Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My Computer is excruciatingly slow [Closed]


  • This topic is locked This topic is locked

#1
Cynlizzy

Cynlizzy

    New Member

  • Member
  • Pip
  • 4 posts

I have run malwarebytes and have Avast virus protection.  I actually bought another computer because I just couldn't deal with this one anymore.  But now I need this computer and feel it must have some type of root kit.  Any help would be much appreciated.  

 

 

Here is the scan done by FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-08-2015 01
Ran by Administrator (administrator) on CL-6B338E5B2BC0 (05-08-2015 19:37:56)
Running from C:\Documents and Settings\Administrator\Desktop
Loaded Profiles: UpdatusUser & Administrator (Available Profiles: UpdatusUser & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sonic Solutions) C:\WINDOWS\system32\dla\tfswctrl.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Avid Technology, Inc.) C:\WINDOWS\system32\M-AudioTaskBarIcon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Prolific Technology Inc.) C:\WINDOWS\system32\IoctlSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [998104 2015-07-07] (Adobe Systems Incorporated)
HKLM\...\Run: [dla] => C:\WINDOWS\system32\dla\tfswctrl.exe [114741 2003-08-06] (Sonic Solutions)
HKLM\...\Run: [StorageGuard] => C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe [155648 2003-02-13] (Sonic Solutions)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [M-Audio Taskbar Icon] => C:\WINDOWS\system32\M-AudioTaskBarIcon.exe [644104 2010-12-07] (Avid Technology, Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-10] (AVAST Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxsrvc.dll [2005-06-22] (Intel Corporation)
HKU\S-1-5-21-725345543-1229272821-839522115-500\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2014-05-06] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.19.dll [2013-06-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.19.dll [2013-06-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.19.dll [2013-06-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.19.dll [2013-06-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-06-20] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-06-20] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-06-20] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-06-20] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-06-20] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-06-20] (Google)
CHR HKU\S-1-5-21-725345543-1229272821-839522115-500\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-725345543-1229272821-839522115-500\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
URLSearchHook: [S-1-5-21-725345543-1229272821-839522115-1005] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM -> DefaultScope value is missing
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2012-08-08] (Sun Microsystems, Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-06] (AVAST Software)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-08-08] (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-08-08] (Sun Microsystems, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B952C3B0-2E27-4437-BA3F-613CBCEB2D1F}: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\vnfrwbf1.default
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-08-05] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2012-03-06] ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_32 -> C:\WINDOWS\system32\npdeployJava1.dll [2012-08-08] (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2012-08-08] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-04] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Extension: Search.com Bar - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\vnfrwbf1.default\Extensions\{9f85f783-362b-4373-afb4-4999ef33aa35} [2012-04-13]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-02-26]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2012-08-08]
FF Extension: No Name - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\vnfrwbf1.default\extensions\[email protected] [not found]
FF Extension: No Name - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\vnfrwbf1.default\extensions\[email protected] [not found]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
 
Chrome: 
=======
CHR Profile: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Pin It) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aeocpmaimgdkdkkhnilgfoicilnefefh [2013-11-20]
CHR Extension: (File Converter) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\alblmaecejifbilchdofkdanifpmnmfk [2014-08-10]
CHR Extension: (Google Drive) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-19]
CHR Extension: (HelloFax: 50 Free Fax Pages) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bocmleclimfnadgmcdgecijlblfcmfnm [2013-11-19]
CHR Extension: (AdBlock) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-07-03]
CHR Extension: (Pin It Button) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2013-12-01]
CHR Extension: (Lunapic Photo Editor) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ifimmnanlabnljjnaegjmgnelmdmjabn [2013-11-19]
CHR Extension: (Clearly) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj [2013-11-19]
CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-04]
CHR Extension: (Quick Note) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok [2013-11-19]
CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Amopic) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmnefpehffecmjnhhncoacgdcecnckac [2014-02-09]
CHR Extension: (PhotoFunia) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\obnehienhdpajabikpikmifcdmnddjol [2013-11-19]
CHR Extension: (Evernote Web Clipper) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2013-11-19]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-06]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-06] (AVAST Software)
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2012-08-08] (Sun Microsystems, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-05-06] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-05-06] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-08-10] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-05-06] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [777488 2014-08-10] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [411680 2014-08-10] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-05-06] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180632 2014-05-06] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S0 cercsr6; C:\WINDOWS\system32\Drivers\cercsr6.sys [39904 2005-03-21] (Adaptec, Inc.) [File not signed]
R0 drvmcdb; C:\WINDOWS\System32\drivers\drvmcdb.sys [84576 2003-07-31] (Sonic Solutions) [File not signed]
R2 drvnddm; C:\WINDOWS\System32\drivers\drvnddm.sys [40448 2003-06-20] (Sonic Solutions) [File not signed]
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [98520 2015-08-05] (Malwarebytes Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 NuidFltr; C:\WINDOWS\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R0 PxHelp20; C:\WINDOWS\System32\DRIVERS\PxHelp20.sys [17168 2003-07-30] (Sonic Solutions) [File not signed]
S3 RT2500; C:\WINDOWS\System32\DRIVERS\RT2500.sys [242176 2005-04-21] (Ralink Technology Inc.) [File not signed]
R3 RTL8192cu; C:\WINDOWS\System32\DRIVERS\RTL8192cu.sys [987904 2011-02-11] (Realtek Semiconductor Corporation                           )
R1 sscdbhk5; C:\WINDOWS\System32\drivers\sscdbhk5.sys [5621 2003-07-14] (Sonic Solutions) [File not signed]
R1 ssrtln; C:\WINDOWS\System32\drivers\ssrtln.sys [23219 2003-07-14] (Sonic Solutions) [File not signed]
R2 tfsnboio; C:\WINDOWS\System32\dla\tfsnboio.sys [25685 2003-08-06] (Sonic Solutions) [File not signed]
R2 tfsncofs; C:\WINDOWS\System32\dla\tfsncofs.sys [34837 2003-08-06] (Sonic Solutions) [File not signed]
R2 tfsndrct; C:\WINDOWS\System32\dla\tfsndrct.sys [4117 2003-08-06] (Sonic Solutions) [File not signed]
R2 tfsndres; C:\WINDOWS\System32\dla\tfsndres.sys [2233 2003-08-06] (Sonic Solutions) [File not signed]
R2 tfsnifs; C:\WINDOWS\System32\dla\tfsnifs.sys [83284 2003-08-06] (Sonic Solutions) [File not signed]
R2 tfsnopio; C:\WINDOWS\System32\dla\tfsnopio.sys [14229 2003-08-06] (Sonic Solutions) [File not signed]
R2 tfsnpool; C:\WINDOWS\System32\dla\tfsnpool.sys [6357 2003-08-06] (Sonic Solutions) [File not signed]
R2 tfsnudf; C:\WINDOWS\System32\dla\tfsnudf.sys [98068 2003-08-06] (Sonic Solutions) [File not signed]
R2 tfsnudfa; C:\WINDOWS\System32\dla\tfsnudfa.sys [100373 2003-08-06] (Sonic Solutions) [File not signed]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-05 19:37 - 2015-08-05 19:38 - 00017708 _____ C:\Documents and Settings\Administrator\Desktop\FRST.txt
2015-08-05 19:37 - 2015-08-05 19:38 - 00000000 ____D C:\FRST
2015-08-05 19:33 - 2015-08-05 19:33 - 01673728 _____ (Farbar) C:\Documents and Settings\Administrator\Desktop\FRST.exe
2015-08-05 12:03 - 2015-08-05 12:04 - 00044473 _____ C:\WINDOWS\iis6.log
2015-08-05 12:03 - 2015-08-05 12:04 - 00017934 _____ C:\WINDOWS\ocgen.log
2015-08-05 12:03 - 2015-08-05 12:04 - 00011018 _____ C:\WINDOWS\FaxSetup.log
2015-08-05 12:03 - 2015-08-05 12:04 - 00009052 _____ C:\WINDOWS\msmqinst.log
2015-08-05 12:03 - 2015-08-05 12:04 - 00008140 _____ C:\WINDOWS\tsoc.log
2015-08-05 12:03 - 2015-08-05 12:04 - 00005855 _____ C:\WINDOWS\comsetup.log
2015-08-05 12:03 - 2015-08-05 12:04 - 00005341 _____ C:\WINDOWS\ntdtcsetup.log
2015-08-05 12:03 - 2015-08-05 12:04 - 00004507 _____ C:\WINDOWS\imsins.log
2015-08-05 12:03 - 2015-08-05 12:04 - 00002161 _____ C:\WINDOWS\netfxocm.log
2015-08-05 12:03 - 2015-08-05 12:04 - 00001207 _____ C:\WINDOWS\MedCtrOC.log
2015-08-05 12:03 - 2015-08-05 12:04 - 00000885 _____ C:\WINDOWS\ocmsn.log
2015-08-05 12:03 - 2015-08-05 12:04 - 00000877 _____ C:\WINDOWS\msgsocm.log
2015-08-05 12:03 - 2015-08-05 12:04 - 00000311 _____ C:\WINDOWS\tabletoc.log
2015-08-05 12:03 - 2015-08-05 12:03 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-05 12:03 - 2015-08-05 12:03 - 00000000 _____ C:\WINDOWS\setupact.log
2015-08-04 19:43 - 2015-08-05 12:04 - 00021895 _____ C:\WINDOWS\setupapi.log
2015-08-04 17:43 - 2015-08-04 17:43 - 00098520 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\2A3B6631.sys
2015-08-04 17:39 - 2015-08-05 12:06 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-08-04 17:39 - 2015-08-05 12:06 - 00000048 _____ C:\WINDOWS\wiaservc.log
2015-08-04 17:39 - 2015-08-04 17:39 - 00000000 _____ C:\WINDOWS\Sti_Trace.log
2015-08-04 17:37 - 2015-08-05 18:27 - 00032618 _____ C:\WINDOWS\SchedLgU.Txt
2015-08-04 17:35 - 2015-08-05 15:28 - 00108090 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-04 16:29 - 2015-08-05 16:34 - 00000896 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0cef4520f2c14.job
2015-08-04 16:29 - 2015-08-04 16:30 - 00000000 ____D C:\Program Files\GUM1C.tmp
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-05 19:38 - 2012-02-19 16:23 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Temp
2015-08-05 19:37 - 2012-08-08 07:32 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-05 19:28 - 2012-10-24 17:29 - 00000900 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-05 17:18 - 2014-08-10 12:58 - 00098520 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-05 16:34 - 2012-10-24 17:29 - 00000896 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-05 13:40 - 2012-08-08 07:32 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-08-05 13:40 - 2012-02-20 13:56 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-08-05 12:11 - 2014-05-06 21:33 - 00000378 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-08-05 12:06 - 2004-08-04 08:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-08-05 12:05 - 2014-03-29 14:40 - 00000238 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2015-08-05 12:05 - 2013-04-28 09:21 - 00000000 ____D C:\Program Files\MarkAny
2015-08-05 12:05 - 2012-02-19 16:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-05 12:04 - 2012-02-19 16:23 - 00000278 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2015-08-05 12:04 - 2012-02-19 16:15 - 00000000 ____D C:\Program Files\Windows NT
2015-08-05 12:04 - 2012-02-19 11:05 - 00646260 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-05 12:04 - 2012-02-19 10:59 - 00000000 ____D C:\WINDOWS\Help
2015-08-05 12:04 - 2012-02-19 10:59 - 00000000 ____D C:\WINDOWS\Cursors
2015-08-05 12:03 - 2012-02-19 16:16 - 00000000 ___RD C:\Documents and Settings\All Users\Start Menu\Programs\Games
2015-08-05 12:03 - 2012-02-19 16:14 - 00000000 ___RD C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
2015-08-05 12:03 - 2012-02-19 10:59 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-08-05 12:01 - 2013-04-28 09:10 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Samsung
2015-08-05 12:01 - 2013-04-28 09:10 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Samsung
2015-08-05 12:01 - 2012-05-31 14:01 - 00000000 ____D C:\Program Files\Samsung
2015-08-05 11:59 - 2012-05-31 14:02 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Samsung
2015-08-05 11:59 - 2012-02-20 10:39 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-08-05 11:53 - 2012-05-02 11:37 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2015-08-05 11:48 - 2013-04-01 14:45 - 00000000 ____D C:\Program Files\Common Files\Intuit
2015-08-05 11:41 - 2012-04-02 13:36 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\MP3Rocket
2015-08-05 11:41 - 2012-02-20 11:13 - 00001945 _____ C:\WINDOWS\epplauncher.mif
2015-08-05 11:27 - 2012-02-20 13:31 - 00000000 ____D C:\Program Files\Microsoft Office
2015-08-05 11:27 - 2012-02-19 11:05 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-08-05 11:25 - 2012-06-28 19:36 - 00000000 ____D C:\Program Files\Amazon
2015-08-05 11:25 - 2012-06-28 19:36 - 00000000 ____D C:\Documents and Settings\Administrator\Start Menu\Programs\Amazon
2015-08-05 11:15 - 2012-02-19 16:22 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Temp
2015-08-04 23:24 - 2013-07-22 03:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-04 21:30 - 2012-10-24 17:30 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Google Drive
2015-08-04 19:50 - 2012-02-19 10:59 - 00000000 ____D C:\WINDOWS\msagent
2015-08-04 17:37 - 2012-11-18 21:51 - 00001813 _____ C:\Documents and Settings\Administrator\Desktop\Google Chrome.lnk
2015-08-04 17:35 - 2012-02-19 16:23 - 00000000 ____D C:\Documents and Settings\Administrator
2015-08-04 16:28 - 2014-08-10 12:51 - 00000777 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-04 16:28 - 2014-08-10 12:51 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-04 16:28 - 2014-08-10 12:50 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-08-04 15:28 - 2014-03-29 14:40 - 00000232 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2015-08-04 12:09 - 2012-03-16 15:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight
 
==================== Files in the root of some directories =======
 
2014-08-10 11:57 - 2014-08-10 11:57 - 6010880 _____ () C:\Program Files\GUT1F.tmp
2012-05-31 14:02 - 2012-05-31 14:02 - 0002528 _____ () C:\Documents and Settings\Administrator\Application Data\$_hpcst$.hpc
2012-04-21 21:04 - 2013-07-28 12:23 - 0013824 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
==================== End of log ============================
 
Here is the Addition.txt:
 
Broadcom 440x 10/100 Integrated Controller (HKLM\...\InstallShield_{52504CE6-E909-4113-B232-4AFEC6543A61}) (Version: 3.29 - Broadcom)
Broadcom 440x 10/100 Integrated Controller (Version: 3.29 - Broadcom) Hidden
Broadcom Management Programs (HKLM\...\InstallShield_{89EE857B-8970-4F9F-AB58-A1C873AC72B3}) (Version: 4.01.0000 - Broadcom)
Broadcom Management Programs (Version: 4.01.0000 - Broadcom) Hidden
Canon iP1800 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP1800_series) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.23 - Piriform)
Cool Edit Pro 2.0 (HKLM\...\Cool Edit Pro 2.0) (Version:  - )
Dropbox (HKU\S-1-5-21-725345543-1229272821-839522115-500\...\Dropbox) (Version: 2.0.26 - Dropbox, Inc.)
FormatFactory 2.96 (HKLM\...\FormatFactory) (Version: 2.96 - Free Time)
Google Chrome (HKLM\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.)
Google Drive (HKLM\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
Intel® Extreme Graphics Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version:  - )
iTunes (HKLM\...\{8B92D97D-DB3D-4926-A8F7-718FE7C5EE18}) (Version: 10.6.0.40 - Apple Inc.)
Java™ 6 Update 32 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.320 - Oracle)
Java™ SE Runtime Environment 6 Update 1 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160010}) (Version: 1.6.0.10 - Sun Microsystems, Inc.)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
M-Audio FastTrack Driver 6.0.6 (x86) (HKLM\...\{96472D82-0239-11E0-9776-199EDFD72085}) (Version: 6.0.6 - M-Audio)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-725345543-1229272821-839522115-500\...\MyFreeCodec) (Version:  - )
Nero 7 Ultra Edition (HKLM\...\{C6115A28-F277-4E82-B067-84D28BF21033}) (Version: 7.03.1357 - Nero AG)
NVIDIA nView 136.18 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 136.18 - NVIDIA Corporation)
NVIDIA Update 1.7.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.7.11 - NVIDIA Corporation)
Origin (HKLM\...\Origin) (Version: 8.5.2.23 - Electronic Arts, Inc.)
Paint Shop Pro 7 (HKLM\...\{D6DE02C7-1F47-11D4-9515-00105AE4B89A}) (Version: 7.05.0000 - Jasc Software Inc)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}) (Version: 3.60.0 - dotPDN LLC)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
Sonic DLA (HKLM\...\{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 4.50 - Sonic Solutions)
Sonic RecordNow! (HKLM\...\{9541FED0-327F-4DF0-8B96-EF57EF622F19}) (Version: 6.5.0 - Sonic Solutions)
Sonic Update Manager (HKLM\...\{09DA4F91-2A09-4232-AB8C-6BC740096DE3}) (Version: 2.80 - Sonic Solutions)
Sony Super Duper Music Looper 2.0 (HKLM\...\{9DECE42F-ABBD-4832-8735-D77F6032EF6E}) (Version: 2.0.63 - Sony)
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 5.12.01.5246 - Analog Devices)
Spotify (HKU\S-1-5-21-725345543-1229272821-839522115-500\...\Spotify) (Version: 0.9.1.53.g876fa9df - Spotify AB)
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
VideoFileDownload (HKLM\...\vfd-adk) (Version: 1.0 - VideoFileDownload)
Vuze Remote Toolbar v9.1 (HKLM\...\{5C265DA2-F845-471E-A4FD-8F8D890F618F}) (Version: 9.1 - Spigot, Inc.) <==== ATTENTION
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-725345543-1229272821-839522115-500_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-725345543-1229272821-839522115-500_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-725345543-1229272821-839522115-500_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-725345543-1229272821-839522115-500_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-725345543-1229272821-839522115-500_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-725345543-1229272821-839522115-500_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-725345543-1229272821-839522115-500_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-725345543-1229272821-839522115-500_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-725345543-1229272821-839522115-500_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-725345543-1229272821-839522115-500_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-725345543-1229272821-839522115-500_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-725345543-1229272821-839522115-500_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-725345543-1229272821-839522115-500_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-725345543-1229272821-839522115-500_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\WINDOWS\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-725345543-1229272821-839522115-500_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.115\psu (the data entry has 15 more characters).
CustomCLSID: HKU\S-1-5-21-725345543-1229272821-839522115-500_Classes\CLSID\{E69341A3-E6D2-4175-B60C-C9D3D6FA40F6}\localserver32 -> C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-725345543-1229272821-839522115-500_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-725345543-1229272821-839522115-500_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-725345543-1229272821-839522115-500_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-725345543-1229272821-839522115-500_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-725345543-1229272821-839522115-500_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.111\psu (the data entry has 15 more characters).
 
==================== Restore Points =========================
 
05-08-2015 11:43:17 Removed Compatibility Pack for the 2007 Office system
05-08-2015 11:52:46 Removed Skype Click to Call
05-08-2015 11:53:27 Removed Skype™ 6.11
05-08-2015 11:56:34 Removed Samsung Kies
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2004-08-04 08:00 - 2004-08-04 08:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0cef4520f2c14.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-08-05 16:07 - 2015-08-05 16:07 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15080502\algo.dll
2014-05-06 21:30 - 2014-05-06 21:30 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-725345543-1229272821-839522115-1005\Control Panel\Desktop\\Wallpaper -> (None)
HKU\S-1-5-21-725345543-1229272821-839522115-500\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
DNS Servers: 192.168.1.1
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^Dropbox.lnk => C:\WINDOWS\pss\Dropbox.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: chromium => C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe --no-startup-window
MSCONFIG\startupreg: EA Core => "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
MSCONFIG\startupreg: Google Update => "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: NBKeyScan => "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: nwiz => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Sonic RecordNow! => 
MSCONFIG\startupreg: SoundMAXPnP => C:\Program Files\Analog Devices\Core\smax4pnp.exe
MSCONFIG\startupreg: Spotify => "C:\Documents and Settings\Administrator\Application Data\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Documents and Settings\Administrator\Application Data\Spotify\Data\SpotifyWebHelper.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
StandardProfile\AuthorizedApplications: [C:\Program Files\iTunes\iTunes.exe] => Enabled:iTunes
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Administrator\Application Data\Spotify\spotify.exe] => Enabled:Spotify
StandardProfile\AuthorizedApplications: [C:\Program Files\Java\jre1.6.0_01\bin\javaw.exe] => Disabled:Java™ Platform SE binary
StandardProfile\AuthorizedApplications: [C:\Program Files\Java\jre6\bin\javaw.exe] => Enabled:Java™ Platform SE binary
StandardProfile\AuthorizedApplications: [C:\Program Files\Bonjour\mDNSResponder.exe] => Disabled:Bonjour Service
StandardProfile\AuthorizedApplications: [C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe] => Disabled:Daemonu.exe
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\sessmgr.exe] => Disabled:@xpsp2res.dll,-22019
StandardProfile\AuthorizedApplications: [C:\Program Files\Vuze\Azureus.exe] => Enabled:Azureus / Vuze
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\Dropbox.exe] => Enabled:Dropbox
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\muzapp.exe] => Enabled:MUZ AOD APP player
DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/05/2015 07:36:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application chrome.exe, version 44.0.2403.130, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error: (08/05/2015 12:00:09 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (08/05/2015 12:00:08 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (08/05/2015 11:11:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error: (08/05/2015 11:11:40 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error: (08/04/2015 05:44:44 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (08/04/2015 05:44:44 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (08/10/2014 12:30:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application avastui.exe, version 9.0.2018.397, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error: (08/10/2014 12:07:29 PM) (Source: ESENT) (EventID: 485) (User: )
Description: svchost (1212) An attempt to delete the file "C:\WINDOWS\system32\CatRoot2\tmp.edb" failed with system error 1392 (0x00000570): "The file or directory is corrupted and unreadable. ".  The delete file operation will fail with error -1022 (0xfffffc02).
 
Error: (08/10/2014 12:07:25 PM) (Source: ESENT) (EventID: 485) (User: )
Description: svchost (1212) An attempt to delete the file "C:\WINDOWS\system32\CatRoot2\tmp.edb" failed with system error 1392 (0x00000570): "The file or directory is corrupted and unreadable. ".  The delete file operation will fail with error -1022 (0xfffffc02).
 
 
System errors:
=============
Error: (08/05/2015 12:06:55 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.
 
Error: (08/05/2015 11:43:13 AM) (Source: 0) (EventID: 1) (User: )
Description: 0xC000000Echange.logHarddiskVolume4
 
Error: (08/05/2015 11:17:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMScheduler service failed to start due to the following error: 
%%1053
 
Error: (08/05/2015 11:17:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the MBAMScheduler service to connect.
 
Error: (08/05/2015 11:15:56 AM) (Source: Microsoft Antimalware) (EventID: 2042) (User: )
Description: %%8604.5.0216.0
 
Error: (08/05/2015 11:15:54 AM) (Source: Microsoft Antimalware) (EventID: 2042) (User: )
Description: %%8604.5.0216.0
 
Error: (08/05/2015 11:10:23 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intuit Update Service v4 service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/05/2015 11:10:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (08/05/2015 07:43:58 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.
 
Error: (08/05/2015 07:41:31 AM) (Source: Microsoft Antimalware) (EventID: 2042) (User: )
Description: %%8604.5.0216.0
 
 
Microsoft Office:
=========================
Error: (08/05/2015 07:36:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe44.0.2403.130hungapp0.0.0.000000000
 
Error: (08/05/2015 12:00:09 PM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download....uthrootstl.cabArequired certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (08/05/2015 12:00:08 PM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download....uthrootstl.cabArequired certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (08/05/2015 11:11:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: explorer.exe6.0.2900.5512hungapp0.0.0.000000000
 
Error: (08/05/2015 11:11:40 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: explorer.exe6.0.2900.5512hungapp0.0.0.000000000
 
Error: (08/04/2015 05:44:44 PM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download....uthrootstl.cabArequired certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (08/04/2015 05:44:44 PM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download....uthrootstl.cabArequired certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (08/10/2014 12:30:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: avastui.exe9.0.2018.397hungapp0.0.0.000000000
 
Error: (08/10/2014 12:07:29 PM) (Source: ESENT) (EventID: 485) (User: )
Description: svchost1212C:\WINDOWS\system32\CatRoot2\tmp.edb-1022 (0xfffffc02)1392 (0x00000570)The file or directory is corrupted and unreadable.
 
Error: (08/10/2014 12:07:25 PM) (Source: ESENT) (EventID: 485) (User: )
Description: svchost1212C:\WINDOWS\system32\CatRoot2\tmp.edb-1022 (0xfffffc02)1392 (0x00000570)The file or directory is corrupted and unreadable.
 
 
==================== Memory info =========================== 
 
Processor:  Intel® Pentium® 4 CPU 2.80GHz
Percentage of memory in use: 46%
Total physical RAM: 1022 MB
Available physical RAM: 550.11 MB
Total Virtual: 1426.66 MB
Available Virtual: 847.94 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:71.06 GB) (Free:38.76 GB) NTFS ==>[drive with boot components (Windows XP)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 74.5 GB) (Disk ID: D0F4738C)
Partition 1: (Not Active) - (Size=31 MB) - (Type=DE)
Partition 2: (Active) - (Size=71.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=3.4 GB) - (Type=DB)
 
==================== End of log ============================
 

  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there nothing evident showing.. This appears to be a case of an old system with little RAM

Could you let me know if this makes any difference

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
HKLM\...\Run: [M-Audio Taskbar Icon] => C:\WINDOWS\system32\M-AudioTaskBarIcon.exe [644104 2010-12-07] (Avid Technology, Inc.)
HKLM\...\Run: [] => [X]
CHR HKU\S-1-5-21-725345543-1229272821-839522115-500\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
URLSearchHook: [S-1-5-21-725345543-1229272821-839522115-1005] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM -> DefaultScope value is missing
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#3
Cynlizzy

Cynlizzy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

I haven't had a chance to really see if this helped - had to go to work.  But here is the log after I ran fixlist.  Note:  It took me several times before I could get the FRST program to stay on the screen.   It closed itself down during the first attempt to fix, but seemed to work fine the 2nd time.  I'll check back in and let you know if this helped.   :)


  • 0

#4
Cynlizzy

Cynlizzy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Fix result of Farbar Recovery Scan Tool (x86) Version:08-08-2015 01
Ran by Administrator (2015-08-09 14:44:43) Run:2
Running from C:\Documents and Settings\Administrator\Desktop
Loaded Profiles: UpdatusUser & Administrator (Available Profiles: UpdatusUser & Administrator)
Boot Mode: Normal
 
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
HKLM\...\Run: [M-Audio Taskbar Icon] => C:\WINDOWS\system32\M-AudioTaskBarIcon.exe [644104 2010-12-07] (Avid Technology, Inc.)
HKLM\...\Run: [] => [X]
CHR HKU\S-1-5-21-725345543-1229272821-839522115-500\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
URLSearchHook: [S-1-5-21-725345543-1229272821-839522115-1005] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM -> DefaultScope value is missing
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\M-Audio Taskbar Icon => value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value not found.
HKU\S-1-5-21-725345543-1229272821-839522115-500\SOFTWARE\Policies\Google => key not found. 
\\URLSearchHook: [S-1-5-21-725345543-1229272821-839522115-1005] ATTENTION ==> Default URLSearchHook is missing. => value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
 
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
 
The operation completed successfully
 
 
========= End of Reg: =========
 
 
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
 
The operation completed successfully
 
 
========= End of Reg: =========
 
 
========= Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========
 
 
The operation completed successfully
 
 
========= End of Reg: =========
 
 
========= Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========
 
 
The operation completed successfully
 
 
========= End of Reg: =========
 
 
========= RemoveProxy: =========
 
HKU\S-1-5-21-725345543-1229272821-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\S-1-5-21-725345543-1229272821-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.
 
 
========= End of RemoveProxy: =========
 
 
=========  bitsadmin /reset /allusers =========
 
'bitsadmin' is not recognized as an internal or external command,
operable program or batch file.
 
========= End of CMD: =========
 
EmptyTemp: => 181.3 MB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 14:45:22 ====

  • 0

#5
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Has that made any difference at all ?

What version of Avast do you have
  • 0

#6
Cynlizzy

Cynlizzy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

It seems a little better, but still pretty slow.  The program version of Avast is 2014.9.0.2018


  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
As you have XP most programmes are now moving beyond that.. However, Avast has recently updated to remove some of the pressure on XP

As this is a fairly major update in relation to XP I would recommend a clean install rather than an upgrade

Download Avast Uninstall Utility to your Desktop.
Download the correct version of Avast
Avast Free
Avast Pro
Avast Internet Security
Avast Premier
Disconnect from the net
Uninstall Avast via control panel
  • Run the uninstall tool and accept the reboot to safe mode
  • Once complete reboot your system
  • Reinstall Avast
----------
  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP