Jump to content

donpedro

Members
 View Profile  See their activity

  • Posts

    6

  • Joined

  • Last visited

 Content Type 

Everything posted by donpedro

  1. donpedro
    Hi TwinHeadedEagle, it is still running bogged down, thank you for your help, I am going to retry after the holidays.
  2. donpedro
    I ran check disk and rebooted the computer, however I was working last night and my roomate used my computer to search the web while I was out. Do I need to re-scan or start where we left off?Thanks for your help.
  3. donpedro
    I did not find wininit in the filter options for application or System, I also did not find wininit in the right column source for either Application or System.
  4. donpedro
    TwinHeadedEagle, When I pulled up the Event Viewer my options in the left panel are Application, Security, System, ACEEventLog, Internet Explorer. I am running Windows XP with Service Pack 3, could this bring up different options?
  5. donpedro
    Hi TwinHeadedEagle, Thanks for your help, i really appreciate you for taking the time to get things back on track. I have attached copies of the Farbar Recovery Scan Logs. I look forward to working with you.FRST.txtAddition.txt DonPedro
  6. donpedro
    MY computer has been booting up very slowly and running sluggish, twice now it has sht down while running MAlwarebytes scans. Here are the log fies from Farbar Recovery Scan Tool Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-12-2015 Ran by Mike (administrator) on MIKE-2EF073BDC0 (17-12-2015 07:44:41) Running from C:\Documents and Settings\Mike\My Documents\Downloads Loaded Profiles: Mike (Available Profiles: Mike & VIsitor & Administrator) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe () C:\WINDOWS\system32\WLTRYSVC.EXE (Dell Inc.) C:\WINDOWS\system32\BCMWLTRY.EXE (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Google Inc.) C:\Program Files\Google\Update\1.3.29.1\GoogleCrashHandler.exe (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Dell Inc.) C:\WINDOWS\system32\WLTRAY.EXE (CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [broadcom Wireless Manager UI] => C:\WINDOWS\system32\WLTRAY.exe [1392640 2007-03-16] (Dell Inc.) HKLM\...\Run: [ATICCC] => C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe [90112 2006-05-10] () HKLM\...\Run: [] => [X] HKLM\...\Run: [PDVDDXSrv] => C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128296 2008-02-26] (CyberLink Corp.) HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2014-10-02] (Apple Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-04-06] (Apple Inc.) Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2006-10-11] (ATI Technologies Inc.) HKU\S-1-5-21-1004336348-583907252-839522115-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6495144 2015-09-16] (Piriform Ltd) HKU\S-1-5-21-1004336348-583907252-839522115-1003\...\MountPoints2: {466ed869-b00f-11e4-b087-001d09bd485d} - G:\Windows\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A01B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B} HKU\S-1-5-21-1004336348-583907252-839522115-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssmypics.scr [47104 2008-04-14] (Microsoft Corporation) HKU\S-1-5-18\...\Run: [Advanced SystemCare 8] => "C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File BootExecute: autocheck autochk * sdnclean.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.) Hosts: 127.0.0.1 localhost Tcpip\Parameters: [DhcpNameServer] 192.168.254.251 Tcpip\..\Interfaces\{06EE9A68-EC57-4525-9570-8BEF2FF64527}: [DhcpNameServer] 192.168.254.251 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-1004336348-583907252-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie HKU\S-1-5-21-1004336348-583907252-839522115-1003\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie URLSearchHook: HKU\S-1-5-21-1004336348-583907252-839522115-1003 - (No Name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No File SearchScopes: HKU\S-1-5-21-1004336348-583907252-839522115-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear BHO: No Name -> {03EB0E9C-7A91-4381-A220-9B52B641CDB1} -> No File BHO: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2014-10-17] (IObit) Toolbar: HKLM - No Name - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No File Toolbar: HKLM - No Name - {10921475-03CE-4E04-90CE-E2E7EF20C814} - No File DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1406338630405 Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation) Handler: skype-ie-addon-data - No CLSID Value - FireFox: ======== FF ProfilePath: C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\piynwcto.default-1426165856265 FF DefaultSearchEngine.US: DuckDuckGo FF Homepage: hxxp://www.adventure-journal.com/ FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-08] () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-11-08] (Tracker Software Products (Canada) Ltd.) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-11-08] (Tracker Software Products (Canada) Ltd.) FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin HKU\S-1-5-21-1004336348-583907252-839522115-1003: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-11-08] (Tracker Software Products (Canada) Ltd.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2013-11-08] (Tracker Software Products (Canada) Ltd.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-01-27] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-01-27] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-01-27] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-01-27] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-01-27] (Apple Inc.) FF Extension: NoScript - C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\piynwcto.default-1426165856265\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-12-10] FF Extension: HTTPS-Everywhere - C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\piynwcto.default-1426165856265\extensions\https-everywhere@eff.org [2015-12-10] FF Extension: Adblock Plus - C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\piynwcto.default-1426165856265\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-15] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-11-06] [not signed] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-11-06] [not signed] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-03-29] [not signed] FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-04-03] Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Profile: C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-14] CHR Extension: (Google Drive) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-14] CHR Extension: (Adblock Plus) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-30] CHR Extension: (Google Search) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-01] CHR Extension: (Bookmark Manager) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-29] CHR Extension: (Avast Online Security) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-18] CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-25] CHR Extension: (Google Wallet) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-18] CHR Extension: (Gmail) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-01] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S3 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.) R2 wltrysvc; C:\WINDOWS\System32\bcmwltry.exe [1253376 2007-03-16] (Dell Inc.) [File not signed] ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdide; C:\WINDOWS\System32\DRIVERS\amdide.sys [11832 2015-01-24] (Advanced Micro Devices Inc.) R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [36864 2006-07-01] (Advanced Micro Devices) R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [2696448 2015-01-24] (Broadcom Corporation) S0 cercsr6; C:\WINDOWS\system32\Drivers\cercsr6.sys [39904 2005-03-21] (Adaptec, Inc.) [File not signed] S3 HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [263040 2004-08-04] () [File not signed] R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [23840 2015-01-24] (REALiX) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [170200 2015-12-17] (Malwarebytes) S3 RT-USB; C:\WINDOWS\System32\drivers\RT-USB.SYS [59464 2010-06-16] (Ross-Tech LLC) R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1222840 2007-05-10] (SigmaTel, Inc.) S4 IntelIde; no ImagePath U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) U1 WS2IFSL; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-12-17 07:43 - 2015-12-17 07:44 - 00000000 ___DC C:\FRST 2015-12-16 21:37 - 2015-12-16 21:37 - 00000000 ___DC C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla 2015-12-16 21:37 - 2015-12-16 21:37 - 00000000 ___DC C:\Documents and Settings\Administrator\Application Data\Mozilla 2015-12-16 21:31 - 2015-12-16 21:38 - 00114042 ____C C:\WINDOWS\ntbtlog.txt 2015-12-16 21:02 - 2015-12-10 13:20 - 00450613 ___RC C:\WINDOWS\system32\Drivers\etc\hosts.20151216-210144.backup 2015-12-15 17:03 - 2015-12-16 21:11 - 00000278 ____C C:\WINDOWS\wininit.ini 2015-12-14 17:28 - 2015-12-14 18:28 - 00000000 __SHD C:\WINDOWS\CSC 2015-12-14 16:53 - 2015-12-17 07:13 - 00170200 ____C (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-12-14 16:52 - 2015-12-15 06:05 - 00002584 ____C C:\Documents and Settings\Mike\Desktop\Rkill.txt 2015-12-14 16:50 - 2015-12-14 16:51 - 00000000 ___DC C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware 2015-12-14 16:50 - 2015-10-05 09:50 - 00121560 ____C (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-12-14 16:50 - 2015-10-05 09:50 - 00023256 ____C (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2015-12-14 16:48 - 2015-12-14 16:50 - 00000000 ___DC C:\Program Files\Malwarebytes Anti-Malware 2015-12-11 12:25 - 2015-12-11 12:25 - 00000000 ___DC C:\Documents and Settings\Default User\Local Settings\Application Data\Temp 2015-12-10 13:20 - 2004-08-04 05:00 - 00000734 ____C C:\WINDOWS\system32\Drivers\etc\hosts.20151210-132015.backup 2015-12-10 08:02 - 2015-12-10 16:35 - 00065536 ____C C:\WINDOWS\system32\config\SpybotSD.evt 2015-12-10 08:01 - 2015-12-16 21:10 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2015-12-10 07:59 - 2015-12-16 21:30 - 00000000 ___DC C:\Program Files\Spybot - Search & Destroy 2 2015-12-10 07:06 - 2015-12-10 07:06 - 00000000 ___DC C:\Documents and Settings\All Users\Start Menu\Programs\Skype 2015-12-10 07:05 - 2015-12-10 07:05 - 00000000 ___DC C:\Program Files\Common Files\Skype 2015-12-06 14:33 - 2009-10-20 09:20 - 00265728 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SET75.tmp 2015-12-06 14:28 - 2015-12-06 14:28 - 00000081 ____C C:\DVDPATH.TXT 2015-12-04 10:54 - 2015-12-04 10:54 - 00079360 ____C C:\Documents and Settings\Mike\My Documents\timesheet5.xls 2015-12-01 10:05 - 2015-12-01 10:05 - 00095578 ____C C:\Documents and Settings\Mike\Desktop\2009Prius_sfo(1).pdf 2015-12-01 10:05 - 2015-12-01 10:05 - 00026113 ____C C:\Documents and Settings\Mike\Desktop\prius service interval.pdf 2015-11-30 14:57 - 2015-11-30 14:57 - 00355720 ____C C:\Documents and Settings\Mike\Desktop\nr_pretest.pdf 2015-11-19 16:34 - 2015-11-30 21:39 - 00031068 ____C C:\Documents and Settings\Mike\My Documents\prius buying.ods 2015-11-19 10:34 - 2015-12-04 10:52 - 00079872 ____C C:\Documents and Settings\Mike\My Documents\timesheet4.xls ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-12-17 07:46 - 2013-09-25 17:48 - 00000000 ___DC C:\Documents and Settings\Mike\Local Settings\Temp 2015-12-17 07:44 - 2013-09-25 11:34 - 00000000 ___DC C:\WINDOWS 2015-12-17 07:40 - 2014-09-12 08:43 - 00000886 ____C C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-17 07:20 - 2015-03-24 14:45 - 00000256 ____C C:\WINDOWS\Tasks\WGASetup.job 2015-12-17 07:11 - 2014-09-12 08:43 - 00000882 ____C C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-12-17 07:10 - 2015-03-24 15:53 - 00000220 ____C C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job 2015-12-17 07:05 - 2013-09-25 17:47 - 00000006 ___HC C:\WINDOWS\Tasks\SA.DAT 2015-12-17 06:00 - 2014-12-19 15:22 - 00000830 ____C C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-12-16 21:37 - 2015-03-24 21:06 - 00000000 ___DC C:\Documents and Settings\Administrator\Local Settings\Temp 2015-12-16 21:30 - 2014-09-11 21:04 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\AVAST Software 2015-12-16 21:29 - 2013-09-26 07:30 - 00458752 ____C C:\WINDOWS\system32\config\ACEEvent.evt 2015-12-16 21:29 - 2013-09-25 17:47 - 00032444 ____C C:\WINDOWS\SchedLgU.Txt 2015-12-15 19:45 - 2013-09-25 17:48 - 00000000 ___DC C:\Documents and Settings\Mike 2015-12-15 19:43 - 2014-12-10 11:16 - 00054272 __SHC C:\Documents and Settings\Mike\My Documents\Thumbs.db 2015-12-11 15:39 - 2013-09-26 10:32 - 00000000 ___DC C:\Program Files\Everything 2015-12-10 07:35 - 2013-09-25 11:34 - 00000000 __HDC C:\WINDOWS\inf 2015-12-10 07:24 - 2015-09-13 05:25 - 00000000 ___DC C:\Documents and Settings\Mike\Application Data\Skype 2015-12-10 07:06 - 2013-09-26 10:38 - 00000000 __RDC C:\Program Files\Skype 2015-12-10 07:04 - 2015-09-13 05:25 - 00000000 ___DC C:\Documents and Settings\Mike\Local Settings\Application Data\Skype 2015-12-10 07:03 - 2013-09-26 10:38 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\Skype 2015-12-08 15:00 - 2015-03-24 15:53 - 00000214 ____C C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job 2015-12-06 15:32 - 2013-10-02 08:24 - 00000000 ___DC C:\Documents and Settings\Mike\Application Data\vlc 2015-12-06 14:37 - 2015-06-18 13:36 - 00000000 ___DC C:\Documents and Settings\Mike\Application Data\dvdcss 2015-12-04 10:55 - 2013-09-25 17:48 - 00000000 __RDC C:\Documents and Settings\Mike\My Documents 2015-12-04 10:53 - 2014-01-03 01:29 - 00000000 ___DC C:\Documents and Settings\Mike\Local Settings\Application Data\CutePDF Writer 2015-12-02 21:01 - 2015-10-03 10:38 - 00000000 ___DC C:\Documents and Settings\Mike\Desktop\foooooood! 2015-12-02 12:21 - 2013-09-26 10:36 - 00000000 ___DC C:\Documents and Settings\All Users\Start Menu\Programs\Picasa 3 2015-11-23 10:06 - 2013-10-06 07:44 - 00002489 ____C C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Word.lnk ==================== Files in the root of some directories ======= 2014-06-20 00:05 - 2014-06-20 00:05 - 0000024 ____C () C:\Documents and Settings\Mike\Application Data\temp.ini 2013-11-17 15:33 - 2015-11-05 10:18 - 0017408 ____C () C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x86) Version:17-12-2015 Ran by Mike (2015-12-17 07:47:00) Running from C:\Documents and Settings\Mike\My Documents\Downloads Microsoft Windows XP Professional Service Pack 3 (X86) (2013-09-26 00:46:12) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1004336348-583907252-839522115-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator ASPNET (S-1-5-21-1004336348-583907252-839522115-1005 - Limited - Enabled) Guest (S-1-5-21-1004336348-583907252-839522115-501 - Limited - Disabled) HelpAssistant (S-1-5-21-1004336348-583907252-839522115-1000 - Limited - Disabled) Mike (S-1-5-21-1004336348-583907252-839522115-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Mike SUPPORT_388945a0 (S-1-5-21-1004336348-583907252-839522115-1002 - Limited - Disabled) VIsitor (S-1-5-21-1004336348-583907252-839522115-1004 - Limited - Enabled) => %SystemDrive%\Documents and Settings\VIsitor ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated) AMD Processor Driver (HKLM\...\{C151CE54-E7EA-4804-854B-F515368B0798}) (Version: 1.3.2. - ) Apple Application Support (32-bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1016 - ) ATI Catalyst Control Center (HKLM\...\{EF40BAC3-372B-46F4-A32D-B37CF4217CE7}) (Version: 1.2.2475.36837 - ) ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.31-061011a-053721C-Dell - ) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) Broadcom 440x 10/100 Integrated Controller (HKLM\...\{612B9183-67A9-4B44-9877-2F059E35B86A}) (Version: 10.04.01 - Broadcom Corporation) Broadcom Driver Installation Program (HKLM\...\{153F839F-0A63-41D8-890F-7324C0E13743}) (Version: 5.60.18.9 - Broadcom) Broadcom Management Programs (HKLM\...\{C99C0593-3B48-41D9-B42F-6E035B320449}) (Version: 10.15.03 - Broadcom Corporation) CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform) CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - CutePDF.com) Dell Wireless WLAN Card (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.100.15.8 - Dell Inc.) Everything 1.2.1.371 (HKLM\...\Everything) (Version: - ) Google Chrome (HKLM\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.) Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden Handset USB Driver (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2088.1.A01B06 - ) High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation) Image Resizer Powertoy for Windows XP (HKLM\...\{1CB92574-96F2-467B-B793-5CEB35C40C29}) (Version: 1.00.0001 - Microsoft Corporation) IObit Apps Toolbar v9.6 (HKLM\...\{4A2F13C3-F5C2-416B-AB75-68EAA4A5BC66}) (Version: 9.6 - Spigot, Inc.) <==== ATTENTION iTunes (HKLM\...\{CE1F04C7-79BC-4219-BE6A-BA490224D4B5}) (Version: 12.1.2.27 - Apple Inc.) LibreOffice 4.3.4.1 (HKLM\...\{7D983A32-F645-48AB-8E38-4ACD234F40BC}) (Version: 4.3.4.1 - The Document Foundation) Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office XP Professional with FrontPage (HKLM\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.01 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Windows XP Video Decoder Checkup Utility (HKLM\...\DECCHECK) (Version: - ) Microsoft WinUsb 2.0 (HKLM\...\winusb0200) (Version: - Microsoft Corporation) Mozilla Firefox 42.0 (x86 en-US) (HKLM\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla) Notepad++ (HKLM\...\Notepad++) (Version: 6.4.5 - Notepad++ Team) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.213.1 - Tracker Software Products Ltd) Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.) PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.0 - Dell) QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5210.0 - SigmaTel) Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.) Skype™ 7.16 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.16.102 - Skype Technologies S.A.) VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden VCDS Release 12.12.2 (HKLM\...\VCDS Release 12.12) (Version: 12.12.2 - Ross-Tech) Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04) (HKLM\...\4569969E1360D2854474C661EF9B4D54F143EB16) (Version: 11/14/2006 6.00.01.04 - Ricoh Company) Windows Driver Package - Ross-Tech USB Driver Package (06/16/2010 2.06.02) (HKLM\...\B4DFFB06B716298277125094C48185BFE8B5A7E1) (Version: 06/16/2010 2.06.02 - Ross-Tech) Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation) Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation) Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation) ZTE Handset USB Driver (HKLM\...\{01D42BF0-ED08-463f-8A28-99EB6FEE962B}) (Version: - ZTE Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 21-12-2014 21:02:24 System Checkpoint 22-12-2014 21:09:00 System Checkpoint 24-12-2014 13:03:02 System Checkpoint 25-12-2014 14:14:23 System Checkpoint 26-12-2014 14:21:27 System Checkpoint 28-12-2014 16:45:21 System Checkpoint 29-12-2014 23:59:56 System Checkpoint 01-01-2015 18:53:05 System Checkpoint 03-01-2015 18:26:05 System Checkpoint 13-01-2015 11:38:16 System Checkpoint 15-01-2015 09:04:54 System Checkpoint 16-01-2015 09:58:46 System Checkpoint 17-01-2015 18:47:30 System Checkpoint 18-01-2015 19:33:37 System Checkpoint 19-01-2015 19:39:54 System Checkpoint 20-01-2015 22:44:31 System Checkpoint 21-01-2015 23:30:29 System Checkpoint 23-01-2015 12:23:23 System Checkpoint 24-01-2015 08:35:43 Driver Booster : Adobe Flash Player ActiveX 25-01-2015 17:10:11 System Checkpoint 27-01-2015 16:23:38 System Checkpoint 28-01-2015 17:55:21 System Checkpoint 29-01-2015 20:53:02 System Checkpoint 31-01-2015 00:24:40 System Checkpoint 01-02-2015 00:41:27 System Checkpoint 02-02-2015 12:02:04 System Checkpoint 03-02-2015 17:33:00 System Checkpoint 05-02-2015 11:20:30 System Checkpoint 06-02-2015 17:18:50 System Checkpoint 08-02-2015 14:34:28 System Checkpoint 08-02-2015 21:18:43 Installed Windows XP winusb0200. 09-02-2015 21:57:17 System Checkpoint 11-02-2015 16:08:47 avast! antivirus system restore point 11-02-2015 16:38:17 avast! antivirus system restore point 12-02-2015 16:52:24 System Checkpoint 13-02-2015 17:03:20 System Checkpoint 14-02-2015 20:31:01 System Checkpoint 15-02-2015 22:18:23 System Checkpoint 17-02-2015 09:56:37 System Checkpoint 18-02-2015 11:17:49 System Checkpoint 19-02-2015 11:36:20 System Checkpoint 20-02-2015 11:40:47 System Checkpoint 21-02-2015 13:50:49 System Checkpoint 22-02-2015 16:03:09 System Checkpoint 23-02-2015 16:23:01 System Checkpoint 24-02-2015 17:28:39 System Checkpoint 05-03-2015 06:51:52 System Checkpoint 06-03-2015 06:53:05 System Checkpoint 07-03-2015 07:28:34 System Checkpoint 08-03-2015 10:35:57 System Checkpoint 09-03-2015 13:42:19 System Checkpoint 10-03-2015 14:14:22 System Checkpoint 11-03-2015 20:39:53 IObit Uninstaller restore point 13-03-2015 05:53:31 System Checkpoint 15-03-2015 10:44:48 System Checkpoint 16-03-2015 11:15:59 System Checkpoint 17-03-2015 13:46:48 System Checkpoint 18-03-2015 15:27:44 System Checkpoint 19-03-2015 15:53:14 System Checkpoint 20-03-2015 17:56:41 System Checkpoint 21-03-2015 19:37:54 System Checkpoint 22-03-2015 20:10:17 System Checkpoint 24-03-2015 10:35:03 Installed Windows XP Service Pack 3. 24-03-2015 12:10:23 Software Distribution Service 3.0 24-03-2015 12:48:08 Removed Evernote v. 5.6.4 24-03-2015 13:44:20 Software Distribution Service 3.0 25-03-2015 07:00:30 Software Distribution Service 3.0 26-03-2015 07:00:21 Software Distribution Service 3.0 27-03-2015 07:00:19 Software Distribution Service 3.0 27-03-2015 07:36:19 Software Distribution Service 3.0 28-03-2015 08:20:44 System Checkpoint 29-03-2015 16:25:52 System Checkpoint 29-03-2015 22:08:46 Software Distribution Service 3.0 30-03-2015 07:00:20 Software Distribution Service 3.0 30-03-2015 10:46:35 Software Distribution Service 3.0 30-03-2015 21:42:50 Software Distribution Service 3.0 31-03-2015 08:28:43 Software Distribution Service 3.0 31-03-2015 09:53:21 Software Distribution Service 3.0 01-04-2015 19:24:26 Software Distribution Service 3.0 02-04-2015 05:38:27 Software Distribution Service 3.0 02-04-2015 19:24:12 Software Distribution Service 3.0 02-04-2015 20:17:03 Software Distribution Service 3.0 03-04-2015 05:40:45 Software Distribution Service 3.0 03-04-2015 22:26:03 Software Distribution Service 3.0 04-04-2015 11:46:25 Software Distribution Service 3.0 05-04-2015 07:00:18 Software Distribution Service 3.0 06-04-2015 07:00:18 Software Distribution Service 3.0 06-04-2015 20:21:28 Software Distribution Service 3.0 07-04-2015 07:00:19 Software Distribution Service 3.0 08-04-2015 07:00:19 Software Distribution Service 3.0 08-04-2015 20:14:12 Software Distribution Service 3.0 09-04-2015 23:07:15 Software Distribution Service 3.0 10-04-2015 07:00:19 Software Distribution Service 3.0 10-04-2015 11:41:05 Software Distribution Service 3.0 11-04-2015 20:17:28 Software Distribution Service 3.0 12-04-2015 07:00:18 Software Distribution Service 3.0 13-04-2015 07:00:19 Software Distribution Service 3.0 13-04-2015 17:21:53 Software Distribution Service 3.0 14-04-2015 17:26:14 System Checkpoint 14-04-2015 17:37:51 Software Distribution Service 3.0 15-04-2015 15:21:31 Software Distribution Service 3.0 16-04-2015 07:00:27 Software Distribution Service 3.0 16-04-2015 12:30:11 Software Distribution Service 3.0 16-04-2015 21:27:28 Software Distribution Service 3.0 17-04-2015 07:45:00 Software Distribution Service 3.0 17-04-2015 17:27:04 Software Distribution Service 3.0 18-04-2015 07:00:18 Software Distribution Service 3.0 18-04-2015 17:35:25 Software Distribution Service 3.0 19-04-2015 16:35:17 Software Distribution Service 3.0 20-04-2015 14:57:30 Software Distribution Service 3.0 21-04-2015 15:15:40 Software Distribution Service 3.0 21-04-2015 17:35:12 Software Distribution Service 3.0 22-04-2015 13:45:40 Software Distribution Service 3.0 22-04-2015 16:41:25 Software Distribution Service 3.0 23-04-2015 07:29:28 Software Distribution Service 3.0 23-04-2015 20:56:34 Software Distribution Service 3.0 24-04-2015 07:00:19 Software Distribution Service 3.0 25-04-2015 09:40:43 System Checkpoint 26-04-2015 11:27:02 System Checkpoint 27-04-2015 11:32:10 System Checkpoint 28-04-2015 14:45:08 System Checkpoint 29-04-2015 15:06:01 System Checkpoint 30-04-2015 20:32:23 System Checkpoint 02-05-2015 10:10:43 System Checkpoint 06-05-2015 13:25:45 System Checkpoint 10-05-2015 08:42:30 System Checkpoint 11-05-2015 09:43:32 System Checkpoint 12-05-2015 13:44:38 System Checkpoint 14-05-2015 07:33:50 System Checkpoint 16-05-2015 17:15:49 System Checkpoint 18-05-2015 16:51:06 System Checkpoint 19-05-2015 17:07:48 System Checkpoint 21-05-2015 17:02:29 System Checkpoint 23-05-2015 15:39:57 System Checkpoint 24-05-2015 16:28:41 System Checkpoint 25-05-2015 16:47:31 System Checkpoint 26-05-2015 17:15:15 System Checkpoint 29-05-2015 11:22:25 System Checkpoint 30-05-2015 16:55:12 System Checkpoint 31-05-2015 19:13:33 System Checkpoint 01-06-2015 19:17:54 System Checkpoint 02-06-2015 19:45:46 System Checkpoint 03-06-2015 21:19:29 System Checkpoint 05-06-2015 13:04:37 System Checkpoint 07-06-2015 05:08:13 System Checkpoint 08-06-2015 05:23:15 System Checkpoint 09-06-2015 05:52:51 System Checkpoint 10-06-2015 06:02:01 System Checkpoint 11-06-2015 10:19:52 System Checkpoint 12-06-2015 10:50:55 System Checkpoint 14-06-2015 16:56:22 System Checkpoint 16-06-2015 11:57:42 System Checkpoint 17-06-2015 13:09:24 System Checkpoint 18-06-2015 14:20:26 Uniblue PC Mechanic installation 19-06-2015 17:03:19 System Checkpoint 21-06-2015 10:15:11 System Checkpoint 22-06-2015 11:09:43 System Checkpoint 24-06-2015 10:29:05 System Checkpoint 25-06-2015 11:34:39 System Checkpoint 26-06-2015 11:36:08 System Checkpoint 27-06-2015 19:19:21 System Checkpoint 29-06-2015 08:29:46 System Checkpoint 30-06-2015 11:08:22 System Checkpoint 01-07-2015 11:30:13 System Checkpoint 02-07-2015 11:34:34 System Checkpoint 03-07-2015 11:38:11 System Checkpoint 07-07-2015 16:49:10 System Checkpoint 08-07-2015 17:21:17 System Checkpoint 09-07-2015 18:15:11 System Checkpoint 10-07-2015 19:33:28 System Checkpoint 11-07-2015 19:46:14 System Checkpoint 12-07-2015 20:01:17 System Checkpoint 14-07-2015 08:40:32 System Checkpoint 16-07-2015 05:49:55 System Checkpoint 18-07-2015 19:19:07 System Checkpoint 23-07-2015 21:21:04 System Checkpoint 25-07-2015 17:18:07 System Checkpoint 26-07-2015 18:14:21 System Checkpoint 05-08-2015 12:14:41 System Checkpoint 06-08-2015 12:44:10 System Checkpoint 07-08-2015 20:10:43 System Checkpoint 12-08-2015 09:13:16 System Checkpoint 13-08-2015 11:10:32 System Checkpoint 15-08-2015 05:26:33 System Checkpoint 31-08-2015 08:46:01 System Checkpoint 01-09-2015 14:09:04 System Checkpoint 02-09-2015 16:05:20 System Checkpoint 03-09-2015 16:54:29 System Checkpoint 04-09-2015 17:03:19 System Checkpoint 05-09-2015 17:51:22 System Checkpoint 06-09-2015 18:35:20 System Checkpoint 07-09-2015 21:48:10 System Checkpoint 08-09-2015 22:19:04 System Checkpoint 09-09-2015 22:53:28 System Checkpoint 11-09-2015 15:22:17 System Checkpoint 12-09-2015 17:31:49 System Checkpoint 13-09-2015 04:45:04 avast! antivirus system restore point 13-09-2015 04:53:10 Installed Windows XP Wdf01009. 14-09-2015 04:57:15 System Checkpoint 15-09-2015 09:42:47 System Checkpoint 16-09-2015 10:09:49 System Checkpoint 17-09-2015 10:31:13 System Checkpoint 18-09-2015 10:56:00 System Checkpoint 19-09-2015 18:34:59 System Checkpoint 20-09-2015 18:53:55 System Checkpoint 22-09-2015 12:21:40 System Checkpoint 23-09-2015 13:08:28 System Checkpoint 24-09-2015 20:10:06 System Checkpoint 26-09-2015 07:54:24 System Checkpoint 27-09-2015 16:44:38 System Checkpoint 29-09-2015 16:42:43 System Checkpoint 30-09-2015 20:17:20 System Checkpoint 01-10-2015 23:18:07 System Checkpoint 03-10-2015 11:45:46 System Checkpoint 04-10-2015 12:59:28 System Checkpoint 05-10-2015 13:09:45 System Checkpoint 06-10-2015 13:12:24 System Checkpoint 07-10-2015 13:52:21 System Checkpoint 08-10-2015 16:17:48 System Checkpoint 09-10-2015 17:47:01 System Checkpoint 10-10-2015 18:18:55 System Checkpoint 11-10-2015 19:04:28 System Checkpoint 12-10-2015 19:53:04 System Checkpoint 14-10-2015 11:33:10 System Checkpoint 15-10-2015 18:21:19 System Checkpoint 17-10-2015 11:03:22 System Checkpoint 21-10-2015 12:13:01 System Checkpoint 22-10-2015 08:38:08 avast! antivirus system restore point 22-10-2015 08:42:27 Installed Windows XP Wdf01009. 23-10-2015 19:40:34 System Checkpoint 26-10-2015 06:34:04 System Checkpoint 27-10-2015 10:50:31 System Checkpoint 28-10-2015 11:04:56 System Checkpoint 30-10-2015 11:01:20 System Checkpoint 31-10-2015 15:59:27 System Checkpoint 01-11-2015 16:28:00 System Checkpoint 02-11-2015 16:45:20 System Checkpoint 03-11-2015 18:38:27 System Checkpoint 04-11-2015 19:15:55 System Checkpoint 05-11-2015 20:10:49 System Checkpoint 06-11-2015 20:33:49 System Checkpoint 08-11-2015 19:50:11 System Checkpoint 09-11-2015 21:55:58 System Checkpoint 10-11-2015 22:14:04 System Checkpoint 11-11-2015 23:23:26 System Checkpoint 13-11-2015 06:30:22 System Checkpoint 14-11-2015 06:54:42 System Checkpoint 15-11-2015 12:29:32 System Checkpoint 17-11-2015 11:32:40 System Checkpoint 18-11-2015 11:45:58 System Checkpoint 19-11-2015 12:23:48 System Checkpoint 20-11-2015 13:39:11 System Checkpoint 21-11-2015 13:58:34 System Checkpoint 22-11-2015 14:35:09 System Checkpoint 24-11-2015 08:50:33 System Checkpoint 25-11-2015 19:32:28 System Checkpoint 27-11-2015 08:16:32 System Checkpoint 28-11-2015 09:04:01 System Checkpoint 29-11-2015 22:40:17 System Checkpoint 01-12-2015 21:28:29 System Checkpoint 02-12-2015 21:53:27 System Checkpoint 03-12-2015 22:50:20 System Checkpoint 04-12-2015 23:24:02 System Checkpoint 06-12-2015 16:51:50 System Checkpoint 07-12-2015 19:33:54 avast! antivirus system restore point 07-12-2015 19:48:04 Installed Windows XP Wdf01009. 09-12-2015 07:59:40 System Checkpoint 10-12-2015 07:22:15 Software Distribution Service 3.0 10-12-2015 14:47:56 Software Distribution Service 3.0 11-12-2015 15:55:27 System Checkpoint 14-12-2015 20:40:36 System Checkpoint 15-12-2015 19:48:43 TrueCrypt uninstallation 16-12-2015 21:14:20 avast! antivirus system restore point ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2004-08-04 05:00 - 2015-12-16 21:02 - 00000842 ___RC C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe Task: C:\WINDOWS\Tasks\WGASetup.job => C:\WINDOWS\system32\KB905474\wgasetup.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2013-09-25 18:10 - 2007-03-16 16:10 - 00020480 ____C () C:\WINDOWS\System32\WLTRYSVC.EXE 2013-09-25 18:10 - 2007-03-16 16:10 - 00757760 ____C () C:\WINDOWS\System32\bcm1xsup.dll 2013-09-26 10:19 - 2012-10-04 17:50 - 00088688 ____C () C:\WINDOWS\system32\cpwmon2k.dll 2014-01-19 19:17 - 2014-01-19 19:17 - 00073544 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-03-20 17:12 - 2015-03-20 17:12 - 01044776 ____C () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2012-06-18 08:24 - 2012-06-18 08:24 - 00260096 ____C () C:\Program Files\Notepad++\NppShell_05.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\WINDOWS\system32\autochk.exe:BAK ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\S-1-5-21-1004336348-583907252-839522115-1003\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-1004336348-583907252-839522115-1003\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-1004336348-583907252-839522115-1003\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-1004336348-583907252-839522115-1003\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-1004336348-583907252-839522115-1003\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-1004336348-583907252-839522115-1003\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-1004336348-583907252-839522115-1003\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-1004336348-583907252-839522115-1003\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-1004336348-583907252-839522115-1003\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-1004336348-583907252-839522115-1003\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-1004336348-583907252-839522115-1003\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-1004336348-583907252-839522115-1003\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-1004336348-583907252-839522115-1003\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-1004336348-583907252-839522115-1003\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-1004336348-583907252-839522115-1003\...\101hotteens.com -> 101hotteens.com IE restricted site: HKU\S-1-5-21-1004336348-583907252-839522115-1003\...\101lottery.com -> 101lottery.com IE restricted site: HKU\S-1-5-21-1004336348-583907252-839522115-1003\...\123expressview.com -> 123expressview.com IE restricted site: HKU\S-1-5-21-1004336348-583907252-839522115-1003\...\123found.com -> 123found.com IE restricted site: HKU\S-1-5-21-1004336348-583907252-839522115-1003\...\123keno.com -> 123keno.com IE restricted site: HKU\S-1-5-21-1004336348-583907252-839522115-1003\...\12don.info -> 12don.info There are 3519 more sites. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1004336348-583907252-839522115-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Desktop Background.bmp DNS Servers: 192.168.254.251 Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) DomainProfile\AuthorizedApplications: [C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe] => Enabled:CyberLink PowerDVD DX DomainProfile\AuthorizedApplications: [C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe] => Enabled:CyberLink PowerDVD DX Resident Program StandardProfile\AuthorizedApplications: [C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe] => Enabled:CyberLink PowerDVD DX StandardProfile\AuthorizedApplications: [C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe] => Enabled:CyberLink PowerDVD DX Resident Program StandardProfile\AuthorizedApplications: [C:\Program Files\Bonjour\mDNSResponder.exe] => Enabled:Bonjour Service StandardProfile\AuthorizedApplications: [C:\Program Files\MediaMonkey\MediaMonkey.exe] => Enabled:MediaMonkey StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome StandardProfile\AuthorizedApplications: [C:\Program Files\LibreOffice 4\program\soffice.bin] => Enabled:LibreOffice StandardProfile\AuthorizedApplications: [C:\Program Files\Evernote\Evernote\Evernote.exe] => Enabled:Evernote StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Mike\Application Data\Spotify\spotify.exe] => Enabled:Spotify StandardProfile\AuthorizedApplications: [C:\Program Files\iTunes\iTunes.exe] => Enabled:iTunes StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:'Firefox' (C:\Program Files\Mozilla Firefox) StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Phone\Skype.exe] => Enabled:Skype ==================== Faulty Device Manager Devices ============= Name: Modem Device on High Definition Audio Bus Description: Modem Device on High Definition Audio Bus Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (12/15/2015 07:55:50 PM) (Source: MsiInstaller) (EventID: 10005) (User: MIKE-2EF073BDC0) Description: Product: Google Earth -- Error 2318.File does not exist: C:\Program Files\Google\Google Earth\plugin\shaders\stleafmesh.cfg. Error: (12/15/2015 07:55:13 PM) (Source: MsiInstaller) (EventID: 10005) (User: MIKE-2EF073BDC0) Description: Product: Google Earth -- Error 2318.File does not exist: C:\Program Files\Google\Google Earth\plugin\shaders\stleafmesh.cfg. Error: (12/15/2015 06:05:00 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application iexplore.exe, version 2.8.3.0, faulting module iexplore.exe, version 2.8.3.0, fault address 0x00066c45. Processing media-specific event for [iexplore.exe!ws!] Error: (12/14/2015 09:20:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application iexplore.exe, version 2.8.3.0, faulting module iexplore.exe, version 2.8.3.0, fault address 0x00066c45. Processing media-specific event for [iexplore.exe!ws!] Error: (12/14/2015 09:14:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application rkill.exe, version 2.8.3.0, faulting module rkill.exe, version 2.8.3.0, fault address 0x00066c45. Processing media-specific event for [rkill.exe!ws!] Error: (12/14/2015 08:06:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application rkill.com, version 2.8.3.0, faulting module rkill.com, version 2.8.3.0, fault address 0x00066c45. Processing media-specific event for [rkill.com!ws!] Error: (12/14/2015 05:03:25 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application rkill.com, version 2.8.3.0, faulting module rkill.com, version 2.8.3.0, fault address 0x00066c45. Processing media-specific event for [rkill.com!ws!] Error: (09/29/2015 07:16:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application plugin-container.exe, version 41.0.0.5738, faulting module mozglue.dll, version 41.0.0.5738, fault address 0x0000ec7e. Processing media-specific event for [plugin-container.exe!ws!] Error: (09/29/2015 07:16:04 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application plugin-container.exe, version 41.0.0.5738, faulting module mozglue.dll, version 41.0.0.5738, fault address 0x0000ec7e. Processing media-specific event for [plugin-container.exe!ws!] Error: (09/26/2015 09:53:13 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application plugin-container.exe, version 41.0.0.5738, faulting module mozglue.dll, version 41.0.0.5738, fault address 0x0000ec7e. Processing media-specific event for [plugin-container.exe!ws!] System errors: ============= Error: (12/17/2015 07:46:58 AM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk0\D Error: (12/17/2015 07:46:33 AM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk0\D Error: (12/17/2015 07:46:30 AM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk0\D Error: (12/17/2015 07:46:27 AM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk0\D Error: (12/17/2015 07:45:47 AM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk0\D Error: (12/17/2015 07:45:45 AM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk0\D Error: (12/17/2015 07:45:42 AM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk0\D Error: (12/17/2015 07:45:40 AM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk0\D Error: (12/17/2015 07:45:38 AM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk0\D Error: (12/17/2015 07:45:36 AM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk0\D ==================== Memory info =========================== Processor: AMD Turion 64 X2 Mobile Technology TL-58 Percentage of memory in use: 56% Total physical RAM: 1917.97 MB Available physical RAM: 832.64 MB Total Virtual: 3811.67 MB Available Virtual: 2859.01 MB ==================== Drives ================================ Drive c: (Mike-Prime) (Fixed) (Total:117.19 GB) (Free:19.06 GB) NTFS ==>[drive with boot components (Windows XP)] Drive d: (Mike-Secondary) (Fixed) (Total:581.45 GB) (Free:453.8 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows XP) (Size: 698.6 GB) (Disk ID: 64FBE474) Partition 1: (Active) - (Size=117.2 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=581.4 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================ Thank you for your help. Donpedro
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.