Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

COMPUTER EXTREMELY SLOW [Closed]


  • This topic is locked This topic is locked

#1
tophd98

tophd98

    New Member

  • Member
  • Pip
  • 9 posts

I have been working on my parents computer for a while trying to figure out why its so slow. When I go to safe mode its operating at the speed it should. So I have issues. I have done all the online scan tools I can find and still it wont clear it up. 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Administrator (administrator) on BFD523B93A494DE on 04-04-2015 10:31:49
Running from C:\Documents and Settings\Administrator.BFD523B93A494DE\Desktop
Loaded Profiles: Administrator (Available profiles: THEODORE & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgchsvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgcsrvx.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [VerizonServicepoint.exe] => C:\Program Files\Verizon\VSP\VerizonServicepoint.exe [4269296 2009-11-18] (Verizon)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1058400 2012-01-26] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [FUFAXRCV] => C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe [502912 2012-02-29] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [FUFAXSTM] => C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe [863360 2012-02-29] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [LTCM Client] => C:\Program Files\LTCM Client\ltcmClient.exe [1596096 2009-08-05] (Leader Technologies Inc.)
Winlogon\Notify\avgrsstarter: C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
HKLM\...\Policies\Explorer: [NoRemoteRecursiveEvents] 1
HKU\S-1-5-20\...\RunOnce: [nlsf] => C:\WINDOWS\System32\syssetup.dll [984576 2006-01-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [tscuninstall] => C:\WINDOWS\system32\tscupgrd.exe [44544 2006-01-12] (Microsoft Corporation)
HKU\S-1-5-20\...\Policies\Explorer: [NoInternetIcon] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-1993962763-1085031214-725345543-500\...\RunOnce: [nlsf] => C:\WINDOWS\System32\syssetup.dll [984576 2006-01-12] (Microsoft Corporation)
HKU\S-1-5-21-1993962763-1085031214-725345543-500\...\RunOnce: [tscuninstall] => C:\WINDOWS\system32\tscupgrd.exe [44544 2006-01-12] (Microsoft Corporation)
HKU\S-1-5-21-1993962763-1085031214-725345543-500\...\RunOnce: [avg_spchecker] => C:\Program Files\AVG\AVG9\Notification\SPChecker1.exe [406856 2013-11-18] ()
HKU\S-1-5-21-1993962763-1085031214-725345543-500\...\Policies\Explorer: [NoInternetIcon] 0
HKU\S-1-5-21-1993962763-1085031214-725345543-500\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1993962763-1085031214-725345543-500\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\RunOnce: [nlsf] => C:\WINDOWS\System32\syssetup.dll [984576 2006-01-12] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [tscuninstall] => C:\WINDOWS\system32\tscupgrd.exe [44544 2006-01-12] (Microsoft Corporation)
HKU\S-1-5-18\...\Policies\Explorer: [NoInternetIcon] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-20\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1993962763-1085031214-725345543-500\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
URLSearchHook: [S-1-5-21-1993962763-1085031214-725345543-500] ATTENTION ==> Default URLSearchHook is missing.
BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-23] (Adobe Systems Incorporated)
BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ->  No File
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} ->  No File
BHO: Verizon Broadband Toolbar -> {A057A204-BACC-4D26-8398-26FADCF27386} -> C:\Program Files\verizon_broad\verizon_broad.dll [2008-05-30] (Verizon Online.                              )
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08] (Skype Technologies S.A.)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKLM - Verizon Broadband Toolbar - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\Program Files\verizon_broad\verizon_broad.dll [2008-05-30] (Verizon Online.                              )
Toolbar: HKLM - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll [2013-11-18] (AVG Technologies CZ, s.r.o.)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.dll [2005-12-06] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2010-05-13] (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.2\ViProtocol.dll [2013-11-22] (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
 
