ____A C:\Windows\smartkeydiagnostics.txt

    2013-06-07 21:36 - 2013-06-07 21:36 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\Bytemobile

    2013-06-07 21:34 - 2013-06-07 21:34 - 00000000 ____D C:\Documents and Settings\home\Application Data\AT&T

    2013-06-07 21:32 - 2010-04-26 18:04 - 00040408 ____A C:\Windows\System32\Drivers\swmsflt.sys

    2013-06-07 21:29 - 2013-06-07 21:29 - 00001851 ____A C:\Documents and Settings\All Users\Desktop\at&t Communication Manager.lnk

    2013-06-07 21:29 - 2013-06-07 21:29 - 00000000 ____D C:\Program Files\Common Files\Motorola Shared

    2013-06-07 21:27 - 2013-06-07 21:27 - 00000000 ____D C:\Program Files\Common Files\Research In Motion

    2013-06-07 21:27 - 2013-06-07 21:27 - 00000000 ____D C:\Program Files\AT&T

    2013-06-07 21:27 - 2013-06-07 21:27 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\LG

    2013-06-07 21:27 - 2013-06-07 21:27 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AT&T

    2013-06-07 21:21 - 2013-06-07 21:22 - 00000000 ____D C:\Program Files\Sierra Wireless Inc

    2013-06-07 21:21 - 2013-06-07 21:21 - 00000000 ____D C:\Documents and Settings\home\Application Data\Sierra Wireless

    2013-06-06 21:14 - 2013-06-06 21:14 - 00000000 ____D C:\Documents and Settings\home\Local Settings\Application Data\Trend Micro

    2013-06-06 21:13 - 2013-06-06 21:13 - 00000932 ____A C:\Documents and Settings\home\Desktop\Trend Micro Titanium 2012.lnk

    2013-06-06 21:12 - 2013-06-06 21:12 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\Trend Micro

    2013-06-06 21:12 - 2012-09-24 22:01 - 00095224 ____A (Trend Micro Inc.) C:\Windows\System32\Drivers\tmactmon.sys

    2013-06-06 21:12 - 2012-09-24 22:00 - 00257952 ____A (Trend Micro Inc.) C:\Windows\System32\Drivers\tmcomm.sys

    2013-06-06 21:12 - 2012-09-24 22:00 - 00076648 ____A (Trend Micro Inc.) C:\Windows\System32\Drivers\tmevtmgr.sys

    2013-06-06 21:12 - 2011-08-02 16:33 - 00092432 ____A (Trend Micro Inc.) C:\Windows\System32\Drivers\tmtdi.sys

    2013-06-06 21:08 - 2013-06-06 21:08 - 00000056 ____A C:\Windows\System32\SupportTool.exe.bat

    2013-06-06 21:05 - 2013-06-07 21:51 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Trend Micro

    2013-06-06 21:05 - 2013-06-06 21:07 - 00000000 ____D C:\Program Files\Trend Micro

    2013-06-03 22:42 - 2013-06-03 23:15 - 00000000 ____D C:\Program Files\yolobartb

    2013-06-03 22:13 - 2013-06-03 22:13 - 00000000 ____D C:\Documents and Settings\home\Application Data\SpeedyPC Software

    2013-06-03 22:13 - 2013-06-03 22:13 - 00000000 ____D C:\Documents and Settings\home\Application Data\DriverCure

    2013-06-03 22:12 - 2013-06-03 23:16 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\SpeedyPC Software

    2013-06-03 22:09 - 2013-06-04 06:31 - 00065536 ____A C:\Windows\System32\config\WindowsPowerShell.evt

    2013-06-03 22:09 - 2013-06-03 22:09 - 00000000 ____D C:\Windows\System32\windowspowershell

    2013-06-03 22:08 - 2013-06-03 22:09 - 00000000 __HDC C:\Windows\$NtUninstallKB926139-v2$

    2013-06-02 12:08 - 2013-06-02 12:08 - 00524080 ____A C:\Documents and Settings\home\My Documents\system erroes.evt

    2013-06-02 12:06 - 2013-06-02 12:06 - 00238000 ____A C:\Documents and Settings\home\My Documents\errores.evt

    2013-06-02 09:46 - 2013-06-02 09:46 - 00000000 ___AH C:\Windows\System32\config\system.sav.LOG

    2013-06-02 09:46 - 2013-06-02 09:46 - 00000000 ___AH C:\Windows\System32\config\software.sav.LOG

    2013-06-02 09:44 - 2013-06-02 09:44 - 00000000 ___AH C:\Windows\System32\config\SECURITY.sav.LOG

    2013-06-02 09:44 - 2013-06-02 09:44 - 00000000 ___AH C:\Windows\System32\config\SAM.sav.LOG

    2013-06-02 09:40 - 2013-06-02 09:47 - 00002396 ____A C:\Windows\System32\ASOROSet.bin

    2013-06-02 09:39 - 2013-06-02 09:40 - 00000000 ____D C:\Windows\System32\config\RCCBakup

    2013-06-02 09:20 - 2013-06-02 09:20 - 00000724 ____A C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk

    2013-06-02 09:20 - 2013-06-02 09:20 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service

    2013-06-02 09:20 - 2013-06-02 09:20 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Mozilla

    2013-06-01 16:07 - 2013-06-01 16:07 - 00000000 ____D C:\Documents and Settings\home\Local Settings\Application Data\Amazon Browser Bar

    2013-06-01 16:06 - 2013-06-01 16:07 - 00000000 ____D C:\Program Files\Amazon Browser Bar

    2013-06-01 16:06 - 2013-06-01 16:06 - 00000000 ____D C:\Program Files\Amazon

    2013-06-01 16:05 - 2013-06-08 15:02 - 00000262 ____A C:\Windows\Tasks\RegClean Pro_DEFAULT.job

    2013-06-01 16:05 - 2013-06-01 16:05 - 00000270 ____A C:\Windows\Tasks\RegClean Pro_UPDATES.job

    2013-06-01 16:03 - 2013-06-01 16:03 - 00000725 ____A C:\Documents and Settings\All Users\Desktop\RegClean Pro.lnk

    2013-06-01 16:03 - 2013-06-01 16:03 - 00000000 ____D C:\Program Files\RegClean Pro

    2013-05-19 09:50 - 2013-05-19 09:51 - 00076974 ____A C:\Documents and Settings\home\My Documents\[Hamilton_Laurell_K]_A_Clean_Sweep(Bookos.org).epub

    2013-05-19 09:18 - 2013-05-19 09:29 - 00248856 ____A C:\Documents and Settings\home\My Documents\[Hamilton_Laurell_K]_Hamilton,_Laurell_-_Ravenloft(Bookos.org).lit

    2013-05-19 09:17 - 2013-05-19 09:28 - 00173187 ____A C:\Documents and Settings\home\My Documents\[Hamilton_Laurell_K]_Nightshade(Bookos.org).lit

    2013-05-19 09:14 - 2013-05-19 09:24 - 00392647 ____A C:\Documents and Settings\home\My Documents\[Hamilton_Laurell_K]_Never_After(Bookos.org).epub

    2013-05-19 09:09 - 2013-05-19 09:20 - 00372858 ____A C:\Documents and Settings\home\My Documents\[Laurell_K-1._Hamilton]_Bullet(Bookos.org).epub

    2013-05-19 08:59 - 2013-05-19 08:59 - 00056469 ____A C:\Documents and Settings\home\My Documents\[Hamilton_Laurell_K]_Bite_The_Girl_Who_Was_Infatu(Bookos.org).epub

    2013-05-19 08:58 - 2013-05-19 08:58 - 00279287 ____A C:\Documents and Settings\home\My Documents\[Laurell_K._Hamilton]_Hit_List(Bookos.org).epub

    2013-05-19 08:57 - 2013-05-19 08:58 - 00465739 ____A C:\Documents and Settings\home\My Documents\[Laurell_K._Hamilton]_Swallowing_Darkness(Bookos.org).epub

    2013-05-19 08:57 - 2013-05-19 08:57 - 00372858 ____A C:\Documents and Settings\home\My Documents\[Laurell_K._Hamilton]_Bullet(Bookos.org).epub

    2013-05-19 08:46 - 2013-05-19 08:56 - 00257246 ____A C:\Documents and Settings\home\My Documents\[Laurell_K._Hamilton]_Divine_Misdemeanors(Bookos.org).epub

    2013-05-19 08:45 - 2013-05-19 08:55 - 00836621 ____A C:\Documents and Settings\home\My Documents\[Laurell_K._Hamilton]_Flirt(Bookos.org).epub

    2013-05-19 00:17 - 2013-05-19 00:17 - 00217359 ____A C:\Documents and Settings\home\My Documents\[Anjou_Angelique]_Ja-Rael's_Lioness(Bookos.org).epub

    2013-05-19 00:17 - 2013-05-19 00:17 - 00176594 ____A C:\Documents and Settings\home\My Documents\[Fox_Jaide,_Lyons_Brenna,_Nash_Joy]_Dream_Warriors(Bookos.org).epub

    2013-05-19 00:14 - 2013-05-19 00:14 - 00195267 ____A C:\Documents and Settings\home\My Documents\[Anjou_Angelique]_Chameleon(Bookos.org).epub

    2013-05-18 22:18 - 2013-05-18 22:18 - 00000718 ____A C:\Documents and Settings\All Users\Desktop\Seagate Replica.lnk

    2013-05-18 22:14 - 2013-05-27 22:39 - 00000000 ____D C:\Program Files\Seagate Replica

    2013-05-18 22:07 - 2013-05-18 22:07 - 00000000 ____D C:\Documents and Settings\home\Application Data\Leadertech

    2013-05-17 23:48 - 2013-05-17 23:48 - 00150083 ____A C:\Documents and Settings\home\My Documents\reunion-vampires-realm-romance-series.epub

    2013-05-17 23:24 - 2013-05-17 23:24 - 00251157 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Enslave(Bookos.org).mobi

    2013-05-17 23:18 - 2013-05-17 23:18 - 00192571 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Seduce(Bookos.org).epub

    2013-05-17 23:18 - 2013-05-17 23:18 - 00140778 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Covet(Bookos.org).epub

    2013-05-17 23:17 - 2013-05-17 23:17 - 00404764 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Forbidden_Blood(Bookos.org).epub

    2013-05-17 23:17 - 2013-05-17 23:17 - 00308531 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Ascension(Bookos.org).epub

    2013-05-17 23:17 - 2013-05-17 23:17 - 00176032 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Crave(Bookos.org).epub

    2013-05-17 23:16 - 2013-05-17 23:16 - 00147876 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_The_Night(Bookos.org).epub

    2013-05-16 22:42 - 2013-05-16 22:42 - 00152793 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Vampire_for_Christmas(Bookos.org).epub

    2013-05-16 22:36 - 2013-05-16 22:36 - 00082678 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Moonlight(Bookos.org).epub

    2013-05-16 22:35 - 2013-05-16 22:35 - 00100723 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Embracing_the_Wolf(Bookos.org).epub

    2013-05-16 22:34 - 2013-05-16 22:34 - 00203334 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Cabin_Fever(Bookos.org).lit

    2013-05-16 22:34 - 2013-05-16 22:34 - 00096108 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_A_Promise_of_Passion(Bookos.org).lit

    2013-05-16 22:33 - 2013-05-16 22:33 - 00205232 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Mating_Call(Bookos.org).lit

    2013-05-15 10:17 - 2013-05-15 10:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$

    2013-05-15 10:12 - 2013-05-15 10:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$

    2013-05-14 19:27 - 2013-05-14 19:27 - 00000000 ____D C:\Documents and Settings\home\Local Settings\Application DataGoogle



    ==================== One Month Modified Files and Folders ========



    2013-06-08 23:14 - 2013-06-08 23:14 - 00000000 ____D C:\FRST

    2013-06-08 23:10 - 2013-06-08 22:18 - 00003671 ____A C:\Windows\setupapi.log

    2013-06-08 23:09 - 2013-06-08 23:05 - 00013580 ____A C:\Windows\FaxSetup.log

    2013-06-08 23:09 - 2013-06-08 23:05 - 00007848 ____A C:\Windows\tsoc.log

    2013-06-08 23:09 - 2013-06-08 23:05 - 00004614 ____A C:\Windows\comsetup.log

    2013-06-08 23:09 - 2013-06-08 23:05 - 00003200 ____A C:\Windows\ntdtcsetup.log

    2013-06-08 23:09 - 2013-06-08 23:05 - 00001920 ____A C:\Windows\iis6.log

    2013-06-08 23:09 - 2013-06-08 23:05 - 00001891 ____A C:\Windows\imsins.log

    2013-06-08 23:09 - 2013-06-08 23:05 - 00000860 ____A C:\Windows\msgsocm.log

    2013-06-08 23:09 - 2013-06-08 23:05 - 00000850 ____A C:\Windows\ocmsn.log

    2013-06-08 23:09 - 2013-06-08 23:04 - 00011138 ____A C:\Windows\ocgen.log

    2013-06-08 23:09 - 2009-07-30 20:28 - 01371647 ____A C:\Windows\WindowsUpdate.log

    2013-06-08 23:05 - 2013-06-08 23:05 - 00001891 ____A C:\Windows\imsins.BAK

    2013-06-08 23:05 - 2013-06-08 23:05 - 00000000 ____A C:\Windows\setuperr.log

    2013-06-08 23:05 - 2013-06-08 23:05 - 00000000 ____A C:\Windows\setupact.log

    2013-06-08 21:00 - 2013-06-08 08:33 - 00000330 ___AH C:\Windows\Tasks\MP Scheduled Scan.job

    2013-06-08 15:02 - 2013-06-01 16:05 - 00000262 ____A C:\Windows\Tasks\RegClean Pro_DEFAULT.job

    2013-06-08 08:34 - 2009-08-09 21:31 - 00000420 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{81D1BFA4-F9E3-4D11-B28B-A2B67743A978}.job

    2013-06-08 08:27 - 2009-08-19 19:20 - 00000000 ____D C:\Documents and Settings\home\My Documents\antivirus

    2013-06-08 08:23 - 2013-06-08 08:23 - 00049944 ____A C:\Documents and Settings\home\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

    2013-06-08 08:06 - 2013-06-08 08:00 - 00000092 ____A C:\Windows\smartkeydiagnostics.txt

    2013-06-08 08:05 - 2008-08-30 16:20 - 00000157 ____N C:\Windows\wiadebug.log

    2013-06-08 08:05 - 2008-08-30 16:20 - 00000048 ____N C:\Windows\wiaservc.log

    2013-06-08 08:04 - 2013-06-08 08:04 - 00000000 ____D C:\Documents and Settings\NetworkService\Application Data\Bytemobile

    2013-06-08 08:04 - 2012-10-21 22:21 - 00000328 ____A C:\Windows\Tasks\Protected Search.job

    2013-06-08 08:04 - 2010-07-18 13:42 - 00000000 ____D C:\Program Files\Common Files\Akamai

    2013-06-08 08:04 - 2010-06-09 11:20 - 00000358 ____A C:\Windows\Tasks\WinMaximizer-home-Startup.job

    2013-06-08 08:04 - 2009-07-30 20:33 - 00000062 __ASH C:\Documents and Settings\home\Local Settings\desktop.ini

    2013-06-08 08:04 - 2009-07-30 20:31 - 00000062 __ASH C:\Documents and Settings\NetworkService\Local Settings\desktop.ini

    2013-06-08 08:04 - 2009-07-30 20:31 - 00000062 __ASH C:\Documents and Settings\LocalService\Local Settings\desktop.ini

    2013-06-08 08:04 - 2009-07-30 20:31 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

    2013-06-08 08:04 - 2004-08-04 08:00 - 00013646 ____A C:\Windows\System32\wpa.dbl

    2013-06-08 08:00 - 2009-07-30 20:33 - 00000278 ___SH C:\Documents and Settings\home\ntuser.ini

    2013-06-08 08:00 - 2009-07-30 20:31 - 00032570 ____N C:\Windows\SchedLgU.Txt

    2013-06-08 02:00 - 2010-08-02 21:12 - 00000340 ____A C:\Windows\Tasks\AdobeAAMUpdater-1.0-HOME-52DC6E4B98-home.job

    2013-06-07 23:22 - 2012-08-05 23:22 - 00000000 ____D C:\Documents and Settings\home\My Documents\Calibre Library

    2013-06-07 21:51 - 2013-06-06 21:05 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Trend Micro

    2013-06-07 21:36 - 2013-06-07 21:36 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\Bytemobile

    2013-06-07 21:34 - 2013-06-07 21:34 - 00000000 ____D C:\Documents and Settings\home\Application Data\AT&T

    2013-06-07 21:30 - 2009-08-09 20:05 - 00000000 ____D C:\Windows\System32\ReinstallBackups

    2013-06-07 21:29 - 2013-06-07 21:29 - 00001851 ____A C:\Documents and Settings\All Users\Desktop\at&t Communication Manager.lnk

    2013-06-07 21:29 - 2013-06-07 21:29 - 00000000 ____D C:\Program Files\Common Files\Motorola Shared

    2013-06-07 21:27 - 2013-06-07 21:27 - 00000000 ____D C:\Program Files\Common Files\Research In Motion

    2013-06-07 21:27 - 2013-06-07 21:27 - 00000000 ____D C:\Program Files\AT&T

    2013-06-07 21:27 - 2013-06-07 21:27 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\LG

    2013-06-07 21:27 - 2013-06-07 21:27 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AT&T

    2013-06-07 21:27 - 2008-08-30 16:18 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared

    2013-06-07 21:22 - 2013-06-07 21:21 - 00000000 ____D C:\Program Files\Sierra Wireless Inc

    2013-06-07 21:21 - 2013-06-07 21:21 - 00000000 ____D C:\Documents and Settings\home\Application Data\Sierra Wireless

    2013-06-07 21:02 - 2013-04-05 20:11 - 00000000 ____D C:\Documents and Settings\home\Desktop\Unused Desktop Shortcuts

    2013-06-07 21:02 - 2012-03-31 11:23 - 00000000 ____D C:\Documents and Settings\home\Desktop\New Folder

    2013-06-06 21:37 - 2009-08-09 19:33 - 00000000 ___HD C:\Program Files\InstallShield Installation Information

    2013-06-06 21:36 - 2010-07-18 13:15 - 00000000 ____D C:\Program Files\Sony Corporation

    2013-06-06 21:34 - 2002-01-01 02:10 - 00000000 ____D C:\Program Files\Opera

    2013-06-06 21:14 - 2013-06-06 21:14 - 00000000 ____D C:\Documents and Settings\home\Local Settings\Application Data\Trend Micro

    2013-06-06 21:13 - 2013-06-06 21:13 - 00000932 ____A C:\Documents and Settings\home\Desktop\Trend Micro Titanium 2012.lnk

    2013-06-06 21:12 - 2013-06-06 21:12 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\Trend Micro

    2013-06-06 21:12 - 2008-08-30 16:18 - 00607434 ____A C:\Windows\System32\PerfStringBackup.INI

    2013-06-06 21:08 - 2013-06-06 21:08 - 00000056 ____A C:\Windows\System32\SupportTool.exe.bat

    2013-06-06 21:07 - 2013-06-06 21:05 - 00000000 ____D C:\Program Files\Trend Micro

    2013-06-06 20:37 - 2010-07-05 11:15 - 00000000 ____D C:\Documents and Settings\home\Application Data\uTorrent

    2013-06-04 21:43 - 2012-03-31 05:53 - 00000664 ____A C:\Windows\System32\d3d9caps.dat

    2013-06-04 06:31 - 2013-06-03 22:09 - 00065536 ____A C:\Windows\System32\config\WindowsPowerShell.evt

    2013-06-03 23:34 - 2009-11-04 23:11 - 00000000 ____D C:\Windows\Microsoft.NET

    2013-06-03 23:16 - 2013-06-03 22:12 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\SpeedyPC Software

    2013-06-03 23:15 - 2013-06-03 22:42 - 00000000 ____D C:\Program Files\yolobartb

    2013-06-03 22:43 - 2009-09-22 21:21 - 00000000 ____D C:\Program Files\Mozilla Firefox

    2013-06-03 22:43 - 2009-09-22 21:21 - 00000000 ____D C:\Documents and Settings\home\Application Data\Mozilla

    2013-06-03 22:16 - 2009-08-09 20:29 - 00000000 ____D C:\Program Files\Google

    2013-06-03 22:13 - 2013-06-03 22:13 - 00000000 ____D C:\Documents and Settings\home\Application Data\SpeedyPC Software

    2013-06-03 22:13 - 2013-06-03 22:13 - 00000000 ____D C:\Documents and Settings\home\Application Data\DriverCure

    2013-06-03 22:09 - 2013-06-03 22:09 - 00000000 ____D C:\Windows\System32\windowspowershell

    2013-06-03 22:09 - 2013-06-03 22:08 - 00000000 __HDC C:\Windows\$NtUninstallKB926139-v2$

    2013-06-03 15:06 - 2009-08-09 20:30 - 00000000 ____D C:\Documents and Settings\home\Local Settings\Application Data\Google

    2013-06-03 14:57 - 2010-08-01 21:02 - 00000000 ____D C:\Windows\Minidump

    2013-06-03 14:46 - 2008-08-30 16:16 - 00000211 ___SH C:\boot.ini

    2013-06-03 14:46 - 2004-08-04 08:00 - 00000877 ____A C:\Windows\win.ini

    2013-06-03 14:46 - 2004-08-04 08:00 - 00000227 ____N C:\Windows\system.ini

    2013-06-02 14:56 - 2013-01-01 11:18 - 00000000 ____D C:\Documents and Settings\home\Application Data\SanDisk

    2013-06-02 12:08 - 2013-06-02 12:08 - 00524080 ____A C:\Documents and Settings\home\My Documents\system erroes.evt

    2013-06-02 12:06 - 2013-06-02 12:06 - 00238000 ____A C:\Documents and Settings\home\My Documents\errores.evt

    2013-06-02 10:49 - 2009-07-30 20:26 - 00000000 ____D C:\Windows\Registration

    2013-06-02 10:49 - 2008-08-30 16:11 - 00000000 ____D C:\Windows\repair

    2013-06-02 09:47 - 2013-06-02 09:40 - 00002396 ____A C:\Windows\System32\ASOROSet.bin

    2013-06-02 09:47 - 2008-08-30 16:17 - 00262144 ____A C:\Windows\System32\config\SECURITY.bak

    2013-06-02 09:47 - 2008-08-30 16:16 - 38273024 ____A C:\Windows\System32\config\software.bak

    2013-06-02 09:47 - 2008-08-30 16:16 - 08912896 ____A C:\Windows\System32\config\system.bak

    2013-06-02 09:46 - 2013-06-02 09:46 - 00000000 ___AH C:\Windows\System32\config\system.sav.LOG

    2013-06-02 09:46 - 2013-06-02 09:46 - 00000000 ___AH C:\Windows\System32\config\software.sav.LOG

    2013-06-02 09:44 - 2013-06-02 09:44 - 00000000 ___AH C:\Windows\System32\config\SECURITY.sav.LOG

    2013-06-02 09:44 - 2013-06-02 09:44 - 00000000 ___AH C:\Windows\System32\config\SAM.sav.LOG

    2013-06-02 09:42 - 2008-08-30 16:17 - 00262144 ____A C:\Windows\System32\config\SAM.bak

    2013-06-02 09:40 - 2013-06-02 09:39 - 00000000 ____D C:\Windows\System32\config\RCCBakup

    2013-06-02 09:20 - 2013-06-02 09:20 - 00000724 ____A C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk

    2013-06-02 09:20 - 2013-06-02 09:20 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service

    2013-06-02 09:20 - 2013-06-02 09:20 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Mozilla

    2013-06-02 09:17 - 2010-08-01 14:51 - 00000000 ____D C:\Program Files\Safari

    2013-06-01 16:58 - 2009-08-10 07:15 - 00000000 ____D C:\Documents and Settings\home\Tracing

    2013-06-01 16:54 - 2013-03-06 21:54 - 00000000 ____D C:\Documents and Settings\home\Application Data\systweak

    2013-06-01 16:24 - 2012-08-05 23:22 - 00000719 ____A C:\Documents and Settings\All Users\Desktop\calibre - E-book management.lnk

    2013-06-01 16:24 - 2012-08-05 23:21 - 00000000 ____D C:\Program Files\Calibre2

    2013-06-01 16:07 - 2013-06-01 16:07 - 00000000 ____D C:\Documents and Settings\home\Local Settings\Application Data\Amazon Browser Bar

    2013-06-01 16:07 - 2013-06-01 16:06 - 00000000 ____D C:\Program Files\Amazon Browser Bar

    2013-06-01 16:06 - 2013-06-01 16:06 - 00000000 ____D C:\Program Files\Amazon

    2013-06-01 16:05 - 2013-06-01 16:05 - 00000270 ____A C:\Windows\Tasks\RegClean Pro_UPDATES.job

    2013-06-01 16:03 - 2013-06-01 16:03 - 00000725 ____A C:\Documents and Settings\All Users\Desktop\RegClean Pro.lnk

    2013-06-01 16:03 - 2013-06-01 16:03 - 00000000 ____D C:\Program Files\RegClean Pro

    2013-06-01 16:03 - 2012-12-22 07:42 - 00000682 ____A C:\Documents and Settings\All Users\Desktop\CCleaner.lnk

    2013-06-01 16:02 - 2009-08-19 19:15 - 00000000 ____D C:\Program Files\CCleaner

    2013-05-28 22:19 - 2009-07-30 20:26 - 00000000 ____D C:\Program Files\Online Services

    2013-05-27 22:39 - 2013-05-18 22:14 - 00000000 ____D C:\Program Files\Seagate Replica

    2013-05-21 21:35 - 2013-02-06 09:27 - 00000000 ____D C:\Documents and Settings\home\Local Settings\Application Data\CRE

    2013-05-21 21:27 - 2012-09-07 21:45 - 00000000 ____D C:\Program Files\SecurityKISS Tunnel

    2013-05-21 21:24 - 2008-08-30 16:11 - 00000000 ____D C:\Windows\twain_32

    2013-05-21 21:07 - 2009-08-09 19:34 - 00000022 ____A C:\Windows\FLASHKSK.INI

    2013-05-19 09:51 - 2013-05-19 09:50 - 00076974 ____A C:\Documents and Settings\home\My Documents\[Hamilton_Laurell_K]_A_Clean_Sweep(Bookos.org).epub

    2013-05-19 09:29 - 2013-05-19 09:18 - 00248856 ____A C:\Documents and Settings\home\My Documents\[Hamilton_Laurell_K]_Hamilton,_Laurell_-_Ravenloft(Bookos.org).lit

    2013-05-19 09:28 - 2013-05-19 09:17 - 00173187 ____A C:\Documents and Settings\home\My Documents\[Hamilton_Laurell_K]_Nightshade(Bookos.org).lit

    2013-05-19 09:24 - 2013-05-19 09:14 - 00392647 ____A C:\Documents and Settings\home\My Documents\[Hamilton_Laurell_K]_Never_After(Bookos.org).epub

    2013-05-19 09:20 - 2013-05-19 09:09 - 00372858 ____A C:\Documents and Settings\home\My Documents\[Laurell_K-1._Hamilton]_Bullet(Bookos.org).epub

    2013-05-19 08:59 - 2013-05-19 08:59 - 00056469 ____A C:\Documents and Settings\home\My Documents\[Hamilton_Laurell_K]_Bite_The_Girl_Who_Was_Infatu(Bookos.org).epub

    2013-05-19 08:58 - 2013-05-19 08:58 - 00279287 ____A C:\Documents and Settings\home\My Documents\[Laurell_K._Hamilton]_Hit_List(Bookos.org).epub

    2013-05-19 08:58 - 2013-05-19 08:57 - 00465739 ____A C:\Documents and Settings\home\My Documents\[Laurell_K._Hamilton]_Swallowing_Darkness(Bookos.org).epub

    2013-05-19 08:57 - 2013-05-19 08:57 - 00372858 ____A C:\Documents and Settings\home\My Documents\[Laurell_K._Hamilton]_Bullet(Bookos.org).epub

    2013-05-19 08:56 - 2013-05-19 08:46 - 00257246 ____A C:\Documents and Settings\home\My Documents\[Laurell_K._Hamilton]_Divine_Misdemeanors(Bookos.org).epub

    2013-05-19 08:55 - 2013-05-19 08:45 - 00836621 ____A C:\Documents and Settings\home\My Documents\[Laurell_K._Hamilton]_Flirt(Bookos.org).epub

    2013-05-19 00:17 - 2013-05-19 00:17 - 00217359 ____A C:\Documents and Settings\home\My Documents\[Anjou_Angelique]_Ja-Rael's_Lioness(Bookos.org).epub

    2013-05-19 00:17 - 2013-05-19 00:17 - 00176594 ____A C:\Documents and Settings\home\My Documents\[Fox_Jaide,_Lyons_Brenna,_Nash_Joy]_Dream_Warriors(Bookos.org).epub

    2013-05-19 00:14 - 2013-05-19 00:14 - 00195267 ____A C:\Documents and Settings\home\My Documents\[Anjou_Angelique]_Chameleon(Bookos.org).epub

    2013-05-18 22:18 - 2013-05-18 22:18 - 00000718 ____A C:\Documents and Settings\All Users\Desktop\Seagate Replica.lnk

    2013-05-18 22:07 - 2013-05-18 22:07 - 00000000 ____D C:\Documents and Settings\home\Application Data\Leadertech

    2013-05-17 23:48 - 2013-05-17 23:48 - 00150083 ____A C:\Documents and Settings\home\My Documents\reunion-vampires-realm-romance-series.epub

    2013-05-17 23:24 - 2013-05-17 23:24 - 00251157 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Enslave(Bookos.org).mobi

    2013-05-17 23:18 - 2013-05-17 23:18 - 00192571 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Seduce(Bookos.org).epub

    2013-05-17 23:18 - 2013-05-17 23:18 - 00140778 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Covet(Bookos.org).epub

    2013-05-17 23:17 - 2013-05-17 23:17 - 00404764 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Forbidden_Blood(Bookos.org).epub

    2013-05-17 23:17 - 2013-05-17 23:17 - 00308531 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Ascension(Bookos.org).epub

    2013-05-17 23:17 - 2013-05-17 23:17 - 00176032 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Crave(Bookos.org).epub

    2013-05-17 23:16 - 2013-05-17 23:16 - 00147876 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_The_Night(Bookos.org).epub

    2013-05-16 22:42 - 2013-05-16 22:42 - 00152793 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Vampire_for_Christmas(Bookos.org).epub

    2013-05-16 22:36 - 2013-05-16 22:36 - 00082678 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Moonlight(Bookos.org).epub

    2013-05-16 22:35 - 2013-05-16 22:35 - 00100723 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Embracing_the_Wolf(Bookos.org).epub

    2013-05-16 22:34 - 2013-05-16 22:34 - 00203334 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Cabin_Fever(Bookos.org).lit

    2013-05-16 22:34 - 2013-05-16 22:34 - 00096108 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_A_Promise_of_Passion(Bookos.org).lit

    2013-05-16 22:33 - 2013-05-16 22:33 - 00205232 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Mating_Call(Bookos.org).lit

    2013-05-15 10:39 - 2009-08-09 21:03 - 00000000 ____D C:\Windows\ie8updates

    2013-05-15 10:17 - 2013-05-15 10:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$

    2013-05-15 10:17 - 2009-07-30 21:12 - 00000000 ___HD C:\Windows\$hf_mig$

    2013-05-15 10:13 - 2009-08-09 19:16 - 72607752 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

    2013-05-15 10:12 - 2013-05-15 10:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$

    2013-05-14 19:27 - 2013-05-14 19:27 - 00000000 ____D C:\Documents and Settings\home\Local Settings\Application DataGoogle

    2013-05-13 21:05 - 2009-07-30 20:29 - 00002577 ____A C:\Windows\System32\CONFIG.NT

    2013-05-09 04:58 - 2012-08-05 20:15 - 00229648 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe



    ==================== Bamital & volsnap Check =================



    C:\Windows\explorer.exe => MD5 is legit

    C:\Windows\System32\winlogon.exe => MD5 is legit

    C:\Windows\System32\svchost.exe => MD5 is legit

    C:\Windows\System32\services.exe => MD5 is legit

    C:\Windows\System32\User32.dll => MD5 is legit

    C:\Windows\System32\userinit.exe => MD5 is legit

    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


    ==================== End Of Log ============================
  11. Joanne montanez

    Joanne montanez Newcomer, in training Topic Starter Posts: 33

    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-06-2013

    Ran by home at 2013-06-08 23:18:15 Run:

    Running from G:\

    Boot Mode: Normal

    ==========================================================





    ==================== Installed Programs =======================



    7-Zip 9.20

    7-Zip 9.20 (Version: 9.20.00.0)

    Acrobat.com (Version: 1.7.186)

    Adobe Media Player (Version: 1.8)

    Akamai NetSession Interface Service

    AlterGeo Magic Scanner (Version: 3.2.1.742)

    Amazon Browser Bar (Version: 3.0)

    Apple Application Support (Version: 2.3.3)

    Apple Mobile Device Support (Version: 6.1.0.13)

    Apple Software Update (Version: 2.1.3.127)

    AT&T Communication Manager (Version: 7.02.0316.0)

    Bonjour (Version: 3.0.0.10)

    BrowserProtect

    calibre (Version: 0.9.33)

    CCleaner (Version: 4.02)

    Defraggler (remove only)

    Free AVI Video Converter version 5.0.21.1212 (Version: 5.0.21.1212)

    InstallerApp (Version: 1.0.0.0)

    Intel(R) Extreme Graphics 2 Driver (Version: 6.14.10.4396)

    iTunes (Version: 11.0.2.26)

    Java 7 Update 21 (Version: 7.0.210)

    Java Auto Updater (Version: 2.1.9.5)

    Junk Mail filter update (Version: 14.0.8089.726)

    Microsoft .NET Framework 1.1 (Version: 1.1.4322)

    Microsoft .NET Framework 1.1 Security Update (KB2698023)

    Microsoft .NET Framework 1.1 Security Update (KB2742597)

    Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)

    Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)

    Microsoft .NET Framework 3.5 SP1

    Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)

    Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

    Microsoft Age of Empires II

    Microsoft Age of Empires II: The Conquerors Expansion

    Microsoft Application Error Reporting (Version: 12.0.6012.5000)

    Microsoft Choice Guard (Version: 2.0.48.0)

    Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)

    Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)

    Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)

    Microsoft Search Enhancement Pack (Version: 1.3.59.0)

    Microsoft Silverlight (Version: 5.1.20125.0)

    Microsoft User-Mode Driver Framework Feature Pack 1.0

    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)

    Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)

    Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)

    Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)

    Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)

    Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)

    Microsoft_VC90_ATL_x86 (Version: 1.00.0000)

    Microsoft_VC90_CRT_x86 (Version: 1.00.0000)

    Microsoft_VC90_MFC_x86 (Version: 1.00.0000)

    MobileMe Control Panel (Version: 3.1.1.0)

    Mozilla Firefox 21.0 (x86 en-US) (Version: 21.0)

    Mozilla Maintenance Service (Version: 21.0)

    MSN

    MSVCRT (Version: 14.0.1468.721)

    Nero 7 Ultra Edition (Version: 7.02.0936)

    Paquete de compatibilidad para 2007 Office system (Version: 12.0.6612.1000)

    PCI Audio Driver

    PDF-Viewer (Version: 2.5.210.0)

    Picasa 3 (Version: 3.9)

    Punto Switcher (Version: 3.1.1.72)

    QuickTime (Version: 7.73.80.64)

    RarZilla Free Unrar (Version: 4.80)

    RegClean Pro (Version: 6.21)

    SanDiskSecureAccess_Manager.exe (Version: 1.1.19755)

    Seagate Replica v3.0.1801.8554

    Segoe UI (Version: 14.0.4327.805)

    Sony USB Driver

    Torrey & the Vampire 1.7 (Version: 1.7)

    Trend Micro Titanium (Version: 5.00)

    Trend Micro Titanium 2012 (Version: 5.4)

    Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)

    Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)

    Update for Windows Internet Explorer 8 (KB2632503) (Version: 1)

    Update for Windows Internet Explorer 8 (KB972636) (Version: 1)

    Update for Windows Internet Explorer 8 (KB976662) (Version: 1)

    Update for Windows Internet Explorer 8 (KB976749) (Version: 1)

    Update for Windows Internet Explorer 8 (KB980182) (Version: 1)

    VIA Rhine-Family Fast-Ethernet Adapter

    VLC media player 1.0.1 (Version: 1.0.1)

    WebFldrs XP (Version: 9.50.7523)

    Windows Defender (Version: 1.1.1593.21)

    Windows Genuine Advantage Validation Tool (KB892130)

    Windows Imaging Component (Version: 3.0.0.0)

    Windows Internet Explorer 8 (Version: 20090308.140743)

    Windows Live Call (Version: 14.0.8064.0206)

    Windows Live Communications Platform (Version: 14.0.8064.206)

    Windows Live Essentials (Version: 14.0.8089.0726)

    Windows Live Essentials (Version: 14.0.8089.726)

    Windows Live Mail (Version: 14.0.8089.0726)

    Windows Live Messenger (Version: 14.0.8089.0726)

    Windows Live OneCare safety scanner

    Windows Live Sign-in Assistant (Version: 5.000.818.5)

    Windows Live Upload Tool (Version: 14.0.8014.1029)

    Windows Media Format 11 runtime

    Windows Media Player 11

    Windows PowerShell(TM) 1.0 (Version: 2)

    Windows Search 4.0 (Version: 04.00.6001.503)

    Windows XP Service Pack 3 (Version: 20080414.031525)

    XML Paper Specification Shared Components Pack 1.0



    ==================== Restore Points =========================



    12-03-2013 01:37:35 System Checkpoint

    12-03-2013 12:52:54 Printer Driver Lexmark 3100 Series Installed

    12-03-2013 15:12:38 Removed Foxit Reader

    13-03-2013 12:18:49 Software Distribution Service 3.0

    14-03-2013 04:16:20 Software Distribution Service 3.0

    14-03-2013 13:43:23 Software Distribution Service 3.0

    15-03-2013 22:07:33 Software Distribution Service 3.0

    16-03-2013 22:59:56 System Checkpoint

    18-03-2013 13:09:01 System Checkpoint

    18-03-2013 14:23:17 Software Distribution Service 3.0

    19-03-2013 22:58:23 System Checkpoint

    20-03-2013 01:26:40 Software Distribution Service 3.0

    21-03-2013 19:17:09 System Checkpoint

    22-03-2013 13:15:17 Software Distribution Service 3.0

    22-03-2013 21:36:43 Installed calibre

    22-03-2013 21:41:29 Removed calibre

    23-03-2013 03:43:29 Windows Defender Checkpoint

    28-03-2013 03:09:20 Software Distribution Service 3.0

    29-03-2013 21:36:54 Software Distribution Service 3.0

    30-03-2013 22:46:56 System Checkpoint

    31-03-2013 18:47:00 Installed calibre

    31-03-2013 18:55:52 Installed calibre

    31-03-2013 18:57:53 Removed calibre

    31-03-2013 19:01:31 Removed Adobe Reader XI (11.0.02).

    31-03-2013 19:19:10 Removed Adobe Community Help

    02-04-2013 13:44:25 Software Distribution Service 3.0

    04-04-2013 17:11:42 System Checkpoint

    06-04-2013 00:22:32 Software Distribution Service 3.0

    06-04-2013 02:17:36 Installed calibre

    06-04-2013 02:19:25 Removed calibre

    12-04-2013 00:14:24 Software Distribution Service 3.0

    12-04-2013 00:29:45 Software Distribution Service 3.0

    14-04-2013 03:37:14 Software Distribution Service 3.0

    14-04-2013 03:43:43 Removed calibre

    19-04-2013 02:56:56 Software Distribution Service 3.0

    21-04-2013 21:53:29 Software Distribution Service 3.0

    24-04-2013 00:20:50 Software Distribution Service 3.0

    24-04-2013 00:29:42 Installed Java 7 Update 21

    25-04-2013 01:36:42 System Checkpoint

    28-04-2013 19:07:42 System Checkpoint

    28-04-2013 21:45:24 Software Distribution Service 3.0

    30-04-2013 21:57:42 Software Distribution Service 3.0

    30-04-2013 22:14:26 Installed calibre

    30-04-2013 22:16:12 Removed calibre

    05-05-2013 02:21:10 Software Distribution Service 3.0

    05-05-2013 02:56:22 Installed calibre

    05-05-2013 02:58:02 Removed calibre

    08-05-2013 00:34:25 Software Distribution Service 3.0

    11-05-2013 01:31:47 Software Distribution Service 3.0

    11-05-2013 02:30:53 Installed calibre

    11-05-2013 02:32:29 Removed calibre

    14-05-2013 00:33:41 System Checkpoint

    15-05-2013 13:45:08 Software Distribution Service 3.0

    15-05-2013 14:10:16 Software Distribution Service 3.0

    16-05-2013 22:52:56 Software Distribution Service 3.0

    18-05-2013 03:16:17 Software Distribution Service 3.0

    18-05-2013 04:02:59 Installed calibre

    18-05-2013 04:04:42 Removed calibre

    19-05-2013 04:39:28 System Checkpoint

    22-05-2013 01:17:45 Software Distribution Service 3.0

    22-05-2013 01:25:42 Removed ePhoneTools

    27-05-2013 15:24:54 Software Distribution Service 3.0

    27-05-2013 18:39:20 Installed calibre

    27-05-2013 18:41:25 Removed calibre

    30-05-2013 23:04:25 System Checkpoint

    01-06-2013 20:22:03 Installed calibre

    01-06-2013 20:24:51 Removed calibre

    01-06-2013 20:26:54 Software Distribution Service 3.0

    02-06-2013 13:16:16 Removed Safari

    02-06-2013 13:23:43 Removed Google Drive

    02-06-2013 13:25:20 Removed Google Earth.

    03-06-2013 11:22:35 RegClean Pro Mon, Jun 03, 13 07:20

    03-06-2013 19:02:36 Restore Operation

    04-06-2013 02:09:26 Installed %1 %2.

    07-06-2013 00:39:13 avast! Free Antivirus Setup

    07-06-2013 01:36:15 Removed Picture Package

    07-06-2013 20:27:27 Software Distribution Service 3.0

    08-06-2013 01:02:14 RegClean Pro Fri, Jun 07, 13 21:02

    08-06-2013 01:27:27 Installed AT&T Communication Manager.

    08-06-2013 01:32:56 Install LG USB NDIS Driver



    ==================== Hosts content: ==========================





    127.0.0.1 localhost

    127.0.0.1 www.007guard.com

    127.0.0.1 007guard.com

    127.0.0.1 008i.com

    127.0.0.1 www.008k.com

    127.0.0.1 008k.com

    127.0.0.1 www.00hq.com

    127.0.0.1 00hq.com

    127.0.0.1 010402.com

    127.0.0.1 www.032439.com

    127.0.0.1 032439.com

    127.0.0.1 www.0scan.com

    127.0.0.1 0scan.com

    127.0.0.1 1000gratisproben.com

    127.0.0.1 www.1000gratisproben.com

    127.0.0.1 1001namen.com

    127.0.0.1 www.1001namen.com

    127.0.0.1 100888290cs.com

    127.0.0.1 www.100888290cs.com



    There are 1000 more lines starting with "127.0.0.1"
     
  12. Joanne montanez

    Joanne montanez Newcomer, in training Topic Starter Posts: 33

    ==================== Faulty Device Manager Devices =============



    Name: Video Controller (VGA Compatible)

    Description: Video Controller (VGA Compatible)

    Class Guid:

    Manufacturer:

    Service:

    Problem: : The drivers for this device are not installed. (Code 28)

    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.





    ==================== Event log errors: =========================



    Application errors:

    ==================

    Error: (06/08/2013 09:00:29 PM) (Source: MPSampleSubmission) (User: )

    Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.



    Error: (06/08/2013 08:51:46 AM) (Source: MPSampleSubmission) (User: )

    Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.



    Error: (06/07/2013 04:27:27 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )

    Description: EventType clr20r3, P1 updaterservice.exe, P2 1.0.0.0, P3 511e08ea, P4 updaterservice, P5 1.0.0.0, P6 511e08ea, P7 25, P8 0, P9 clr20r30, P10 clr20r31.



    Error: (06/07/2013 04:24:27 PM) (Source: crypt32) (User: )

    Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:27 PM) (Source: crypt32) (User: )

    Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:26 PM) (Source: crypt32) (User: )

    Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:20 PM) (Source: crypt32) (User: )

    Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:17 PM) (Source: crypt32) (User: )

    Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:17 PM) (Source: crypt32) (User: )

    Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:13:45 PM) (Source: Application Hang) (User: )

    Description: Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.





    System errors:

    =============

    Error: (06/08/2013 11:08:20 PM) (Source: W32Time) (User: )

    Description: The time provider NtpClient is configured to acquire time from one or more

    time sources, however none of the sources are currently accessible.

    No attempt to contact a source will be made for 60 minutes.

    NtpClient has no source of accurate time.



    Error: (06/08/2013 11:08:20 PM) (Source: W32Time) (User: )

    Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually

    configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 60

    minutes.

    The error was: A socket operation was attempted to an unreachable host. (0x80072751)



    Error: (06/08/2013 10:38:20 PM) (Source: W32Time) (User: )

    Description: The time provider NtpClient is configured to acquire time from one or more

    time sources, however none of the sources are currently accessible.

    No attempt to contact a source will be made for 30 minutes.

    NtpClient has no source of accurate time.



    Error: (06/08/2013 10:38:20 PM) (Source: W32Time) (User: )

    Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually

    configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 30

    minutes.

    The error was: A socket operation was attempted to an unreachable host. (0x80072751)



    Error: (06/08/2013 10:23:20 PM) (Source: W32Time) (User: )

    Description: The time provider NtpClient is configured to acquire time from one or more

    time sources, however none of the sources are currently accessible.

    No attempt to contact a source will be made for 14 minutes.

    NtpClient has no source of accurate time.



    Error: (06/08/2013 10:23:20 PM) (Source: W32Time) (User: )

    Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually

    configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15

    minutes.

    The error was: A socket operation was attempted to an unreachable host. (0x80072751)



    Error: (06/08/2013 08:05:35 AM) (Source: Service Control Manager) (User: )

    Description: The BrowserProtect service failed to start due to the following error:

    %%2



    Error: (06/07/2013 08:33:29 PM) (Source: Service Control Manager) (User: )

    Description: The BrowserProtect service failed to start due to the following error:

    %%2



    Error: (06/07/2013 04:28:17 PM) (Source: Service Control Manager) (User: )

    Description: The Software Updater service terminated unexpectedly. It has done this 1 time(s).



    Error: (06/07/2013 04:22:30 PM) (Source: Service Control Manager) (User: )

    Description: The BrowserProtect service failed to start due to the following error:

    %%2





    Microsoft Office Sessions:

    =========================

    Error: (06/08/2013 09:00:29 PM) (Source: MPSampleSubmission)(User: )

    Description: mptelemetry8024402cendsearchsearch1.1.1593.0mpsigdwn.dll1.1.1593.0windows defenderNILNILNIL



    Error: (06/08/2013 08:51:46 AM) (Source: MPSampleSubmission)(User: )

    Description: mptelemetry8024402cendsearchsearch1.1.1593.0mpsigdwn.dll1.1.1593.0windows defenderNILNILNIL



    Error: (06/07/2013 04:27:27 PM) (Source: .NET Runtime 2.0 Error Reporting)(User: )

    Description: clr20r3updaterservice.exe1.0.0.0511e08eaupdaterservice1.0.0.0511e08ea250system.overflowexceptionNIL



    Error: (06/07/2013 04:24:27 PM) (Source: crypt32)(User: )

    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:27 PM) (Source: crypt32)(User: )

    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:26 PM) (Source: crypt32)(User: )

    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:20 PM) (Source: crypt32)(User: )

    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:17 PM) (Source: crypt32)(User: )

    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:17 PM) (Source: crypt32)(User: )

    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:13:45 PM) (Source: Application Hang)(User: )

    Description: explorer.exe6.0.2900.5512hungapp0.0.0.000000000





    ==================== Memory info ===========================



    Percentage of memory in use: 84%

    Total physical RAM: 1022.73 MB

    Available physical RAM: 160.52 MB

    Total Pagefile: 2970.62 MB

    Available Pagefile: 2011.46 MB

    Total Virtual: 2047.88 MB

    Available Virtual: 1946.87 MB



    ==================== Drives ================================



    Drive c: () (Fixed) (Total:465.76 GB) (Free:113.51 GB) NTFS ==>[Drive with boot components (Windows XP)]

    Drive g: () (Removable) (Total:14.9 GB) (Free:14.56 GB) FAT32



    ==================== MBR & Partition Table ==================



    ========================================================

    Disk: 0 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 23658E6F)

    Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)



    ========================================================

    Disk: 1 (Size: 15 GB) (Disk ID: 00000000)

    Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)


    ==================== End Of Log
  13. Joanne montanez

    Joanne montanez Newcomer, in training Topic Starter Posts: 33

    How do you known what to look in all these mess, my brother in law try to fix it last week with no luck
  14. Broni

    Broni Malware Annihilator Posts: 46,153   +251

    My instructions clearly say to run the tool from the Desktop.
    You must redo.
  15. Joanne montanez

    Joanne montanez Newcomer, in training Topic Starter Posts: 33

    sorry!
    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-06-2013

    Ran by home (administrator) on 09-06-2013 00:23:46

    Running from C:\Documents and Settings\home\Desktop

    Microsoft Windows XP Service Pack 3 (X86) OS Language: English(US)

    Internet Explorer Version 8

    Boot Mode: Normal



    ==================== Processes (Whitelisted) ===================



    (Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe

    (Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe

    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    (Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe

    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

    (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe

    (PCtel, Inc.) C:\WINDOWS\system32\pctspk.exe

    (Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

    () C:\Program Files\SoftwareUpdater\UpdaterService.exe

    () C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe

    (Seagate Technology LLC) C:\Program Files\Seagate Replica\bin\ReplicaSysMon.exe

    (Seagate Technology LLC) C:\Program Files\Seagate Replica\bin\Seagate-Replica-Svc.exe

    (Seagate Technology LLC) C:\Program Files\Seagate Replica\bin\Seagate-Replica-Autoplay.exe

    (Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe

    (Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe

    (Seagate Technology LLC) C:\Program Files\Seagate Replica\bin\Seagate-Replica-Tray.exe

    (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe

    () C:\Program Files\SoftwareUpdater\AppsUpdater.exe

    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe

    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

    (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

    (Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE



    ==================== Registry (Whitelisted) ==================



    HKLM\...\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe [77824 2005-09-20] (Intel Corporation)

    HKLM\...\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe [114688 2005-09-20] (Intel Corporation)

    HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)

    HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)

    HKLM\...\Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL "" [1304296 2012-12-18] (Trend Micro Inc.)

    HKLM\...\Run: [AT&T Communication Manager] "C:\Program Files\AT&T\Communication Manager\ATTCM.exe" -a [883272 2010-07-15] (ATT)

    HKLM\...\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [133424 2012-02-27] (Trend Micro Inc.)

    MountPoints2: D - D:\WIN\setup.exe

    MountPoints2: {86259900-cfd9-11e2-ae3b-0040f4b1ff29} - D:\WIN\setup.exe

    MountPoints2: {d90283c2-c804-11e2-ae28-ddbddd7d607a} - D:\autorun.exe

    HKU\Administrator\...\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [ 2006-10-09] (Nero AG)

    HKU\Default User\...\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [ 2006-10-09] (Nero AG)

    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk

    ShortcutTarget: Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)

    Startup: C:\Documents and Settings\home\Start Menu\Programs\Startup\Seagate Product Registration.lnk

    ShortcutTarget: Seagate Product Registration.lnk -> C:\Documents and Settings\home\Application Data\Leadertech\PowerRegister\Seagate Product Registration.exe (Leader Technologies/Seagate)

    Startup: C:\Documents and Settings\home\Start Menu\Programs\Startup\tcbhn.lnk

    ShortcutTarget: tcbhn.lnk -> C:\Documents and Settings\home\Application Data\BrowserCompanion\tcbhn.exe (No File)

    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)



    ==================== Internet (Whitelisted) ====================



    ProxyServer: 169.254.103.158:80

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/

    HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com

    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

    SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

    SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://search.certified-toolbar.com?si=41460&bs=true&tid=592&q={searchTerms}

    SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.certified-toolbar.com?si=41460&bs=true&tid=592&q={searchTerms}

    SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

    SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =

    SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =

    BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

    BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)

    BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

    BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)

    BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

    BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

    BHO: AlterGeoBHO Class - {9BFBA68E-E21B-458E-AE12-FE85E903D2C1} - C:\Program Files\AlterGeo\AlterGeo Magic Scanner\3.2.1.742\AlterGeo.BrowserPlugin.dll (Wi2Geo)

    BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll (Trend Micro Inc.)

    BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

    BHO: AlxHelper Class - {F443A627-5009-4323-9C1D-7FD598D0D712} - C:\Program Files\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)

    Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

    Toolbar: HKLM - Amazon Browser Bar - {EA582743-9076-4178-9AA6-7393FDF4D5CE} - C:\Program Files\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)

    Toolbar: HKCU -No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

    Toolbar: HKCU -No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

    Toolbar: HKCU -No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

    Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

    Toolbar: HKCU -No Name - {09900DE8-1DCA-443F-9243-26FF581438AF} - No File

    Toolbar: HKCU -No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File

    DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab

    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab

    Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

    Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

    Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll (Trend Micro Inc.)

    Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)

    ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\PROGRA~1\WIFD1F~1\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)

    ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)

    Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

    Winsock: Catalog5 05 %SystemRoot%\System32\nwprovau.dll [142336] (Microsoft Corporation)

    Winsock: Catalog9 01 bmnet.dll [142336] (Microsoft Corporation)

    Winsock: Catalog9 02 bmnet.dll [142336] (Microsoft Corporation)

    Winsock: Catalog9 03 bmnet.dll [142336] (Microsoft Corporation)

    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

  16. Joanne montanez

    Joanne montanez Newcomer, in training Topic Starter Posts: 33

    FireFox:

    ========

    FF ProfilePath: C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default

    FF SearchEngine: Bing

    FF Homepage: hxxp://www.mystart.com/?pr=vmn&id=yolobartb&v=1_0&ent=hp

    FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

    FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

    FF Plugin: google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)

    FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

    FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

    FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

    FF Extension: Babylon - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\ffxtlbr@babylon.com

    FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}

    FF Extension: ??????? @Mail.Ru - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}

    FF Extension: Yahoo! Toolbar - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

    FF Extension: Playdom Community Toolbar - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\{69d1a568-ffdf-4ef5-8919-7003582e0ee8}

    FF Extension: Zynga Community Toolbar - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}

    FF Extension: Adobe DLM (powered by getPlus(R)) - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}

    FF Extension: personas - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\personas@christopher.beard.xpi

    FF Extension: No Name - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\{5C46D283-ABDE-4dce-B83C-08881401921C}.xpi

    FF Extension: No Name - C:\Documents and Settings\home\Application Data\Mozilla\Firefox\Profiles\us77mxn2.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi



    ========================== Services (Whitelisted) =================



    R2 Akamai; c:\program files\common files\akamai/netsession_win_ca0e279.dll [4561152 2013-03-27] (Akamai Technologies, Inc.)

    S3 ATTRcAppSvc; C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe [121416 2010-07-15] (SmithMicro Inc.)

    R2 NwSapAgent; C:\Windows\System32\ipxsap.dll [66560 2004-08-04] (Microsoft Corporation)

    R2 Pctspk; C:\Windows\system32\pctspk.exe [86016 2001-08-17] (PCtel, Inc.)

    R2 ReplicaSysMon; C:\Program Files\Seagate Replica\bin\ReplicaSysMon.exe [416208 2010-06-08] (Seagate Technology LLC)

    R2 Seagate-Replica-Svc; C:\Program Files\Seagate Replica\bin\Seagate-Replica-Svc.exe [1947600 2010-06-08] (Seagate Technology LLC)

    R2 SrvUpdater; C:\Program Files\SoftwareUpdater\UpdaterService.exe [31744 2013-02-18] ()

    R2 Updater Service for AMZN; C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe [222368 2012-05-22] ()

    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)

    R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad [x]

    S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]

    S2 BrowserProtect; C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [x]

    R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" [x]



    ==================== Drivers (Whitelisted) ====================



    R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-03-06] (AVAST Software)

    S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)

    R1 cdrbsvsd; C:\Windows\System32\Drivers\cdrbsvsd.sys [13566 2003-12-03] (B.H.A Corporation)

    S3 cmipci; C:\Windows\System32\drivers\cmipci.sys [37888 2007-11-21] (Dogbert)

    R3 cmpci; C:\Windows\System32\drivers\cmaudio.sys [377358 2002-11-18] (C-Media Inc)

    R3 FET5X86V; C:\Windows\System32\DRIVERS\fetnd5bv.sys [48128 2011-04-01] (VIA Technologies, Inc. )

    R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows (R) Server 2003 DDK provider)

    S3 ialm; C:\Windows\System32\DRIVERS\ialmnt5.sys [1302332 2005-09-20] (Intel Corporation)

    S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-13] (Microsoft Corporation)

    S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)

    R2 NwlnkIpx; C:\Windows\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-13] (Microsoft Corporation)

    R2 NwlnkNb; C:\Windows\System32\DRIVERS\nwlnknb.sys [63232 2004-08-04] (Microsoft Corporation)

    R2 NwlnkSpx; C:\Windows\System32\DRIVERS\nwlnkspx.sys [55936 2004-08-04] (Microsoft Corporation)

    R3 PCTINDIS5; C:\WINDOWS\system32\PCTINDIS5.SYS [32408 2010-07-15] (Smith Micro Inc.)

    S3 Ptserlp; C:\Windows\System32\DRIVERS\ptserlp.sys [112574 2001-08-17] (PCTEL, INC.)

    R1 sf; C:\Windows\System32\drivers\sf.sys [33183 2006-04-01] (Sonic Focus, Inc)

    S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-13] (Microsoft Corporation)

    S3 SONYPVU1; C:\Windows\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)

    R0 sptd; C:\Windows\System32\Drivers\sptd.sys [639224 2010-01-18] ()

    S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-13] (Microsoft Corporation)

    S3 swmsflt; C:\Windows\System32\drivers\swmsflt.sys [40408 2010-04-26] ()

    S3 SWNC8UA3; C:\Windows\System32\DRIVERS\swnc8ua3.sys [197504 2009-08-12] (Sierra Wireless Inc.)

    S3 SWUMXA3; C:\Windows\System32\DRIVERS\swumxa3.sys [148992 2009-07-22] (Sierra Wireless Inc.)

    S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2011-07-01] (The OpenVPN Project)

    S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [33512 2012-10-15] (AnchorFree Inc)

    R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [95224 2012-09-24] (Trend Micro Inc.)

    R1 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [257952 2012-09-24] (Trend Micro Inc.)

    R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [76648 2012-09-24] (Trend Micro Inc.)

    R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [92432 2011-08-02] (Trend Micro Inc.)

    R0 Vmodem; C:\Windows\System32\DRIVERS\vmodem.sys [604253 2001-08-17] (PCTEL, INC.)

    R0 Vpctcom; C:\Windows\System32\DRIVERS\vpctcom.sys [397502 2001-08-17] (PCtel, Inc.)

    R3 vvftav303; C:\Windows\System32\drivers\vvftav303.sys [480128 2007-06-23] (Vimicro Corporation)

    R0 Vvoice; C:\Windows\System32\DRIVERS\vvoice.sys [64605 2001-08-17] (PCtel, Inc.)

    S3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [27496 2013-01-25] (Wondershare)

    S3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [27496 2013-01-25] (Wondershare)

    S3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [27496 2013-01-25] (Wondershare)

    S3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [27496 2013-01-25] (Wondershare)

    S3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [27496 2013-01-25] (Wondershare)

    S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-13] (Microsoft Corporation)

    R3 ZSMC0303; C:\Windows\System32\Drivers\usbVM303.sys [1472768 2007-05-14] (Vimicro Corporation)

    S4 Abiosdsk; No ImagePath

    S4 abp480n5; No ImagePath

    S4 adpu160m; No ImagePath

    S4 Aha154x; No ImagePath

    S4 aic78u2; No ImagePath

    S4 aic78xx; No ImagePath

    S4 AliIde; No ImagePath

    S4 amsint; No ImagePath

    S4 asc; No ImagePath

    S4 asc3350p; No ImagePath

    S4 asc3550; No ImagePath

    S4 Atdisk; No ImagePath

    S4 cd20xrnt; No ImagePath

    S1 Changer; No ImagePath

    S4 CmdIde; No ImagePath

    S4 Cpqarray; No ImagePath

    U4 dac2w2k; No ImagePath

    S4 dac960nt; No ImagePath

    S4 dpti2o; No ImagePath

    S4 hpn; No ImagePath

    S1 i2omgmt; No ImagePath

    S4 i2omp; No ImagePath

    S4 ini910u; No ImagePath

    S0 jdro; System32\drivers\yyjglij.sys [x]

    S1 lbrtfdc; No ImagePath

    S4 mraid35x; No ImagePath

    S1 PCIDump; No ImagePath

    S3 PDCOMP; No ImagePath

    S3 PDFRAME; No ImagePath

    S3 PDRELI; No ImagePath

    S3 PDRFRAME; No ImagePath

    S4 perc2; No ImagePath

    S4 perc2hib; No ImagePath

    S4 ql1080; No ImagePath

    S4 Ql10wnt; No ImagePath

    S4 ql12160; No ImagePath

    S4 ql1240; No ImagePath

    S4 ql1280; No ImagePath

    S4 Simbad; No ImagePath

    S4 Sparrow; No ImagePath

    S4 symc810; No ImagePath

    S4 symc8xx; No ImagePath

    S4 sym_hi; No ImagePath

    S4 sym_u3; No ImagePath

    U2 TMAgent;

    S4 TosIde; No ImagePath

    S4 ultra; No ImagePath

    S4 ViaIde; No ImagePath

    S0 waytnjrc; System32\drivers\gdti.sys [x]

    S3 WDICA; No ImagePath



    ==================== NetSvcs (Whitelisted) ===================





    ==================== One Month Created Files and Folders ========



    2013-06-09 00:16 - 2013-06-08 22:23 - 01358673 ____A (Farbar) C:\Documents and Settings\home\Desktop\FRST.exe

    2013-06-08 23:14 - 2013-06-08 23:14 - 00000000 ____D C:\FRST

    2013-06-08 23:05 - 2013-06-08 23:09 - 00013580 ____A C:\Windows\FaxSetup.log

    2013-06-08 23:05 - 2013-06-08 23:09 - 00007848 ____A C:\Windows\tsoc.log

    2013-06-08 23:05 - 2013-06-08 23:09 - 00004614 ____A C:\Windows\comsetup.log

    2013-06-08 23:05 - 2013-06-08 23:09 - 00003200 ____A C:\Windows\ntdtcsetup.log

    2013-06-08 23:05 - 2013-06-08 23:09 - 00001920 ____A C:\Windows\iis6.log

    2013-06-08 23:05 - 2013-06-08 23:09 - 00001891 ____A C:\Windows\imsins.log

    2013-06-08 23:05 - 2013-06-08 23:09 - 00000860 ____A C:\Windows\msgsocm.log

    2013-06-08 23:05 - 2013-06-08 23:09 - 00000850 ____A C:\Windows\ocmsn.log

    2013-06-08 23:05 - 2013-06-08 23:05 - 00001891 ____A C:\Windows\imsins.BAK

    2013-06-08 23:05 - 2013-06-08 23:05 - 00000000 ____A C:\Windows\setuperr.log

    2013-06-08 23:05 - 2013-06-08 23:05 - 00000000 ____A C:\Windows\setupact.log

    2013-06-08 23:04 - 2013-06-08 23:09 - 00011138 ____A C:\Windows\ocgen.log

    2013-06-08 22:18 - 2013-06-08 23:10 - 00003671 ____A C:\Windows\setupapi.log

    2013-06-08 08:33 - 2013-06-08 21:00 - 00000330 ___AH C:\Windows\Tasks\MP Scheduled Scan.job

    2013-06-08 08:23 - 2013-06-08 08:23 - 00049944 ____A C:\Documents and Settings\home\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

    2013-06-08 08:04 - 2013-06-08 08:04 - 00000000 ____D C:\Documents and Settings\NetworkService\Application Data\Bytemobile

    2013-06-08 08:00 - 2013-06-08 08:06 - 00000092 ____A C:\Windows\smartkeydiagnostics.txt

    2013-06-07 21:36 - 2013-06-07 21:36 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\Bytemobile

    2013-06-07 21:34 - 2013-06-07 21:34 - 00000000 ____D C:\Documents and Settings\home\Application Data\AT&T

    2013-06-07 21:32 - 2010-04-26 18:04 - 00040408 ____A C:\Windows\System32\Drivers\swmsflt.sys

    2013-06-07 21:29 - 2013-06-07 21:29 - 00001851 ____A C:\Documents and Settings\All Users\Desktop\at&t Communication Manager.lnk

    2013-06-07 21:29 - 2013-06-07 21:29 - 00000000 ____D C:\Program Files\Common Files\Motorola Shared

    2013-06-07 21:27 - 2013-06-07 21:27 - 00000000 ____D C:\Program Files\Common Files\Research In Motion

    2013-06-07 21:27 - 2013-06-07 21:27 - 00000000 ____D C:\Program Files\AT&T

    2013-06-07 21:27 - 2013-06-07 21:27 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\LG

    2013-06-07 21:27 - 2013-06-07 21:27 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AT&T

    2013-06-07 21:21 - 2013-06-07 21:22 - 00000000 ____D C:\Program Files\Sierra Wireless Inc

    2013-06-07 21:21 - 2013-06-07 21:21 - 00000000 ____D C:\Documents and Settings\home\Application Data\Sierra Wireless

    2013-06-06 21:14 - 2013-06-06 21:14 - 00000000 ____D C:\Documents and Settings\home\Local Settings\Application Data\Trend Micro

    2013-06-06 21:13 - 2013-06-06 21:13 - 00000932 ____A C:\Documents and Settings\home\Desktop\Trend Micro Titanium 2012.lnk

    2013-06-06 21:12 - 2013-06-06 21:12 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\Trend Micro

    2013-06-06 21:12 - 2012-09-24 22:01 - 00095224 ____A (Trend Micro Inc.) C:\Windows\System32\Drivers\tmactmon.sys

    2013-06-06 21:12 - 2012-09-24 22:00 - 00257952 ____A (Trend Micro Inc.) C:\Windows\System32\Drivers\tmcomm.sys

    2013-06-06 21:12 - 2012-09-24 22:00 - 00076648 ____A (Trend Micro Inc.) C:\Windows\System32\Drivers\tmevtmgr.sys

    2013-06-06 21:12 - 2011-08-02 16:33 - 00092432 ____A (Trend Micro Inc.) C:\Windows\System32\Drivers\tmtdi.sys

    2013-06-06 21:08 - 2013-06-06 21:08 - 00000056 ____A C:\Windows\System32\SupportTool.exe.bat

    2013-06-06 21:05 - 2013-06-07 21:51 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Trend Micro

    2013-06-06 21:05 - 2013-06-06 21:07 - 00000000 ____D C:\Program Files\Trend Micro

    2013-06-03 22:42 - 2013-06-03 23:15 - 00000000 ____D C:\Program Files\yolobartb

    2013-06-03 22:13 - 2013-06-03 22:13 - 00000000 ____D C:\Documents and Settings\home\Application Data\SpeedyPC Software

    2013-06-03 22:13 - 2013-06-03 22:13 - 00000000 ____D C:\Documents and Settings\home\Application Data\DriverCure

    2013-06-03 22:12 - 2013-06-03 23:16 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\SpeedyPC Software

    2013-06-03 22:09 - 2013-06-04 06:31 - 00065536 ____A C:\Windows\System32\config\WindowsPowerShell.evt

    2013-06-03 22:09 - 2013-06-03 22:09 - 00000000 ____D C:\Windows\System32\windowspowershell

    2013-06-03 22:08 - 2013-06-03 22:09 - 00000000 __HDC C:\Windows\$NtUninstallKB926139-v2$

    2013-06-02 12:08 - 2013-06-02 12:08 - 00524080 ____A C:\Documents and Settings\home\My Documents\system erroes.evt

    2013-06-02 12:06 - 2013-06-02 12:06 - 00238000 ____A C:\Documents and Settings\home\My Documents\errores.evt

    2013-06-02 09:46 - 2013-06-02 09:46 - 00000000 ___AH C:\Windows\System32\config\system.sav.LOG

    2013-06-02 09:46 - 2013-06-02 09:46 - 00000000 ___AH C:\Windows\System32\config\software.sav.LOG

    2013-06-02 09:44 - 2013-06-02 09:44 - 00000000 ___AH C:\Windows\System32\config\SECURITY.sav.LOG

    2013-06-02 09:44 - 2013-06-02 09:44 - 00000000 ___AH C:\Windows\System32\config\SAM.sav.LOG

    2013-06-02 09:40 - 2013-06-02 09:47 - 00002396 ____A C:\Windows\System32\ASOROSet.bin

    2013-06-02 09:39 - 2013-06-02 09:40 - 00000000 ____D C:\Windows\System32\config\RCCBakup

    2013-06-02 09:20 - 2013-06-02 09:20 - 00000724 ____A C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk

    2013-06-02 09:20 - 2013-06-02 09:20 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service

    2013-06-02 09:20 - 2013-06-02 09:20 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Mozilla

    2013-06-01 16:07 - 2013-06-01 16:07 - 00000000 ____D C:\Documents and Settings\home\Local Settings\Application Data\Amazon Browser Bar

    2013-06-01 16:06 - 2013-06-01 16:07 - 00000000 ____D C:\Program Files\Amazon Browser Bar

    2013-06-01 16:06 - 2013-06-01 16:06 - 00000000 ____D C:\Program Files\Amazon

    2013-06-01 16:05 - 2013-06-08 15:02 - 00000262 ____A C:\Windows\Tasks\RegClean Pro_DEFAULT.job

    2013-06-01 16:05 - 2013-06-01 16:05 - 00000270 ____A C:\Windows\Tasks\RegClean Pro_UPDATES.job

    2013-06-01 16:03 - 2013-06-01 16:03 - 00000725 ____A C:\Documents and Settings\All Users\Desktop\RegClean Pro.lnk

    2013-06-01 16:03 - 2013-06-01 16:03 - 00000000 ____D C:\Program Files\RegClean Pro

    2013-05-19 09:50 - 2013-05-19 09:51 - 00076974 ____A C:\Documents and Settings\home\My Documents\[Hamilton_Laurell_K]_A_Clean_Sweep(Bookos.org).epub

    2013-05-19 09:18 - 2013-05-19 09:29 - 00248856 ____A C:\Documents and Settings\home\My Documents\[Hamilton_Laurell_K]_Hamilton,_Laurell_-_Ravenloft(Bookos.org).lit

    2013-05-19 09:17 - 2013-05-19 09:28 - 00173187 ____A C:\Documents and Settings\home\My Documents\[Hamilton_Laurell_K]_Nightshade(Bookos.org).lit

    2013-05-19 09:14 - 2013-05-19 09:24 - 00392647 ____A C:\Documents and Settings\home\My Documents\[Hamilton_Laurell_K]_Never_After(Bookos.org).epub

    2013-05-19 09:09 - 2013-05-19 09:20 - 00372858 ____A C:\Documents and Settings\home\My Documents\[Laurell_K-1._Hamilton]_Bullet(Bookos.org).epub

    2013-05-19 08:59 - 2013-05-19 08:59 - 00056469 ____A C:\Documents and Settings\home\My Documents\[Hamilton_Laurell_K]_Bite_The_Girl_Who_Was_Infatu(Bookos.org).epub

    2013-05-19 08:58 - 2013-05-19 08:58 - 00279287 ____A C:\Documents and Settings\home\My Documents\[Laurell_K._Hamilton]_Hit_List(Bookos.org).epub

    2013-05-19 08:57 - 2013-05-19 08:58 - 00465739 ____A C:\Documents and Settings\home\My Documents\[Laurell_K._Hamilton]_Swallowing_Darkness(Bookos.org).epub

    2013-05-19 08:57 - 2013-05-19 08:57 - 00372858 ____A C:\Documents and Settings\home\My Documents\[Laurell_K._Hamilton]_Bullet(Bookos.org).epub

    2013-05-19 08:46 - 2013-05-19 08:56 - 00257246 ____A C:\Documents and Settings\home\My Documents\[Laurell_K._Hamilton]_Divine_Misdemeanors(Bookos.org).epub

    2013-05-19 08:45 - 2013-05-19 08:55 - 00836621 ____A C:\Documents and Settings\home\My Documents\[Laurell_K._Hamilton]_Flirt(Bookos.org).epub

    2013-05-19 00:17 - 2013-05-19 00:17 - 00217359 ____A C:\Documents and Settings\home\My Documents\[Anjou_Angelique]_Ja-Rael's_Lioness(Bookos.org).epub

    2013-05-19 00:17 - 2013-05-19 00:17 - 00176594 ____A C:\Documents and Settings\home\My Documents\[Fox_Jaide,_Lyons_Brenna,_Nash_Joy]_Dream_Warriors(Bookos.org).epub

    2013-05-19 00:14 - 2013-05-19 00:14 - 00195267 ____A C:\Documents and Settings\home\My Documents\[Anjou_Angelique]_Chameleon(Bookos.org).epub

    2013-05-18 22:18 - 2013-05-18 22:18 - 00000718 ____A C:\Documents and Settings\All Users\Desktop\Seagate Replica.lnk

    2013-05-18 22:14 - 2013-05-27 22:39 - 00000000 ____D C:\Program Files\Seagate Replica

    2013-05-18 22:07 - 2013-05-18 22:07 - 00000000 ____D C:\Documents and Settings\home\Application Data\Leadertech

    2013-05-17 23:48 - 2013-05-17 23:48 - 00150083 ____A C:\Documents and Settings\home\My Documents\reunion-vampires-realm-romance-series.epub

    2013-05-17 23:24 - 2013-05-17 23:24 - 00251157 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Enslave(Bookos.org).mobi

    2013-05-17 23:18 - 2013-05-17 23:18 - 00192571 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Seduce(Bookos.org).epub

    2013-05-17 23:18 - 2013-05-17 23:18 - 00140778 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Covet(Bookos.org).epub

    2013-05-17 23:17 - 2013-05-17 23:17 - 00404764 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Forbidden_Blood(Bookos.org).epub

    2013-05-17 23:17 - 2013-05-17 23:17 - 00308531 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Ascension(Bookos.org).epub

    2013-05-17 23:17 - 2013-05-17 23:17 - 00176032 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Crave(Bookos.org).epub

    2013-05-17 23:16 - 2013-05-17 23:16 - 00147876 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_The_Night(Bookos.org).epub

    2013-05-16 22:42 - 2013-05-16 22:42 - 00152793 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Vampire_for_Christmas(Bookos.org).epub

    2013-05-16 22:36 - 2013-05-16 22:36 - 00082678 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Moonlight(Bookos.org).epub

    2013-05-16 22:35 - 2013-05-16 22:35 - 00100723 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Embracing_the_Wolf(Bookos.org).epub

    2013-05-16 22:34 - 2013-05-16 22:34 - 00203334 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Cabin_Fever(Bookos.org).lit

    2013-05-16 22:34 - 2013-05-16 22:34 - 00096108 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_A_Promise_of_Passion(Bookos.org).lit

    2013-05-16 22:33 - 2013-05-16 22:33 - 00205232 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Mating_Call(Bookos.org).lit

    2013-05-15 10:17 - 2013-05-15 10:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$

    2013-05-15 10:12 - 2013-05-15 10:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$

    2013-05-14 19:27 - 2013-05-14 19:27 - 00000000 ____D C:\Documents and Settings\home\Local Settings\Application DataGoogle

  17. Joanne montanez

    Joanne montanez Newcomer, in training Topic Starter Posts: 33

    ==================== One Month Modified Files and Folders ========



    2013-06-08 23:14 - 2013-06-08 23:14 - 00000000 ____D C:\FRST

    2013-06-08 23:10 - 2013-06-08 22:18 - 00003671 ____A C:\Windows\setupapi.log

    2013-06-08 23:09 - 2013-06-08 23:05 - 00013580 ____A C:\Windows\FaxSetup.log

    2013-06-08 23:09 - 2013-06-08 23:05 - 00007848 ____A C:\Windows\tsoc.log

    2013-06-08 23:09 - 2013-06-08 23:05 - 00004614 ____A C:\Windows\comsetup.log

    2013-06-08 23:09 - 2013-06-08 23:05 - 00003200 ____A C:\Windows\ntdtcsetup.log

    2013-06-08 23:09 - 2013-06-08 23:05 - 00001920 ____A C:\Windows\iis6.log

    2013-06-08 23:09 - 2013-06-08 23:05 - 00001891 ____A C:\Windows\imsins.log

    2013-06-08 23:09 - 2013-06-08 23:05 - 00000860 ____A C:\Windows\msgsocm.log

    2013-06-08 23:09 - 2013-06-08 23:05 - 00000850 ____A C:\Windows\ocmsn.log

    2013-06-08 23:09 - 2013-06-08 23:04 - 00011138 ____A C:\Windows\ocgen.log

    2013-06-08 23:09 - 2009-07-30 20:28 - 01371647 ____A C:\Windows\WindowsUpdate.log

    2013-06-08 23:05 - 2013-06-08 23:05 - 00001891 ____A C:\Windows\imsins.BAK

    2013-06-08 23:05 - 2013-06-08 23:05 - 00000000 ____A C:\Windows\setuperr.log

    2013-06-08 23:05 - 2013-06-08 23:05 - 00000000 ____A C:\Windows\setupact.log

    2013-06-08 22:23 - 2013-06-09 00:16 - 01358673 ____A (Farbar) C:\Documents and Settings\home\Desktop\FRST.exe

    2013-06-08 21:00 - 2013-06-08 08:33 - 00000330 ___AH C:\Windows\Tasks\MP Scheduled Scan.job

    2013-06-08 15:02 - 2013-06-01 16:05 - 00000262 ____A C:\Windows\Tasks\RegClean Pro_DEFAULT.job

    2013-06-08 08:34 - 2009-08-09 21:31 - 00000420 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{81D1BFA4-F9E3-4D11-B28B-A2B67743A978}.job

    2013-06-08 08:27 - 2009-08-19 19:20 - 00000000 ____D C:\Documents and Settings\home\My Documents\antivirus

    2013-06-08 08:23 - 2013-06-08 08:23 - 00049944 ____A C:\Documents and Settings\home\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

    2013-06-08 08:06 - 2013-06-08 08:00 - 00000092 ____A C:\Windows\smartkeydiagnostics.txt

    2013-06-08 08:05 - 2008-08-30 16:20 - 00000157 ____N C:\Windows\wiadebug.log

    2013-06-08 08:05 - 2008-08-30 16:20 - 00000048 ____N C:\Windows\wiaservc.log

    2013-06-08 08:04 - 2013-06-08 08:04 - 00000000 ____D C:\Documents and Settings\NetworkService\Application Data\Bytemobile

    2013-06-08 08:04 - 2012-10-21 22:21 - 00000328 ____A C:\Windows\Tasks\Protected Search.job

    2013-06-08 08:04 - 2010-07-18 13:42 - 00000000 ____D C:\Program Files\Common Files\Akamai

    2013-06-08 08:04 - 2010-06-09 11:20 - 00000358 ____A C:\Windows\Tasks\WinMaximizer-home-Startup.job

    2013-06-08 08:04 - 2009-07-30 20:33 - 00000062 __ASH C:\Documents and Settings\home\Local Settings\desktop.ini

    2013-06-08 08:04 - 2009-07-30 20:31 - 00000062 __ASH C:\Documents and Settings\NetworkService\Local Settings\desktop.ini

    2013-06-08 08:04 - 2009-07-30 20:31 - 00000062 __ASH C:\Documents and Settings\LocalService\Local Settings\desktop.ini

    2013-06-08 08:04 - 2009-07-30 20:31 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

    2013-06-08 08:04 - 2004-08-04 08:00 - 00013646 ____A C:\Windows\System32\wpa.dbl

    2013-06-08 08:00 - 2009-07-30 20:33 - 00000278 ___SH C:\Documents and Settings\home\ntuser.ini

    2013-06-08 08:00 - 2009-07-30 20:31 - 00032570 ____N C:\Windows\SchedLgU.Txt

    2013-06-08 02:00 - 2010-08-02 21:12 - 00000340 ____A C:\Windows\Tasks\AdobeAAMUpdater-1.0-HOME-52DC6E4B98-home.job

    2013-06-07 23:22 - 2012-08-05 23:22 - 00000000 ____D C:\Documents and Settings\home\My Documents\Calibre Library

    2013-06-07 21:51 - 2013-06-06 21:05 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Trend Micro

    2013-06-07 21:36 - 2013-06-07 21:36 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\Bytemobile

    2013-06-07 21:34 - 2013-06-07 21:34 - 00000000 ____D C:\Documents and Settings\home\Application Data\AT&T

    2013-06-07 21:30 - 2009-08-09 20:05 - 00000000 ____D C:\Windows\System32\ReinstallBackups

    2013-06-07 21:29 - 2013-06-07 21:29 - 00001851 ____A C:\Documents and Settings\All Users\Desktop\at&t Communication Manager.lnk

    2013-06-07 21:29 - 2013-06-07 21:29 - 00000000 ____D C:\Program Files\Common Files\Motorola Shared

    2013-06-07 21:27 - 2013-06-07 21:27 - 00000000 ____D C:\Program Files\Common Files\Research In Motion

    2013-06-07 21:27 - 2013-06-07 21:27 - 00000000 ____D C:\Program Files\AT&T

    2013-06-07 21:27 - 2013-06-07 21:27 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\LG

    2013-06-07 21:27 - 2013-06-07 21:27 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AT&T

    2013-06-07 21:27 - 2008-08-30 16:18 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared

    2013-06-07 21:22 - 2013-06-07 21:21 - 00000000 ____D C:\Program Files\Sierra Wireless Inc

    2013-06-07 21:21 - 2013-06-07 21:21 - 00000000 ____D C:\Documents and Settings\home\Application Data\Sierra Wireless

    2013-06-07 21:02 - 2013-04-05 20:11 - 00000000 ____D C:\Documents and Settings\home\Desktop\Unused Desktop Shortcuts

    2013-06-07 21:02 - 2012-03-31 11:23 - 00000000 ____D C:\Documents and Settings\home\Desktop\New Folder

    2013-06-06 21:37 - 2009-08-09 19:33 - 00000000 ___HD C:\Program Files\InstallShield Installation Information

    2013-06-06 21:36 - 2010-07-18 13:15 - 00000000 ____D C:\Program Files\Sony Corporation

    2013-06-06 21:34 - 2002-01-01 02:10 - 00000000 ____D C:\Program Files\Opera

    2013-06-06 21:14 - 2013-06-06 21:14 - 00000000 ____D C:\Documents and Settings\home\Local Settings\Application Data\Trend Micro

    2013-06-06 21:13 - 2013-06-06 21:13 - 00000932 ____A C:\Documents and Settings\home\Desktop\Trend Micro Titanium 2012.lnk

    2013-06-06 21:12 - 2013-06-06 21:12 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\Trend Micro

    2013-06-06 21:12 - 2008-08-30 16:18 - 00607434 ____A C:\Windows\System32\PerfStringBackup.INI

    2013-06-06 21:08 - 2013-06-06 21:08 - 00000056 ____A C:\Windows\System32\SupportTool.exe.bat

    2013-06-06 21:07 - 2013-06-06 21:05 - 00000000 ____D C:\Program Files\Trend Micro

    2013-06-06 20:37 - 2010-07-05 11:15 - 00000000 ____D C:\Documents and Settings\home\Application Data\uTorrent

    2013-06-04 21:43 - 2012-03-31 05:53 - 00000664 ____A C:\Windows\System32\d3d9caps.dat

    2013-06-04 06:31 - 2013-06-03 22:09 - 00065536 ____A C:\Windows\System32\config\WindowsPowerShell.evt

    2013-06-03 23:34 - 2009-11-04 23:11 - 00000000 ____D C:\Windows\Microsoft.NET

    2013-06-03 23:16 - 2013-06-03 22:12 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\SpeedyPC Software

    2013-06-03 23:15 - 2013-06-03 22:42 - 00000000 ____D C:\Program Files\yolobartb

    2013-06-03 22:43 - 2009-09-22 21:21 - 00000000 ____D C:\Program Files\Mozilla Firefox

    2013-06-03 22:43 - 2009-09-22 21:21 - 00000000 ____D C:\Documents and Settings\home\Application Data\Mozilla

    2013-06-03 22:16 - 2009-08-09 20:29 - 00000000 ____D C:\Program Files\Google

    2013-06-03 22:13 - 2013-06-03 22:13 - 00000000 ____D C:\Documents and Settings\home\Application Data\SpeedyPC Software

    2013-06-03 22:13 - 2013-06-03 22:13 - 00000000 ____D C:\Documents and Settings\home\Application Data\DriverCure

    2013-06-03 22:09 - 2013-06-03 22:09 - 00000000 ____D C:\Windows\System32\windowspowershell

    2013-06-03 22:09 - 2013-06-03 22:08 - 00000000 __HDC C:\Windows\$NtUninstallKB926139-v2$

    2013-06-03 15:06 - 2009-08-09 20:30 - 00000000 ____D C:\Documents and Settings\home\Local Settings\Application Data\Google

    2013-06-03 14:57 - 2010-08-01 21:02 - 00000000 ____D C:\Windows\Minidump

    2013-06-03 14:46 - 2008-08-30 16:16 - 00000211 ___SH C:\boot.ini

    2013-06-03 14:46 - 2004-08-04 08:00 - 00000877 ____A C:\Windows\win.ini

    2013-06-03 14:46 - 2004-08-04 08:00 - 00000227 ____N C:\Windows\system.ini

    2013-06-02 14:56 - 2013-01-01 11:18 - 00000000 ____D C:\Documents and Settings\home\Application Data\SanDisk

    2013-06-02 12:08 - 2013-06-02 12:08 - 00524080 ____A C:\Documents and Settings\home\My Documents\system erroes.evt

    2013-06-02 12:06 - 2013-06-02 12:06 - 00238000 ____A C:\Documents and Settings\home\My Documents\errores.evt

    2013-06-02 10:49 - 2009-07-30 20:26 - 00000000 ____D C:\Windows\Registration

    2013-06-02 10:49 - 2008-08-30 16:11 - 00000000 ____D C:\Windows\repair

    2013-06-02 09:47 - 2013-06-02 09:40 - 00002396 ____A C:\Windows\System32\ASOROSet.bin

    2013-06-02 09:47 - 2008-08-30 16:17 - 00262144 ____A C:\Windows\System32\config\SECURITY.bak

    2013-06-02 09:47 - 2008-08-30 16:16 - 38273024 ____A C:\Windows\System32\config\software.bak

    2013-06-02 09:47 - 2008-08-30 16:16 - 08912896 ____A C:\Windows\System32\config\system.bak

    2013-06-02 09:46 - 2013-06-02 09:46 - 00000000 ___AH C:\Windows\System32\config\system.sav.LOG

    2013-06-02 09:46 - 2013-06-02 09:46 - 00000000 ___AH C:\Windows\System32\config\software.sav.LOG

    2013-06-02 09:44 - 2013-06-02 09:44 - 00000000 ___AH C:\Windows\System32\config\SECURITY.sav.LOG

    2013-06-02 09:44 - 2013-06-02 09:44 - 00000000 ___AH C:\Windows\System32\config\SAM.sav.LOG

    2013-06-02 09:42 - 2008-08-30 16:17 - 00262144 ____A C:\Windows\System32\config\SAM.bak

    2013-06-02 09:40 - 2013-06-02 09:39 - 00000000 ____D C:\Windows\System32\config\RCCBakup

    2013-06-02 09:20 - 2013-06-02 09:20 - 00000724 ____A C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk

    2013-06-02 09:20 - 2013-06-02 09:20 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service

    2013-06-02 09:20 - 2013-06-02 09:20 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Mozilla

    2013-06-02 09:17 - 2010-08-01 14:51 - 00000000 ____D C:\Program Files\Safari

    2013-06-01 16:58 - 2009-08-10 07:15 - 00000000 ____D C:\Documents and Settings\home\Tracing

    2013-06-01 16:54 - 2013-03-06 21:54 - 00000000 ____D C:\Documents and Settings\home\Application Data\systweak

    2013-06-01 16:24 - 2012-08-05 23:22 - 00000719 ____A C:\Documents and Settings\All Users\Desktop\calibre - E-book management.lnk

    2013-06-01 16:24 - 2012-08-05 23:21 - 00000000 ____D C:\Program Files\Calibre2

    2013-06-01 16:07 - 2013-06-01 16:07 - 00000000 ____D C:\Documents and Settings\home\Local Settings\Application Data\Amazon Browser Bar

    2013-06-01 16:07 - 2013-06-01 16:06 - 00000000 ____D C:\Program Files\Amazon Browser Bar

    2013-06-01 16:06 - 2013-06-01 16:06 - 00000000 ____D C:\Program Files\Amazon

    2013-06-01 16:05 - 2013-06-01 16:05 - 00000270 ____A C:\Windows\Tasks\RegClean Pro_UPDATES.job

    2013-06-01 16:03 - 2013-06-01 16:03 - 00000725 ____A C:\Documents and Settings\All Users\Desktop\RegClean Pro.lnk

    2013-06-01 16:03 - 2013-06-01 16:03 - 00000000 ____D C:\Program Files\RegClean Pro

    2013-06-01 16:03 - 2012-12-22 07:42 - 00000682 ____A C:\Documents and Settings\All Users\Desktop\CCleaner.lnk

    2013-06-01 16:02 - 2009-08-19 19:15 - 00000000 ____D C:\Program Files\CCleaner

    2013-05-28 22:19 - 2009-07-30 20:26 - 00000000 ____D C:\Program Files\Online Services

    2013-05-27 22:39 - 2013-05-18 22:14 - 00000000 ____D C:\Program Files\Seagate Replica

    2013-05-21 21:35 - 2013-02-06 09:27 - 00000000 ____D C:\Documents and Settings\home\Local Settings\Application Data\CRE

    2013-05-21 21:27 - 2012-09-07 21:45 - 00000000 ____D C:\Program Files\SecurityKISS Tunnel

    2013-05-21 21:24 - 2008-08-30 16:11 - 00000000 ____D C:\Windows\twain_32

    2013-05-21 21:07 - 2009-08-09 19:34 - 00000022 ____A C:\Windows\FLASHKSK.INI

    2013-05-19 09:51 - 2013-05-19 09:50 - 00076974 ____A C:\Documents and Settings\home\My Documents\[Hamilton_Laurell_K]_A_Clean_Sweep(Bookos.org).epub

    2013-05-19 09:29 - 2013-05-19 09:18 - 00248856 ____A C:\Documents and Settings\home\My Documents\[Hamilton_Laurell_K]_Hamilton,_Laurell_-_Ravenloft(Bookos.org).lit

    2013-05-19 09:28 - 2013-05-19 09:17 - 00173187 ____A C:\Documents and Settings\home\My Documents\[Hamilton_Laurell_K]_Nightshade(Bookos.org).lit

    2013-05-19 09:24 - 2013-05-19 09:14 - 00392647 ____A C:\Documents and Settings\home\My Documents\[Hamilton_Laurell_K]_Never_After(Bookos.org).epub

    2013-05-19 09:20 - 2013-05-19 09:09 - 00372858 ____A C:\Documents and Settings\home\My Documents\[Laurell_K-1._Hamilton]_Bullet(Bookos.org).epub

    2013-05-19 08:59 - 2013-05-19 08:59 - 00056469 ____A C:\Documents and Settings\home\My Documents\[Hamilton_Laurell_K]_Bite_The_Girl_Who_Was_Infatu(Bookos.org).epub

    2013-05-19 08:58 - 2013-05-19 08:58 - 00279287 ____A C:\Documents and Settings\home\My Documents\[Laurell_K._Hamilton]_Hit_List(Bookos.org).epub

    2013-05-19 08:58 - 2013-05-19 08:57 - 00465739 ____A C:\Documents and Settings\home\My Documents\[Laurell_K._Hamilton]_Swallowing_Darkness(Bookos.org).epub

    2013-05-19 08:57 - 2013-05-19 08:57 - 00372858 ____A C:\Documents and Settings\home\My Documents\[Laurell_K._Hamilton]_Bullet(Bookos.org).epub

    2013-05-19 08:56 - 2013-05-19 08:46 - 00257246 ____A C:\Documents and Settings\home\My Documents\[Laurell_K._Hamilton]_Divine_Misdemeanors(Bookos.org).epub

    2013-05-19 08:55 - 2013-05-19 08:45 - 00836621 ____A C:\Documents and Settings\home\My Documents\[Laurell_K._Hamilton]_Flirt(Bookos.org).epub

    2013-05-19 00:17 - 2013-05-19 00:17 - 00217359 ____A C:\Documents and Settings\home\My Documents\[Anjou_Angelique]_Ja-Rael's_Lioness(Bookos.org).epub

    2013-05-19 00:17 - 2013-05-19 00:17 - 00176594 ____A C:\Documents and Settings\home\My Documents\[Fox_Jaide,_Lyons_Brenna,_Nash_Joy]_Dream_Warriors(Bookos.org).epub

    2013-05-19 00:14 - 2013-05-19 00:14 - 00195267 ____A C:\Documents and Settings\home\My Documents\[Anjou_Angelique]_Chameleon(Bookos.org).epub

    2013-05-18 22:18 - 2013-05-18 22:18 - 00000718 ____A C:\Documents and Settings\All Users\Desktop\Seagate Replica.lnk

    2013-05-18 22:07 - 2013-05-18 22:07 - 00000000 ____D C:\Documents and Settings\home\Application Data\Leadertech

    2013-05-17 23:48 - 2013-05-17 23:48 - 00150083 ____A C:\Documents and Settings\home\My Documents\reunion-vampires-realm-romance-series.epub

    2013-05-17 23:24 - 2013-05-17 23:24 - 00251157 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Enslave(Bookos.org).mobi

    2013-05-17 23:18 - 2013-05-17 23:18 - 00192571 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Seduce(Bookos.org).epub

    2013-05-17 23:18 - 2013-05-17 23:18 - 00140778 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Covet(Bookos.org).epub

    2013-05-17 23:17 - 2013-05-17 23:17 - 00404764 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Forbidden_Blood(Bookos.org).epub

    2013-05-17 23:17 - 2013-05-17 23:17 - 00308531 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Ascension(Bookos.org).epub

    2013-05-17 23:17 - 2013-05-17 23:17 - 00176032 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Crave(Bookos.org).epub

    2013-05-17 23:16 - 2013-05-17 23:16 - 00147876 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_The_Night(Bookos.org).epub

    2013-05-16 22:42 - 2013-05-16 22:42 - 00152793 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Vampire_for_Christmas(Bookos.org).epub

    2013-05-16 22:36 - 2013-05-16 22:36 - 00082678 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Moonlight(Bookos.org).epub

    2013-05-16 22:35 - 2013-05-16 22:35 - 00100723 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Embracing_the_Wolf(Bookos.org).epub

    2013-05-16 22:34 - 2013-05-16 22:34 - 00203334 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Cabin_Fever(Bookos.org).lit

    2013-05-16 22:34 - 2013-05-16 22:34 - 00096108 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_A_Promise_of_Passion(Bookos.org).lit

    2013-05-16 22:33 - 2013-05-16 22:33 - 00205232 ____A C:\Documents and Settings\home\My Documents\[Heaton_Felicity]_Mating_Call(Bookos.org).lit

    2013-05-15 10:39 - 2009-08-09 21:03 - 00000000 ____D C:\Windows\ie8updates

    2013-05-15 10:17 - 2013-05-15 10:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$

    2013-05-15 10:17 - 2009-07-30 21:12 - 00000000 ___HD C:\Windows\$hf_mig$

    2013-05-15 10:13 - 2009-08-09 19:16 - 72607752 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

    2013-05-15 10:12 - 2013-05-15 10:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$

    2013-05-14 19:27 - 2013-05-14 19:27 - 00000000 ____D C:\Documents and Settings\home\Local Settings\Application DataGoogle

    2013-05-13 21:05 - 2009-07-30 20:29 - 00002577 ____A C:\Windows\System32\CONFIG.NT



    ==================== Bamital & volsnap Check =================



    C:\Windows\explorer.exe => MD5 is legit

    C:\Windows\System32\winlogon.exe => MD5 is legit

    C:\Windows\System32\svchost.exe => MD5 is legit

    C:\Windows\System32\services.exe => MD5 is legit

    C:\Windows\System32\User32.dll => MD5 is legit

    C:\Windows\System32\userinit.exe => MD5 is legit

    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit



    ==================== End Of Log ============================

    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-06-2013

    Ran by home at 2013-06-09 00:25:34 Run:

    Running from C:\Documents and Settings\home\Desktop

    Boot Mode: Normal

    ==========================================================





    ==================== Installed Programs =======================



    7-Zip 9.20

    7-Zip 9.20 (Version: 9.20.00.0)

    Acrobat.com (Version: 1.7.186)

    Adobe Media Player (Version: 1.8)

    Akamai NetSession Interface Service

    AlterGeo Magic Scanner (Version: 3.2.1.742)

    Amazon Browser Bar (Version: 3.0)

    Apple Application Support (Version: 2.3.3)

    Apple Mobile Device Support (Version: 6.1.0.13)

    Apple Software Update (Version: 2.1.3.127)

    AT&T Communication Manager (Version: 7.02.0316.0)

    Bonjour (Version: 3.0.0.10)

    BrowserProtect

    calibre (Version: 0.9.33)

    CCleaner (Version: 4.02)

    Defraggler (remove only)

    Free AVI Video Converter version 5.0.21.1212 (Version: 5.0.21.1212)

    InstallerApp (Version: 1.0.0.0)

    Intel(R) Extreme Graphics 2 Driver (Version: 6.14.10.4396)

    iTunes (Version: 11.0.2.26)

    Java 7 Update 21 (Version: 7.0.210)

    Java Auto Updater (Version: 2.1.9.5)

    Junk Mail filter update (Version: 14.0.8089.726)

    Microsoft .NET Framework 1.1 (Version: 1.1.4322)

    Microsoft .NET Framework 1.1 Security Update (KB2698023)

    Microsoft .NET Framework 1.1 Security Update (KB2742597)

    Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)

    Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)

    Microsoft .NET Framework 3.5 SP1

    Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)

    Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

    Microsoft Age of Empires II

    Microsoft Age of Empires II: The Conquerors Expansion

    Microsoft Application Error Reporting (Version: 12.0.6012.5000)

    Microsoft Choice Guard (Version: 2.0.48.0)

    Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)

    Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)

    Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)

    Microsoft Search Enhancement Pack (Version: 1.3.59.0)

    Microsoft Silverlight (Version: 5.1.20125.0)

    Microsoft User-Mode Driver Framework Feature Pack 1.0

    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)

    Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)

    Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)

    Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)

    Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)

    Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)

    Microsoft_VC90_ATL_x86 (Version: 1.00.0000)

    Microsoft_VC90_CRT_x86 (Version: 1.00.0000)

    Microsoft_VC90_MFC_x86 (Version: 1.00.0000)

    MobileMe Control Panel (Version: 3.1.1.0)

    Mozilla Firefox 21.0 (x86 en-US) (Version: 21.0)

    Mozilla Maintenance Service (Version: 21.0)

    MSN

    MSVCRT (Version: 14.0.1468.721)

    Nero 7 Ultra Edition (Version: 7.02.0936)

    Paquete de compatibilidad para 2007 Office system (Version: 12.0.6612.1000)

    PCI Audio Driver

    PDF-Viewer (Version: 2.5.210.0)

    Picasa 3 (Version: 3.9)

    Punto Switcher (Version: 3.1.1.72)

    QuickTime (Version: 7.73.80.64)

    RarZilla Free Unrar (Version: 4.80)

    RegClean Pro (Version: 6.21)

    SanDiskSecureAccess_Manager.exe (Version: 1.1.19755)

    Seagate Replica v3.0.1801.8554

    Segoe UI (Version: 14.0.4327.805)

    Sony USB Driver

    Torrey & the Vampire 1.7 (Version: 1.7)

    Trend Micro Titanium (Version: 5.00)

    Trend Micro Titanium 2012 (Version: 5.4)

    Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)

    Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)

    Update for Windows Internet Explorer 8 (KB2632503) (Version: 1)

    Update for Windows Internet Explorer 8 (KB972636) (Version: 1)

    Update for Windows Internet Explorer 8 (KB976662) (Version: 1)

    Update for Windows Internet Explorer 8 (KB976749) (Version: 1)

    Update for Windows Internet Explorer 8 (KB980182) (Version: 1)

    VIA Rhine-Family Fast-Ethernet Adapter

    VLC media player 1.0.1 (Version: 1.0.1)

    WebFldrs XP (Version: 9.50.7523)

    Windows Defender (Version: 1.1.1593.21)

    Windows Genuine Advantage Validation Tool (KB892130)

    Windows Imaging Component (Version: 3.0.0.0)

    Windows Internet Explorer 8 (Version: 20090308.140743)

    Windows Live Call (Version: 14.0.8064.0206)

    Windows Live Communications Platform (Version: 14.0.8064.206)

    Windows Live Essentials (Version: 14.0.8089.0726)

    Windows Live Essentials (Version: 14.0.8089.726)

    Windows Live Mail (Version: 14.0.8089.0726)

    Windows Live Messenger (Version: 14.0.8089.0726)

    Windows Live OneCare safety scanner

    Windows Live Sign-in Assistant (Version: 5.000.818.5)

    Windows Live Upload Tool (Version: 14.0.8014.1029)

    Windows Media Format 11 runtime

    Windows Media Player 11

    Windows PowerShell(TM) 1.0 (Version: 2)

    Windows Search 4.0 (Version: 04.00.6001.503)

    Windows XP Service Pack 3 (Version: 20080414.031525)

    XML Paper Specification Shared Components Pack 1.0
  18. Joanne montanez

    Joanne montanez Newcomer, in training Topic Starter Posts: 33

    ==================== Restore Points =========================



    12-03-2013 01:37:35 System Checkpoint

    12-03-2013 12:52:54 Printer Driver Lexmark 3100 Series Installed

    12-03-2013 15:12:38 Removed Foxit Reader

    13-03-2013 12:18:49 Software Distribution Service 3.0

    14-03-2013 04:16:20 Software Distribution Service 3.0

    14-03-2013 13:43:23 Software Distribution Service 3.0

    15-03-2013 22:07:33 Software Distribution Service 3.0

    16-03-2013 22:59:56 System Checkpoint

    18-03-2013 13:09:01 System Checkpoint

    18-03-2013 14:23:17 Software Distribution Service 3.0

    19-03-2013 22:58:23 System Checkpoint

    20-03-2013 01:26:40 Software Distribution Service 3.0

    21-03-2013 19:17:09 System Checkpoint

    22-03-2013 13:15:17 Software Distribution Service 3.0

    22-03-2013 21:36:43 Installed calibre

    22-03-2013 21:41:29 Removed calibre

    23-03-2013 03:43:29 Windows Defender Checkpoint

    28-03-2013 03:09:20 Software Distribution Service 3.0

    29-03-2013 21:36:54 Software Distribution Service 3.0

    30-03-2013 22:46:56 System Checkpoint

    31-03-2013 18:47:00 Installed calibre

    31-03-2013 18:55:52 Installed calibre

    31-03-2013 18:57:53 Removed calibre

    31-03-2013 19:01:31 Removed Adobe Reader XI (11.0.02).

    31-03-2013 19:19:10 Removed Adobe Community Help

    02-04-2013 13:44:25 Software Distribution Service 3.0

    04-04-2013 17:11:42 System Checkpoint

    06-04-2013 00:22:32 Software Distribution Service 3.0

    06-04-2013 02:17:36 Installed calibre

    06-04-2013 02:19:25 Removed calibre

    12-04-2013 00:14:24 Software Distribution Service 3.0

    12-04-2013 00:29:45 Software Distribution Service 3.0

    14-04-2013 03:37:14 Software Distribution Service 3.0

    14-04-2013 03:43:43 Removed calibre

    19-04-2013 02:56:56 Software Distribution Service 3.0

    21-04-2013 21:53:29 Software Distribution Service 3.0

    24-04-2013 00:20:50 Software Distribution Service 3.0

    24-04-2013 00:29:42 Installed Java 7 Update 21

    25-04-2013 01:36:42 System Checkpoint

    28-04-2013 19:07:42 System Checkpoint

    28-04-2013 21:45:24 Software Distribution Service 3.0

    30-04-2013 21:57:42 Software Distribution Service 3.0

    30-04-2013 22:14:26 Installed calibre

    30-04-2013 22:16:12 Removed calibre

    05-05-2013 02:21:10 Software Distribution Service 3.0

    05-05-2013 02:56:22 Installed calibre

    05-05-2013 02:58:02 Removed calibre

    08-05-2013 00:34:25 Software Distribution Service 3.0

    11-05-2013 01:31:47 Software Distribution Service 3.0

    11-05-2013 02:30:53 Installed calibre

    11-05-2013 02:32:29 Removed calibre

    14-05-2013 00:33:41 System Checkpoint

    15-05-2013 13:45:08 Software Distribution Service 3.0

    15-05-2013 14:10:16 Software Distribution Service 3.0

    16-05-2013 22:52:56 Software Distribution Service 3.0

    18-05-2013 03:16:17 Software Distribution Service 3.0

    18-05-2013 04:02:59 Installed calibre

    18-05-2013 04:04:42 Removed calibre

    19-05-2013 04:39:28 System Checkpoint

    22-05-2013 01:17:45 Software Distribution Service 3.0

    22-05-2013 01:25:42 Removed ePhoneTools

    27-05-2013 15:24:54 Software Distribution Service 3.0

    27-05-2013 18:39:20 Installed calibre

    27-05-2013 18:41:25 Removed calibre

    30-05-2013 23:04:25 System Checkpoint

    01-06-2013 20:22:03 Installed calibre

    01-06-2013 20:24:51 Removed calibre

    01-06-2013 20:26:54 Software Distribution Service 3.0

    02-06-2013 13:16:16 Removed Safari

    02-06-2013 13:23:43 Removed Google Drive

    02-06-2013 13:25:20 Removed Google Earth.

    03-06-2013 11:22:35 RegClean Pro Mon, Jun 03, 13 07:20

    03-06-2013 19:02:36 Restore Operation

    04-06-2013 02:09:26 Installed %1 %2.

    07-06-2013 00:39:13 avast! Free Antivirus Setup

    07-06-2013 01:36:15 Removed Picture Package

    07-06-2013 20:27:27 Software Distribution Service 3.0

    08-06-2013 01:02:14 RegClean Pro Fri, Jun 07, 13 21:02

    08-06-2013 01:27:27 Installed AT&T Communication Manager.

    08-06-2013 01:32:56 Install LG USB NDIS Driver



    ==================== Hosts content: ==========================





    127.0.0.1 localhost

    127.0.0.1 www.007guard.com

    127.0.0.1 007guard.com

    127.0.0.1 008i.com

    127.0.0.1 www.008k.com

    127.0.0.1 008k.com

    127.0.0.1 www.00hq.com

    127.0.0.1 00hq.com

    127.0.0.1 010402.com

    127.0.0.1 www.032439.com

    127.0.0.1 032439.com

    127.0.0.1 www.0scan.com

    127.0.0.1 0scan.com

    127.0.0.1 1000gratisproben.com

    127.0.0.1 www.1000gratisproben.com

    127.0.0.1 1001namen.com

    127.0.0.1 www.1001namen.com

    127.0.0.1 100888290cs.com

    127.0.0.1 www.100888290cs.com



    There are 1000 more lines starting with "127.0.0.1"





    ==================== Faulty Device Manager Devices =============



    Name: Video Controller (VGA Compatible)

    Description: Video Controller (VGA Compatible)

    Class Guid:

    Manufacturer:

    Service:

    Problem: : The drivers for this device are not installed. (Code 28)

    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.





    ==================== Event log errors: =========================



    Application errors:

    ==================

    Error: (06/08/2013 09:00:29 PM) (Source: MPSampleSubmission) (User: )

    Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.



    Error: (06/08/2013 08:51:46 AM) (Source: MPSampleSubmission) (User: )

    Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.



    Error: (06/07/2013 04:27:27 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )

    Description: EventType clr20r3, P1 updaterservice.exe, P2 1.0.0.0, P3 511e08ea, P4 updaterservice, P5 1.0.0.0, P6 511e08ea, P7 25, P8 0, P9 clr20r30, P10 clr20r31.



    Error: (06/07/2013 04:24:27 PM) (Source: crypt32) (User: )

    Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:27 PM) (Source: crypt32) (User: )

    Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:26 PM) (Source: crypt32) (User: )

    Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:20 PM) (Source: crypt32) (User: )

    Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:17 PM) (Source: crypt32) (User: )

    Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:17 PM) (Source: crypt32) (User: )

    Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:13:45 PM) (Source: Application Hang) (User: )

    Description: Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.





    System errors:

    =============

    Error: (06/09/2013 00:08:20 AM) (Source: W32Time) (User: )

    Description: The time provider NtpClient is configured to acquire time from one or more

    time sources, however none of the sources are currently accessible.

    No attempt to contact a source will be made for 120 minutes.

    NtpClient has no source of accurate time.



    Error: (06/09/2013 00:08:20 AM) (Source: W32Time) (User: )

    Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually

    configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 120

    minutes.

    The error was: A socket operation was attempted to an unreachable host. (0x80072751)



    Error: (06/08/2013 11:08:20 PM) (Source: W32Time) (User: )

    Description: The time provider NtpClient is configured to acquire time from one or more

    time sources, however none of the sources are currently accessible.

    No attempt to contact a source will be made for 60 minutes.

    NtpClient has no source of accurate time.



    Error: (06/08/2013 11:08:20 PM) (Source: W32Time) (User: )

    Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually

    configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 60

    minutes.

    The error was: A socket operation was attempted to an unreachable host. (0x80072751)



    Error: (06/08/2013 10:38:20 PM) (Source: W32Time) (User: )

    Description: The time provider NtpClient is configured to acquire time from one or more

    time sources, however none of the sources are currently accessible.

    No attempt to contact a source will be made for 30 minutes.

    NtpClient has no source of accurate time.



    Error: (06/08/2013 10:38:20 PM) (Source: W32Time) (User: )

    Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually

    configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 30

    minutes.

    The error was: A socket operation was attempted to an unreachable host. (0x80072751)



    Error: (06/08/2013 10:23:20 PM) (Source: W32Time) (User: )

    Description: The time provider NtpClient is configured to acquire time from one or more

    time sources, however none of the sources are currently accessible.

    No attempt to contact a source will be made for 14 minutes.

    NtpClient has no source of accurate time.



    Error: (06/08/2013 10:23:20 PM) (Source: W32Time) (User: )

    Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually

    configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15

    minutes.

    The error was: A socket operation was attempted to an unreachable host. (0x80072751)



    Error: (06/08/2013 08:05:35 AM) (Source: Service Control Manager) (User: )

    Description: The BrowserProtect service failed to start due to the following error:

    %%2



    Error: (06/07/2013 08:33:29 PM) (Source: Service Control Manager) (User: )

    Description: The BrowserProtect service failed to start due to the following error:

    %%2





    Microsoft Office Sessions:

    =========================

    Error: (06/08/2013 09:00:29 PM) (Source: MPSampleSubmission)(User: )

    Description: mptelemetry8024402cendsearchsearch1.1.1593.0mpsigdwn.dll1.1.1593.0windows defenderNILNILNIL



    Error: (06/08/2013 08:51:46 AM) (Source: MPSampleSubmission)(User: )

    Description: mptelemetry8024402cendsearchsearch1.1.1593.0mpsigdwn.dll1.1.1593.0windows defenderNILNILNIL



    Error: (06/07/2013 04:27:27 PM) (Source: .NET Runtime 2.0 Error Reporting)(User: )

    Description: clr20r3updaterservice.exe1.0.0.0511e08eaupdaterservice1.0.0.0511e08ea250system.overflowexceptionNIL



    Error: (06/07/2013 04:24:27 PM) (Source: crypt32)(User: )

    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:27 PM) (Source: crypt32)(User: )

    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:26 PM) (Source: crypt32)(User: )

    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:20 PM) (Source: crypt32)(User: )

    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:17 PM) (Source: crypt32)(User: )

    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:17 PM) (Source: crypt32)(User: )

    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:13:45 PM) (Source: Application Hang)(User: )

    Description: explorer.exe6.0.2900.5512hungapp0.0.0.000000000





    ==================== Memory info ===========================



    Percentage of memory in use: 81%

    Total physical RAM: 1022.73 MB

    Available physical RAM: 192.07 MB

    Total Pagefile: 2970.62 MB

    Available Pagefile: 1990.57 MB

    Total Virtual: 2047.88 MB

    Available Virtual: 1942.37 MB



    ==================== Drives ================================



    Drive c: () (Fixed) (Total:465.76 GB) (Free:113.5 GB) NTFS ==>[Drive with boot components (Windows XP)]

    Drive g: () (Removable) (Total:14.9 GB) (Free:14.56 GB) FAT32



    ==================== MBR & Partition Table ==================



    ========================================================

    Disk: 0 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 23658E6F)

    Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)



    ========================================================

    Disk: 1 (Size: 15 GB) (Disk ID: 00000000)

    Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)


    ==================== End Of Log ====
     
  19. Broni

    Broni Malware Annihilator Posts: 46,153   +251

    Download attached fixlist.txt file and save it to the Desktop.
    NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST/FRST64 and press the Fix button just once and wait.
    The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

    Attached Files:

  20. Joanne montanez

    Joanne montanez Newcomer, in training Topic Starter Posts: 33

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 08-06-2013

    Ran by home at 2013-06-09 01:03:52 Run:1

    Running from C:\Documents and Settings\home\Desktop\fixit

    Boot Mode: Normal



    ==============================================



    jdro => Service deleted successfully.

    waytnjrc => Service deleted successfully.


    ==== End of Fixlog
  21. Broni

    Broni Malware Annihilator Posts: 46,153   +251

    Please post new FSS log (my reply #2).

    Bed time here but if you're still up I'll leave you with some homework.

    [​IMG] Please download MiniToolBox, save it to your desktop and run it.

    Checkmark following boxes:
    • Report IE Proxy Settings
    • Report FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Devices (do NOT change any settings)
    Click Go and post the result.

    [​IMG] Download RogueKiller for 32bit or Roguekiller for 64bit to your Desktop.
    • Close all the running programs
    • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

    [​IMG] Download Malwarebytes Anti-Rootkit (MBAR) from HERE
    • Unzip downloaded file.
    • Open the folder where the contents were unzipped and run mbar.exe
    • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
    • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
    • Wait while the system shuts down and the cleanup process is performed.
    • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
    • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt
  22. Joanne montanez

    Joanne montanez Newcomer, in training Topic Starter Posts: 33

    Night and thanks
  23. Joanne montanez

    Joanne montanez Newcomer, in training Topic Starter Posts: 33

    Farbar Service Scanner Version: 31-05-2013 01

    Ran by home (administrator) on 09-06-2013 at 01:25:54

    Running from "C:\Documents and Settings\home\Desktop"

    Microsoft Windows XP Service Pack 3 (X86)

    Boot Mode: Normal

    ****************************************************************



    Internet Services:

    ============



    Connection Status:

    ==============

    Localhost is accessible.

    There is no connection to network.

    Attempt to access Google IP returned error. Google IP is unreachable

    Attempt to access Google.com returned error: Other errors

    Attempt to access Yahoo IP returned error. Yahoo IP is unreachable

    Attempt to access Yahoo.com returned error: Other errors





    Windows Firewall:

    =============



    Firewall Disabled Policy:

    ==================





    System Restore:

    ============



    System Restore Disabled Policy:

    ========================





    Security Center:

    ============





    Windows Update:

    ============



    Windows Autoupdate Disabled Policy:

    ============================





    File Check:

    ========

    C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit

    C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit

    C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit

    C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit

    C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit

    C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit

    C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit

    C:\WINDOWS\system32\netman.dll => MD5 is legit

    C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit

    C:\WINDOWS\system32\srsvc.dll => MD5 is legit

    C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit

    C:\WINDOWS\system32\wscsvc.dll => MD5 is legit

    C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit

    C:\WINDOWS\system32\wuauserv.dll => MD5 is legit

    C:\WINDOWS\system32\qmgr.dll => MD5 is legit

    C:\WINDOWS\system32\es.dll => MD5 is legit

    C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit

    C:\WINDOWS\system32\svchost.exe => MD5 is legit

    C:\WINDOWS\system32\rpcss.dll => MD5 is legit

    C:\WINDOWS\system32\services.exe => MD5 is legit



    Extra List:

    =======

    Gpc(3) IPSec(5) NetBT(6) NwlnkIpx(9) NwlnkNb(10) PSched(7) Tcpip(4) tcpipBM(11)

    0x0B00000005000000010000000200000003000000040000000B0000000C0000000600000007000000090000000A000000

    IpSec Tag value is correct.



    **** End of log ****
  24. Joanne montanez

    Joanne montanez Newcomer, in training Topic Starter Posts: 33

    MiniToolBox by Farbar Version:21-04-2013

    Ran by home (administrator) on 09-06-2013 at 01:34:03

    Running from "C:\Documents and Settings\home\Desktop"

    Microsoft Windows XP Service Pack 3 (X86)

    Boot Mode: Normal

    ***************************************************************************



    ========================= IE Proxy Settings: ==============================



    Proxy is not enabled.

    ProxyServer: 169.254.103.158:80



    ========================= FF Proxy Settings: ==============================



    ========================= Hosts content: =================================





    127.0.0.1 localhost

    127.0.0.1 www.007guard.com

    127.0.0.1 007guard.com

    127.0.0.1 008i.com

    127.0.0.1 www.008k.com

    127.0.0.1 008k.com

    127.0.0.1 www.00hq.com

    127.0.0.1 00hq.com

    127.0.0.1 010402.com

    127.0.0.1 www.032439.com

    127.0.0.1 032439.com

    127.0.0.1 www.0scan.com

    127.0.0.1 0scan.com

    127.0.0.1 1000gratisproben.com

    127.0.0.1 www.1000gratisproben.com

    127.0.0.1 1001namen.com

    127.0.0.1 www.1001namen.com

    127.0.0.1 100888290cs.com

    127.0.0.1 www.100888290cs.com



    There are 13567 more lines starting with "127.0.0.1"



    ========================= IP Configuration: ================================



    VIA Rhine III Fast Ethernet Adapter = Local Area Connection 6 (Connected)





    # ----------------------------------

    # Interface IP Configuration

    # ----------------------------------

    pushd interface ip





    # Interface IP Configuration for "Local Area Connection 6"



    set address name="Local Area Connection 6" source=dhcp

    set dns name="Local Area Connection 6" source=dhcp register=PRIMARY

    set wins name="Local Area Connection 6" source=dhcp





    popd

    # End of interface IP configuration









    Windows IP Configuration







    Host Name . . . . . . . . . . . . : home-52dc6e4b98



    Primary Dns Suffix . . . . . . . :



    Node Type . . . . . . . . . . . . : Unknown



    IP Routing Enabled. . . . . . . . : No



    WINS Proxy Enabled. . . . . . . . : No







    Ethernet adapter Local Area Connection 6:







    Connection-specific DNS Suffix . :



    Description . . . . . . . . . . . : VIA Rhine III Fast Ethernet Adapter #2



    Physical Address. . . . . . . . . : 00-40-F4-B1-FF-29



    Dhcp Enabled. . . . . . . . . . . : Yes



    Autoconfiguration Enabled . . . . : Yes



    Autoconfiguration IP Address. . . : 169.254.103.158



    Subnet Mask . . . . . . . . . . . : 255.255.0.0



    Default Gateway . . . . . . . . . :



    Server: UnKnown

    Address: 127.0.0.1



    Ping request could not find host google.com. Please check the name and try again.



    Server: UnKnown

    Address: 127.0.0.1



    Ping request could not find host yahoo.com. Please check the name and try again.







    Pinging 127.0.0.1 with 32 bytes of data:







    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128







    Ping statistics for 127.0.0.1:



    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



    Approximate round trip times in milli-seconds:



    Minimum = 0ms, Maximum = 0ms, Average = 0ms



    ===========================================================================

    Interface List

    0x1 ........................... MS TCP Loopback interface

    0x10003 ...00 40 f4 b1 ff 29 ...... VIA Rhine III Fast Ethernet Adapter #2 - Packet Scheduler Miniport

    ===========================================================================

    ===========================================================================

    Active Routes:

    Network Destination Netmask Gateway Interface Metric

    127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1

    169.254.0.0 255.255.0.0 169.254.103.158 169.254.103.158 20

    169.254.103.158 255.255.255.255 127.0.0.1 127.0.0.1 20

    169.254.255.255 255.255.255.255 169.254.103.158 169.254.103.158 20

    224.0.0.0 240.0.0.0 169.254.103.158 169.254.103.158 20

    255.255.255.255 255.255.255.255 169.254.103.158 169.254.103.158 1

    ===========================================================================

    Persistent Routes:

    None

    ========================= Winsock entries =====================================



    Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

    Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)

    Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

    Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

    Catalog5 05 C:\WINDOWS\system32\nwprovau.dll [142336] (Microsoft Corporation)

    Catalog9 01 bmnet.dll [File not found] ()

    Catalog9 02 bmnet.dll [File not found] ()

    Catalog9 03 bmnet.dll [File not found] ()

    Catalog9 04 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

    Catalog9 05 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

    Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

    Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

    Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

    Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

    Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

    Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

    Catalog9 12 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)

    Catalog9 13 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)

    Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

    Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

    Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

    Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

    Catalog9 18 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

    Catalog9 19 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

    Catalog9 20 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

    Catalog9 21 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

    Catalog9 22 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

    Catalog9 23 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

    Catalog9 24 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

    Catalog9 25 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

    Catalog9 26 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

    Catalog9 27 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
  25. Joanne montanez

    Joanne montanez Newcomer, in training Topic Starter Posts: 33

    ========================= Event log errors: ===============================



    Application errors:

    ==================

    Error: (06/08/2013 09:00:29 PM) (Source: MPSampleSubmission) (User: )

    Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.



    Error: (06/08/2013 08:51:46 AM) (Source: MPSampleSubmission) (User: )

    Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.



    Error: (06/07/2013 04:27:27 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )

    Description: EventType clr20r3, P1 updaterservice.exe, P2 1.0.0.0, P3 511e08ea, P4 updaterservice, P5 1.0.0.0, P6 511e08ea, P7 25, P8 0, P9 clr20r30, P10 clr20r31.



    Error: (06/07/2013 04:24:27 PM) (Source: crypt32) (User: )

    Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:27 PM) (Source: crypt32) (User: )

    Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:26 PM) (Source: crypt32) (User: )

    Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:20 PM) (Source: crypt32) (User: )

    Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:17 PM) (Source: crypt32) (User: )

    Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:17 PM) (Source: crypt32) (User: )

    Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:13:45 PM) (Source: Application Hang) (User: )

    Description: Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.





    System errors:

    =============

    Error: (06/09/2013 00:08:20 AM) (Source: W32Time) (User: )

    Description: The time provider NtpClient is configured to acquire time from one or more

    time sources, however none of the sources are currently accessible.

    No attempt to contact a source will be made for 120 minutes.

    NtpClient has no source of accurate time.



    Error: (06/09/2013 00:08:20 AM) (Source: W32Time) (User: )

    Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually

    configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 120

    minutes.

    The error was: A socket operation was attempted to an unreachable host. (0x80072751)



    Error: (06/08/2013 11:08:20 PM) (Source: W32Time) (User: )

    Description: The time provider NtpClient is configured to acquire time from one or more

    time sources, however none of the sources are currently accessible.

    No attempt to contact a source will be made for 60 minutes.

    NtpClient has no source of accurate time.



    Error: (06/08/2013 11:08:20 PM) (Source: W32Time) (User: )

    Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually

    configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 60

    minutes.

    The error was: A socket operation was attempted to an unreachable host. (0x80072751)



    Error: (06/08/2013 10:38:20 PM) (Source: W32Time) (User: )

    Description: The time provider NtpClient is configured to acquire time from one or more

    time sources, however none of the sources are currently accessible.

    No attempt to contact a source will be made for 30 minutes.

    NtpClient has no source of accurate time.



    Error: (06/08/2013 10:38:20 PM) (Source: W32Time) (User: )

    Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually

    configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 30

    minutes.

    The error was: A socket operation was attempted to an unreachable host. (0x80072751)



    Error: (06/08/2013 10:23:20 PM) (Source: W32Time) (User: )

    Description: The time provider NtpClient is configured to acquire time from one or more

    time sources, however none of the sources are currently accessible.

    No attempt to contact a source will be made for 14 minutes.

    NtpClient has no source of accurate time.



    Error: (06/08/2013 10:23:20 PM) (Source: W32Time) (User: )

    Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually

    configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15

    minutes.

    The error was: A socket operation was attempted to an unreachable host. (0x80072751)



    Error: (06/08/2013 08:05:35 AM) (Source: Service Control Manager) (User: )

    Description: The BrowserProtect service failed to start due to the following error:

    %%2



    Error: (06/07/2013 08:33:29 PM) (Source: Service Control Manager) (User: )

    Description: The BrowserProtect service failed to start due to the following error:

    %%2





    Microsoft Office Sessions:

    =========================

    Error: (06/08/2013 09:00:29 PM) (Source: MPSampleSubmission)(User: )

    Description: mptelemetry8024402cendsearchsearch1.1.1593.0mpsigdwn.dll1.1.1593.0windows defenderNILNILNIL



    Error: (06/08/2013 08:51:46 AM) (Source: MPSampleSubmission)(User: )

    Description: mptelemetry8024402cendsearchsearch1.1.1593.0mpsigdwn.dll1.1.1593.0windows defenderNILNILNIL



    Error: (06/07/2013 04:27:27 PM) (Source: .NET Runtime 2.0 Error Reporting)(User: )

    Description: clr20r3updaterservice.exe1.0.0.0511e08eaupdaterservice1.0.0.0511e08ea250system.overflowexceptionNIL



    Error: (06/07/2013 04:24:27 PM) (Source: crypt32)(User: )

    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:27 PM) (Source: crypt32)(User: )

    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:26 PM) (Source: crypt32)(User: )

    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:20 PM) (Source: crypt32)(User: )

    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:17 PM) (Source: crypt32)(User: )

    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:24:17 PM) (Source: crypt32)(User: )

    Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.



    Error: (06/07/2013 04:13:45 PM) (Source: Application Hang)(User: )

    Description: explorer.exe6.0.2900.5512hungapp0.0.0.000000000

Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.