Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-06-2015
Ran by Jason (administrator) on OLDPC on 03-06-2015 19:30:07
Running from C:\Documents and Settings\Jason\Desktop
Loaded Profiles: Jason (Available Profiles: Jason)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgchsvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgrsx.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgcsrvx.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTHELPER.EXE
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
(Hewlett-Packard) C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Musicmatch, Inc.) C:\Program Files\Musicmatch\Musicmatch Jukebox\MMDiag.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
(Musicmatch, Inc.) C:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe
(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG9\avgtray.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(BitTorrent Inc.) C:\Documents and Settings\Jason\Application Data\uTorrent\uTorrent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTSVCCDA.EXE
(Hide My IP) C:\Program Files\Hide My IP 6\HideMyIpSrv.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\ToolbarUpdater.exe
(Microsoft Corporation) C:\WINDOWS\system32\MsPMSPSv.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\loggingserver.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgnsx.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2010-02-11] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [56928 2006-11-23] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [54832 2006-12-05] ()
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [CTHelper] => C:\WINDOWS\system32\CTHELPER.EXE [28672 2003-06-08] (Creative Technology Ltd)
HKLM\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM\...\Run: [Jet Detection] => C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe [28672 2001-11-29] ()
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-12] ()
HKLM\...\Run: [Acrobat Assistant 7.0] => C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [483328 2008-04-23] (Adobe Systems Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Share-to-Web Namespace Daemon] => C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe [69632 2002-04-17] (Hewlett-Packard)
HKLM\...\Run: [MimBoot] => C:\Program Files\Musicmatch\Musicmatch Jukebox\mimboot.exe [11776 2005-05-10] (Musicmatch, Inc.)
HKLM\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [UserFaultCheck] => %systemroot%\system32\dumprep 0 -u
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [3033112 2015-05-04] ()
HKLM\...\Run: [AVG9_TRAY] => C:\Program Files\AVG\AVG9\avgtray.exe [2079792 2015-05-30] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2010-02-11] (ATI Technologies Inc.)
Winlogon\Notify\avgrsstarter: C:\WINDOWS\system32\avgrsstx.dll [2015-05-30] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-1993962763-329068152-1417001333-1004\...\Run: [MSMSGS] => "C:\Program Files\Messenger\msmsgs.exe" /background
HKU\S-1-5-21-1993962763-329068152-1417001333-1004\...\Run: [AVG-Secure-Search-Update_1113a] => C:\Documents and Settings\Jason\Application Data\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=fad843d0bd6d47d3b53dd144275b507f-06ce4fc639803a2e3563922518183d8e94088cb9 /CMPID=111 (the data entry has 2 more characters).
HKU\S-1-5-21-1993962763-329068152-1417001333-1004\...\MountPoints2: {cc31ceb7-8a77-11e2-b8a5-806d6172696f} - E:\setup.exe
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk [2013-03-14]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Documents and Settings\Jason\Start Menu\Programs\Startup\µTorrent.lnk [2015-06-01]
ShortcutTarget: µTorrent.lnk -> C:\Documents and Settings\Jason\Application Data\uTorrent\uTorrent.exe (BitTorrent Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1993962763-329068152-1417001333-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.charlottecounty.ca/acorns/
HKU\S-1-5-21-1993962763-329068152-1417001333-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-1993962763-329068152-1417001333-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG9\avgssie.dll [2015-05-30] (AVG Technologies CZ, s.r.o.)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-26] (Oracle Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.1.0.411\AVG Web TuneUp.dll [2015-05-04] (AVG)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18] (Adobe Systems Incorporated)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-26] (Oracle Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1993962763-329068152-1417001333-1004 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18] (Adobe Systems Incorporated)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://www.walmartph...veX_Control.cab
DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
Handler: intu-tt2012 - {02F985EF-502B-4597-993F-6BF9E004C138} - C:\Program Files\TurboTax 2012\ic2012pp.dll No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll [2015-05-30] (AVG Technologies CZ, s.r.o.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Winsock: Catalog9 01 C:\WINDOWS\system32\HMIPCore.dll [353280 2015-05-25] (Hide My IP)
Winsock: Catalog9 02 C:\WINDOWS\system32\HMIPCore.dll [353280 2015-05-25] (Hide My IP)
Winsock: Catalog9 18 C:\WINDOWS\system32\HMIPCore.dll [353280 2015-05-25] (Hide My IP)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2013-02-20] ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.4.0\\npsitesafety.dll No File
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2009-11-13] (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll [2009-11-13] (DivX, Inc)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-09-26] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-12-13] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-03-12]
Chrome:
=======
CHR Profile: C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-01]
CHR Extension: (Google Drive) - C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-01]
CHR Extension: (YouTube) - C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-01]
CHR Extension: (Google Search) - C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-01]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Gmail) - C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-01]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [602112 2010-02-11] (ATI Technologies Inc.) [File not signed]
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2010-02-10] () [File not signed]
R2 avg9wd; C:\Program Files\AVG\AVG9\avgwdsvc.exe [308136 2015-05-30] (AVG Technologies CZ, s.r.o.)
R3 Blackberry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
R2 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
R2 HideMyIpSRV; C:\Program Files\Hide My IP 6\HideMyIpSRV.exe [4341760 2015-04-26] (Hide My IP) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-09-26] (Oracle Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-05] (Nero AG) [File not signed]
S3 NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [262144 2006-12-23] (Nero AG) [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [167936 2005-08-07] () [File not signed]
R2 vToolbarUpdater18.4.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\ToolbarUpdater.exe [1875480 2015-05-04] (AVG Secure Search)
R2 WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [53520 2000-06-26] (Microsoft Corporation) [File not signed]
R2 WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [620056 2015-05-04] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AFS2K; C:\WINDOWS\system32\Drivers\AFS2K.sys [35840 2004-10-07] (Oak Technology Inc.)
R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [3565056 2010-02-11] (ATI Technologies Inc.) [File not signed]
S3 ATIAVAIW; C:\WINDOWS\System32\DRIVERS\atinavt2.sys [170496 2009-02-03] (ATI Technologies Inc.) [File not signed]
S3 atinrvxx; C:\WINDOWS\System32\DRIVERS\atinrvxx.sys [104960 2008-04-13] (ATI Technologies Inc.)
S3 ATITUNEP; C:\WINDOWS\System32\DRIVERS\atintuxx.sys [73216 2008-04-13] (ATI Technologies Inc.)
S3 ativraxx; C:\WINDOWS\System32\DRIVERS\atinraxx.sys [52224 2008-04-13] (ATI Technologies Inc.)
S3 ATIXSAudio; C:\WINDOWS\System32\DRIVERS\atinxsxx.sys [63488 2008-04-13] (ATI Technologies Inc.)
R1 AvgLdx86; C:\WINDOWS\System32\Drivers\avgldx86.sys [226016 2015-05-30] (AVG Technologies CZ, s.r.o.)
R1 AvgMfx86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [29712 2015-05-30] (AVG Technologies CZ, s.r.o.)
R1 AvgTdiX; C:\WINDOWS\System32\Drivers\avgtdix.sys [243152 2015-05-30] (AVG Technologies CZ, s.r.o.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 ctac32k; C:\WINDOWS\System32\drivers\ctac32k.sys [186068 2003-06-08] (Creative Technology Ltd) [File not signed]
S3 ctljystk; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [3712 2001-08-17] (Creative Technology Ltd.)
R3 ctprxy2k; C:\WINDOWS\System32\drivers\ctprxy2k.sys [6144 2003-06-08] (Creative Technology Ltd) [File not signed]
R3 ctsfm2k; C:\WINDOWS\System32\drivers\ctsfm2k.sys [136448 2003-06-08] (Creative Technology Ltd) [File not signed]
R3 emupia; C:\WINDOWS\System32\drivers\emupia2k.sys [116416 2003-06-08] (Creative Technology Ltd) [File not signed]
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [819984 2003-06-08] (Creative Technology Ltd)
S3 hap16v2k; C:\WINDOWS\System32\drivers\hap16v2k.sys [135696 2003-06-08] (Creative Technology Ltd) [File not signed]
R3 HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFBS2S2.sys [220032 2008-04-13] (Conexant Systems, Inc.)
R3 HSF_DP; C:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys [1041536 2008-04-13] (Conexant Systems, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2015-05-25] (Malwarebytes Corporation)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
S3 MVDCODEC; C:\WINDOWS\System32\DRIVERS\atinmdxx.sys [13824 2008-04-13] (ATI Technologies Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R0 nvatabus; C:\WINDOWS\System32\DRIVERS\nvatabus.sys [79360 2004-06-03] (NVIDIA Corporation)
R0 nv_agp; C:\WINDOWS\System32\DRIVERS\nv_agp.sys [21760 2004-04-02] (NVIDIA Corporation)
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
R3 winachsf; C:\WINDOWS\System32\DRIVERS\HSFCXTS2.sys [685056 2008-04-13] (Conexant Systems, Inc.)
S0 cerc6; No ImagePath
S3 ctdvda2k; System32\drivers\ctdvda2k.sys [X]
S4 IntelIde; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-03 19:30 - 2015-06-03 19:30 - 00019714 _____ C:\Documents and Settings\Jason\Desktop\FRST.txt
2015-06-03 19:29 - 2015-06-03 19:30 - 00000000 ____D C:\FRST
2015-06-03 19:29 - 2015-06-03 19:29 - 01147392 _____ (Farbar) C:\Documents and Settings\Jason\Desktop\FRST.exe
2015-06-03 16:39 - 2015-06-03 16:38 - 00094208 _____ C:\WINDOWS\Minidump\Mini060315-01.dmp
2015-06-01 22:46 - 2015-06-01 22:46 - 00000000 ____D C:\Program Files\GUM22.tmp
2015-05-30 15:47 - 2015-05-30 15:59 - 00226016 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx86.sys
2015-05-30 15:47 - 2015-05-30 15:47 - 00243152 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgtdix.sys
2015-05-30 15:47 - 2015-05-30 15:47 - 00029712 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx86.sys
2015-05-30 15:47 - 2015-05-30 15:47 - 00012536 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgrsstx.dll
2015-05-30 15:47 - 2015-05-30 15:47 - 00001507 _____ C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk
2015-05-30 15:47 - 2015-05-30 15:47 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG Free 9.0
2015-05-30 15:46 - 2015-06-03 09:37 - 00000000 ____D C:\WINDOWS\system32\Drivers\Avg
2015-05-30 15:46 - 2015-05-30 15:46 - 00000000 ____D C:\Program Files\AVG
2015-05-30 15:46 - 2015-05-30 15:46 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\avg9
2015-05-30 11:30 - 2015-05-30 11:30 - 00000000 ____D C:\Documents and Settings\Jason\Local Settings\Application Data\Avg2015
2015-05-30 08:05 - 2015-05-30 08:05 - 00000000 ____D C:\Documents and Settings\Jason\Local Settings\Application Data\Avg
2015-05-25 17:16 - 2015-05-28 20:43 - 00002456 _____ C:\WINDOWS\system32\HideMyIpSRVOff.ini
2015-05-25 17:16 - 2015-05-25 17:16 - 00000710 _____ C:\Documents and Settings\Jason\Desktop\Hide My IP 6.lnk
2015-05-25 17:16 - 2015-05-25 17:16 - 00000000 ____D C:\Program Files\Hide My IP 6
2015-05-25 17:16 - 2015-05-25 17:16 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\HideMyIpSRV
2015-05-25 17:16 - 2015-05-25 17:16 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Hide My IP 6
2015-05-25 17:16 - 2015-04-26 14:38 - 00353280 _____ (Hide My IP) C:\WINDOWS\system32\HMIPCore.dll
2015-05-06 20:55 - 2015-05-06 20:55 - 00094208 _____ C:\WINDOWS\Minidump\Mini050615-02.dmp
2015-05-06 17:51 - 2015-05-06 17:51 - 00094208 _____ C:\WINDOWS\Minidump\Mini050615-01.dmp
2015-05-04 11:40 - 2015-05-04 11:40 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2015-05-04 11:40 - 2015-05-04 11:40 - 00000000 ____D C:\Documents and Settings\NetworkService\Application Data\AVG Web TuneUp
2015-05-04 11:40 - 2015-05-04 11:40 - 00000000 ____D C:\Documents and Settings\Jason\Local Settings\Application Data\AVG Web TuneUp
2015-05-04 11:40 - 2015-05-04 11:40 - 00000000 ____D C:\Documents and Settings\Jason\Application Data\AVG Web TuneUp
2015-05-04 11:40 - 2015-05-04 11:40 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG Web TuneUp
2015-05-04 11:40 - 2015-05-04 11:40 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2015-05-04 11:40 - 2015-05-04 11:40 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG Secure Search
2015-05-04 11:39 - 2015-05-04 11:40 - 00000000 ____D C:\Program Files\AVG Web TuneUp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-03 19:30 - 2013-03-14 20:29 - 00000000 ____D C:\Documents and Settings\Jason\Application Data\uTorrent
2015-06-03 19:30 - 2013-03-12 11:31 - 00000000 ____D C:\Documents and Settings\Jason\Local Settings\Temp
2015-06-03 18:46 - 2013-09-01 10:08 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-03 18:45 - 2013-03-13 11:30 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-03 16:41 - 2013-03-14 20:32 - 00000000 ____D C:\Torrents
2015-06-03 16:41 - 2013-03-12 10:39 - 01996776 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-03 16:39 - 2014-03-15 13:14 - 00000222 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2015-06-03 16:39 - 2013-09-01 10:08 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-03 16:39 - 2013-08-15 18:28 - 00000000 ____D C:\WINDOWS\Minidump
2015-06-03 16:39 - 2013-03-13 11:36 - 00000000 ____D C:\Documents and Settings\Jason\Start Menu\Programs\CyberLink DVD Suite
2015-06-03 16:39 - 2013-03-12 10:44 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-03 16:39 - 2013-03-11 15:32 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-06-03 16:39 - 2013-03-11 15:32 - 00000048 _____ C:\WINDOWS\wiaservc.log
2015-06-03 16:39 - 2008-04-13 20:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2015-06-02 17:46 - 2013-03-12 10:44 - 00032436 _____ C:\WINDOWS\SchedLgU.Txt
2015-06-02 01:50 - 2013-03-16 17:38 - 00001080 _____ C:\WINDOWS\system32\settingsbkup.sfm
2015-06-02 01:50 - 2013-03-16 17:38 - 00001080 _____ C:\WINDOWS\system32\settings.sfm
2015-06-02 01:50 - 2013-03-16 17:38 - 00000288 _____ C:\WINDOWS\system32\DVCStateBkp-{00000001-00000000-00000007-00001102-00000002-80671102}.dat
2015-06-02 01:50 - 2013-03-16 17:38 - 00000288 _____ C:\WINDOWS\system32\DVCState-{00000001-00000000-00000007-00001102-00000002-80671102}.dat
2015-06-02 01:37 - 2013-03-12 15:03 - 00327680 _____ C:\WINDOWS\system32\config\ACEEvent.evt
2015-06-01 17:40 - 2013-03-14 20:33 - 00210432 _____ C:\Documents and Settings\Jason\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-30 14:28 - 2013-03-12 11:31 - 00000278 ___SH C:\Documents and Settings\Jason\ntuser.ini
2015-05-30 11:28 - 2013-03-12 17:51 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2015-05-30 11:22 - 2013-03-11 15:27 - 01058803 _____ C:\WINDOWS\setupapi.log
2015-05-29 22:56 - 2013-03-12 11:31 - 00000000 ____D C:\Documents and Settings\Jason
2015-05-29 22:29 - 2014-06-13 09:35 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-05-25 17:18 - 2014-06-13 09:36 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-05-23 17:49 - 2014-10-23 19:53 - 00000777 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-23 17:49 - 2014-06-13 09:35 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-17 17:10 - 2013-03-17 14:56 - 00000068 _____ C:\WINDOWS\E
2015-05-17 16:43 - 2014-06-27 18:20 - 00000000 ____D C:\Documents and Settings\Jason\My Documents\My Projects
2015-05-17 15:24 - 2013-03-14 20:30 - 00000000 ____D C:\Alpha
2015-05-13 18:56 - 2013-08-14 19:37 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-05-11 13:15 - 2013-04-21 19:54 - 00000000 ____D C:\Documents and Settings\Jason\Application Data\vlc
2015-05-08 15:00 - 2014-03-15 13:14 - 00000216 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
==================== Files in the root of some directories =======
2013-09-18 23:19 - 2013-10-25 16:38 - 0000154 _____ () C:\Documents and Settings\Jason\Application Data\Rim.Desktop.Exception.log
2013-09-18 23:07 - 2013-09-18 23:07 - 0001105 _____ () C:\Documents and Settings\Jason\Application Data\Rim.Desktop.HttpServerSetup.log
2013-09-18 23:19 - 2013-10-25 16:38 - 0000154 _____ () C:\Documents and Settings\Jason\Application Data\Rim.DesktopHelper.Exception.log
2013-03-14 20:33 - 2015-06-01 17:40 - 0210432 _____ () C:\Documents and Settings\Jason\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some files in TEMP:
====================
C:\Documents and Settings\Jason\Local Settings\Temp\BlackBerryDeviceManager.exe
C:\Documents and Settings\Jason\Local Settings\Temp\jre-8u31-windows-au.exe
C:\Documents and Settings\Jason\Local Settings\Temp\vlc-2.0.6-win32.exe
C:\Documents and Settings\Jason\Local Settings\Temp\vlc-2.0.8-win32.exe
C:\Documents and Settings\Jason\Local Settings\Temp\vlc-2.1.3-win32.exe
C:\Documents and Settings\Jason\Local Settings\Temp\vlc-2.1.5-win32.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-06-2015
Ran by Jason at 2015-06-03 19:31:15
Running from C:\Documents and Settings\Jason\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1993962763-329068152-1417001333-500 - Administrator - Enabled)
Guest (S-1-5-21-1993962763-329068152-1417001333-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-1993962763-329068152-1417001333-1000 - Limited - Disabled)
Jason (S-1-5-21-1993962763-329068152-1417001333-1004 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Jason
SUPPORT_388945a0 (S-1-5-21-1993962763-329068152-1417001333-1002 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG Anti-Virus Free (Enabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM\...\uTorrent) (Version: 3.3.0.29333 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-1993962763-329068152-1417001333-1004\...\uTorrent) (Version: 3.3.1.30017 - BitTorrent Inc.)
AC3Filter 1.63b (HKLM\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Adobe Acrobat 7.1.0 Professional (HKLM\...\Adobe Acrobat 7.0 Professional - V) (Version: 7.1.0 - Adobe Systems)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1022 - )
ATI AVIVO Codecs (HKLM\...\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}) (Version: 10.0.0.40103 - ATI Technologies Inc.)
ATI Catalyst Control Center (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.010.0210.2338 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.593.100-100210a-095952E-ATI - )
AVG Free 9.0 (HKLM\...\AVG9Uninstall) (Version: - AVG Technologies)
AVG Web TuneUp (HKLM\...\AVG Web TuneUp) (Version: 4.1.0.411 - AVG Technologies)
BlackBerry Desktop Software 7.1 (HKLM\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
BlackBerry Device Manager 7.0 (HKLM\...\BlackBerry_HandheldManager) (Version: 7.0.0.40 - Research In Motion Ltd.)
BlackBerry Device Manager 7.0 (Version: 7.0.0.40 - Research In Motion Ltd.) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BulletProof FTP (HKLM\...\BulletProof FTP) (Version: - )
ccc-core-preinstall (Version: 2010.0210.2339.42455 - ATI) Hidden
ccc-core-static (Version: 2010.0210.2339.42455 - ATI) Hidden
CEF Names 4.1.0 (HKLM\...\CEF Names) (Version: 4.1.0 - Adler House Software)
DivX Converter (HKLM\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.1.0 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Player (HKLM\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 7.2.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version: - DivX, Inc.)
DivX Plus Web Player (HKLM\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 2.0.0 - DivX,Inc.)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.41 - DivX, LLC)
DivX Version Checker (HKLM\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.9 - DivX, Inc.)
DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: - )
Family Tree Maker 2011 (HKLM\...\Family Tree Maker 2011) (Version: 20.0.368 - Ancestry.com)
Family Tree Maker 2011 (Version: 20.0.368 - Ancestry.com) Hidden
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Hide My IP 6 (HKLM\...\HIDEMYIP_is1) (Version: - My Privacy Tools, Inc)
HomeSite 4.0 (HKU\S-1-5-21-1993962763-329068152-1417001333-1004\...\HomeSite 4.0) (Version: - )
HP Deskjet 1000 J110 series Basic Device Software (HKLM\...\{F4B1B985-F308-4DBA-BFD7-CCCB8839234B}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 1000 J110 series Help (HKLM\...\{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}) (Version: 140.0.65.65 - Hewlett Packard)
HP Memories Disc (HKLM\...\{B376402D-58EA-45EA-BD50-DD924EB67A70}) (Version: 1.0.4.805 - Hewlett-Packard Company)
HP Photo and Imaging 2.2 - Scanjet 3970 Series (HKLM\...\{796ADAFF-7C5B-4CED-BA11-55A3644F1E0D}) (Version: 2.2.0000 - {&Tahoma8}Hewlett-Packard)
iTunes (HKLM\...\{268278CF-FB69-4D98-B70E-BFEC1CDCA225}) (Version: 11.0.2.26 - Apple Inc.)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.710 - Oracle)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.4330.0 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Musicmatch® Jukebox (HKLM\...\{85D3CC30-8859-481A-9654-FD9B74310BEF}) (Version: 10.00.3030 - )
Nero 7 Essentials (HKLM\...\{AAB93551-3FFE-42B2-8315-96252BBC1033}) (Version: 7.02.4861 - Nero AG)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.2414.0 - CyberLink Corporation)
ShareIns (Version: 1.00.0000 - Hewlett-Packard) Hidden
Skins (Version: 2010.0210.2339.42455 - ATI) Hidden
Skype™ 6.3 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)
Sound Blaster Live! (HKLM\...\{9115E7DB-3B29-445A-802D-11E0AA945B7F}) (Version: - )
Spell Checker For OE 2.1 (HKLM\...\Spell Checker For OE 2.1) (Version: - )
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-1993962763-329068152-1417001333-1004\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - )
Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
WinRAR 5.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Xilisoft Video Converter 3 (HKLM\...\Xilisoft Video Converter) (Version: 3.1.52.0124b - Xilisoft)
Xvid 1.2.2 final uninstall (HKLM\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
24-04-2015 10:58:53 System Checkpoint
24-04-2015 12:28:37 System Checkpoint
25-04-2015 12:43:38 System Checkpoint
25-04-2015 23:17:24 Installed AVG 2015
25-04-2015 23:17:47 Removed AVG 2014
25-04-2015 23:18:50 Installed AVG 2015
25-04-2015 23:23:07 Removed AVG 2014
26-04-2015 23:30:55 System Checkpoint
27-04-2015 23:59:14 System Checkpoint
29-04-2015 00:12:13 System Checkpoint
30-04-2015 00:45:42 System Checkpoint
01-05-2015 01:45:42 System Checkpoint
02-05-2015 02:45:43 System Checkpoint
03-05-2015 03:45:42 System Checkpoint
04-05-2015 04:45:42 System Checkpoint
05-05-2015 05:45:43 System Checkpoint
06-05-2015 06:40:33 System Checkpoint
07-05-2015 07:00:42 System Checkpoint
08-05-2015 08:00:44 System Checkpoint
09-05-2015 10:14:47 System Checkpoint
10-05-2015 11:15:06 System Checkpoint
11-05-2015 11:59:30 System Checkpoint
12-05-2015 12:59:30 System Checkpoint
13-05-2015 03:00:38 Software Distribution Service 3.0
13-05-2015 18:44:41 Software Distribution Service 3.0
14-05-2015 18:59:30 System Checkpoint
16-05-2015 09:38:34 System Checkpoint
17-05-2015 10:15:27 System Checkpoint
18-05-2015 10:19:08 System Checkpoint
19-05-2015 10:23:03 System Checkpoint
20-05-2015 11:23:04 System Checkpoint
21-05-2015 12:23:03 System Checkpoint
22-05-2015 13:23:04 System Checkpoint
23-05-2015 14:22:50 System Checkpoint
24-05-2015 15:22:50 System Checkpoint
25-05-2015 16:22:50 System Checkpoint
26-05-2015 17:25:08 System Checkpoint
27-05-2015 18:22:51 System Checkpoint
28-05-2015 19:23:56 System Checkpoint
29-05-2015 23:32:53 System Checkpoint
30-05-2015 11:21:06 Removed AVG 2015
30-05-2015 11:22:44 Removed AVG 2015
30-05-2015 15:46:42 Installed AVG Free 9.0
30-05-2015 15:48:08 Avg Update
30-05-2015 15:59:41 Avg Update
30-05-2015 16:01:09 Avg Update
31-05-2015 16:59:19 System Checkpoint
01-06-2015 17:09:36 System Checkpoint
02-06-2015 18:27:57 System Checkpoint
03-06-2015 18:43:26 System Checkpoint
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2008-04-13 20:00 - 2008-04-13 20:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
==================== Loaded Modules (Whitelisted) ==============
2015-05-04 11:39 - 2015-05-04 11:39 - 00620056 ____N () C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe
2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2002-04-17 10:49 - 2002-04-17 10:49 - 00024576 _____ () C:\Program Files\HP\HP Share-to-Web\hpgs2wnfps.dll
2013-03-12 15:01 - 2013-03-12 15:01 - 00014848 _____ () C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2009-11-24 14:36 - 2009-11-24 14:36 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2002-04-17 10:49 - 2002-04-17 10:49 - 00077824 _____ () C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe
2008-04-13 20:00 - 2008-04-13 20:00 - 00355112 _____ () C:\WINDOWS\system32\msjetoledb40.dll
2013-08-11 15:01 - 2005-04-11 13:31 - 00122880 _____ () C:\Program Files\Musicmatch\Musicmatch Jukebox\mmgit.dll
2013-08-11 15:01 - 2005-05-10 16:04 - 00118784 _____ () C:\Program Files\Musicmatch\Musicmatch Jukebox\CDDVDAccess.dll
2013-03-13 11:36 - 2005-08-07 09:54 - 00167936 ____N () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2015-05-04 11:40 - 2015-05-04 11:39 - 00159768 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\loggingserver.exe
2015-05-04 11:40 - 2015-05-04 11:39 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\log4cplusU.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HideMyIpSRV => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1993962763-329068152-1417001333-1004\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe] => Enabled:WebKit
StandardProfile\AuthorizedApplications: [C:\Program Files\Bonjour\mDNSResponder.exe] => Enabled:Bonjour Service
StandardProfile\AuthorizedApplications: [C:\Program Files\iTunes\iTunes.exe] => Enabled:iTunes
StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Phone\Skype.exe] => Enabled:Skype
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe] => :LocalSubNet:Enabled:HP Device Setup
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG2013\avgmfapx.exe] => Enabled:AVG Installer
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Jason\Application Data\uTorrent\uTorrent.exe] => Enabled:µTorrent
StandardProfile\AuthorizedApplications: [C:\Program Files\Torrent\uTorrent.exe] => Enabled:µTorrent
StandardProfile\AuthorizedApplications: [C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe] => Enabled:BlackBerry Desktop Software
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG2014\avgmfapx.exe] => Enabled:AVG Installer
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG2015\avgmfapx.exe] => Enabled:AVG Installer
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG9\avgupd.exe] => Enabled:avgupd.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG9\avgnsx.exe] => Enabled:avgnsx.exe
DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [465:TCP] => Enabled:Email
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [4481:TCP] => :LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync data transfer
StandardProfile\GloballyOpenPorts: [4481:UDP] => :LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync discovery
StandardProfile\GloballyOpenPorts: [4482:TCP] => :LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync data transfer
StandardProfile\GloballyOpenPorts: [4482:UDP] => :LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync discovery
==================== Faulty Device Manager Devices =============
Name: ATI T200 Unified AVStream Driver
Description: ATI T200 Unified AVStream Driver
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: ATI Technologies
Service: ATIAVAIW
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/03/2015 07:25:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application avgcmgr.exe, version 9.0.0.832, faulting module avgcmgr.exe, version 9.0.0.832, fault address 0x00002a1a.
Processing media-specific event for [avgcmgr.exe!ws!]
Error: (06/03/2015 07:10:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application avgcmgr.exe, version 9.0.0.832, faulting module avgcmgr.exe, version 9.0.0.832, fault address 0x00002a1a.
Processing media-specific event for [avgcmgr.exe!ws!]
Error: (06/03/2015 06:55:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application avgcmgr.exe, version 9.0.0.832, faulting module avgcmgr.exe, version 9.0.0.832, fault address 0x00002a1a.
Processing media-specific event for [avgcmgr.exe!ws!]
Error: (06/03/2015 06:40:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application avgcmgr.exe, version 9.0.0.832, faulting module avgcmgr.exe, version 9.0.0.832, fault address 0x00002a1a.
Processing media-specific event for [avgcmgr.exe!ws!]
Error: (06/03/2015 06:25:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application avgcmgr.exe, version 9.0.0.832, faulting module avgcmgr.exe, version 9.0.0.832, fault address 0x00002a1a.
Processing media-specific event for [avgcmgr.exe!ws!]
Error: (06/03/2015 06:10:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application avgcmgr.exe, version 9.0.0.832, faulting module avgcmgr.exe, version 9.0.0.832, fault address 0x00002a1a.
Processing media-specific event for [avgcmgr.exe!ws!]
Error: (06/03/2015 05:55:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application avgcmgr.exe, version 9.0.0.832, faulting module avgcmgr.exe, version 9.0.0.832, fault address 0x00002a1a.
Processing media-specific event for [avgcmgr.exe!ws!]
Error: (06/03/2015 05:40:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application avgcmgr.exe, version 9.0.0.832, faulting module avgcmgr.exe, version 9.0.0.832, fault address 0x00002a1a.
Processing media-specific event for [avgcmgr.exe!ws!]
Error: (06/03/2015 05:25:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application avgcmgr.exe, version 9.0.0.832, faulting module avgcmgr.exe, version 9.0.0.832, fault address 0x00002a1a.
Processing media-specific event for [avgcmgr.exe!ws!]
Error: (06/03/2015 05:10:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application avgcmgr.exe, version 9.0.0.832, faulting module avgcmgr.exe, version 9.0.0.832, fault address 0x00002a1a.
Processing media-specific event for [avgcmgr.exe!ws!]
System errors:
=============
Error: (06/03/2015 10:30:53 AM) (Source: 0) (EventID: 7) (User: )
Description: \Device\Harddisk0\D
Error: (06/03/2015 10:30:02 AM) (Source: 0) (EventID: 7) (User: )
Description: \Device\Harddisk0\D
Error: (06/03/2015 10:29:26 AM) (Source: 0) (EventID: 7) (User: )
Description: \Device\Harddisk0\D
Error: (06/02/2015 01:51:30 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: The IP address lease 192.168.2.16 for the Network Card with network address 000D61BFB98C has been
denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).
Error: (06/01/2015 09:54:55 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: The IP address lease 192.168.2.11 for the Network Card with network address 000D61BFB98C has been
denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).
Error: (06/01/2015 05:54:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SSDP Discovery Service service terminated unexpectedly. It has done this 1 time(s).
Error: (06/01/2015 05:54:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The TCP/IP NetBIOS Helper service terminated unexpectedly. It has done this 1 time(s).
Error: (05/30/2015 08:26:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Blackberry Device Manager service terminated unexpectedly. It has done this 1 time(s).
Error: (05/30/2015 03:47:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Installer service terminated unexpectedly. It has done this 1 time(s).
Error: (05/30/2015 02:27:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HideMyIpSRV service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 200 milliseconds: Restart the service.
Microsoft Office:
=========================
Error: (06/03/2015 07:25:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: avgcmgr.exe9.0.0.832avgcmgr.exe9.0.0.83200002a1a
Error: (06/03/2015 07:10:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: avgcmgr.exe9.0.0.832avgcmgr.exe9.0.0.83200002a1a
Error: (06/03/2015 06:55:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: avgcmgr.exe9.0.0.832avgcmgr.exe9.0.0.83200002a1a
Error: (06/03/2015 06:40:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: avgcmgr.exe9.0.0.832avgcmgr.exe9.0.0.83200002a1a
Error: (06/03/2015 06:25:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: avgcmgr.exe9.0.0.832avgcmgr.exe9.0.0.83200002a1a
Error: (06/03/2015 06:10:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: avgcmgr.exe9.0.0.832avgcmgr.exe9.0.0.83200002a1a
Error: (06/03/2015 05:55:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: avgcmgr.exe9.0.0.832avgcmgr.exe9.0.0.83200002a1a
Error: (06/03/2015 05:40:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: avgcmgr.exe9.0.0.832avgcmgr.exe9.0.0.83200002a1a
Error: (06/03/2015 05:25:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: avgcmgr.exe9.0.0.832avgcmgr.exe9.0.0.83200002a1a
Error: (06/03/2015 05:10:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: avgcmgr.exe9.0.0.832avgcmgr.exe9.0.0.83200002a1a
==================== Memory info ===========================
Processor: AMD Athlon XP 2500+
Percentage of memory in use: 21%
Total physical RAM: 3071.48 MB
Available physical RAM: 2422.04 MB
Total Pagefile: 5987.63 MB
Available Pagefile: 5243.2 MB
Total Virtual: 2047.88 MB
Available Virtual: 1911.89 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.78 GB) (Free:31.22 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (Slave) (Fixed) (Total:465.76 GB) (Free:185.32 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 111.8 GB) (Disk ID: 96149614)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: B4EEA180)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of log ============================