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator.BFD523B93A494DE\Application Data\Mozilla\Firefox\Profiles\1yqzmmmo.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll [2013-05-12] ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\\npsitesafety.dll [2013-11-22] (AVG Technologies)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @radialpoint.com/SPA,version=1 -> C:\Program Files\Verizon\VSP\nprpspa.dll [2009-11-18] (Verizon)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml [2013-11-22]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{8545daff-ad1e-493f-a37e-eed1ac79682b} [2015-03-21]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2015-03-21]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF HKLM\...\Firefox\Extensions: [{3f963a5b-e555-4543-90e2-c3908898db71}] - C:\Program Files\AVG\AVG9\Firefox
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVG\AVG9\Toolbar\Firefox\[email protected]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Documents and Settings\All Users\Application Data\AVG Secure Search\FireFoxExt\17.1.2.1
 
Chrome: 
=======
CHR Profile: C:\Documents and Settings\Administrator.BFD523B93A494DE\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Documents and Settings\Administrator.BFD523B93A494DE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-04]
CHR Extension: (Google Docs) - C:\Documents and Settings\Administrator.BFD523B93A494DE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-04]
CHR Extension: (Google Drive) - C:\Documents and Settings\Administrator.BFD523B93A494DE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-04]
CHR Extension: (YouTube) - C:\Documents and Settings\Administrator.BFD523B93A494DE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-04]
CHR Extension: (Google Search) - C:\Documents and Settings\Administrator.BFD523B93A494DE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-04]
CHR Extension: (Google Sheets) - C:\Documents and Settings\Administrator.BFD523B93A494DE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-04]
CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\Administrator.BFD523B93A494DE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-04]
CHR Extension: (AVG Secure Search) - C:\Documents and Settings\Administrator.BFD523B93A494DE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2015-04-04]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Administrator.BFD523B93A494DE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-04]
CHR Extension: (Gmail) - C:\Documents and Settings\Administrator.BFD523B93A494DE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Documents and Settings\All Users\Application Data\AVG Secure Search\ChromeExt\17.1.2.1\avg.crx [2013-11-22]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S4 AVG Security Toolbar Service; C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe [167264 2011-11-10] ()
S4 avg9emc; C:\Program Files\AVG\AVG9\avgemc.exe [921952 2013-11-18] (AVG Technologies CZ, s.r.o.)
S4 avg9wd; C:\Program Files\AVG\AVG9\avgwdsvc.exe [308136 2013-11-18] (AVG Technologies CZ, s.r.o.)
S2 EpsonCustomerParticipation; C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [539744 2012-05-10] (SEIKO EPSON CORPORATION)
S2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
S2 gupdate1cb00f99893dcf8; C:\Program Files\Google\Update\GoogleUpdate.exe [107912 2014-10-25] (Google Inc.)
S4 ServicepointService; C:\Program Files\Verizon\VSP\ServicepointService.exe [668912 2009-11-18] (Radialpoint Inc.)
S4 sprtsvc_ncnetworksdm; C:\Program Files\NCNETWORKSDM\bin\sprtsvc.exe [206120 2010-06-17] (SupportSoft, Inc.)
S4 tgsrvc_ncnetworksdm; C:\Program Files\NCNETWORKSDM\bin\tgsrvc.exe [185640 2010-06-17] (SupportSoft, Inc.)
S4 vToolbarUpdater17.1.2; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe [1734680 2013-11-22] (AVG Secure Search)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S1 AvgLdx86; C:\WINDOWS\System32\Drivers\avgldx86.sys [226016 2013-11-20] (AVG Technologies CZ, s.r.o.)
S1 AvgMfx86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [29712 2013-11-18] (AVG Technologies CZ, s.r.o.)
R1 AvgTdiX; C:\WINDOWS\System32\Drivers\avgtdix.sys [243152 2013-11-18] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-11-22] (AVG Technologies)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2006-01-06] (Microsoft Corporation)
S3 FilterService; C:\WINDOWS\System32\DRIVERS\lvuvcflt.sys [23832 2009-10-07] (Logitech Inc.)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2009-08-26] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16080 2003-03-09] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2009-08-26] (HP)
S3 LUsbFilt; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [29072 2008-02-29] (Logicool, Inc.)
S3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2006-01-06] (Microsoft Corporation)
S2 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [163644 2006-01-12] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R0 SiSide; C:\WINDOWS\System32\DRIVERS\siside.sys [4096 2003-03-25] (Silicon Integrated Systems Corp.)
R0 sisidex; C:\WINDOWS\System32\drivers\sisidex.sys [49024 2002-10-17] (Windows ® 2000 DDK provider) [File not signed]
R0 sisperf; C:\WINDOWS\System32\drivers\sisperf.sys [9472 2002-08-20] (Silicon Integrated Systems Corp.) [File not signed]
S3 slabbus; C:\WINDOWS\System32\DRIVERS\slabbus.sys [52384 2004-03-11] (MCCI)
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2006-01-06] (Sony Corporation)
R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [360448 2006-01-12] (Microsoft Corporation) [File not signed]
S3 WDM_YAMAHAAC97; C:\WINDOWS\System32\drivers\yacxgc.sys [202880 2002-07-19] (YAMAHA CORPORATION)
S4 IntelIde; No ImagePath
U1 WS2IFSL; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-04 10:25 - 2015-04-04 10:25 - 00058849 _____ () C:\Documents and Settings\Administrator.BFD523B93A494DE\Desktop\fixlist.txt
2015-04-04 10:20 - 2015-04-04 10:21 - 00022991 _____ () C:\Documents and Settings\Administrator.BFD523B93A494DE\Desktop\Addition.txt
2015-04-04 10:19 - 2015-04-04 10:32 - 00015267 _____ () C:\Documents and Settings\Administrator.BFD523B93A494DE\Desktop\FRST.txt
2015-04-04 10:13 - 2015-04-04 10:31 - 00000000 ____D () C:\FRST
2015-04-04 10:13 - 2015-04-04 10:13 - 01135104 _____ (Farbar) C:\Documents and Settings\Administrator.BFD523B93A494DE\Desktop\FRST.exe
2015-04-04 09:27 - 2015-04-04 09:27 - 00000000 ____D () C:\Documents and Settings\Administrator.BFD523B93A494DE\Start Menu\Programs\Google Chrome
2015-04-04 09:26 - 2015-04-04 09:26 - 00000000 __SHD () C:\Documents and Settings\Administrator.BFD523B93A494DE\PrivacIE
2015-04-04 09:26 - 2015-04-04 09:26 - 00000000 ____D () C:\Documents and Settings\Administrator.BFD523B93A494DE\Local Settings\Application Data\Google
2015-04-04 09:22 - 2015-04-04 09:22 - 00016384 _____ () C:\Documents and Settings\THEODORE\Desktop\House rewire Carolyn Walley.xls
2015-04-03 11:40 - 2015-04-03 11:57 - 00016384 _____ () C:\Documents and Settings\THEODORE\My Documents\House rewire Carolyn Walley.xls
2015-03-21 15:06 - 2015-03-21 15:15 - 00016896 _____ () C:\Documents and Settings\THEODORE\Desktop\tennessee golf spring 2015.xls
2015-03-21 14:30 - 2015-03-21 15:05 - 00013824 _____ () C:\Documents and Settings\THEODORE\My Documents\tennessee golf spring 2015.xls
2015-03-21 03:40 - 2015-04-03 09:12 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-07 09:31 - 2015-03-07 09:31 - 00000867 _____ () C:\Documents and Settings\THEODORE\Desktop\Shortcut to CG8257_small contr(1).dotx.lnk
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-04 10:32 - 2012-03-25 09:37 - 00000000 ____D () C:\Documents and Settings\Administrator.BFD523B93A494DE\Local Settings\Temp
2015-04-04 09:27 - 2011-05-01 09:36 - 00001815 _____ () C:\Documents and Settings\Administrator.BFD523B93A494DE\Desktop\Google Chrome.lnk
2015-04-04 09:26 - 2012-03-25 09:37 - 00000000 ____D () C:\Documents and Settings\Administrator.BFD523B93A494DE
2015-04-04 09:24 - 2006-01-12 20:26 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-04-04 09:22 - 2010-03-27 12:08 - 00000000 ____D () C:\Documents and Settings\THEODORE\Local Settings\Temp
2015-04-04 09:18 - 2010-03-27 11:53 - 00000319 _____ () C:\WINDOWS\wiadebug.log
2015-04-04 08:01 - 2010-05-31 15:00 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-04 04:00 - 2010-03-29 10:39 - 00000394 _____ () C:\WINDOWS\Tasks\Norton AntiVirus - THEODORE - Full System Scan.job
2015-04-03 17:01 - 2010-05-31 15:00 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-03 09:14 - 2010-03-27 12:02 - 01928893 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-03 09:13 - 2010-03-27 19:10 - 00000236 _____ () C:\WINDOWS\Tasks\OGALogon.job
2015-04-03 09:13 - 2010-03-27 12:06 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-03 09:13 - 2010-03-27 11:53 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2015-04-03 09:13 - 2010-03-27 11:52 - 00087805 _____ () C:\WINDOWS\system32\nvapps.xml
2015-04-03 09:12 - 2015-01-28 12:09 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2015-04-03 09:12 - 2012-05-08 21:50 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-03 09:12 - 2010-03-27 12:06 - 00032608 _____ () C:\WINDOWS\SchedLgU.Txt
2015-04-03 09:11 - 2010-03-27 12:08 - 00000278 ___SH () C:\Documents and Settings\THEODORE\ntuser.ini
2015-04-03 09:11 - 2010-03-27 12:08 - 00000000 ____D () C:\Documents and Settings\THEODORE
2015-04-03 09:08 - 2010-06-09 13:05 - 00000000 ____D () C:\Documents and Settings\THEODORE\Local Settings\Application Data\Temp
2015-03-21 13:36 - 2013-11-09 06:04 - 00000000 ____D () C:\Documents and Settings\THEODORE\Desktop\Old Firefox Data
2015-03-19 09:26 - 2010-03-27 11:48 - 01361614 _____ () C:\WINDOWS\setupapi.log
2015-03-17 12:06 - 2014-05-18 00:29 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
 
Files to move or delete:
====================
C:\Documents and Settings\THEODORE\hpothb07.dat
 
 
Some content of TEMP:
====================
C:\Documents and Settings\THEODORE\Local Settings\Temp\Bootstrapper.exe
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperARA.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperARU.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperCHS.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperCHT.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperCSY.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperDAN.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperDEU.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperELL.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperENU.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperESN.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperESP.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperFIN.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperFRA.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperHEB.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperHRV.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperHUN.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperITA.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperJPN.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperKOR.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperLOC.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperNLD.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperNOR.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperPLK.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperPTB.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperPTG.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperRUS.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperSKY.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperSLV.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperSVE.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperTHA.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperTRK.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\BootstrapperUKR.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\dotnetfx35setup.exe
C:\Documents and Settings\THEODORE\Local Settings\Temp\dotNetFx40_Client_setup.exe
C:\Documents and Settings\THEODORE\Local Settings\Temp\epurcmainver20.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\FP_PL_PFS_INSTALLER.exe
C:\Documents and Settings\THEODORE\Local Settings\Temp\Garmin.Cartography.DeviceInteraction.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\Garmin.Cartography.MapUpdate.Client.Core.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\GarminMapUpdater.exe
C:\Documents and Settings\THEODORE\Local Settings\Temp\GoogleChromeInstaller.exe
C:\Documents and Settings\THEODORE\Local Settings\Temp\GpsImgWrapper.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\hpzscr01.exe
C:\Documents and Settings\THEODORE\Local Settings\Temp\Ionic.Zip.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\mfc100.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\msvcp100.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\msvcr100.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\usb_lib.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\utt110.tmp.exe
C:\Documents and Settings\THEODORE\Local Settings\Temp\vcoah4cs.dll
C:\Documents and Settings\THEODORE\Local Settings\Temp\zyotw0px.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\explorer.exe
[2006-01-12 20:46] - [2006-01-12 20:46] - 1075200 ____A (Microsoft Corporation) 2deaca71a7fd77205f59d48d76b2f565     
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Administrator at 2015-04-04 10:32:53
Running from C:\Documents and Settings\Administrator.BFD523B93A494DE\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG Anti-Virus Free (Enabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
ABBYY FineReader 9.0 Sprint (HKLM\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.15.58233 - ABBYY)
ABBYY FineReader 9.0 Sprint (Version: 9.00.15.58233 - ABBYY) Hidden
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.7.700.169 - Adobe Systems Incorporated)
Adobe Reader 7.0.5 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A70500000002}) (Version: 7.0.5 - Adobe Systems Incorporated)
Agere Systems AC'97 Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - )
AVG Free 9.0 (HKLM\...\AVG9Uninstall) (Version:  - AVG Technologies)
CP2101 USB to UART Bridge Controller (HKLM\...\SLABCOMM) (Version:  - )
Download Navigator (HKLM\...\{3A3A3B34-6EA2-4031-8580-D66D29533E89}) (Version: 3.4.0 - SEIKO EPSON CORPORATION)
EPSON Connect version 1.0 (HKLM\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{44F72193-F59C-4303-BAE8-E3E4BC1C122C}) (Version: 3.01.0003 - Seiko Epson Corporation)
Epson FAX Utility (HKLM\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.30.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON WF-2530 Series Printer Uninstall (HKLM\...\EPSON WF-2530 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
Google Chrome (HKLM\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
HP Photo and Imaging 2.0 - hp psc 1100 series (HKLM\...\HP PSC 1100 Series) (Version:  - )
HP PSC 1100/1200/1300 series Cartridge Compatibility Utility (HKLM\...\HP PSC Cartridge Compatibility Utility) (Version:  - )
Logitech Vid (HKLM\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.10.1009 - Logitech Inc.)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
LTCM Client (HKLM\...\LTCM Client) (Version:  - Leader Technologies Inc.)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Mozilla Firefox 19.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 19.0.2 (x86 en-US)) (Version: 19.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Skype Toolbars (HKLM\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
Skype™ 4.2 (HKLM\...\{D103C4BA-F905-437A-8049-DB24763BBE36}) (Version: 4.2.169 - Skype Technologies S.A.)
Software Update for Web Folders (Version: 9.60.6715.0 - Microsoft Corporation) Hidden
Spinco Download Manager (HKLM\...\{704C2901-0E9C-4E4B-862B-2001DACA314B}) (Version: 1.0.0 - Spinco)
Verizon Broadband Toolbar (IE only) (HKLM\...\verizon_broad) (Version:  - )
Verizon Broadband Toolbar Firefox only (HKLM\...\Verizon Broadband Toolbar Firefox only) (Version:  - )
Verizon Servicepoint 3.5.10 (HKLM\...\RadialpointClientGateway_is1) (Version: 3.5.10 - Verizon)
VLC media player 1.0.5 (HKLM\...\VLC media player) (Version: 1.0.5 - VideoLAN Team)
Vz In Home Agent (HKLM\...\{68C063CF-FF7D-49F3-AE93-ED0DA0EAE214}) (Version: 7.06.04 - Verizon)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
XML Paper Specification Shared Components Pack 1.0 (Version:  - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
04-01-2015 16:07:26 System Checkpoint
05-01-2015 17:07:28 System Checkpoint
06-01-2015 17:25:14 System Checkpoint
07-01-2015 17:59:02 System Checkpoint
08-01-2015 18:07:30 System Checkpoint
09-01-2015 18:08:33 System Checkpoint
10-01-2015 19:07:30 System Checkpoint
11-01-2015 19:41:16 System Checkpoint
12-01-2015 20:01:44 System Checkpoint
13-01-2015 20:07:29 System Checkpoint
14-01-2015 21:08:33 System Checkpoint
15-01-2015 21:19:56 System Checkpoint
16-01-2015 22:31:54 System Checkpoint
17-01-2015 23:07:27 System Checkpoint
19-01-2015 00:07:29 System Checkpoint
20-01-2015 01:07:31 System Checkpoint
21-01-2015 02:07:32 System Checkpoint
22-01-2015 03:07:31 System Checkpoint
23-01-2015 04:07:31 System Checkpoint
24-01-2015 05:07:32 System Checkpoint
25-01-2015 06:07:31 System Checkpoint
26-01-2015 07:07:27 System Checkpoint
27-01-2015 08:07:31 System Checkpoint
28-01-2015 08:16:01 System Checkpoint
28-01-2015 12:10:10 avast! antivirus system restore point
29-01-2015 13:03:52 System Checkpoint
30-01-2015 14:03:58 System Checkpoint
31-01-2015 15:03:53 System Checkpoint
01-02-2015 15:06:16 System Checkpoint
02-02-2015 15:59:06 System Checkpoint
03-02-2015 16:03:53 System Checkpoint
04-02-2015 16:13:18 System Checkpoint
05-02-2015 16:18:58 System Checkpoint
06-02-2015 17:02:49 System Checkpoint
07-02-2015 17:54:41 System Checkpoint
08-02-2015 18:16:02 System Checkpoint
09-02-2015 18:18:58 System Checkpoint
10-02-2015 19:18:55 System Checkpoint
20-02-2015 00:28:00 System Checkpoint
05-03-2015 20:29:54 System Checkpoint
06-03-2015 20:56:40 System Checkpoint
07-03-2015 21:47:25 System Checkpoint
08-03-2015 22:07:33 System Checkpoint
09-03-2015 23:07:36 System Checkpoint
11-03-2015 00:07:35 System Checkpoint
12-03-2015 01:07:37 System Checkpoint
13-03-2015 02:07:36 System Checkpoint
14-03-2015 03:07:33 System Checkpoint
15-03-2015 04:07:33 System Checkpoint
16-03-2015 05:07:37 System Checkpoint
17-03-2015 06:07:33 System Checkpoint
18-03-2015 06:08:42 System Checkpoint
19-03-2015 07:07:35 System Checkpoint
20-03-2015 07:07:43 System Checkpoint
21-03-2015 08:06:33 System Checkpoint
22-03-2015 08:18:15 System Checkpoint
23-03-2015 09:18:17 System Checkpoint
24-03-2015 09:22:55 System Checkpoint
25-03-2015 10:22:55 System Checkpoint
26-03-2015 10:27:25 System Checkpoint
27-03-2015 11:27:25 System Checkpoint
28-03-2015 12:27:25 System Checkpoint
29-03-2015 14:02:27 System Checkpoint
30-03-2015 14:27:26 System Checkpoint
31-03-2015 15:27:25 System Checkpoint
01-04-2015 16:27:26 System Checkpoint
02-04-2015 17:27:28 System Checkpoint
03-04-2015 08:55:40 avast! antivirus system restore point
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2006-01-12 20:55 - 2006-01-12 20:55 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Norton AntiVirus - THEODORE - Full System Scan.job => C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\Navw32.exe
Task: C:\WINDOWS\Tasks\OGALogon.job => C:\WINDOWS\system32\OGAEXEC.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2010-03-27 11:46 - 2006-10-22 12:22 - 00212992 _____ () C:\WINDOWS\system32\nvapi.dll
2010-03-27 11:52 - 2006-10-22 12:22 - 00466944 _____ () C:\WINDOWS\system32\nvshell.dll
2010-03-27 11:59 - 2006-01-02 11:06 - 00125440 _____ () C:\Program Files\WinRAR\rarext.dll
2010-03-27 11:59 - 2005-11-02 12:26 - 00043520 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2006-01-12 20:52 - 2006-01-12 21:04 - 00061440 _____ () C:\WINDOWS\system32\CopyToSendTo.dll
2006-01-12 20:20 - 2006-01-12 20:20 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2006-01-12 20:52 - 2006-01-12 20:52 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2015-04-02 19:10 - 2015-03-30 16:07 - 09279304 _____ () C:\Program Files\Google\Chrome\Application\41.0.2272.118\pdf.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1993962763-1085031214-725345543-500\Control Panel\Desktop\\Wallpaper -> (None)
DNS Servers: 192.168.254.254
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hp psc 1000 series.lnk => C:\WINDOWS\pss\hp psc 1000 series.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hpoddt01.exe.lnk => C:\WINDOWS\pss\hpoddt01.exe.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^THEODORE^Start Menu^Programs^Startup^Logitech . Product Registration.lnk => C:\WINDOWS\pss\Logitech . Product Registration.lnkStartup
MSCONFIG\startupreg: AGRSMMSG => AGRSMMSG.exe
MSCONFIG\startupreg: AVG9_TRAY => C:\PROGRA~1\AVG\AVG9\avgtray.exe
MSCONFIG\startupreg: Logitech Vid => "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode
MSCONFIG\startupreg: LogitechQuickCamRibbon => "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
MSCONFIG\startupreg: NCNETWORKSDM => "C:\Program Files\NCNETWORKSDM\bin\sprtcmd.exe" /P NCNETWORKSDM
MSCONFIG\startupreg: nwiz => nwiz.exe /install
MSCONFIG\startupreg: Uniblue RegistryBooster 2009 => C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
MSCONFIG\startupreg: UniblueSpeedUpMyPC => C:\Program Files\Uniblue\SpeedUpMyPC\Launcher.exe -minimize
MSCONFIG\startupreg: vProt => "C:\Program Files\AVG Secure Search\vprot.exe"
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1993962763-1085031214-725345543-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator.BFD523B93A494DE
Guest (S-1-5-21-1993962763-1085031214-725345543-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-1993962763-1085031214-725345543-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-1993962763-1085031214-725345543-1002 - Limited - Disabled)
THEODORE (S-1-5-21-1993962763-1085031214-725345543-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\THEODORE
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/03/2015 08:49:19 AM) (Source: Application Hang) (EventID: 1001) (User: )
Description: Fault bucket 1180947459.
 
Error: (04/03/2015 08:49:14 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error: (04/03/2015 08:39:44 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (04/03/2015 08:39:44 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (03/25/2015 06:00:24 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application WINWORD.EXE, version 11.0.8313.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error: (03/25/2015 05:58:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 36.0.4.5557, faulting module mozalloc.dll, version 36.0.3.5556, fault address 0x00001e02.
Processing media-specific event for [plugin-container.exe!ws!]
 
Error: (03/22/2015 05:10:34 PM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt>with error: This network connection does not exist.
 
Error: (03/22/2015 05:10:34 PM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt>with error: The server name or address could not be resolved
 
Error: (03/21/2015 09:46:26 PM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt>with error: This network connection does not exist.
 
Error: (03/21/2015 09:46:26 PM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt>with error: The server name or address could not be resolved
 
 
System errors:
=============
Error: (04/04/2015 10:25:12 AM) (Source: DCOM) (EventID: 10005) (User: BFD523B93A494DE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error: (04/04/2015 10:15:02 AM) (Source: DCOM) (EventID: 10005) (User: BFD523B93A494DE)
Description: DCOM got error "%%1084" attempting to start the service BITS with arguments ""
in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}
 
Error: (04/04/2015 10:04:01 AM) (Source: DCOM) (EventID: 10005) (User: BFD523B93A494DE)
Description: DCOM got error "%%1084" attempting to start the service BITS with arguments ""
in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}
 
Error: (04/04/2015 09:48:47 AM) (Source: DCOM) (EventID: 10005) (User: BFD523B93A494DE)
Description: DCOM got error "%%1084" attempting to start the service BITS with arguments ""
in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}
 
Error: (04/04/2015 09:33:05 AM) (Source: DCOM) (EventID: 10005) (User: BFD523B93A494DE)
Description: DCOM got error "%%1084" attempting to start the service BITS with arguments ""
in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}
 
Error: (04/04/2015 09:26:29 AM) (Source: DCOM) (EventID: 10005) (User: BFD523B93A494DE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error: (04/04/2015 09:26:01 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
AvgLdx86
AvgMfx86
Fips
intelppm
 
Error: (04/04/2015 09:25:50 AM) (Source: DCOM) (EventID: 10005) (User: BFD523B93A494DE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error: (04/04/2015 09:25:46 AM) (Source: DCOM) (EventID: 10005) (User: BFD523B93A494DE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error: (04/04/2015 09:25:03 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
 
 
Microsoft Office Sessions:
=========================
Error: (04/03/2015 08:49:19 AM) (Source: Application Hang) (EventID: 1001) (User: )
Description: 1180947459
 
Error: (04/03/2015 08:49:14 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
 
Error: (04/03/2015 08:39:44 AM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download....uthrootstl.cabArequired certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (04/03/2015 08:39:44 AM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download....uthrootstl.cabArequired certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (03/25/2015 06:00:24 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: WINWORD.EXE11.0.8313.0hungapp0.0.0.000000000
 
Error: (03/25/2015 05:58:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.4.5557mozalloc.dll36.0.3.555600001e02
 
Error: (03/22/2015 05:10:34 PM) (Source: crypt32) (EventID: 8) (User: )
Description: http://www.download....rootseq.txtThisnetwork connection does not exist.
 
Error: (03/22/2015 05:10:34 PM) (Source: crypt32) (EventID: 8) (User: )
Description: http://www.download....hrootseq.txtTheserver name or address could not be resolved
 
Error: (03/21/2015 09:46:26 PM) (Source: crypt32) (EventID: 8) (User: )
Description: http://www.download....rootseq.txtThisnetwork connection does not exist.
 
Error: (03/21/2015 09:46:26 PM) (Source: crypt32) (EventID: 8) (User: )
Description: http://www.download....hrootseq.txtTheserver name or address could not be resolved
 
 
==================== Memory info =========================== 
 
Processor:  Intel® Pentium® 4 CPU 3.06GHz
Percentage of memory in use: 47%
Total physical RAM: 1023.53 MB
Available physical RAM: 541.3 MB
Total Pagefile: 2461.24 MB
Available Pagefile: 2034.08 MB
Total Virtual: 2047.88 MB
Available Virtual: 1937.14 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:233.75 GB) (Free:191.79 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (DVD_101_HD__JULY_2012) (CDROM) (Total:1.8 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 233.8 GB) (Disk ID: FC764479)
Partition 1: (Active) - (Size=233.7 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

 


  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Not a great deal showing there so I will need to look deeper

Although you will need to update to service pack 3 for XP

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-20\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1993962763-1085031214-725345543-500\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
URLSearchHook: [S-1-5-21-1993962763-1085031214-725345543-500] ATTENTION ==> Default URLSearchHook is missing.
BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{8545daff-ad1e-493f-a37e-eed1ac79682b} [2015-03-21]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2015-03-21]
2015-04-04 09:26 - 2015-04-04 09:26 - 00000000 __SHD () C:\Documents and Settings\Administrator.BFD523B93A494DE\PrivacIE
2015-04-03 09:12 - 2015-01-28 12:09 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
Task: C:\WINDOWS\Tasks\Norton AntiVirus - THEODORE - Full System Scan.job => C:\Program Files\Norton AntiVirus\Engine\16.8.0.41\Navw32.exe
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Download aswMBR.exe ( 4.5mb ) to your desktop.
Double click the aswMBR.exe to run it.
You may be offered the option of using virtualisation, accept that
When it offers to download the virus database allow that as well
Click the "Scan" button to start scan

AswMBR%20scan.JPG


On completion of the scan click save log, save it to your desktop and post in your next reply
  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP